Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Troublesome keylogger (and more?)


  • This topic is locked This topic is locked
23 replies to this topic

#1 Redizhot

Redizhot

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:27 AM

Posted 18 December 2010 - 02:06 AM

Hey there, I read the thread at the top and am unfortunately unable to get DDS or GMER logs, the DDS command prompt gets about 3/4s of the way done, and the system then starts to freeze up or just stop completely after about 20 minutes of nothing happening, and with GMER, It bluescreened me with a message that said something like this:

"aglcypog.sys

PAGE_FAULT_IN_NONPAGED_AREA

STOP: 0x0000050 (0xc6E00008, 0x00000000, 0xA49AB582, 0x00000000)
aglcypog.sys - Address A49AB582 base at A49A7000, Datestamp 4cd7b97F"

As far as the actual problem goes, I'll try to give you guys something to work with, recently I got my character hacked in World of Warcraft, and figured there was a keylogger at work, I ran some scans with programs which turned up nothing, and then used a keylogger detector to see some files activating when I used wowlauncher.exe, from \AppData\Local\Temp, with filenames like ~DF764E.tmp and ~DFD286.tmp. These kept appearing whenever I launched, and I couldn't figure out where they were coming from. I've been using all sorts of different scanners, none of which have turned up anything significant, most turn up none at all.

On a side note, I think there is more foul play at work on my computer in general since I've been having noticeable slowdowns on my computer at startup even though there is nothing set to run at startup aside from crucial processes, my search engine results are redirected to bullbleep sites about a third of the time, my ad-aware got shredded, unable to update or scan and started memory leaking on startup and more. So I'm tempted to just reformat and DBAN my drive, but I'd rather puzzle this out so I can learn something from all this. Sorry I can't provide the logs for you guys, but the programs simply won't work. Lemme know if there's anything I can do.

Edited by Redizhot, 18 December 2010 - 02:07 AM.


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:27 PM

Posted 27 December 2010 - 08:24 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 Redizhot

Redizhot
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:27 AM

Posted 27 December 2010 - 09:54 PM

Yup I'm here, keylogger's still on my computer, it only starts up if I load up the launcher for the game, not when I go straight to it, so that's how I've been dealing for now, but that's not a very permanent solution!

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:27 PM

Posted 28 December 2010 - 10:10 AM

Run the following program in Safe Mode

Please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Comfix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Posted Image
m0le is a proud member of UNITE

#5 Redizhot

Redizhot
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:27 AM

Posted 29 December 2010 - 11:37 PM

I tried running it in safe mode, both with and without networking to no avail, the first time, with networking, I let it go for about 15 minutes before the screensaver came on and it froze up and I had to restart, the second time I gave it a solid 40 minutes, and it froze up again. I renamed it to comfix.exe. I don't know what to do to get it to run.

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:27 PM

Posted 30 December 2010 - 06:10 AM

Something's blocking it.

Please run the following two programs

  • Download TDSSKiller and save it to your Desktop.

  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.

  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

    "%userprofile%\Desktop\TDSSKiller.exe" -l report.txt

  • Now click Start Scan.
  • If Malicious objects are found, ensure Cure is selected then click Continue > Reboot now.
  • Click Close
  • Finally press Report and copy and paste the contents into your next reply. If you've rebooted then the log will be found at C:\


Then

Please download MBRCheck to your desktop.

1. Double click MBRCheck.exe to run it (Right click and run as Administrator for Vista).
2. It will open a black window, please do not fix anything (if it gives you an option).
3. Exit that window and it will produce a log (MBRCheck_date_time).
4. Please post that log when you reply.
Posted Image
m0le is a proud member of UNITE

#7 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:27 PM

Posted 02 January 2011 - 05:13 AM

Hi,

I have not had a reply from you for 3 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open. The time taken between posts can also change the situation with your PC making it more difficult to help you.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#8 Redizhot

Redizhot
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:27 AM

Posted 02 January 2011 - 10:37 AM

Sorry about that missed the email in my inbox, I'll PM you after I post this response:

TDSSKiller log:

2011/01/02 05:47:10.0818 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46
2011/01/02 05:47:10.0818 ================================================================================
2011/01/02 05:47:10.0818 SystemInfo:
2011/01/02 05:47:10.0818
2011/01/02 05:47:10.0818 OS Version: 6.0.6002 ServicePack: 2.0
2011/01/02 05:47:10.0818 Product type: Workstation
2011/01/02 05:47:10.0818 ComputerName: JASON-PC
2011/01/02 05:47:10.0819 UserName: Jason
2011/01/02 05:47:10.0819 Windows directory: C:\Windows
2011/01/02 05:47:10.0819 System windows directory: C:\Windows
2011/01/02 05:47:10.0819 Processor architecture: Intel x86
2011/01/02 05:47:10.0819 Number of processors: 2
2011/01/02 05:47:10.0819 Page size: 0x1000
2011/01/02 05:47:10.0819 Boot type: Normal boot
2011/01/02 05:47:10.0819 ================================================================================
2011/01/02 05:47:17.0686 Initialize success
2011/01/02 05:47:27.0587 ================================================================================
2011/01/02 05:47:27.0587 Scan started
2011/01/02 05:47:27.0587 Mode: Manual;
2011/01/02 05:47:27.0587 ================================================================================
2011/01/02 05:47:28.0368 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
2011/01/02 05:47:28.0453 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/01/02 05:47:28.0502 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/01/02 05:47:28.0542 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/01/02 05:47:28.0572 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/01/02 05:47:28.0605 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/01/02 05:47:28.0657 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/01/02 05:47:28.0686 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/01/02 05:47:28.0723 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/01/02 05:47:28.0776 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/01/02 05:47:28.0902 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/01/02 05:47:28.0924 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/01/02 05:47:28.0947 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/01/02 05:47:28.0974 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/02 05:47:29.0006 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
2011/01/02 05:47:29.0106 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/01/02 05:47:29.0138 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/01/02 05:47:29.0216 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/02 05:47:29.0242 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/01/02 05:47:29.0347 atikmdag (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/01/02 05:47:29.0508 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/01/02 05:47:29.0541 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/01/02 05:47:29.0581 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
2011/01/02 05:47:29.0617 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/01/02 05:47:29.0652 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/01/02 05:47:29.0672 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/02 05:47:29.0702 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/01/02 05:47:29.0722 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/01/02 05:47:29.0753 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/01/02 05:47:29.0780 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/01/02 05:47:29.0809 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/01/02 05:47:29.0828 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/01/02 05:47:29.0851 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/01/02 05:47:29.0886 BVRPMPR5 (51b327292408b5f3a42e295bce055859) C:\Windows\system32\drivers\BVRPMPR5.SYS
2011/01/02 05:47:29.0928 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/02 05:47:29.0961 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/02 05:47:30.0013 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/01/02 05:47:30.0047 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/01/02 05:47:30.0083 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/01/02 05:47:30.0106 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/01/02 05:47:30.0124 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/01/02 05:47:30.0152 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/01/02 05:47:30.0212 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/01/02 05:47:30.0246 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/01/02 05:47:30.0287 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/01/02 05:47:30.0331 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/02 05:47:30.0397 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/01/02 05:47:30.0432 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/01/02 05:47:30.0478 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/01/02 05:47:30.0512 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/01/02 05:47:30.0571 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/01/02 05:47:30.0610 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/01/02 05:47:30.0642 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/02 05:47:30.0670 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/01/02 05:47:30.0702 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/01/02 05:47:30.0730 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/02 05:47:30.0756 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/01/02 05:47:30.0782 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/02 05:47:30.0816 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/01/02 05:47:30.0853 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\Windows\gdrv.sys
2011/01/02 05:47:30.0888 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/01/02 05:47:30.0925 hamachi (d30b31375c40309425c21efe75db90bb) C:\Windows\system32\DRIVERS\hamachi.sys
2011/01/02 05:47:30.0965 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/01/02 05:47:31.0010 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/02 05:47:31.0046 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/01/02 05:47:31.0084 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/01/02 05:47:31.0102 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/02 05:47:31.0132 hipeer20 (afc2004d9bb385dce713e5088a1ed554) C:\Windows\system32\DRIVERS\remobo32.sys
2011/01/02 05:47:31.0158 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/01/02 05:47:31.0211 HTTP (abbc72793f1c588b1a7db0cac69a4fe8) C:\Windows\system32\drivers\HTTP.sys
2011/01/02 05:47:31.0238 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/01/02 05:47:31.0268 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/02 05:47:31.0298 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/01/02 05:47:31.0349 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/01/02 05:47:31.0430 IntcAzAudAddService (202350c0055a39cfca30b2942f7b10d2) C:\Windows\system32\drivers\RTKVHDA.sys
2011/01/02 05:47:31.0504 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/01/02 05:47:31.0526 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/02 05:47:31.0570 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/02 05:47:31.0632 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/01/02 05:47:31.0669 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/01/02 05:47:31.0699 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/01/02 05:47:31.0727 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/01/02 05:47:31.0761 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/02 05:47:31.0786 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/01/02 05:47:31.0807 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/01/02 05:47:31.0834 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/02 05:47:31.0857 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/02 05:47:31.0912 KSecDD (ea7f1d605518486269f45bd80fa00907) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/02 05:47:31.0954 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/01/02 05:47:31.0982 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/02 05:47:32.0021 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/01/02 05:47:32.0050 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/01/02 05:47:32.0074 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/01/02 05:47:32.0092 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/01/02 05:47:32.0133 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/01/02 05:47:32.0168 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/01/02 05:47:32.0259 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/01/02 05:47:32.0286 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/02 05:47:32.0310 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/02 05:47:32.0357 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/02 05:47:32.0374 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/01/02 05:47:32.0420 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/01/02 05:47:32.0454 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/02 05:47:32.0484 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/01/02 05:47:32.0516 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/02 05:47:32.0551 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/02 05:47:32.0571 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/02 05:47:32.0604 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/02 05:47:32.0636 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/01/02 05:47:32.0676 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/01/02 05:47:32.0720 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
2011/01/02 05:47:32.0761 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/01/02 05:47:32.0799 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/01/02 05:47:32.0833 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/02 05:47:32.0867 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/02 05:47:32.0900 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/01/02 05:47:32.0963 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/01/02 05:47:32.0999 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/02 05:47:33.0025 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/01/02 05:47:33.0073 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/01/02 05:47:33.0148 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/02 05:47:33.0183 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/01/02 05:47:33.0210 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/02 05:47:33.0244 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/02 05:47:33.0278 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/02 05:47:33.0311 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/01/02 05:47:33.0368 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/02 05:47:33.0444 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/02 05:47:33.0513 netr28u (df938648626332e830a9bd153110aa75) C:\Windows\system32\DRIVERS\netr28u.sys
2011/01/02 05:47:33.0582 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/01/02 05:47:33.0642 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/01/02 05:47:33.0668 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/02 05:47:33.0754 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/01/02 05:47:33.0808 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/01/02 05:47:33.0847 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/01/02 05:47:33.0888 NVHDA (f972dc046c374a9e02f2dfbe74ebb203) C:\Windows\system32\drivers\nvhda32v.sys
2011/01/02 05:47:34.0376 nvlddmkm (8b75f652726a2ba3197860f300514e3f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/01/02 05:47:34.0532 NVR0FLASHDev (d5a9ff81ae3fb99ce2d1b4d80ed9d666) C:\Windows\nvflash.sys
2011/01/02 05:47:34.0562 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/01/02 05:47:34.0607 nvsmu (c44ee36dd84fa95eb81d79c374756003) C:\Windows\system32\DRIVERS\nvsmu.sys
2011/01/02 05:47:34.0642 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/01/02 05:47:34.0676 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/01/02 05:47:34.0760 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/02 05:47:34.0815 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/01/02 05:47:34.0851 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/01/02 05:47:34.0898 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/01/02 05:47:34.0930 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/01/02 05:47:34.0955 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/01/02 05:47:35.0018 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/01/02 05:47:35.0051 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2011/01/02 05:47:35.0085 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/01/02 05:47:35.0198 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/02 05:47:35.0217 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
2011/01/02 05:47:35.0244 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/02 05:47:35.0306 QCDonner (b1ad87b4c97b6b59fcd075001e76865f) C:\Windows\system32\DRIVERS\LVCD.sys
2011/01/02 05:47:35.0371 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/01/02 05:47:35.0421 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/01/02 05:47:35.0461 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/02 05:47:35.0483 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/02 05:47:35.0509 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/02 05:47:35.0573 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/02 05:47:35.0593 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/02 05:47:35.0668 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/02 05:47:35.0688 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/02 05:47:35.0739 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/01/02 05:47:35.0759 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/02 05:47:35.0820 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/01/02 05:47:35.0861 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/02 05:47:35.0906 RTL8169 (beb0aace3330d858bbb40ffb7aac3627) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/01/02 05:47:35.0972 SAVRKBootTasks (0aef47e0a6b0cba8c9833d55298b2791) C:\Windows\system32\SAVRKBootTasks.sys
2011/01/02 05:47:35.0994 sbp2port (37ca203f8ccf732cd272a27e55b268c4) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/01/02 05:47:36.0028 SCDEmu (23aa53256ce05b975398b78a33474265) C:\Windows\system32\drivers\SCDEmu.sys
2011/01/02 05:47:36.0094 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/01/02 05:47:36.0119 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/02 05:47:36.0148 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/01/02 05:47:36.0173 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/01/02 05:47:36.0211 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/01/02 05:47:36.0239 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/01/02 05:47:36.0272 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/01/02 05:47:36.0303 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/01/02 05:47:36.0415 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/01/02 05:47:36.0445 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/01/02 05:47:36.0493 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/01/02 05:47:36.0556 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/01/02 05:47:36.0619 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/01/02 05:47:36.0665 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/01/02 05:47:36.0665 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/01/02 05:47:36.0669 sptd - detected Locked file (1)
2011/01/02 05:47:36.0707 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
2011/01/02 05:47:36.0728 srv2 (d69b44e3b000c2ff583f10c65489b4fb) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/02 05:47:36.0754 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/02 05:47:36.0802 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/02 05:47:36.0836 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/01/02 05:47:36.0858 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/01/02 05:47:36.0884 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/01/02 05:47:36.0952 Tcpip (0e6b0885c3d5e4643ed2d043de3433d8) C:\Windows\system32\drivers\tcpip.sys
2011/01/02 05:47:37.0010 Tcpip6 (0e6b0885c3d5e4643ed2d043de3433d8) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/02 05:47:37.0064 tcpipreg (b085a1c98f96ba7882a27b001becf5ac) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/02 05:47:37.0092 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/01/02 05:47:37.0108 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/01/02 05:47:37.0163 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/02 05:47:37.0187 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/02 05:47:37.0229 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/02 05:47:37.0246 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/01/02 05:47:37.0263 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/02 05:47:37.0292 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/01/02 05:47:37.0332 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/02 05:47:37.0392 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/01/02 05:47:37.0424 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/01/02 05:47:37.0453 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/01/02 05:47:37.0482 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/01/02 05:47:37.0513 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/02 05:47:37.0603 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/01/02 05:47:37.0675 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/01/02 05:47:37.0716 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/02 05:47:37.0756 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/01/02 05:47:37.0807 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/02 05:47:37.0853 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/02 05:47:37.0891 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/02 05:47:37.0933 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/02 05:47:37.0969 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/02 05:47:37.0998 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/02 05:47:38.0030 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/02 05:47:38.0046 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/01/02 05:47:38.0073 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/01/02 05:47:38.0108 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/01/02 05:47:38.0145 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/01/02 05:47:38.0173 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/01/02 05:47:38.0228 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/01/02 05:47:38.0272 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/01/02 05:47:38.0313 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/01/02 05:47:38.0358 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/01/02 05:47:38.0381 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/02 05:47:38.0390 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/02 05:47:38.0413 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/01/02 05:47:38.0436 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/02 05:47:38.0542 wip0204 (2944bed10ffd9369da9a988d8ac899e4) C:\Windows\system32\DRIVERS\wip0204.sys
2011/01/02 05:47:38.0562 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/01/02 05:47:38.0615 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/01/02 05:47:38.0643 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/02 05:47:38.0681 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/02 05:47:38.0727 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/01/02 05:47:38.0780 ================================================================================
2011/01/02 05:47:38.0780 Scan finished
2011/01/02 05:47:38.0780 ================================================================================
2011/01/02 05:47:38.0786 Detected object count: 1
2011/01/02 05:47:53.0548 Locked file(sptd) - User select action: Skip
2011/01/02 05:48:12.0239 ================================================================================
2011/01/02 05:48:12.0239 Scan started
2011/01/02 05:48:12.0239 Mode: Manual;
2011/01/02 05:48:12.0239 ================================================================================
2011/01/02 05:48:12.0458 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
2011/01/02 05:48:12.0561 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/01/02 05:48:12.0625 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/01/02 05:48:12.0657 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/01/02 05:48:12.0679 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/01/02 05:48:12.0713 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/01/02 05:48:12.0764 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/01/02 05:48:12.0793 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/01/02 05:48:12.0830 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/01/02 05:48:12.0883 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/01/02 05:48:12.0951 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/01/02 05:48:12.0973 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/01/02 05:48:12.0996 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/01/02 05:48:13.0023 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/02 05:48:13.0055 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
2011/01/02 05:48:13.0088 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/01/02 05:48:13.0112 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/01/02 05:48:13.0165 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/02 05:48:13.0183 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/01/02 05:48:13.0295 atikmdag (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/01/02 05:48:13.0348 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/01/02 05:48:13.0382 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/01/02 05:48:13.0422 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
2011/01/02 05:48:13.0466 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/01/02 05:48:13.0501 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/01/02 05:48:13.0519 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/02 05:48:13.0551 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/01/02 05:48:13.0570 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/01/02 05:48:13.0602 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/01/02 05:48:13.0629 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/01/02 05:48:13.0658 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/01/02 05:48:13.0677 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/01/02 05:48:13.0708 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/01/02 05:48:13.0760 BVRPMPR5 (51b327292408b5f3a42e295bce055859) C:\Windows\system32\drivers\BVRPMPR5.SYS
2011/01/02 05:48:13.0776 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/02 05:48:13.0810 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/02 05:48:13.0846 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/01/02 05:48:13.0898 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/01/02 05:48:13.0931 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/01/02 05:48:13.0955 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/01/02 05:48:13.0972 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/01/02 05:48:14.0000 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/01/02 05:48:14.0045 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/01/02 05:48:14.0083 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/01/02 05:48:14.0119 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/01/02 05:48:14.0154 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/02 05:48:14.0196 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/01/02 05:48:14.0231 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/01/02 05:48:14.0268 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/01/02 05:48:14.0303 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/01/02 05:48:14.0361 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/01/02 05:48:14.0400 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/01/02 05:48:14.0432 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/02 05:48:14.0461 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/01/02 05:48:14.0484 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/01/02 05:48:14.0512 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/02 05:48:14.0528 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/01/02 05:48:14.0565 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/02 05:48:14.0598 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/01/02 05:48:14.0635 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\Windows\gdrv.sys
2011/01/02 05:48:14.0660 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/01/02 05:48:14.0699 hamachi (d30b31375c40309425c21efe75db90bb) C:\Windows\system32\DRIVERS\hamachi.sys
2011/01/02 05:48:14.0739 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/01/02 05:48:14.0784 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/02 05:48:14.0812 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/01/02 05:48:14.0833 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/01/02 05:48:14.0857 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/02 05:48:14.0883 hipeer20 (afc2004d9bb385dce713e5088a1ed554) C:\Windows\system32\DRIVERS\remobo32.sys
2011/01/02 05:48:14.0915 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/01/02 05:48:14.0968 HTTP (abbc72793f1c588b1a7db0cac69a4fe8) C:\Windows\system32\drivers\HTTP.sys
2011/01/02 05:48:14.0995 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/01/02 05:48:15.0026 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/02 05:48:15.0055 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/01/02 05:48:15.0081 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/01/02 05:48:15.0154 IntcAzAudAddService (202350c0055a39cfca30b2942f7b10d2) C:\Windows\system32\drivers\RTKVHDA.sys
2011/01/02 05:48:15.0186 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/01/02 05:48:15.0208 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/02 05:48:15.0236 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/02 05:48:15.0281 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/01/02 05:48:15.0309 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/01/02 05:48:15.0340 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/01/02 05:48:15.0367 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/01/02 05:48:15.0401 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/02 05:48:15.0427 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/01/02 05:48:15.0447 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/01/02 05:48:15.0474 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/02 05:48:15.0547 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/02 05:48:15.0620 KSecDD (ea7f1d605518486269f45bd80fa00907) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/02 05:48:15.0652 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/01/02 05:48:15.0681 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/02 05:48:15.0728 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/01/02 05:48:15.0757 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/01/02 05:48:15.0782 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/01/02 05:48:15.0797 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/01/02 05:48:15.0823 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/01/02 05:48:15.0850 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/01/02 05:48:15.0899 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/01/02 05:48:15.0914 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/02 05:48:15.0930 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/02 05:48:15.0946 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/02 05:48:15.0962 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/01/02 05:48:15.0994 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/01/02 05:48:16.0028 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/02 05:48:16.0058 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/01/02 05:48:16.0090 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/02 05:48:16.0125 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/02 05:48:16.0145 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/02 05:48:16.0169 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/02 05:48:16.0210 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/01/02 05:48:16.0250 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/01/02 05:48:16.0303 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
2011/01/02 05:48:16.0335 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/01/02 05:48:16.0359 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/01/02 05:48:16.0391 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/02 05:48:16.0425 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/02 05:48:16.0458 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/01/02 05:48:16.0555 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/01/02 05:48:16.0581 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/02 05:48:16.0615 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/01/02 05:48:16.0635 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/01/02 05:48:16.0688 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/02 05:48:16.0715 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/01/02 05:48:16.0739 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/02 05:48:16.0777 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/02 05:48:16.0804 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/02 05:48:16.0827 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/01/02 05:48:16.0842 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/02 05:48:16.0868 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/02 05:48:16.0913 netr28u (df938648626332e830a9bd153110aa75) C:\Windows\system32\DRIVERS\netr28u.sys
2011/01/02 05:48:16.0947 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/01/02 05:48:16.0983 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/01/02 05:48:17.0002 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/02 05:48:17.0053 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/01/02 05:48:17.0082 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/01/02 05:48:17.0104 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/01/02 05:48:17.0137 NVHDA (f972dc046c374a9e02f2dfbe74ebb203) C:\Windows\system32\drivers\nvhda32v.sys
2011/01/02 05:48:17.0300 nvlddmkm (8b75f652726a2ba3197860f300514e3f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/01/02 05:48:17.0348 NVR0FLASHDev (d5a9ff81ae3fb99ce2d1b4d80ed9d666) C:\Windows\nvflash.sys
2011/01/02 05:48:17.0378 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/01/02 05:48:17.0423 nvsmu (c44ee36dd84fa95eb81d79c374756003) C:\Windows\system32\DRIVERS\nvsmu.sys
2011/01/02 05:48:17.0450 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/01/02 05:48:17.0475 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/01/02 05:48:17.0568 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/02 05:48:17.0623 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/01/02 05:48:17.0659 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/01/02 05:48:17.0675 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/01/02 05:48:17.0721 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/01/02 05:48:17.0746 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/01/02 05:48:17.0787 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/01/02 05:48:17.0825 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2011/01/02 05:48:17.0860 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/01/02 05:48:17.0913 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/02 05:48:17.0942 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
2011/01/02 05:48:17.0969 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/02 05:48:18.0009 QCDonner (b1ad87b4c97b6b59fcd075001e76865f) C:\Windows\system32\DRIVERS\LVCD.sys
2011/01/02 05:48:18.0052 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/01/02 05:48:18.0087 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/01/02 05:48:18.0127 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/02 05:48:18.0142 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/02 05:48:18.0167 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/02 05:48:18.0222 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/02 05:48:18.0238 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/02 05:48:18.0292 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/02 05:48:18.0308 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/02 05:48:18.0341 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/01/02 05:48:18.0357 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/02 05:48:18.0403 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/01/02 05:48:18.0436 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/02 05:48:18.0481 RTL8169 (beb0aace3330d858bbb40ffb7aac3627) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/01/02 05:48:18.0510 SAVRKBootTasks (0aef47e0a6b0cba8c9833d55298b2791) C:\Windows\system32\SAVRKBootTasks.sys
2011/01/02 05:48:18.0527 sbp2port (37ca203f8ccf732cd272a27e55b268c4) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/01/02 05:48:18.0645 SCDEmu (23aa53256ce05b975398b78a33474265) C:\Windows\system32\drivers\SCDEmu.sys
2011/01/02 05:48:18.0673 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/01/02 05:48:18.0694 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/02 05:48:18.0723 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/01/02 05:48:18.0748 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/01/02 05:48:18.0777 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/01/02 05:48:18.0797 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/01/02 05:48:18.0822 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/01/02 05:48:18.0844 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/01/02 05:48:18.0872 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/01/02 05:48:18.0895 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/01/02 05:48:18.0926 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/01/02 05:48:18.0961 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/01/02 05:48:19.0002 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/01/02 05:48:19.0048 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/01/02 05:48:19.0048 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/01/02 05:48:19.0052 sptd - detected Locked file (1)
2011/01/02 05:48:19.0090 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
2011/01/02 05:48:19.0106 srv2 (d69b44e3b000c2ff583f10c65489b4fb) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/02 05:48:19.0129 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/02 05:48:19.0159 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/02 05:48:19.0194 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/01/02 05:48:19.0216 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/01/02 05:48:19.0242 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/01/02 05:48:19.0310 Tcpip (0e6b0885c3d5e4643ed2d043de3433d8) C:\Windows\system32\drivers\tcpip.sys
2011/01/02 05:48:19.0351 Tcpip6 (0e6b0885c3d5e4643ed2d043de3433d8) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/02 05:48:19.0406 tcpipreg (b085a1c98f96ba7882a27b001becf5ac) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/02 05:48:19.0425 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/01/02 05:48:19.0440 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/01/02 05:48:19.0471 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/02 05:48:19.0511 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/02 05:48:19.0621 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/02 05:48:19.0635 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/01/02 05:48:19.0651 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/02 05:48:19.0675 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/01/02 05:48:19.0698 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/02 05:48:19.0750 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/01/02 05:48:19.0782 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/01/02 05:48:19.0803 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/01/02 05:48:19.0832 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/01/02 05:48:19.0862 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/02 05:48:19.0911 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/01/02 05:48:19.0950 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/01/02 05:48:19.0983 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/02 05:48:20.0022 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/01/02 05:48:20.0065 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/02 05:48:20.0101 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/02 05:48:20.0124 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/02 05:48:20.0166 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/02 05:48:20.0210 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/02 05:48:20.0248 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/02 05:48:20.0305 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/02 05:48:20.0333 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/01/02 05:48:20.0364 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/01/02 05:48:20.0391 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/01/02 05:48:20.0420 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/01/02 05:48:20.0448 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/01/02 05:48:20.0504 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/01/02 05:48:20.0555 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/01/02 05:48:20.0588 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/01/02 05:48:20.0611 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/01/02 05:48:20.0648 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/02 05:48:20.0656 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/02 05:48:20.0679 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/01/02 05:48:20.0709 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/02 05:48:20.0767 wip0204 (2944bed10ffd9369da9a988d8ac899e4) C:\Windows\system32\DRIVERS\wip0204.sys
2011/01/02 05:48:20.0786 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/01/02 05:48:20.0848 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/01/02 05:48:20.0876 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/02 05:48:20.0914 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/02 05:48:20.0960 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/01/02 05:48:21.0023 ================================================================================
2011/01/02 05:48:21.0023 Scan finished
2011/01/02 05:48:21.0023 ================================================================================
2011/01/02 05:48:21.0029 Detected object count: 1
2011/01/02 05:48:41.0936 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/01/02 05:48:41.0936 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/01/02 05:48:41.0969 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
2011/01/02 05:48:41.0970 Locked file(sptd) - User select action: Quarantine
2011/01/02 05:48:47.0680 ================================================================================
2011/01/02 05:48:47.0680 Scan started
2011/01/02 05:48:47.0680 Mode: Manual;
2011/01/02 05:48:47.0680 ================================================================================
2011/01/02 05:48:47.0862 61883 (585e64bb6dfbc0a2f1f0b554ded012df) C:\Windows\system32\DRIVERS\61883.sys
2011/01/02 05:48:47.0947 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
2011/01/02 05:48:47.0996 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
2011/01/02 05:48:48.0036 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
2011/01/02 05:48:48.0066 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
2011/01/02 05:48:48.0101 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
2011/01/02 05:48:48.0152 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
2011/01/02 05:48:48.0180 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
2011/01/02 05:48:48.0225 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/01/02 05:48:48.0278 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
2011/01/02 05:48:48.0338 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
2011/01/02 05:48:48.0360 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
2011/01/02 05:48:48.0383 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
2011/01/02 05:48:48.0401 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
2011/01/02 05:48:48.0434 AmdLLD (ad8fa28d8ed0d0a689a0559085ce0f18) C:\Windows\system32\DRIVERS\AmdLLD.sys
2011/01/02 05:48:48.0467 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
2011/01/02 05:48:48.0491 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
2011/01/02 05:48:48.0552 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/01/02 05:48:48.0568 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
2011/01/02 05:48:48.0674 atikmdag (47dcf5d78c395159d72c65c25129fc44) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/01/02 05:48:48.0719 AtiPcie (b73c832088dd54b55e04ff6f9646ad8c) C:\Windows\system32\DRIVERS\AtiPcie.sys
2011/01/02 05:48:48.0752 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys
2011/01/02 05:48:48.0792 Avc (f4b56425a00beb32f5fa6603ff7b0ea2) C:\Windows\system32\DRIVERS\avc.sys
2011/01/02 05:48:48.0837 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
2011/01/02 05:48:48.0871 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
2011/01/02 05:48:48.0892 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
2011/01/02 05:48:48.0929 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/01/02 05:48:48.0958 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/01/02 05:48:48.0989 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/01/02 05:48:49.0024 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/01/02 05:48:49.0054 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/01/02 05:48:49.0073 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/01/02 05:48:49.0095 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
2011/01/02 05:48:49.0147 BVRPMPR5 (51b327292408b5f3a42e295bce055859) C:\Windows\system32\drivers\BVRPMPR5.SYS
2011/01/02 05:48:49.0164 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/01/02 05:48:49.0197 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
2011/01/02 05:48:49.0233 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
2011/01/02 05:48:49.0285 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
2011/01/02 05:48:49.0318 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
2011/01/02 05:48:49.0342 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys
2011/01/02 05:48:49.0359 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
2011/01/02 05:48:49.0388 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
2011/01/02 05:48:49.0436 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
2011/01/02 05:48:49.0471 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
2011/01/02 05:48:49.0556 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
2011/01/02 05:48:49.0591 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
2011/01/02 05:48:49.0617 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/01/02 05:48:49.0652 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
2011/01/02 05:48:49.0714 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
2011/01/02 05:48:49.0748 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
2011/01/02 05:48:49.0807 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
2011/01/02 05:48:49.0846 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
2011/01/02 05:48:49.0878 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
2011/01/02 05:48:49.0915 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
2011/01/02 05:48:49.0938 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
2011/01/02 05:48:49.0966 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/01/02 05:48:49.0983 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
2011/01/02 05:48:50.0010 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
2011/01/02 05:48:50.0043 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
2011/01/02 05:48:50.0080 gdrv (5c230948dd6652228f88ca7ae6cb276c) C:\Windows\gdrv.sys
2011/01/02 05:48:50.0106 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/01/02 05:48:50.0144 hamachi (d30b31375c40309425c21efe75db90bb) C:\Windows\system32\DRIVERS\hamachi.sys
2011/01/02 05:48:50.0185 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
2011/01/02 05:48:50.0230 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/01/02 05:48:50.0257 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/01/02 05:48:50.0295 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/01/02 05:48:50.0352 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
2011/01/02 05:48:50.0386 hipeer20 (afc2004d9bb385dce713e5088a1ed554) C:\Windows\system32\DRIVERS\remobo32.sys
2011/01/02 05:48:50.0419 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
2011/01/02 05:48:50.0472 HTTP (abbc72793f1c588b1a7db0cac69a4fe8) C:\Windows\system32\drivers\HTTP.sys
2011/01/02 05:48:50.0499 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
2011/01/02 05:48:50.0521 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/01/02 05:48:50.0559 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
2011/01/02 05:48:50.0593 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/01/02 05:48:50.0666 IntcAzAudAddService (202350c0055a39cfca30b2942f7b10d2) C:\Windows\system32\drivers\RTKVHDA.sys
2011/01/02 05:48:50.0698 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
2011/01/02 05:48:50.0729 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
2011/01/02 05:48:50.0773 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/01/02 05:48:50.0818 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
2011/01/02 05:48:50.0846 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
2011/01/02 05:48:50.0877 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
2011/01/02 05:48:50.0904 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
2011/01/02 05:48:50.0938 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/01/02 05:48:50.0964 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/01/02 05:48:50.0984 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/01/02 05:48:51.0011 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/01/02 05:48:51.0034 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/01/02 05:48:51.0090 KSecDD (ea7f1d605518486269f45bd80fa00907) C:\Windows\system32\Drivers\ksecdd.sys
2011/01/02 05:48:51.0122 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/01/02 05:48:51.0151 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/01/02 05:48:51.0182 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
2011/01/02 05:48:51.0211 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
2011/01/02 05:48:51.0252 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
2011/01/02 05:48:51.0268 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
2011/01/02 05:48:51.0294 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
2011/01/02 05:48:51.0321 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
2011/01/02 05:48:51.0362 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
2011/01/02 05:48:51.0389 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
2011/01/02 05:48:51.0404 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
2011/01/02 05:48:51.0420 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
2011/01/02 05:48:51.0438 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
2011/01/02 05:48:51.0473 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
2011/01/02 05:48:51.0507 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
2011/01/02 05:48:51.0537 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/01/02 05:48:51.0560 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
2011/01/02 05:48:51.0595 mrxsmb (317eb668973951bad512ee8bebf9ed25) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/01/02 05:48:51.0616 mrxsmb10 (05716f0203b5c774a87384a1ff7b968f) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/01/02 05:48:51.0639 mrxsmb20 (c70c50d101b92b45c42ba11ea9fe6cd1) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/01/02 05:48:51.0680 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys
2011/01/02 05:48:51.0721 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
2011/01/02 05:48:51.0773 MSDV (343291a4dfd7c923c3f71f550830ec1c) C:\Windows\system32\DRIVERS\msdv.sys
2011/01/02 05:48:51.0805 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
2011/01/02 05:48:51.0830 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
2011/01/02 05:48:51.0861 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
2011/01/02 05:48:51.0904 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/01/02 05:48:51.0953 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
2011/01/02 05:48:51.0999 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
2011/01/02 05:48:52.0035 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/01/02 05:48:52.0061 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
2011/01/02 05:48:52.0088 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
2011/01/02 05:48:52.0150 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
2011/01/02 05:48:52.0178 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
2011/01/02 05:48:52.0209 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/01/02 05:48:52.0230 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/01/02 05:48:52.0250 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/01/02 05:48:52.0273 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
2011/01/02 05:48:52.0287 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
2011/01/02 05:48:52.0313 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
2011/01/02 05:48:52.0359 netr28u (df938648626332e830a9bd153110aa75) C:\Windows\system32\DRIVERS\netr28u.sys
2011/01/02 05:48:52.0393 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/01/02 05:48:52.0429 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
2011/01/02 05:48:52.0447 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
2011/01/02 05:48:52.0500 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
2011/01/02 05:48:52.0536 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/01/02 05:48:52.0566 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
2011/01/02 05:48:52.0599 NVHDA (f972dc046c374a9e02f2dfbe74ebb203) C:\Windows\system32\drivers\nvhda32v.sys
2011/01/02 05:48:52.0762 nvlddmkm (8b75f652726a2ba3197860f300514e3f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/01/02 05:48:52.0818 NVR0FLASHDev (d5a9ff81ae3fb99ce2d1b4d80ed9d666) C:\Windows\nvflash.sys
2011/01/02 05:48:52.0849 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
2011/01/02 05:48:52.0935 nvsmu (c44ee36dd84fa95eb81d79c374756003) C:\Windows\system32\DRIVERS\nvsmu.sys
2011/01/02 05:48:52.0970 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
2011/01/02 05:48:53.0004 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
2011/01/02 05:48:53.0088 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/01/02 05:48:53.0144 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
2011/01/02 05:48:53.0198 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
2011/01/02 05:48:53.0217 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
2011/01/02 05:48:53.0250 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
2011/01/02 05:48:53.0275 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys
2011/01/02 05:48:53.0308 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
2011/01/02 05:48:53.0346 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
2011/01/02 05:48:53.0380 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/01/02 05:48:53.0437 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
2011/01/02 05:48:53.0470 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\DRIVERS\processr.sys
2011/01/02 05:48:53.0498 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
2011/01/02 05:48:53.0559 QCDonner (b1ad87b4c97b6b59fcd075001e76865f) C:\Windows\system32\DRIVERS\LVCD.sys
2011/01/02 05:48:53.0598 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
2011/01/02 05:48:53.0633 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/01/02 05:48:53.0672 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
2011/01/02 05:48:53.0687 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
2011/01/02 05:48:53.0713 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/01/02 05:48:53.0768 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/01/02 05:48:53.0784 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
2011/01/02 05:48:53.0838 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
2011/01/02 05:48:53.0854 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/01/02 05:48:53.0887 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
2011/01/02 05:48:53.0906 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
2011/01/02 05:48:53.0965 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
2011/01/02 05:48:54.0006 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
2011/01/02 05:48:54.0051 RTL8169 (beb0aace3330d858bbb40ffb7aac3627) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/01/02 05:48:54.0075 SAVRKBootTasks (0aef47e0a6b0cba8c9833d55298b2791) C:\Windows\system32\SAVRKBootTasks.sys
2011/01/02 05:48:54.0098 sbp2port (37ca203f8ccf732cd272a27e55b268c4) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/01/02 05:48:54.0132 SCDEmu (23aa53256ce05b975398b78a33474265) C:\Windows\system32\drivers\SCDEmu.sys
2011/01/02 05:48:54.0160 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/01/02 05:48:54.0180 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
2011/01/02 05:48:54.0210 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
2011/01/02 05:48:54.0235 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
2011/01/02 05:48:54.0264 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys
2011/01/02 05:48:54.0284 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
2011/01/02 05:48:54.0309 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys
2011/01/02 05:48:54.0331 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
2011/01/02 05:48:54.0360 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
2011/01/02 05:48:54.0382 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
2011/01/02 05:48:54.0413 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
2011/01/02 05:48:54.0448 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
2011/01/02 05:48:54.0489 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
2011/01/02 05:48:54.0552 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
2011/01/02 05:48:54.0552 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
2011/01/02 05:48:54.0555 sptd - detected Locked file (1)
2011/01/02 05:48:54.0593 srv (baa6018a27857b5ff0c03ce756b4a7a2) C:\Windows\system32\DRIVERS\srv.sys
2011/01/02 05:48:54.0610 srv2 (d69b44e3b000c2ff583f10c65489b4fb) C:\Windows\system32\DRIVERS\srv2.sys
2011/01/02 05:48:54.0633 srvnet (2d10de9022822772adaa120b15a9bd03) C:\Windows\system32\DRIVERS\srvnet.sys
2011/01/02 05:48:54.0660 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
2011/01/02 05:48:54.0689 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/01/02 05:48:54.0711 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/01/02 05:48:54.0737 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/01/02 05:48:54.0805 Tcpip (0e6b0885c3d5e4643ed2d043de3433d8) C:\Windows\system32\drivers\tcpip.sys
2011/01/02 05:48:54.0846 Tcpip6 (0e6b0885c3d5e4643ed2d043de3433d8) C:\Windows\system32\DRIVERS\tcpip.sys
2011/01/02 05:48:54.0943 tcpipreg (b085a1c98f96ba7882a27b001becf5ac) C:\Windows\system32\drivers\tcpipreg.sys
2011/01/02 05:48:54.0963 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
2011/01/02 05:48:54.0977 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
2011/01/02 05:48:55.0010 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
2011/01/02 05:48:55.0057 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
2011/01/02 05:48:55.0108 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/01/02 05:48:55.0122 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
2011/01/02 05:48:55.0139 tunnel (119b8184e106baedc83fce5ddf3950da) C:\Windows\system32\DRIVERS\tunnel.sys
2011/01/02 05:48:55.0162 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
2011/01/02 05:48:55.0186 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
2011/01/02 05:48:55.0228 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
2011/01/02 05:48:55.0261 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
2011/01/02 05:48:55.0281 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/01/02 05:48:55.0311 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/01/02 05:48:55.0341 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
2011/01/02 05:48:55.0390 UnlockerDriver5 (bb879dcfd22926efbeb3298129898cbb) C:\Program Files\Unlocker\UnlockerDriver5.sys
2011/01/02 05:48:55.0429 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
2011/01/02 05:48:55.0461 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/01/02 05:48:55.0501 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/01/02 05:48:55.0553 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/01/02 05:48:55.0580 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
2011/01/02 05:48:55.0602 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys
2011/01/02 05:48:55.0637 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
2011/01/02 05:48:55.0664 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/01/02 05:48:55.0685 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/01/02 05:48:55.0717 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/01/02 05:48:55.0733 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
2011/01/02 05:48:55.0760 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
2011/01/02 05:48:55.0795 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
2011/01/02 05:48:55.0815 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
2011/01/02 05:48:55.0843 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
2011/01/02 05:48:55.0865 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
2011/01/02 05:48:55.0942 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
2011/01/02 05:48:55.0984 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
2011/01/02 05:48:56.0009 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/01/02 05:48:56.0035 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/02 05:48:56.0043 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
2011/01/02 05:48:56.0066 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
2011/01/02 05:48:56.0096 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
2011/01/02 05:48:56.0154 wip0204 (2944bed10ffd9369da9a988d8ac899e4) C:\Windows\system32\DRIVERS\wip0204.sys
2011/01/02 05:48:56.0173 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/01/02 05:48:56.0227 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/01/02 05:48:56.0263 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/01/02 05:48:56.0301 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/01/02 05:48:56.0347 yukonwlh (7d1f3b131d503ef43ee594b5a2b9b427) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/01/02 05:48:56.0392 ================================================================================
2011/01/02 05:48:56.0392 Scan finished
2011/01/02 05:48:56.0392 ================================================================================
2011/01/02 05:48:56.0399 Detected object count: 1
2011/01/02 05:49:44.0253 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted after reboot
2011/01/02 05:49:44.0261 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted after reboot
2011/01/02 05:49:44.0297 HKLM\SYSTEM\ControlSet003\services\sptd - will be deleted after reboot
2011/01/02 05:49:44.0354 C:\Windows\system32\Drivers\sptd.sys - will be deleted after reboot
2011/01/02 05:49:44.0354 Locked file(sptd) - User select action: Delete
2011/01/02 05:49:53.0000 Deinitialize success


MBRCheck log:

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows Vista Home Premium Edition
Windows Information: Service Pack 2 (build 6002), 32-bit
Base Board Manufacturer: MICRO-STAR INTERNATIONAL CO.,LTD
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: MICRO-STAR INTERNATIONAL CO.,LTD
System Product Name: MS-7549
Logical Drives Mask: 0x0000007c

Kernel Drivers (total 153):
0x83400000 \SystemRoot\system32\ntkrnlpa.exe
0x837B9000 \SystemRoot\system32\hal.dll
0x80404000 \SystemRoot\system32\kdcom.dll
0x8040B000 \SystemRoot\system32\PSHED.dll
0x8041C000 \SystemRoot\system32\BOOTVID.dll
0x80424000 \SystemRoot\system32\CLFS.SYS
0x80465000 \SystemRoot\system32\CI.dll
0x80545000 \SystemRoot\system32\drivers\klmdb.sys
0x80557000 \SystemRoot\system32\drivers\Wdf01000.sys
0x805D3000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x80601000 \SystemRoot\System32\Drivers\sptd.sys
0x806F4000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x806FD000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x80723000 \SystemRoot\system32\drivers\acpi.sys
0x80769000 \SystemRoot\system32\drivers\msisadrv.sys
0x80771000 \SystemRoot\system32\drivers\pci.sys
0x80798000 \SystemRoot\System32\drivers\partmgr.sys
0x807A7000 \SystemRoot\system32\drivers\volmgr.sys
0x807B6000 \SystemRoot\System32\drivers\volmgrx.sys
0x805E0000 \SystemRoot\system32\drivers\pciide.sys
0x805E7000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x83A04000 \SystemRoot\System32\drivers\mountmgr.sys
0x83A14000 \SystemRoot\system32\drivers\atapi.sys
0x83A1C000 \SystemRoot\system32\drivers\ataport.SYS
0x83A3A000 \SystemRoot\system32\drivers\fltmgr.sys
0x83A6C000 \SystemRoot\system32\drivers\fileinfo.sys
0x83A7C000 \SystemRoot\System32\Drivers\ksecdd.sys
0x83AED000 \SystemRoot\system32\drivers\ndis.sys
0x8440A000 \SystemRoot\system32\drivers\msrpc.sys
0x84435000 \SystemRoot\system32\drivers\NETIO.SYS
0x84470000 \SystemRoot\System32\drivers\tcpip.sys
0x84558000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x8460D000 \SystemRoot\System32\Drivers\Ntfs.sys
0x8471D000 \SystemRoot\system32\drivers\wd.sys
0x84725000 \SystemRoot\system32\drivers\volsnap.sys
0x8475E000 \SystemRoot\System32\Drivers\spldr.sys
0x84766000 \SystemRoot\system32\DRIVERS\sbp2port.sys
0x8477C000 \SystemRoot\System32\Drivers\mup.sys
0x8478B000 \SystemRoot\System32\drivers\ecache.sys
0x847B2000 \SystemRoot\system32\drivers\disk.sys
0x847C3000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x847E4000 \SystemRoot\system32\DRIVERS\AtiPcie.sys
0x847EC000 \SystemRoot\system32\drivers\crcdisk.sys
0x8457B000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x84586000 \SystemRoot\system32\DRIVERS\tunmp.sys
0x8458F000 \SystemRoot\system32\DRIVERS\processr.sys
0x93C0F000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x94520000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x94522000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x945C3000 \SystemRoot\System32\drivers\watchdog.sys
0x945CF000 \SystemRoot\system32\DRIVERS\Rtlh86.sys
0x945F5000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x8459E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x93C00000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x845DC000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x845F4000 \SystemRoot\System32\Drivers\GEARAspiWDM.sys
0x94809000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x94896000 \SystemRoot\system32\DRIVERS\serial.sys
0x948B0000 \SystemRoot\system32\DRIVERS\serenum.sys
0x948BA000 \SystemRoot\system32\DRIVERS\parport.sys
0x948D2000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x948DB000 \SystemRoot\system32\DRIVERS\msiscsi.sys
0x9490A000 \SystemRoot\system32\DRIVERS\storport.sys
0x9494B000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x94956000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x9496D000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x94978000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x9499B000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x949AA000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x949BE000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x949D3000 \SystemRoot\system32\DRIVERS\hamachi.sys
0x949D6000 \SystemRoot\system32\DRIVERS\wip0204.sys
0x949DB000 \SystemRoot\system32\DRIVERS\remobo32.sys
0x949E6000 \SystemRoot\System32\Drivers\pcouffin.sys
0x94C0D000 \SystemRoot\system32\DRIVERS\termdd.sys
0x94C1D000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x94C28000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x94C33000 \SystemRoot\system32\DRIVERS\swenum.sys
0x94C35000 \SystemRoot\system32\DRIVERS\ks.sys
0x94C5F000 \SystemRoot\system32\DRIVERS\AmdLLD.sys
0x94C6E000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x94C78000 \SystemRoot\system32\DRIVERS\umbus.sys
0x94C85000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x94CBA000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x95005000 \SystemRoot\system32\drivers\RTKVHDA.sys
0x952AA000 \SystemRoot\system32\drivers\portcls.sys
0x952D7000 \SystemRoot\system32\drivers\drmk.sys
0x952FC000 \??\C:\Windows\system32\SAVRKBootTasks.sys
0x95301000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0x9530A000 \SystemRoot\System32\Drivers\Null.SYS
0x95311000 \SystemRoot\System32\Drivers\Beep.SYS
0x95334000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x9533B000 \SystemRoot\System32\drivers\vga.sys
0x95347000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x95368000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x95370000 \SystemRoot\system32\drivers\rdpencdd.sys
0x95378000 \SystemRoot\System32\Drivers\Msfs.SYS
0x95383000 \SystemRoot\System32\Drivers\Npfs.SYS
0x95391000 \SystemRoot\System32\DRIVERS\rasacd.sys
0x9539A000 \SystemRoot\system32\DRIVERS\tdx.sys
0x953B0000 \SystemRoot\system32\DRIVERS\smb.sys
0x953C4000 \SystemRoot\System32\DRIVERS\netbt.sys
0x94CCB000 \SystemRoot\system32\drivers\afd.sys
0x95318000 \SystemRoot\system32\DRIVERS\pacer.sys
0x94D13000 \SystemRoot\system32\DRIVERS\netbios.sys
0x94D21000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x94D34000 \SystemRoot\System32\Drivers\SCDEmu.SYS
0x94D42000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x953F6000 \SystemRoot\system32\drivers\nsiproxy.sys
0x94D7E000 \SystemRoot\System32\Drivers\dfsc.sys
0x94D95000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x94D9E000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x95000000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x94DAE000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x94DB6000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x94DCD000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0x94DD6000 \SystemRoot\system32\drivers\usbaudio.sys
0x94DE8000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x94C00000 \SystemRoot\System32\Drivers\crashdmp.sys
0x949F2000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x94800000 \SystemRoot\System32\Drivers\dump_atapi.sys
0x9BE70000 \SystemRoot\System32\win32k.sys
0x84600000 \SystemRoot\System32\drivers\Dxapi.sys
0x9F005000 \SystemRoot\system32\DRIVERS\monitor.sys
0x9C090000 \SystemRoot\System32\TSDDD.dll
0x9C0B0000 \SystemRoot\System32\cdd.dll
0x9C0C0000 \SystemRoot\System32\ATMFD.DLL
0x9F014000 \SystemRoot\system32\drivers\luafv.sys
0x9F02F000 \SystemRoot\system32\drivers\spsys.sys
0x9F0DF000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x9F0EF000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x9F119000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x9F123000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x9F136000 \SystemRoot\system32\drivers\HTTP.sys
0x9F1A1000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x9F1BE000 \SystemRoot\system32\DRIVERS\bowser.sys
0x9F1D7000 \SystemRoot\System32\drivers\mpsdrv.sys
0xA340C000 \SystemRoot\system32\drivers\mrxdav.sys
0xA342D000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xA344C000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0xA3485000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0xA349D000 \SystemRoot\System32\DRIVERS\srv2.sys
0xA34C4000 \SystemRoot\System32\DRIVERS\srv.sys
0xA3510000 \SystemRoot\system32\DRIVERS\asyncmac.sys
0xA3519000 \SystemRoot\system32\DRIVERS\parvdm.sys
0xA3520000 \SystemRoot\system32\DRIVERS\atksgt.sys
0xA3563000 \SystemRoot\system32\DRIVERS\lirsgt.sys
0xA3568000 \??\C:\Windows\nvflash.sys
0xAC004000 \SystemRoot\system32\drivers\peauth.sys
0xAC0E2000 \SystemRoot\System32\Drivers\secdrv.SYS
0xAC0EC000 \SystemRoot\System32\drivers\tcpipreg.sys
0xAC0F8000 \SystemRoot\system32\drivers\klmd.sys
0x77D10000 \Windows\System32\ntdll.dll

Processes (total 57):
0 System Idle Process
4 System
528 C:\Windows\System32\smss.exe
664 csrss.exe
716 C:\Windows\System32\wininit.exe
728 csrss.exe
760 C:\Windows\System32\services.exe
772 C:\Windows\System32\lsass.exe
780 C:\Windows\System32\lsm.exe
888 C:\Windows\System32\winlogon.exe
956 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\nvvsvc.exe
1032 C:\Windows\System32\svchost.exe
1084 C:\Windows\System32\svchost.exe
1124 C:\Windows\System32\Ati2evxx.exe
1144 C:\Windows\System32\svchost.exe
1168 C:\Windows\System32\svchost.exe
1204 C:\Windows\System32\svchost.exe
1356 C:\Windows\System32\audiodg.exe
1392 C:\Windows\System32\SLsvc.exe
1432 C:\Windows\System32\svchost.exe
1556 C:\Windows\System32\svchost.exe
1568 C:\Windows\System32\nvvsvc.exe
1720 C:\Windows\System32\Ati2evxx.exe
1812 C:\Windows\System32\spoolsv.exe
1848 C:\Windows\System32\svchost.exe
1348 C:\Windows\System32\taskeng.exe
1484 C:\Windows\System32\dwm.exe
1580 C:\Windows\explorer.exe
2216 C:\Program Files\Windows Defender\MSASCui.exe
2224 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
2252 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
2332 C:\Program Files\Windows Media Player\wmpnscfg.exe
2384 C:\Users\Jason\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe
2556 C:\Program Files\Pidgin\pidgin.exe
2616 C:\Windows\System32\svchost.exe
2648 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
2660 C:\Program Files\Bonjour\mDNSResponder.exe
2700 C:\Windows\System32\oodag.exe
2916 C:\Windows\System32\PnkBstrA.exe
2980 C:\Windows\System32\svchost.exe
3000 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
3032 C:\Windows\System32\svchost.exe
3056 C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
3088 C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe
3124 C:\Windows\System32\svchost.exe
3176 C:\Windows\System32\SearchIndexer.exe
3448 C:\Program Files\Windows Media Player\wmpnetwk.exe
3660 C:\Windows\System32\taskeng.exe
3856 C:\Windows\System32\wuauclt.exe
844 C:\Users\Jason\Desktop\TDSSKiller.exe
2060 C:\Program Files\Mozilla Firefox\firefox.exe
2852 C:\Program Files\Mozilla Firefox\plugin-container.exe
3444 C:\Windows\System32\notepad.exe
652 C:\Windows\System32\SearchProtocolHost.exe
2528 C:\Windows\System32\SearchFilterHost.exe
1452 C:\Users\Jason\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000 (NTFS)

PhysicalDrive0 Model Number: ST3500320AS, Rev: SD15

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!

#9 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:27 PM

Posted 02 January 2011 - 02:49 PM

Can you run Combofix now?

If not then please follow the instructions below

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Posted Image
m0le is a proud member of UNITE

#10 Redizhot

Redizhot
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:27 AM

Posted 02 January 2011 - 03:29 PM

Tried it again, didn't work, I let it run for about 20 minutes and nothing had really changed, the clock actually had froze for about 8 minutes before I stopped combofix.

Here are the OTL logs:

OTL.txt:

OTL logfile created on: 1/2/2011 12:24:33 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Jason\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 71.20 Gb Free Space | 15.29% Space Free | Partition Type: NTFS
Drive D: | 2.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: JASON-PC | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Jason\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Jason\AppData\Local\Google\Update\1.2.183.39\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - \\?\C:\Windows\System32\wbem\WMIADAP.EXE ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\oodag.exe (O&O Software GmbH)
PRC - C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\Jason\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (PEVSystemStart) -- C:\comfix.exe20057c\PEV.cfx File not found
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_aeec0f0.dll ()
SRV - (LiveTurbineMessageService) -- C:\Program Files\Turbine\Turbine Download Manager\TurbineMessageService.exe (Turbine, Inc.)
SRV - (LiveTurbineNetworkService) -- C:\Program Files\Turbine\Turbine Download Manager\TurbineNetworkService.exe (Turbine, Inc.)
SRV - (DAUpdaterSvc) -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (TeamViewer4) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (O&O Defrag) -- C:\Windows\System32\oodag.exe (O&O Software GmbH)
SRV - (UpdateCenterService) -- C:\Program Files\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (MSICDSetup) -- D:\CDriver.sys File not found
DRV - (MEMSWEEP2) -- C:\Windows\System32\897.tmp File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (asbp2poa) -- C:\Users\Jason\AppData\Local\Temp\asbp2poa.sys File not found
DRV - (ALSysIO) -- C:\Users\Jason\AppData\Local\Temp\ALSysIO.sys File not found
DRV - (SAVRKBootTasks) -- C:\Windows\System32\SAVRKBootTasks.sys (Sophos Plc)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (hipeer20) -- C:\Windows\System32\drivers\remobo32.sys (Windows ® Codename Longhorn DDK provider)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (wip0204) -- C:\Windows\System32\drivers\wip0204.sys (Wippien Software)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows ® 2000 DDK provider)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (NVR0FLASHDev) -- C:\Windows\nvflash.sys (NVidia Corp.)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (MSDV) -- C:\Windows\System32\drivers\msdv.sys (Microsoft Corporation)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel® -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (61883) -- C:\Windows\System32\drivers\61883.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (Avc) -- C:\Windows\System32\drivers\avc.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (nvsmu) -- C:\Windows\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (AmdLLD) -- C:\Windows\System32\drivers\AmdLLD.sys (AMD, Inc.)
DRV - (BVRPMPR5) -- C:\Windows\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (yukonwlh) -- C:\Windows\System32\drivers\yk60x86.sys (Marvell)
DRV - (QCDonner) Logitech QuickCam Express(PID_0840) -- C:\Windows\System32\drivers\lvcd.sys (Logitech Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: calendar-timezones@mozilla.org:0.1.2008d
FF - prefs.js..extensions.enabledItems: default-palette@celtx.com:1.0
FF - prefs.js..extensions.enabledItems: emoticons-msn-smileys@m513901.de:0.1
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.0
FF - prefs.js..extensions.enabledItems: messagestyle-blackened@addons.instantbird.org:0.9
FF - prefs.js..extensions.enabledItems: messagestyle-depth@addons.instantbird.org:1.1
FF - prefs.js..extensions.enabledItems: messagestyle-minimal20@addons.instantbird.org:1.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:2.0

FF - HKLM\software\mozilla\Firefox\Extensions\\{97E0B7E8-218A-427F-A16E-D964C01B4347}: C:\Users\Jason\AppData\Local\{97E0B7E8-218A-427F-A16E-D964C01B4347} [2010/06/06 09:17:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2010/12/30 06:13:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/24 07:13:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/17 22:48:15 | 000,000,000 | ---D | M]

[2010/02/24 01:18:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\Mozilla\Extensions
[2008/08/03 21:22:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010/02/24 01:18:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\Mozilla\Extensions\celtx@celtx.com
[2011/01/01 18:26:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\bbkp2mhh.default\extensions
[2010/11/29 14:54:34 | 000,000,000 | ---D | M] (Session Manager) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\bbkp2mhh.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}
[2010/11/29 14:54:34 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\bbkp2mhh.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/06/24 14:44:11 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\bbkp2mhh.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2010/10/18 09:19:40 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\bbkp2mhh.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/11/29 14:54:34 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\bbkp2mhh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/11/29 15:02:10 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\bbkp2mhh.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2010/04/14 02:11:00 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\bbkp2mhh.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/03/16 01:23:09 | 000,000,000 | ---D | M] ("FireNes") -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\bbkp2mhh.default\extensions\firenes@facundo.zaldo
[2010/10/18 09:19:42 | 000,000,000 | ---D | M] (NASA Night Launch) -- C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\bbkp2mhh.default\extensions\nasanightlaunch@example.com
[2011/01/01 18:26:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/12/17 22:48:15 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/06/10 14:40:18 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2008/08/03 21:57:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[2008/09/02 00:21:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
[2008/08/16 08:25:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[2009/07/21 22:58:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[2009/12/17 11:00:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010/12/17 18:38:36 | 000,000,000 | ---D | M] (Timezone Definitions for Mozilla Calendar) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\CALENDAR-TIMEZONES@MOZILLA.ORG
[2010/02/09 20:40:31 | 000,000,000 | ---D | M] (Default Shot Palette) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\DEFAULT-PALETTE@CELTX.COM
[2010/02/09 20:40:31 | 000,000,000 | ---D | M] (MSN-Smileys) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\EMOTICONS-MSN-SMILEYS@M513901.DE
[2010/12/17 18:38:36 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\INSPECTOR@MOZILLA.ORG
[2010/02/09 20:40:31 | 000,000,000 | ---D | M] (Blackened) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\MESSAGESTYLE-BLACKENED@ADDONS.INSTANTBIRD.ORG
[2010/02/09 20:40:31 | 000,000,000 | ---D | M] (Depth) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\MESSAGESTYLE-DEPTH@ADDONS.INSTANTBIRD.ORG
[2010/02/09 20:40:31 | 000,000,000 | ---D | M] (Minimal) -- C:\PROGRAM FILES\CELTX\EXTENSIONS\MESSAGESTYLE-MINIMAL20@ADDONS.INSTANTBIRD.ORG
[2010/12/17 22:48:06 | 000,025,048 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010/12/17 22:48:06 | 000,140,248 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007/04/10 16:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2009/10/11 04:17:27 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2008/06/11 22:13:32 | 000,075,184 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
[2010/12/17 22:48:09 | 000,066,520 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2006/10/26 19:12:16 | 000,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
[2007/05/10 21:52:34 | 000,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2010/01/19 18:04:10 | 000,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
[2010/01/21 13:06:40 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2010/01/21 13:06:40 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2010/01/21 13:06:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2010/01/21 13:06:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2010/01/21 13:06:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2010/01/21 13:06:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2010/01/21 13:06:41 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010/01/19 18:04:13 | 000,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
[2010/01/19 18:04:08 | 000,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
[2010/12/17 22:48:11 | 000,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2010/12/17 22:48:11 | 000,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2010/12/17 22:48:11 | 000,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2010/12/17 22:48:11 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2010/12/17 22:48:11 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010/12/17 22:48:11 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2010/12/17 22:48:12 | 000,001,096 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: ([2008/08/31 09:51:30 | 000,262,111 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.1001-search.info
O1 - Hosts: 127.0.0.1 1001-search.info
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 9097 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Users\Jason\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000056 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000057 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1979 ([http] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Jason\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jason\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 13:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009/07/16 14:13:07 | 001,246,440 | R--- | M] (BioWare) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2010/01/26 13:22:17 | 000,000,052 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{2bcd1c25-a38a-11df-860e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2bcd1c25-a38a-11df-860e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Installer.exe -- File not found
O33 - MountPoints2\{4b0406ed-a668-11df-a631-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4b0406ed-a668-11df-a631-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2009/07/16 14:13:07 | 001,246,440 | R--- | M] (BioWare)
O33 - MountPoints2\{85c22a1b-6221-11dd-a4e1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{85c22a1b-6221-11dd-a4e1-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2009/07/16 14:13:07 | 001,246,440 | R--- | M] (BioWare)
O33 - MountPoints2\{9de024e9-ab8f-11dd-afed-001fd0844291}\Shell - "" = AutoRun
O33 - MountPoints2\{9de024e9-ab8f-11dd-afed-001fd0844291}\Shell\AutoRun\command - "" = G:\AUTOMENU.EXE -- File not found
O33 - MountPoints2\{b3ec1276-7b22-11dd-909d-001fd0844291}\Shell - "" = AutoRun
O33 - MountPoints2\{b3ec1276-7b22-11dd-909d-001fd0844291}\Shell\AutoRun\command - "" = E:\_AUTORUN\AUTORUN.EXE -- File not found
O33 - MountPoints2\{b3ec1276-7b22-11dd-909d-001fd0844291}\Shell\instDX\command - "" = E:\directX\dxsetup.exe -- File not found
O33 - MountPoints2\{b3ec1276-7b22-11dd-909d-001fd0844291}\Shell\readme\command - "" = notepad readme.txt
O33 - MountPoints2\{f4a56c5f-6646-11dd-8023-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f4a56c5f-6646-11dd-8023-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Installer.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\ffxivsetup.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\OblivionLauncher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (OODBS) - C:\Windows\System32\OODBS.exe (O&O Software GmbH)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/02 12:20:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2011/01/02 11:55:09 | 000,000,000 | --SD | C] -- C:\comfix.exe20057c
[2011/01/02 11:54:50 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/01/02 05:48:41 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/01/02 05:16:28 | 001,345,624 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jason\Desktop\TDSSKiller.exe
[2011/01/02 05:16:28 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\tdsskiller
[2010/12/30 06:17:05 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
[2010/12/30 06:16:29 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Apps
[2010/12/30 06:16:25 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Deployment
[2010/12/30 06:12:14 | 000,000,000 | RH-D | C] -- C:\AHCache
[2010/12/29 13:08:36 | 000,000,000 | --SD | C] -- C:\comfix.exe29972c
[2010/12/29 12:39:29 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/12/29 12:39:29 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/12/29 12:39:29 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/12/29 12:39:24 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/12/29 12:39:23 | 000,000,000 | --SD | C] -- C:\comfix.exe
[2010/12/29 12:39:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/12/26 01:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2010/12/24 17:49:19 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\junosscars
[2010/12/24 04:58:08 | 000,000,000 | ---D | C] -- C:\Users\Jason\Documents\Bioshock
[2010/12/24 04:58:08 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Bioshock
[2010/12/24 04:57:14 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll
[2010/12/24 04:57:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll
[2010/12/24 04:57:13 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll
[2010/12/24 04:57:13 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll
[2010/12/24 04:57:13 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll
[2010/12/24 04:57:13 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll
[2010/12/24 04:57:13 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll
[2010/12/24 04:57:12 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll
[2010/12/24 04:57:12 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll
[2010/12/24 04:57:12 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll
[2010/12/24 04:57:12 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll
[2010/12/24 04:57:11 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010/12/24 04:57:11 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll
[2010/12/24 04:57:11 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll
[2010/12/24 04:57:11 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll
[2010/12/24 04:57:11 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll
[2010/12/24 04:57:11 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll
[2010/12/24 04:57:10 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll
[2010/12/24 04:57:10 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll
[2010/12/24 04:57:10 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll
[2010/12/24 04:56:57 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010/12/24 04:56:57 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll
[2010/12/24 04:56:57 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll
[2010/12/24 04:56:56 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll
[2010/12/24 04:56:55 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010/12/24 04:56:54 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll
[2010/12/24 04:56:52 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll
[2010/12/22 13:49:27 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\enchant
[2010/12/22 00:13:44 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Polynomial
[2010/12/21 21:55:34 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll
[2010/12/21 21:55:34 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll
[2010/12/21 21:55:33 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010/12/21 21:55:33 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010/12/21 21:55:32 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010/12/21 21:47:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2010/12/20 22:49:33 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Port Forwarding
[2010/12/20 22:49:31 | 000,000,000 | ---D | C] -- C:\Windows\Simple Port Forwarding
[2010/12/20 22:49:31 | 000,000,000 | ---D | C] -- C:\Program Files\Simple Port Forwarding
[2010/12/19 12:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/12/19 12:53:18 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2010/12/19 12:47:20 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\softontheinside
[2010/12/17 22:51:57 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\gmer
[2010/12/17 20:49:32 | 000,018,816 | ---- | C] (Sophos Plc) -- C:\Windows\System32\SAVRKBootTasks.sys
[2010/12/17 20:46:01 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Apple
[2010/12/17 20:45:31 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Local\Apple Computer
[2010/12/17 18:59:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2010/12/17 18:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2010/12/17 18:51:51 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2010/12/17 17:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2010/12/17 17:13:53 | 000,000,000 | ---D | C] -- C:\Rooter$
[2010/12/17 17:09:13 | 000,000,000 | ---D | C] -- C:\Avenger
[2010/12/17 15:35:22 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/12/17 15:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/12/17 15:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2010/12/17 15:27:41 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/12/15 21:56:01 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\The Budos Band III (2010)
[2010/12/12 15:13:36 | 000,000,000 | ---D | C] -- C:\Users\Jason\AppData\Roaming\Mumble
[2010/12/06 03:28:07 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\bag it up
[2010/12/05 19:33:48 | 000,000,000 | ---D | C] -- C:\Users\Jason\Desktop\ArCaDe
[2008/08/12 18:16:44 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Jason\AppData\Roaming\pcouffin.sys
[4 C:\Users\Jason\Documents\*.tmp files -> C:\Users\Jason\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Jason\Desktop\*.tmp files -> C:\Users\Jason\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/02 12:24:15 | 000,636,754 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/02 12:24:15 | 000,117,882 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/02 12:20:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jason\Desktop\OTL.exe
[2011/01/02 12:17:59 | 000,083,779 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/01/02 12:17:58 | 000,083,779 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/01/02 12:17:47 | 000,004,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/02 12:17:47 | 000,004,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/02 12:17:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/02 12:17:32 | 000,667,871 | ---- | M] () -- C:\Windows\System32\oodbs.lor
[2011/01/02 11:28:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3155750797-3401069412-3076803265-1000UA.job
[2011/01/02 07:47:08 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5524D2B4-DD9F-44D3-909C-69B9A8B07A37}.job
[2011/01/02 07:33:26 | 000,080,384 | ---- | M] () -- C:\Users\Jason\Desktop\MBRCheck(2).exe
[2011/01/02 07:32:15 | 000,080,384 | ---- | M] () -- C:\Users\Jason\Desktop\MBRCheck.exe
[2011/01/02 05:16:18 | 001,232,020 | ---- | M] () -- C:\Users\Jason\Desktop\tdsskiller.zip
[2011/01/01 23:28:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3155750797-3401069412-3076803265-1000Core.job
[2011/01/01 06:50:11 | 000,081,920 | ---- | M] () -- C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/30 06:34:29 | 066,328,340 | ---- | M] () -- C:\Users\Jason\Desktop\gs.rar
[2010/12/30 06:11:46 | 000,401,728 | ---- | M] () -- C:\Users\Jason\Desktop\setup.exe
[2010/12/30 03:44:08 | 000,050,196 | ---- | M] () -- C:\Users\Jason\Desktop\OH HERRO.png
[2010/12/29 18:45:27 | 000,175,559 | ---- | M] () -- C:\Users\Jason\Desktop\Frequency - Inventions and Confidentiality Agreement.docx
[2010/12/29 12:33:33 | 003,999,260 | R--- | M] () -- C:\Users\Jason\Desktop\comfix.exe.exe
[2010/12/27 06:08:24 | 000,583,807 | ---- | M] () -- C:\Users\Jason\Desktop\aaauuuggghh.gif
[2010/12/24 05:08:32 | 000,002,287 | ---- | M] () -- C:\Users\Jason\Desktop\Steam.lnk
[2010/12/21 21:55:36 | 000,001,495 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2010/12/20 22:46:16 | 000,059,639 | ---- | M] () -- C:\Users\Jason\Desktop\minecraft-server.zip
[2010/12/20 22:36:34 | 000,531,702 | ---- | M] () -- C:\Users\Jason\Desktop\Minecraft_Server.exe
[2010/12/19 12:53:18 | 000,001,948 | ---- | M] () -- C:\Users\Jason\Desktop\HiJackThis.lnk
[2010/12/19 12:52:46 | 001,402,880 | ---- | M] () -- C:\Users\Jason\Desktop\HiJackThis.msi
[2010/12/17 21:30:21 | 000,624,128 | ---- | M] () -- C:\Users\Jason\Desktop\dds.scr
[2010/12/17 18:59:52 | 001,376,832 | ---- | M] () -- C:\Users\Jason\Desktop\sar_15_sfx.exe
[2010/12/17 15:51:38 | 000,002,708 | ---- | M] () -- C:\Users\Jason\AppData\Local\d3d9caps.dat
[2010/12/16 09:47:52 | 001,345,624 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jason\Desktop\TDSSKiller.exe
[2010/12/15 22:55:36 | 000,032,256 | ---- | M] () -- C:\Users\Jason\Desktop\450 review.doc
[2010/12/13 12:08:25 | 000,000,117 | ---- | M] () -- C:\Users\Jason\jagex_runescape_preferences2.dat
[2010/12/13 12:08:25 | 000,000,069 | ---- | M] () -- C:\Users\Jason\jagex_runescape_preferences.dat
[2010/12/12 15:15:08 | 000,002,377 | ---- | M] () -- C:\Users\Jason\Documents\MumbleAutomaticCertificateBackup.p12
[2010/12/09 03:26:50 | 000,010,464 | ---- | M] () -- C:\Users\Jason\Documents\title page.docx
[2010/12/09 03:08:53 | 000,024,846 | ---- | M] () -- C:\Users\Jason\Documents\castlej_JAReport.docx
[2010/12/09 03:04:45 | 000,031,930 | ---- | M] () -- C:\Users\Jason\Documents\castlej_JA.docx
[2010/12/09 00:45:30 | 000,000,000 | ---- | M] () -- C:\Users\Jason\Desktop\mj2010.rar
[2010/12/08 22:49:40 | 000,000,162 | -H-- | M] () -- C:\Users\Jason\Documents\~$stlej_JA.docx
[2010/12/08 22:49:37 | 000,000,162 | -H-- | M] () -- C:\Users\Jason\Documents\~$stlej_JAReport.docx
[2010/12/08 04:07:14 | 000,022,387 | ---- | M] () -- C:\Users\Jason\Documents\castlej_PA.docx
[2010/12/08 01:59:45 | 000,014,141 | ---- | M] () -- C:\Users\Jason\Documents\Jasons450paper.docx
[2010/12/05 04:52:37 | 082,707,184 | ---- | M] () -- C:\Users\Jason\Desktop\You Are Here.rar
[2010/12/04 04:33:55 | 003,187,323 | ---- | M] () -- C:\Users\Jason\Desktop\Second City Almanac.pdf
[4 C:\Users\Jason\Documents\*.tmp files -> C:\Users\Jason\Documents\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Jason\Desktop\*.tmp files -> C:\Users\Jason\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/02 07:33:26 | 000,080,384 | ---- | C] () -- C:\Users\Jason\Desktop\MBRCheck(2).exe
[2011/01/02 07:32:15 | 000,080,384 | ---- | C] () -- C:\Users\Jason\Desktop\MBRCheck.exe
[2011/01/02 05:16:16 | 001,232,020 | ---- | C] () -- C:\Users\Jason\Desktop\tdsskiller.zip
[2010/12/30 06:32:41 | 066,328,340 | ---- | C] () -- C:\Users\Jason\Desktop\gs.rar
[2010/12/30 06:11:34 | 000,401,728 | ---- | C] () -- C:\Users\Jason\Desktop\setup.exe
[2010/12/30 03:43:59 | 000,050,196 | ---- | C] () -- C:\Users\Jason\Desktop\OH HERRO.png
[2010/12/29 18:45:25 | 000,175,559 | ---- | C] () -- C:\Users\Jason\Desktop\Frequency - Inventions and Confidentiality Agreement.docx
[2010/12/29 12:39:29 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/12/29 12:39:29 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/12/29 12:39:29 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2010/12/29 12:39:29 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/12/29 12:39:29 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/12/29 12:33:25 | 003,999,260 | R--- | C] () -- C:\Users\Jason\Desktop\comfix.exe.exe
[2010/12/27 06:08:20 | 000,583,807 | ---- | C] () -- C:\Users\Jason\Desktop\aaauuuggghh.gif
[2010/12/21 21:55:36 | 000,001,495 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2010/12/20 22:46:15 | 000,059,639 | ---- | C] () -- C:\Users\Jason\Desktop\minecraft-server.zip
[2010/12/20 22:36:32 | 000,531,702 | ---- | C] () -- C:\Users\Jason\Desktop\Minecraft_Server.exe
[2010/12/19 12:53:18 | 000,001,948 | ---- | C] () -- C:\Users\Jason\Desktop\HiJackThis.lnk
[2010/12/19 12:52:43 | 001,402,880 | ---- | C] () -- C:\Users\Jason\Desktop\HiJackThis.msi
[2010/12/17 21:30:17 | 000,624,128 | ---- | C] () -- C:\Users\Jason\Desktop\dds.scr
[2010/12/17 18:59:51 | 001,376,832 | ---- | C] () -- C:\Users\Jason\Desktop\sar_15_sfx.exe
[2010/12/15 22:55:36 | 000,032,256 | ---- | C] () -- C:\Users\Jason\Desktop\450 review.doc
[2010/12/12 15:15:08 | 000,002,377 | ---- | C] () -- C:\Users\Jason\Documents\MumbleAutomaticCertificateBackup.p12
[2010/12/09 03:26:49 | 000,010,464 | ---- | C] () -- C:\Users\Jason\Documents\title page.docx
[2010/12/09 00:45:30 | 000,000,000 | ---- | C] () -- C:\Users\Jason\Desktop\mj2010.rar
[2010/12/08 22:49:40 | 000,000,162 | -H-- | C] () -- C:\Users\Jason\Documents\~$stlej_JA.docx
[2010/12/08 22:49:37 | 000,000,162 | -H-- | C] () -- C:\Users\Jason\Documents\~$stlej_JAReport.docx
[2010/12/08 01:59:44 | 000,014,141 | ---- | C] () -- C:\Users\Jason\Documents\Jasons450paper.docx
[2010/12/05 17:20:15 | 000,024,846 | ---- | C] () -- C:\Users\Jason\Documents\castlej_JAReport.docx
[2010/12/05 16:10:57 | 000,031,930 | ---- | C] () -- C:\Users\Jason\Documents\castlej_JA.docx
[2010/12/05 04:51:02 | 082,707,184 | ---- | C] () -- C:\Users\Jason\Desktop\You Are Here.rar
[2010/12/04 04:33:48 | 003,187,323 | ---- | C] () -- C:\Users\Jason\Desktop\Second City Almanac.pdf
[2010/09/10 14:50:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/08/12 16:05:38 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010/08/09 00:15:07 | 000,083,779 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/08/09 00:15:06 | 000,083,779 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/08/04 19:35:45 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2010/08/04 19:35:45 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2010/08/04 19:35:45 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2010/08/04 19:35:45 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2010/06/06 09:17:14 | 000,005,287 | ---- | C] () -- C:\Users\Jason\AppData\Local\Czecofudocaye.dat
[2010/06/06 09:17:14 | 000,000,000 | ---- | C] () -- C:\Users\Jason\AppData\Local\Wxonedo.bin
[2010/02/10 19:35:40 | 000,138,384 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010/01/19 18:07:58 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2009/09/12 15:42:24 | 000,000,093 | ---- | C] () -- C:\Users\Jason\AppData\Local\fusioncache.dat
[2009/08/06 20:04:36 | 001,549,608 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\698e8de9c79e614b8d6a96b5ce9682e6-i686.cache-2
[2009/05/26 01:49:55 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009/05/26 01:49:55 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009/05/18 13:09:09 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2008/11/12 01:43:20 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI
[2008/10/08 09:42:07 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/09/23 16:45:13 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2008/09/23 16:43:58 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2008/09/23 16:43:58 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2008/09/23 16:43:58 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2008/09/20 20:21:40 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2008/09/20 20:21:40 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2008/09/20 20:21:40 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2008/09/20 20:21:39 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2008/09/20 20:21:39 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2008/08/31 10:21:20 | 000,000,280 | ---- | C] () -- C:\Windows\System32\epoPGPsdk.dll.sig
[2008/08/12 18:17:32 | 000,000,668 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\vso_ts_preview.xml
[2008/08/12 18:17:10 | 000,000,034 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\pcouffin.log
[2008/08/12 18:16:44 | 000,087,608 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\inst.exe
[2008/08/12 18:16:44 | 000,007,887 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\pcouffin.cat
[2008/08/12 18:16:44 | 000,001,144 | ---- | C] () -- C:\Users\Jason\AppData\Roaming\pcouffin.inf
[2008/08/12 18:16:21 | 000,081,920 | ---- | C] () -- C:\Users\Jason\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/09 20:39:38 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2008/08/04 13:42:58 | 000,002,708 | ---- | C] () -- C:\Users\Jason\AppData\Local\d3d9caps.dat
[2008/03/18 18:04:49 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 04:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/01 23:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/08/29 23:00:00 | 000,781,312 | ---- | C] () -- C:\Windows\System32\RGSS102J.dll
[2005/08/29 23:00:00 | 000,778,752 | ---- | C] () -- C:\Windows\System32\RGSS102E.dll
[2005/08/29 23:00:00 | 000,771,584 | ---- | C] () -- C:\Windows\System32\RGSS100J.dll
[2004/03/26 08:56:40 | 000,017,191 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2000/01/27 23:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL

========== LOP Check ==========

[2009/09/24 12:02:33 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\.anki
[2010/11/10 10:07:23 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\.minecraft
[2011/01/02 11:51:05 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\.purple
[2009/04/14 22:48:09 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Acreon
[2009/05/15 16:14:36 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Auslogics
[2010/12/25 03:46:19 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Bioshock
[2009/08/15 11:57:59 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Braid
[2008/09/05 00:09:24 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\DAEMON Tools
[2010/12/17 21:30:03 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\DAEMON Tools Lite
[2009/05/26 01:31:37 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\DAEMON Tools Pro
[2010/10/16 01:31:01 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\dBpoweramp
[2010/12/22 13:49:27 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\enchant
[2010/02/24 01:18:50 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Greyfirst
[2010/09/21 20:25:36 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\gtk-2.0
[2009/08/21 00:19:53 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\HLSW
[2010/04/03 23:44:54 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\iConcertCal
[2008/08/21 20:37:24 | 000,000,000 | -H-D | M] -- C:\Users\Jason\AppData\Roaming\ijjigame
[2010/03/31 10:40:23 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Individual Software
[2009/06/05 02:36:26 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\IrfanView
[2009/05/10 13:48:59 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Language
[2010/06/08 23:50:54 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\LolClient
[2011/01/02 10:40:24 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Mumble
[2009/05/16 15:13:04 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Opera
[2010/12/22 00:22:12 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Polynomial
[2009/05/10 14:46:42 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Remobo
[2009/11/04 23:55:27 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\runic games
[2010/08/04 19:35:44 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Simply Super Software
[2009/11/02 19:13:21 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\SystemRequirementsLab
[2009/08/16 23:40:06 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\TeamViewer
[2009/07/28 13:08:43 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Ubisoft
[2010/11/02 17:22:45 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\uTorrent
[2009/06/08 02:31:41 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Vso
[2009/05/10 13:53:44 | 000,000,000 | ---D | M] -- C:\Users\Jason\AppData\Roaming\Wippien
[2011/01/02 11:51:39 | 000,032,594 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/01/02 07:47:08 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{5524D2B4-DD9F-44D3-909C-69B9A8B07A37}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >



Extras.txt:

OTL Extras logfile created on: 1/2/2011 12:24:33 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Jason\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 71.20 Gb Free Space | 15.29% Space Free | Partition Type: NTFS
Drive D: | 2.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: JASON-PC | User Name: Jason | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00D00FD3-A1FD-430D-935E-EB2B429E61F3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{01A4C631-B2E4-41DF-947E-5F0E2FAFD8A4}" = lport=6960 | protocol=17 | dir=in | name=league of legends launcher |
"{095C7040-9B5D-4D0E-8541-1D69604516E4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{142F2498-441B-4EC6-BFE0-992B6FD73C35}" = lport=6982 | protocol=6 | dir=in | name=league of legends launcher |
"{184E6AF8-3463-42BA-A131-2BB29434A958}" = lport=6936 | protocol=17 | dir=in | name=league of legends launcher |
"{1BB848C6-DFC0-4C4B-9D0E-A04BCE71D79F}" = lport=6946 | protocol=6 | dir=in | name=league of legends launcher |
"{1C50A17E-580B-44D1-BCCD-08A39BE63832}" = lport=6958 | protocol=6 | dir=in | name=league of legends launcher |
"{2205E629-A369-42CE-8CAE-D3FDEFC487B7}" = lport=6882 | protocol=17 | dir=in | name=league of legends launcher |
"{2EAE3359-B7EC-4716-80F4-A3A9DEB33D5C}" = lport=6968 | protocol=17 | dir=in | name=league of legends launcher |
"{2F0A53A6-4CD1-4D18-AE33-6F1B4D2B8989}" = lport=6971 | protocol=6 | dir=in | name=league of legends launcher |
"{307E3614-DE5C-46A6-992F-68A475DE1CCF}" = lport=6960 | protocol=6 | dir=in | name=league of legends launcher |
"{30853DC7-A5A6-4E30-A772-E1CD390D59D0}" = lport=6935 | protocol=17 | dir=in | name=league of legends launcher |
"{377DDA7A-7CD0-4F51-A634-8E69B4CFF424}" = lport=6937 | protocol=6 | dir=in | name=league of legends launcher |
"{39093708-DAA0-4D88-98A4-34D498472FAC}" = lport=6906 | protocol=17 | dir=in | name=league of legends launcher |
"{3F69856C-6039-4E37-A5B8-59640B012F27}" = lport=6924 | protocol=17 | dir=in | name=league of legends launcher |
"{40716DD5-E4EA-4C44-87B1-81BE21B64DEB}" = lport=6913 | protocol=6 | dir=in | name=league of legends launcher |
"{412428F3-7906-4648-91B5-C853A62CA855}" = lport=6974 | protocol=17 | dir=in | name=league of legends launcher |
"{47A81B58-1DBB-4854-B778-92B473E1470D}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
"{47E726F2-1981-47F3-9B51-B56B988A9F75}" = lport=6943 | protocol=6 | dir=in | name=league of legends launcher |
"{4C254BE4-FE0D-4E73-89FD-CB3C1515D52B}" = lport=6910 | protocol=17 | dir=in | name=league of legends launcher |
"{4FB570A7-2F35-46F4-9AD3-47CD09C96328}" = lport=6982 | protocol=17 | dir=in | name=league of legends launcher |
"{50CE7DF1-0AA8-4F25-8E63-316CADAE1EAD}" = lport=6927 | protocol=6 | dir=in | name=league of legends launcher |
"{5B18A17C-B3E3-4A4A-A780-61513F78A003}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{5C1A0764-CE42-47D4-B4B2-756D84C114AB}" = lport=6995 | protocol=17 | dir=in | name=league of legends launcher |
"{5DA3662C-3164-4A8B-B1D2-2C1008620B76}" = lport=6968 | protocol=6 | dir=in | name=league of legends launcher |
"{6020A925-AF6E-4686-8FF0-4AE52C722985}" = lport=6974 | protocol=6 | dir=in | name=league of legends launcher |
"{65EC6FE3-F470-4987-8440-F7F39571E920}" = lport=6927 | protocol=17 | dir=in | name=league of legends launcher |
"{67CFDC38-DBE7-43C3-A998-B3C03ABC0917}" = lport=6957 | protocol=17 | dir=in | name=league of legends launcher |
"{6E7987A2-3488-474B-9BDC-43332FD0A143}" = lport=8378 | protocol=17 | dir=in | name=league of legends launcher |
"{725432E0-68AB-4658-89E7-0F4289450F08}" = lport=8380 | protocol=17 | dir=in | name=league of legends launcher |
"{7A597C7B-51BF-4402-BF72-18FD462E4269}" = lport=6953 | protocol=6 | dir=in | name=league of legends launcher |
"{812668FB-63A6-4649-95D3-527117485854}" = lport=6972 | protocol=6 | dir=in | name=league of legends launcher |
"{8D043029-669D-435E-918A-F9F15A19AE48}" = lport=6949 | protocol=17 | dir=in | name=league of legends launcher |
"{90620FF5-8A76-4911-BDAA-DF4143B94BCB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{92DF8C7C-21F9-46C9-8E9F-71BD0A706E6F}" = lport=8380 | protocol=6 | dir=in | name=league of legends launcher |
"{93ACB48B-FEA1-42DC-B885-0F2129CA2F10}" = lport=6883 | protocol=6 | dir=in | name=league of legends launcher |
"{979F65C0-EE2B-4A94-8A50-18FE8D69E297}" = lport=6957 | protocol=6 | dir=in | name=league of legends launcher |
"{9F2DD942-50AC-4AEB-ABFD-AD855D2B44D6}" = lport=6882 | protocol=6 | dir=in | name=league of legends launcher |
"{A14A457F-8589-4859-88FE-4F94078CE040}" = lport=8381 | protocol=6 | dir=in | name=league of legends launcher |
"{A34DAB66-9E80-41A2-9B8C-1FFF9FF96E98}" = lport=6895 | protocol=17 | dir=in | name=league of legends launcher |
"{A3E9D09F-04FE-444E-B8B9-7E3E6457262A}" = lport=6936 | protocol=6 | dir=in | name=league of legends launcher |
"{A3F49F63-7E1E-4320-AB83-616AD88809D7}" = lport=6970 | protocol=17 | dir=in | name=league of legends launcher |
"{A61E0A74-AF6E-47C5-A06C-015063F949B9}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{A670FB07-F56D-46C2-B58C-8BEDC67A8382}" = lport=8381 | protocol=17 | dir=in | name=league of legends launcher |
"{A7172331-EABB-47D4-B95D-B702E1726A04}" = lport=6971 | protocol=17 | dir=in | name=league of legends launcher |
"{AEA8730A-E51B-462D-BD97-1789C391002B}" = lport=6913 | protocol=17 | dir=in | name=league of legends launcher |
"{AFC3671C-1618-4BC2-AD15-C1DF64E91D62}" = lport=6895 | protocol=6 | dir=in | name=league of legends launcher |
"{B2579610-EE24-4623-9225-F986E0D76C79}" = lport=6930 | protocol=6 | dir=in | name=league of legends launcher |
"{B94046D1-515B-482C-BD6A-F70B66EBD4C0}" = lport=6924 | protocol=6 | dir=in | name=league of legends launcher |
"{BAFF4D96-EF31-4033-9EC3-F3AEB6E9777F}" = lport=6883 | protocol=17 | dir=in | name=league of legends launcher |
"{C29DD5E2-14DE-47FF-9421-F00B68DF6468}" = lport=6953 | protocol=17 | dir=in | name=league of legends launcher |
"{C7E463C7-AC9E-4884-9B61-DE74D72556EE}" = lport=6995 | protocol=6 | dir=in | name=league of legends launcher |
"{C8B3DA61-4A3B-463B-8127-16EF4654EBE7}" = lport=8379 | protocol=17 | dir=in | name=league of legends launcher |
"{C9223C0D-3A87-4945-896E-EC2358A7EBCF}" = lport=6943 | protocol=17 | dir=in | name=league of legends launcher |
"{CD00F102-7163-4031-8100-D1107396B6D1}" = lport=8378 | protocol=6 | dir=in | name=league of legends launcher |
"{D824EF0B-901B-42FA-A78F-A0613A47DA2E}" = lport=6935 | protocol=6 | dir=in | name=league of legends launcher |
"{D8C939E3-A1A7-41A2-90D2-7DDDC63414B4}" = lport=6972 | protocol=17 | dir=in | name=league of legends launcher |
"{D9DA060F-4C39-4D6E-8D5A-DD2D32D28124}" = lport=6937 | protocol=17 | dir=in | name=league of legends launcher |
"{DA9857A3-CF19-438A-BDB5-ED2F2B7BDD30}" = lport=6970 | protocol=6 | dir=in | name=league of legends launcher |
"{DBD31C0B-5E74-416D-A43D-3AA21EA293D8}" = lport=8379 | protocol=6 | dir=in | name=league of legends launcher |
"{EA4D25B3-887F-4E7F-8A28-E53E9B5CA11D}" = lport=6958 | protocol=17 | dir=in | name=league of legends launcher |
"{EB1FE8CD-18AB-41E7-A277-FD019BFFE135}" = lport=6949 | protocol=6 | dir=in | name=league of legends launcher |
"{F3E008E0-50DA-4CB3-87EF-B6D42686A990}" = lport=6910 | protocol=6 | dir=in | name=league of legends launcher |
"{F516A0C6-C811-4E4D-9362-9AC8AB3B618A}" = lport=6930 | protocol=17 | dir=in | name=league of legends launcher |
"{F9DBA8DF-ABE1-423F-B4FB-D72B25AC4D85}" = lport=6946 | protocol=17 | dir=in | name=league of legends launcher |
"{FAFD242E-8FC8-408C-8DE3-175E8FCE7EC9}" = lport=6906 | protocol=6 | dir=in | name=league of legends launcher |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{023A67B1-84BA-4455-8A68-F883034CCE38}" = protocol=17 | dir=in | app=c:\program files\squareenix\final fantasy xiv\ffxivboot.exe |
"{034FA78C-17B2-4C8E-BF81-0A866B9C71D4}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{06D486E0-958A-4D6C-B094-9204059E2780}" = dir=in | app=c:\program files\rosetta stone\rosetta stone v3\rosettastoneversion3.exe |
"{08697131-9431-420B-A757-9018BC4F29F3}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{0BD311CD-267D-42AB-8F2E-03E8D68337D6}" = protocol=17 | dir=in | app=c:\program files\turbine\turbine download manager\turbinemessageservice.exe |
"{0BEB9A6B-858B-43E8-B824-979FB9217A86}" = protocol=6 | dir=in | app=c:\program files\digsby\digsby.exe |
"{0BF1C0B9-898F-42E7-BA46-3498AFA2C170}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{0FB94C36-5A2D-4CFA-93CF-24F92E8D5658}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\blizzard downloader.exe |
"{13B04A4C-310D-4438-B6EF-2305200C2871}" = protocol=6 | dir=in | app=c:\program files\turbine\turbine download manager\turbinemessageservice.exe |
"{14E16833-1705-485D-B333-4874B7E378D9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{18F32E66-D2CE-4379-A0C2-74720918A64F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{1CC0E01E-CBB2-40D9-BB3D-07B4D56F93E9}" = protocol=17 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{213EC1EE-FE5D-427A-A652-885E3724BD1D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{21582652-7309-4264-8F3A-4FB346689B45}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{215EAF43-F396-4613-A84F-37E55BC0BE4E}" = protocol=17 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{230EA2E1-6672-4223-8F7B-E6D2D6E653B7}" = protocol=6 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{2766BC7B-FF83-4C35-86B9-7060A7B58C6B}" = protocol=6 | dir=in | app=c:\program files\turbine\turbine download manager\turbinenetworkservice.exe |
"{294196A6-5A9C-4E37-84D1-DDE1F58733C9}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{29EB69DD-5EDC-413A-AE1B-33ACD5E460EE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\thepolynomial\polynomial.exe |
"{2CB504E1-49D3-4951-8F84-3DC0C5BF829D}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{2D7181FB-6F5A-41A8-84F1-372F39E64BEC}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
"{2ED90945-C9B7-4B48-8D23-B7D8F1A38EF7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{31F5BDA4-3814-4362-9D29-238A1F184809}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{339A27B1-921E-4933-8AD7-039E7598896C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3DCE366F-8266-4F14-8295-A420EA2B76CE}" = dir=in | app=c:\program files\rosetta stone\rosetta stone v3\support\bin\win\rosettastoneltdservices.exe |
"{3F37A05D-A531-4216-8642-2DFE6F006660}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{40748BA4-A144-4D6E-B234-3856EB3E98D0}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{45B875EF-A839-4AD2-BFA6-5CBF8AC644B5}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{45CBBEB8-5809-4E13-8D60-990EA245E928}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\captainferrell\half-life\hl.exe |
"{4DF6E22E-7F05-44C0-AA0B-B721914065ED}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe |
"{5052B0C2-6B81-4B4B-AF9F-830018F07D91}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{5619A21C-1354-4A92-8CC1-56823746987D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{58F35C66-94F1-4E49-B979-343ADA4B1D5D}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{5A4F6030-45F8-4B53-B460-F40C72EB0750}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\bioshock\builds\release\bioshock.exe |
"{5A99C56D-CAD4-4454-809B-CA2016E7BB98}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{5F9F192F-688E-4D7B-92AD-3C4394B98657}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60600409-6021-48E2-94E3-12110A1E76A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61F6D359-34D4-46DF-8335-BF8663752627}" = protocol=17 | dir=in | app=c:\program files\turbine\turbine download manager\turbinenetworkservice.exe |
"{627313FE-8484-400A-894E-493BCD31CFE8}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization v\civilizationv.exe |
"{657D91BA-33C1-4398-8CDB-7E3B707E0C3B}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe |
"{66139BF2-D757-45CF-96D9-32B3047316BC}" = protocol=6 | dir=in | app=c:\program files\squareenix\final fantasy xiv\ffxivboot.exe |
"{689C7CF4-AC7B-4BD5-9C8B-AF868C2CCBE9}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7165B3D7-E23A-4738-9D54-1F55CCD6DD2D}" = protocol=17 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe |
"{74D618E1-FDB8-4DC0-8EAD-A08F29FC00DD}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{7560C175-083B-4B54-B43E-7146AD69BD00}" = dir=in | app=c:\program files\rosetta stone\rosetta stone v3\rosettastoneversion3.exe |
"{7B8587BC-1DE6-4ACB-8168-8761BB12E4A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7DF8F8D4-610B-4C2F-8BA0-AFAD07C63FBB}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{7FB24920-8BE0-4E95-BF6D-2BFB4B0C4169}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80103680-509F-4938-B76E-D49207A09071}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{814FE44B-6AD9-46D6-BD1E-E0FB99A1A6DE}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\captainferrell\counter-strike source\hl2.exe |
"{831E437B-F02F-4746-BA19-069F654DC347}" = protocol=6 | dir=in | app=c:\riot games\league of legends\game\league of legends.exe |
"{8B7A1834-EDF5-44BA-BEBA-90F5B47F70FD}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8C4B3041-A1AF-4F45-A279-C9912C2B78EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C6DD795-7E85-4B3B-9E02-85B3B941DEC3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization v\civilizationv.exe |
"{918EF985-CCB0-4883-8404-23768A978CC8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{944A5C8D-096D-4F5C-B351-F37173DDC255}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"{9748AD9A-EB55-487B-87E4-BA6040F14B37}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\sid meier's civilization v\launcher.exe |
"{A062D76D-C0AB-4A61-AB3F-0BD115EA5E0D}" = protocol=6 | dir=in | app=c:\users\jason\appdata\local\apps\2.0\43cp8n2p.nrb\v7t8crea.6dp\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\curseclient.exe |
"{A0B6FB97-BF88-4712-8457-824FC41435C6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A9821B47-3C5C-4EB0-AA8D-C174F1A29B73}" = dir=in | app=c:\program files\rosetta stone\rosetta stone v3\rosettastoneversion3.exe |
"{A9D66C14-CBFC-48F1-84B2-6F436B91F6BF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AB0320E3-C1B1-49A3-A297-8CFF406FCF41}" = protocol=6 | dir=in | app=c:\program files\ea games\battlefield 2\bf2.exe |
"{ABE4D18A-382B-4D80-9F9D-23E2FAAF9D06}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ACB0D030-3F7C-4A75-BFDC-D8102F632A67}" = protocol=17 | dir=in | app=c:\program files\digsby\digsby.exe |
"{AD734D9C-ED6C-4087-8299-8C158DC77E91}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{B2C7FB82-65A1-4BAD-ACF9-A3A2F0320D79}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone v3\rosettastoneversion3.exe |
"{B775DBAD-0747-4A05-A50B-BBCF3FAB9C35}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\captainferrell\counter-strike source\hl2.exe |
"{B927902D-C25E-4DC9-AD59-FA6AF2E3FAA8}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{BABE7F54-FCED-4262-96C0-884C70EE0567}" = protocol=6 | dir=in | app=c:\program files\dragon age\bin_ship\daupdatersvc.service.exe |
"{BC88FEBB-9923-4F4F-9954-490971915E08}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD396617-4E03-4C7C-A4B7-0DC9BBD0D438}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{BDBB3EF1-2886-4D1A-8BA1-009072E9DA6A}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\captainferrell\half-life\hl.exe |
"{C5C40874-B7E8-47F1-AB96-20D742C3EB07}" = protocol=17 | dir=in | app=c:\program files\dragon age\bin_ship\daorigins.exe |
"{C6124BFC-743B-4350-81C3-C4196A570296}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CB226DAB-2FB7-49EC-A2A9-F5B7126B4617}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\thepolynomial\polynomial.exe |
"{D27AA694-7E24-452E-AE46-9DAAA322789E}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone v3\rosettastoneversion3.exe |
"{D384CB52-D16A-49F8-BE65-2F00EDAE18DC}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D5A9D509-188A-4F09-AFED-9A91C21F13EE}" = protocol=17 | dir=in | app=c:\riot games\league of legends\air\lolclient.exe |
"{D9650C77-5E92-4AC4-B73C-8C90AD2ABB79}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA07BC2A-9217-405F-8A3C-012E9C5E7D20}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{DEB7E630-C8D7-40E5-B7C9-1485CCAF50C0}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{E00A66E0-63F1-4C89-8CCF-0DDF8B9019CC}" = protocol=6 | dir=in | app=c:\program files\dragon age\daoriginslauncher.exe |
"{E2CAA97E-04EA-47AC-A964-2EF7175869F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E48CCF70-DA4D-4225-8929-CF6417E48DB3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\swarm.exe |
"{E65CC63A-A4FD-4560-8AA7-C4490E3580B1}" = protocol=6 | dir=out | app=c:\program files\rosetta stone\rosetta stone v3\rosettastoneversion3.exe |
"{EC797F94-7499-499C-A30F-236776093809}" = protocol=17 | dir=in | app=c:\users\jason\appdata\local\apps\2.0\43cp8n2p.nrb\v7t8crea.6dp\curs..tion_eee711038731a406_0004.0000_efb506202a7c3b08\curseclient.exe |
"{ED7E689F-BE31-4D53-A725-D513F0076DE6}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\alien swarm\srcds.exe |
"{EDAB732D-E21E-43F8-BAB9-75957AB09BDD}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.patch.exe |
"{EE957B94-D3D3-4B45-9F45-BC3326AF806A}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{F1D1C110-0789-45F5-B596-366B1DA44AAD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2DAF8FA-C1BD-45EE-A8C3-F5821E3FBBB3}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\defensegridtheawakening\defensegrid.exe |
"{F38BE8C1-0EBF-41E9-B6C0-D3FA06DAC5B9}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\blizzard downloader.exe |
"TCP Query User{0A151383-0FF1-4AD6-A5C0-4FEB22E11BF2}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{A9755AB2-54C9-40EE-827F-1D23B27E52E5}C:\ijji\english\u_gbound.exe" = protocol=6 | dir=in | app=c:\ijji\english\u_gbound.exe |
"TCP Query User{C54F276F-B9D0-4923-9C75-6792B18FEE65}C:\program files\pidgin\pidgin.exe" = protocol=6 | dir=in | app=c:\program files\pidgin\pidgin.exe |
"UDP Query User{022B80F7-03E5-44BF-A45B-645AE3ED9988}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{7953BC44-336D-4D96-8CAD-A272A0971CCE}C:\program files\pidgin\pidgin.exe" = protocol=17 | dir=in | app=c:\program files\pidgin\pidgin.exe |
"UDP Query User{E5F7DD99-10BE-41B7-948B-34373B5789AA}C:\ijji\english\u_gbound.exe" = protocol=17 | dir=in | app=c:\ijji\english\u_gbound.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0474F84B-5794-7F0C-BF42-6339DF15BB61}" = Catalyst Control Center Localization Italian
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2™
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0837A661-FEC3-48B3-876C-91E7D32048A9}" = Macromedia Dreamweaver 8
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.7
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E9C35A-A0AE-43FA-AEA1-E4F58A87FBD1}" = Arcanum
"{122BD8FF-8860-600E-8FFE-67D7E69D2B65}" = CCC Help Czech
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{197D8FB0-C545-0D39-7295-10754028E78F}" = Catalyst Control Center Localization Greek
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{19C8E536-ED12-D157-953E-63AAB2AF1615}" = CCC Help English
"{1B43FF53-4077-56FE-D8A1-D219EFD815DB}" = Catalyst Control Center Localization Czech
"{1C768768-EE6F-FCD1-4515-C9FE1C793C42}" = CCC Help Korean
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F7FBA3A-724B-89DA-66F6-A219DDFF234E}" = CCC Help Greek
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2123E0DD-40DB-C79A-ABB7-8C0988E98127}" = Catalyst Control Center Localization Hungarian
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2405E2F7-3067-CE21-F483-E68C93D7E83F}" = Catalyst Control Center Localization Dutch
"{243383F6-9BA8-F2A4-EAB2-42E8BFBB1D0F}" = Catalyst Control Center Localization French
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 17
"{2BD5C305-1B27-4D41-B690-7A61172D2FEB}" = Macromedia Flash 8
"{2CD2C0DB-81C3-416B-9FA6-589B9235359B}" = OpenOffice.org 2.4
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java™ 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{326EAFBB-DA2E-878D-9BC3-80D1A5F593A4}" = CCC Help Finnish
"{3959EC88-08D9-ACC9-AD5D-505AEFBEB58A}" = CCC Help Japanese
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3BEADB01-41A1-E37C-518A-A1BD67A295BB}" = Catalyst Control Center Localization Russian
"{3CABAFD3-C938-B936-7DE7-A3EE724B7A83}" = Catalyst Control Center Localization Danish
"{3D4B6E71-61CA-60CD-0550-C3D39B578EAD}" = CCC Help Turkish
"{3F80F4D5-B763-0108-C405-955B724F53BF}" = CCC Help Polish
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{411CC2A1-D590-0837-7C48-699417AEC3F5}" = Catalyst Control Center Localization Thai
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4709D797-0FDF-5E24-20FB-5EFBA9458499}" = Catalyst Control Center Localization Norwegian
"{480DC5DA-7A2B-041A-E401-8934FC72FA6D}" = Catalyst Control Center Localization German
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{50BFBB79-B3B9-A44D-FD9A-3D7E38715360}" = CCC Help French
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}" = Macromedia Extension Manager
"{56DCEDE0-E40C-A66D-725B-4B9A59BCF869}" = Catalyst Control Center Graphics Full Existing
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}" = RGSS-RTP Standard
"{6555955E-F68D-843E-529C-3043EFD4BD23}" = Catalyst Control Center Localization Portuguese
"{66FE0B51-C206-F54F-9BDE-8E9AA0AC5BE4}" = ccc-core-static
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A5B3801-F1BE-55A5-EAAF-36B02FA2549D}" = CCC Help Chinese Standard
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B5E816C-A761-4F5B-BF48-84B794556CAA}_is1" = Freelang Dictionary (wordlist)
"{6F69C969-2942-4E7B-B594-75B37664B8BA}" = NVIDIA System Update
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70C04776-40D7-DA6B-2BDF-AFCCD9FFCAD2}" = Catalyst Control Center Localization Swedish
"{7210BCFE-ED8D-4261-8537-81B5A4BDFA2A}" = Rosetta Stone V3
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = AusLogics BoostSpeed
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7564F729-12A0-CB02-EC8B-24638877CCF9}" = CCC Help Danish
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.0.0.15
"{77D7BC8F-D624-E0FD-F440-3A5145A6869F}" = Catalyst Control Center Localization Japanese
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7973FE67-7730-499E-8DC6-CC329714BB05}" = iConcertCal
"{7B44891F-C070-03FD-CD9A-FD08373AA9C2}" = Skins
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{885A63EA-382B-4DD4-A755-14809B8557D6}" = Macromedia Flash Player 8
"{8A95C2DC-779A-4EA8-9DE3-B118D1411E8B}_is1" = Freelang Dictionary 3.74 beta
"{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}" = Macromedia Flash 8 Video Encoder
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F077748-4D3F-460C-46C2-644A0D20F7A8}" = CCC Help German
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{926CC8AE-8414-43DF-8EB4-CF26D9C3C663}" =
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{908D4BFF-937E-51C5-9A45-042DAF49864A}" = ccc-utility
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{93D78B68-E7EA-E8BE-5CD3-A53FA22B5B26}" = Catalyst Control Center Localization Turkish
"{93E91A8B-8F9C-1641-8262-3D3DEF955658}" = CCC Help Dutch
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B34CAC6-738F-4A20-B428-A115C3E3474C}" = RPGXP
"{9B86F698-DDC7-D592-F40C-0790AA3D6EBF}" = CCC Help Thai
"{9BB5B624-8471-256B-55FC-FA126B2A1720}" = CCC Help Chinese Traditional
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A06FBE3B-89C5-72EF-E383-FFCCF9CBEAC5}" = CCC Help Italian
"{A1CBE78F-8847-00F0-455F-46A53C733031}" = CCC Help Hungarian
"{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}" = Opera 9.64
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2C72B48-CE93-1BD1-CF8E-671C5428607C}" = Catalyst Control Center Localization Chinese Standard
"{A55B4477-BCEF-7CCD-49E8-8898631EC05A}" = Catalyst Control Center Graphics Light
"{A5DD7359-5EB4-4D35-BBAF-E6A88269790B}" = League of Legends
"{A82CCE0D-3448-44F4-7633-0576DFEA8C4B}" = Catalyst Control Center Graphics Full New
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AE9D525E-4F57-00FF-A390-689DBD08282A}" = CCC Help Portuguese
"{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins
"{B26146E9-2EA9-C63B-7DA9-691037D1A8AA}" = Catalyst Control Center Localization Finnish
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA753022-C2A5-A476-FE1B-F533D897ECA0}" = CCC Help Norwegian
"{BB81360F-041C-4CF7-B15E-71380D154244}" = Adobe Setup
"{BC90276B-BE38-451C-8E4D-FF28FF08ABF6}" = Bloodline Champions Beta
"{BCCC5BC1-B134-211B-A823-F87547430E72}" = CCC Help Spanish
"{BD491438-7CC9-8D7A-92A8-11D9D611A47D}" = Catalyst Control Center Core Implementation
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C3234E43-10BF-470E-BD2B-2E36EA29D11C}" = League of Legends
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C712C894-460E-4F41-722F-CF9A015960AD}" = CCC Help Russian
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D8BA52A0-C9E2-0A83-A07E-DAC457B7DD92}" = Catalyst Control Center Graphics Previews Vista
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DBD51378-999E-F640-F36D-BC191892ADBB}" = Catalyst Control Center Localization Spanish
"{E0CBBB2C-57FE-40BF-8816-44E3AC6BD2D6}" = ResumeMaker Professional
"{E17A5B4E-0E75-3D7F-C2C5-C26B87DC1330}" = Catalyst Control Center Localization Chinese Traditional
"{E5B356F4-12F2-DDAE-9B1D-76FE58D6DF81}" = CCC Help Swedish
"{E669487E-8583-5E57-8B82-B04EB7472521}" = Catalyst Control Center Localization Korean
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6CB18CD-04EF-4C6A-A5F3-5F49E7332895}" = O&O Defrag Professional Edition
"{E9E3EE81-6E7F-47A3-8D38-3470256704DB}_is1" = Tortun 0.8
"{EC2A8F27-4FBF-4E41-B27B-FE822511B761}" = iTunes
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F276B439-5C14-3487-EF6C-5B3888D2B995}" = Catalyst Control Center Localization Polish
"{F2C4E6E0-EB78-4824-A212-6DF6AF0E8E82}" = FINAL FANTASY XIV
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"62289540-dc30-11dc-95ff-0800200c9a66_is1" = Turbine Download Manager - Live
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_32fdd767b4383606e8168e834af5d90" = Adobe Premiere Pro CS3
"Adventure Inlay" = Adventure Inlay
"Akamai" = Akamai NetSession Interface
"AMX Mod X Installer" = AMX Mod X Installer 1.8.1
"Anki" = Anki
"Celtx (2.7)" = Celtx (2.7)
"Crafty_is1" = Crafty 1.0.1
"dBpoweramp DSP Effects" = dBpoweramp DSP Effects
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"Diablo II" = Diablo II
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Garena" = Garena
"GTK 2.0" = GTK+ Runtime 2.12.8 rev a (remove only)
"Guild Wars" = Guild Wars
"Gunbound Revolution_is1" = Gunbound Revolution
"Half-Life Dedicated Server Update Tool" = Half-Life Dedicated Server Update Tool
"Hamachi" = Hamachi 1.0.1.5
"HLSW_is1" = HLSW v1.3.1
"Insaniquarium Deluxe" = Insaniquarium Deluxe
"InstallShield_{6F69C969-2942-4E7B-B594-75B37664B8BA}" = NVIDIA System Update
"IrfanView" = IrfanView (remove only)
"LastFM_is1" = Last.fm 1.5.4.27091
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MS Access 97 SP2" = MS Access 97 SP2
"Mumble" = Mumble and Murmur
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Picasa 3" = Picasa 3
"Pidgin" = Pidgin
"PowerISO" = PowerISO
"RealPlayer 12.0" = RealPlayer
"Remobo" = Remobo
"RiseOfNations 1.0" = Microsoft Rise Of Nations
"SimCity 3000 Unlimited" = SimCity 3000 Unlimited
"SimCity2000CDv1" = SimCity 2000® Special Edition
"Simple Port Forwarding" = Simple Port Forwarding
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"SpheresOfChaos" = Spheres Of Chaos (remove only)
"Starcraft" = Starcraft
"StarCraft II" = StarCraft II
"Steam App 130" = Half-Life: Blue Shift
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 205" = Source Dedicated Server
"Steam App 211" = Source SDK
"Steam App 215" = Source SDK Base
"Steam App 218" = Source SDK Base - Orange Box
"Steam App 220" = Half-Life 2
"Steam App 240" = Counter-Strike: Source
"Steam App 280" = Half-Life: Source
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 380" = Half-Life 2: Episode One
"Steam App 400" = Portal
"Steam App 420" = Half-Life 2: Episode Two
"Steam App 5" = Dedicated Server
"Steam App 630" = Alien Swarm
"Steam App 67000" = The Polynomial
"Steam App 70" = Half-Life
"Steam App 7670" = BioShock
"Steam App 8930" = Sid Meier's Civilization V
"SwiftKit" = SwiftKit
"SystemRequirementsLab" = System Requirements Lab
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamViewer 4" = TeamViewer 4
"Trojan Remover_is1" = Trojan Remover 6.8.2
"Unlocker" = Unlocker 1.9.0
"VLC media player" = VLC media player 1.0.0
"Warcraft III" = Warcraft III
"WinGimp-2.0_is1" = GIMP 2.6.4
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
"ZOTAC FireStorm" = ZOTAC FireStorm

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"090215de958f1060" = Curse Client
"Google Chrome" = Google Chrome
"Guild Wars" = Guild Wars
"ijji FireFox Launcher" = ijji FireFox Launcher 1.0
"ijji.com" = ijji
"Runic Games Torchlight" = Torchlight
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products
"WOW Meter Online Client v2.0" = WoW Meter Online Client v2.0

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

#11 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:27 PM

Posted 02 January 2011 - 08:00 PM

There's nothing showing that's a problem there either. It's strange that some tools are being stopped but there is no sign of the cause at this stage. Let's keep looking.

Download and run HAMeb_check.exe

Post the contents of the resulting log.
Posted Image
m0le is a proud member of UNITE

#12 Redizhot

Redizhot
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:07:27 AM

Posted 03 January 2011 - 05:13 AM

"This tool is not compatible with your system."

Should I just reformat at this rate? It's really not a big deal, haha.

#13 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:27 PM

Posted 03 January 2011 - 12:06 PM

I think reformatting is a bit drastic. So far a couple of tools have failed but that's it.

You may have corrupt critical system files. Let's see if we can fix that.
  • Select Posted Image
  • Select All Programs
  • Select Accessories
  • Right click Command Prompt and choose Run as administrator
Posted Image
  • If you have the User Account Control (UAC) enabled you will be asked for authorization prior to the command prompt opening.
  • You may simply need to press the Continue button if you are the administrator or insert the administrator password.
  • Copy & paste sfc /scannow in the command window and press enter.
  • Note the space between the c and the /
    • Be patient because the scan may take some time.
    • When that has completed then we need to create a logfile.
  • Repeat the process but this time copy & paste findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >%userprofile%\Desktop\sfcdetails.txt in the command window and press Enter.

    Note: This will place a sfcdetails.txt file on your desktop with the SFC scan details from the CBS.LOG. Please copy and paste that log into your next reply.

Posted Image
m0le is a proud member of UNITE

#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:27 PM

Posted 07 January 2011 - 03:00 PM

Hi,

I have not had a reply from you for 3 days. Can you please tell me if you still need help with your computer as I am unable to help other members with their problems while I have your topic still open. The time taken between posts can also change the situation with your PC making it more difficult to help you.

If you like you can PM me.

Thanks,


m0le
Posted Image
m0le is a proud member of UNITE

#15 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:27 PM

Posted 08 January 2011 - 09:22 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users