Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Used TDSSkiller and Windows 7 wont boot now


  • This topic is locked This topic is locked
46 replies to this topic

#1 moem986

moem986

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:59 PM

Posted 03 May 2011 - 05:43 PM

Basically I had the google redirect virus, used malwarebyte and avira, nothing came up. Used TDSSkiller which found something but I chose delete instead quarantine and now Windows 7 wont boot up anymore. Most likely due to the file I deleted. Now a BSOD screen pops up quickly at the windows logo animation during startup.

I ran startup repair and windows restore neither has worked.

Also there are some files I need to get immediately from the harddrive right away, is there anyway I can do this?

P.S.
I made some backup of registry before using TDSSkiller if that helps

Edited by Orange Blossom, 03 May 2011 - 11:22 PM.
Moved to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:59 PM

Posted 03 May 2011 - 10:57 PM

Hi moem986,

Welcome to Bleeping Computer. I will be assisting you with your problem.

For x32 (x86) systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Scan your computer's memory for errors.
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#3 moem986

moem986
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:59 PM

Posted 04 May 2011 - 02:42 AM

Hi Farbar thanks so much for your help.


Scan result of Farbars's Recovery Tool (FRST written by farbar) Version 2.0.6
Ran by SYSTEM at 2011-05-04 03:26:06
Running from G:\
Windows 7 Ultimate (X86) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry ==========================

HKLM\...\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" (Microsoft Corporation)[31072 2008-10-25]
HKLM\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated)[35760 2009-12-21]
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" (Adobe Systems Incorporated)[948672 2009-12-11]
HKLM\...\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)[202256 2010-02-17]
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" (Sun Microsystems, Inc.)[246504 2010-01-11]
HKLM\...\Run: [Athan] C:\Program Files\Athan\Athan.exe (www.IslamicFinder.org)[1138688 2009-08-22]
HKLM\...\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup (Intuit Inc. All rights reserved.)[623880 2008-11-18]
HKLM\...\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup (Google)[30192 2010-08-11]
HKLM\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" (Adobe Systems Incorporated)[37232 2008-06-11]
HKLM\...\Run: []
HKLM\...\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" (Adobe Systems Inc.)[640376 2008-06-11]
HKLM\...\Run: [RogersServicepointAgent.exe] "C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe" /AUTORUN (Rogers)[4318520 2011-01-04]
HKLM\...\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe (Intel Corporation)[136216 2010-08-25]
HKLM\...\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (Intel Corporation)[171032 2010-08-25]
HKLM\...\Run: [Persistence] C:\Windows\system32\igfxpers.exe (Intel Corporation)[170520 2010-08-25]
HKU\Administrator\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)[2363392 2009-08-20]
HKU\Administrator\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (Google Inc.)[39408 2010-01-30]
HKU\Administrator\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)[3872080 2010-04-16]
HKU\Administrator\...\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" (BitTorrent, Inc.)[399736 2011-04-04]
HKU\Administrator\...\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount (Alcohol Soft Development Team)[33120 2009-11-15]
HKU\Administrator\...\Run: [Google Update] "C:\Users\Administrator\AppData\Local\Google\Update\GoogleUpdate.exe" /c (Google Inc.)[136176 2010-10-15]
HKU\Administrator\...\Run: [Calendarscope] "C:\Program Files\Calendarscope\csde.exe" (Duality Software)[2400333 2010-12-22]
HKU\Default\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Microsoft Corporation)[1173504 2009-07-13]
HKU\Default User\...\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (Microsoft Corporation)[1173504 2009-07-13]
HKU\temp.User-PC\...\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (Hewlett-Packard Company)[2363392 2009-08-20]
HKU\temp.User-PC\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (Google Inc.)[39408 2010-01-30]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE (Microsoft Corporation)[262656 2009-07-13]
HKLM\...\HKLM\...\HKLM\...\HKLM\...\Winlogon\Notify\igfxcui: igfxdev.dll (Intel Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GO36F4~1.DLL


==================== Drivers and Services ====================

3 1394ohci; C:\Windows\System32\DRIVERS\1394ohci.sys [163328 2009-07-13] (Microsoft Corporation)
0 ACPI; C:\Windows\System32\DRIVERS\ACPI.sys [274496 2009-07-13] (Microsoft Corporation)
3 AcpiPmi; C:\Windows\System32\DRIVERS\acpipmi.sys [9728 2009-07-13] (Microsoft Corporation)
3 adp94xx; C:\Windows\System32\DRIVERS\adp94xx.sys [422976 2009-07-13] (Adaptec, Inc.)
3 adpahci; C:\Windows\System32\DRIVERS\adpahci.sys [297552 2009-07-13] (Adaptec, Inc.)
3 adpu320; C:\Windows\System32\DRIVERS\adpu320.sys [146512 2009-07-13] (Adaptec, Inc.)
3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [62464 2009-07-13] (Microsoft Corporation)
1 AFD; C:\Windows\System32\drivers\afd.sys [338944 2009-07-13] (Microsoft Corporation)
3 agp440; C:\Windows\System32\DRIVERS\agp440.sys [53312 2009-07-13] (Microsoft Corporation)
3 aic78xx; C:\Windows\System32\DRIVERS\djsvs.sys [70720 2009-07-13] (Adaptec, Inc.)
3 ALG; C:\Windows\System32\alg.exe [59392 2009-07-13] (Microsoft Corporation)
3 aliide; C:\Windows\System32\DRIVERS\aliide.sys [14400 2009-07-13] (Acer Laboratories Inc.)
3 amdagp; C:\Windows\System32\DRIVERS\amdagp.sys [53312 2009-07-13] (Microsoft Corporation)
3 amdide; C:\Windows\System32\DRIVERS\amdide.sys [14912 2009-07-13] (Microsoft Corporation)
3 AmdK8; C:\Windows\System32\DRIVERS\amdk8.sys [55296 2009-07-13] (Microsoft Corporation)
3 AmdPPM; C:\Windows\System32\DRIVERS\amdppm.sys [52736 2009-07-13] (Microsoft Corporation)
3 amdsata; C:\Windows\System32\DRIVERS\amdsata.sys [79952 2009-07-13] (Advanced Micro Devices)
3 amdsbs; C:\Windows\System32\DRIVERS\amdsbs.sys [159312 2009-07-13] (AMD Technologies Inc.)
0 amdxata; C:\Windows\System32\DRIVERS\amdxata.sys [23616 2009-07-13] (Advanced Micro Devices)
3 AppID; C:\Windows\System32\drivers\appid.sys [50176 2009-07-13] (Microsoft Corporation)
3 AppIDSvc; C:\Windows\System32\appidsvc.dll [27648 2009-07-13] (Microsoft Corporation)
3 Appinfo; C:\Windows\System32\appinfo.dll [46592 2009-07-13] (Microsoft Corporation)
3 AppMgmt; C:\Windows\System32\appmgmts.dll [149504 2009-07-13] (Microsoft Corporation)
3 arc; C:\Windows\System32\DRIVERS\arc.sys [76368 2009-07-13] (Adaptec, Inc.)
3 arcsas; C:\Windows\System32\DRIVERS\arcsas.sys [86608 2009-07-13] (Adaptec, Inc.)
3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [17920 2009-07-13] (Microsoft Corporation)
0 atapi; C:\Windows\System32\DRIVERS\atapi.sys [21584 2009-07-13] (Microsoft Corporation)
3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-07-13] (Atheros Communications, Inc.)
2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [473088 2009-07-13] (Microsoft Corporation)
2 Audiosrv; C:\Windows\System32\Audiosrv.dll [473088 2009-07-13] (Microsoft Corporation)
3 AxInstSV; C:\Windows\System32\AxInstSV.dll [88064 2009-07-13] (Microsoft Corporation)
3 b06bdrv; C:\Windows\System32\DRIVERS\bxvbdx.sys [430080 2009-07-13] (Broadcom Corporation)
3 b57nd60x; C:\Windows\System32\DRIVERS\b57nd60x.sys [229888 2009-07-13] (Broadcom Corporation)
3 BDESVC; C:\Windows\System32\bdesvc.dll [76800 2009-07-13] (Microsoft Corporation)
0 bdfsfltr; C:\Windows\System32\drivers\bdfsfltr.sys [285704 2009-10-23] (BitDefender S.R.L. Bucharest, ROMANIA)
1 Beep; C:\Windows\System32\Drivers\Beep.sys [6144 2009-07-13] (Microsoft Corporation)
2 BFE; C:\Windows\System32\bfe.dll [493568 2009-07-13] (Microsoft Corporation)
2 BITS; C:\Windows\System32\qmgr.dll [589312 2009-07-13] (Microsoft Corporation)
1 blbdrive; C:\Windows\System32\DRIVERS\blbdrive.sys [35328 2009-07-13] (Microsoft Corporation)
3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [69632 2011-02-22] (Microsoft Corporation)
3 BrFiltLo; C:\Windows\System32\DRIVERS\BrFiltLo.sys [13568 2009-07-13] (Brother Industries, Ltd.)
3 BrFiltUp; C:\Windows\System32\DRIVERS\BrFiltUp.sys [5248 2009-07-13] (Brother Industries, Ltd.)
3 Browser; C:\Windows\System32\browser.dll [102400 2009-07-13] (Microsoft Corporation)
3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [272128 2009-07-13] (Brother Industries Ltd.)
3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [62336 2009-07-13] (Brother Industries Ltd.)
3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [12160 2009-07-13] (Brother Industries Ltd.)
3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [11904 2009-07-13] (Brother Industries Ltd.)
3 BTHMODEM; C:\Windows\System32\DRIVERS\bthmodem.sys [56320 2009-07-13] (Microsoft Corporation)
3 bthserv; C:\Windows\System32\bthserv.dll [64512 2009-07-13] (Microsoft Corporation)
4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [70656 2009-07-13] (Microsoft Corporation)
1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [108544 2009-07-13] (Microsoft Corporation)
3 CertPropSvc; C:\Windows\System32\certprop.dll [67584 2009-07-13] (Microsoft Corporation)
3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [37888 2009-07-13] (Microsoft Corporation)
0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-13] (Microsoft Corporation)
3 clr_optimization_v2.0.50727_32; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66384 2009-06-10] (Microsoft Corporation)
3 CmBatt; C:\Windows\System32\DRIVERS\CmBatt.sys [14080 2009-07-13] (Microsoft Corporation)
3 cmdide; C:\Windows\System32\DRIVERS\cmdide.sys [15952 2009-07-13] (CMD Technology, Inc.)
0 CNG; C:\Windows\System32\Drivers\cng.sys [369568 2009-07-13] (Microsoft Corporation)
0 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [19024 2009-07-13] (Microsoft Corporation)
3 CompositeBus; C:\Windows\System32\DRIVERS\CompositeBus.sys [31232 2009-07-13] (Microsoft Corporation)
3 COMSysApp; C:\Windows\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [7168 2009-07-13] (Microsoft Corporation)
4 crcdisk; C:\Windows\System32\DRIVERS\crcdisk.sys [22096 2009-07-13] (Microsoft Corporation)
2 CryptSvc; C:\Windows\System32\cryptsvc.dll [135680 2009-07-13] (Microsoft Corporation)
1 CSC; C:\Windows\System32\drivers\csc.sys [387584 2009-07-13] (Microsoft Corporation)
2 CscService; C:\Windows\System32\cscsvc.dll [544256 2009-07-13] (Microsoft Corporation)
2 DcomLaunch; C:\Windows\System32\rpcss.dll [376320 2009-07-13] (Microsoft Corporation)
2 DefragFS; C:\Windows\System32\Drivers\DefragFS.sys [71696 2009-06-08] (Raxco Software, Inc.)
3 defragsvc; C:\Windows\System32\defragsvc.dll [218624 2009-07-13] (Microsoft Corporation)
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [78336 2009-07-13] (Microsoft Corporation)
2 Dhcp; C:\Windows\System32\dhcpcore.dll [253440 2009-07-13] (Microsoft Corporation)
1 discache; C:\Windows\System32\drivers\discache.sys [32256 2009-07-13] (Microsoft Corporation)
0 Disk; C:\Windows\System32\DRIVERS\disk.sys [57424 2009-07-13] (Microsoft Corporation)
2 Dnscache; C:\Windows\System32\dnsrslvr.dll [132608 2011-03-02] (Microsoft Corporation)
3 dot3svc; C:\Windows\System32\dot3svc.dll [214016 2009-07-13] (Microsoft Corporation)
2 DPS; C:\Windows\System32\dps.dll [143360 2009-07-13] (Microsoft Corporation)
3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5120 2009-07-13] (Microsoft Corporation)
3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [728648 2009-10-01] (Microsoft Corporation)
3 EapHost; C:\Windows\System32\eapsvc.dll [98304 2009-07-13] (Microsoft Corporation)
3 ebdrv; C:\Windows\System32\DRIVERS\evbdx.sys [3100160 2009-07-13] (Broadcom Corporation)
3 EFS; C:\Windows\System32\lsass.exe [22528 2009-07-13] (Microsoft Corporation)
3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [557056 2009-07-13] (Microsoft Corporation)
3 ehSched; C:\Windows\ehome\ehsched.exe [94720 2009-07-13] (Microsoft Corporation)
3 elxstor; C:\Windows\System32\DRIVERS\elxstor.sys [453712 2009-07-13] (Emulex)
3 ErrDev; C:\Windows\System32\DRIVERS\errdev.sys [7168 2009-07-13] (Microsoft Corporation)
2 eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [20992 2009-07-13] (Microsoft Corporation)
2 EventSystem; C:\Windows\System32\es.dll [271360 2009-07-13] (Microsoft Corporation)
3 exfat; C:\Windows\System32\Drivers\exfat.sys [142336 2009-07-13] (Microsoft Corporation)
3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [148480 2009-07-13] (Microsoft Corporation)
3 Fax; C:\Windows\System32\fxssvc.exe [522752 2009-07-13] (Microsoft Corporation)
3 fdc; C:\Windows\System32\DRIVERS\fdc.sys [25088 2009-07-13] (Microsoft Corporation)
3 fdPHost; C:\Windows\System32\fdPHost.dll [12800 2009-07-13] (Microsoft Corporation)
2 FDResPub; C:\Windows\System32\fdrespub.dll [28160 2009-07-13] (Microsoft Corporation)
0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [58448 2009-07-13] (Microsoft Corporation)
3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [28160 2009-07-13] (Microsoft Corporation)
3 FLEXnet Licensing Service; "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [651720 2010-08-30] (Macrovision Europe Ltd.)
3 flpydisk; C:\Windows\System32\DRIVERS\flpydisk.sys [19968 2009-07-13] (Microsoft Corporation)
0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [198208 2009-07-13] (Microsoft Corporation)
3 FontCache; C:\Windows\System32\FntCache.dll [797696 2009-07-13] (Microsoft Corporation)
3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [42856 2009-06-10] (Microsoft Corporation)
3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [46160 2009-07-13] (Microsoft Corporation)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [19536 2009-07-13] (Microsoft Corporation)
0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [194488 2009-07-13] (Microsoft Corporation)
3 gagp30kx; C:\Windows\System32\DRIVERS\gagp30kx.sys [57936 2009-07-13] (Microsoft Corporation)
3 GoogleDesktopManager-051210-111108; "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [30192 2010-08-11] (Google)
2 gpsvc; C:\Windows\System32\gpsvc.dll [591360 2009-07-13] (Microsoft Corporation)
2 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe /svc [135664 2010-01-30] (Google Inc.)
3 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc [135664 2010-01-30] (Google Inc.)
3 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [182768 2010-01-30] (Google)
3 hcw85cir; C:\Windows\System32\drivers\hcw85cir.sys [26624 2009-07-13] (Hauppauge Computer Works, Inc.)
3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [304128 2009-07-13] (Microsoft Corporation)
3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [108544 2009-07-13] (Microsoft Corporation)
3 HidBatt; C:\Windows\System32\DRIVERS\HidBatt.sys [21504 2009-07-13] (Microsoft Corporation)
3 HidBth; C:\Windows\System32\DRIVERS\hidbth.sys [91136 2009-07-13] (Microsoft Corporation)
3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [37888 2009-07-13] (Microsoft Corporation)
3 hidserv; C:\Windows\System32\hidserv.dll [49152 2009-07-13] (Microsoft Corporation)
3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [24064 2009-07-13] (Microsoft Corporation)
3 hkmsvc; C:\Windows\System32\kmsvc.dll [71168 2009-07-13] (Microsoft Corporation)
3 HomeGroupListener; C:\Windows\System32\ListSvc.dll [194560 2009-07-13] (Microsoft Corporation)
3 HomeGroupProvider; C:\Windows\System32\provsvc.dll [165376 2009-07-13] (Microsoft Corporation)
2 HP Health Check Service; "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe" [120832 2009-10-15] (Hewlett-Packard)
3 hpqwmiex; "C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe" [229944 2009-04-30] (Hewlett-Packard Development Company, L.P.)
3 HpSAMD; C:\Windows\System32\DRIVERS\HpSAMD.sys [67152 2009-07-13] (Hewlett-Packard Company)
3 HTTP; C:\Windows\System32\drivers\HTTP.sys [513024 2009-07-13] (Microsoft Corporation)
0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [13904 2009-07-13] (Microsoft Corporation)
3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [80896 2009-07-13] (Microsoft Corporation)
3 iaStorV; C:\Windows\System32\DRIVERS\iaStorV.sys [332352 2009-07-13] (Intel Corporation)
3 idsvc; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" [878416 2009-06-10] (Microsoft Corporation)
3 igfx; C:\Windows\System32\DRIVERS\igdkmd32.sys [9024512 2010-08-25] (Intel Corporation)
3 iirsp; C:\Windows\System32\DRIVERS\iirsp.sys [41040 2009-07-13] (Intel Corp./ICP vortex GmbH)
2 IKEEXT; C:\Windows\System32\ikeext.dll [667136 2009-07-13] (Microsoft Corporation)
3 intelide; C:\Windows\System32\DRIVERS\intelide.sys [15424 2009-07-13] (Microsoft Corporation)
3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [53760 2009-07-13] (Microsoft Corporation)
3 IPBusEnum; C:\Windows\System32\ipbusenum.dll [78848 2009-07-13] (Microsoft Corporation)
3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [58880 2009-07-13] (Microsoft Corporation)
2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [497152 2009-07-13] (Microsoft Corporation)
3 IPMIDRV; C:\Windows\System32\DRIVERS\IPMIDrv.sys [65536 2009-07-13] (Microsoft Corporation)
3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [101888 2009-07-13] (Microsoft Corporation)
3 IRENUM; C:\Windows\System32\drivers\irenum.sys [13824 2009-07-13] (Microsoft Corporation)
3 isapnp; C:\Windows\System32\DRIVERS\isapnp.sys [46656 2009-07-13] (Microsoft Corporation)
3 iScsiPrt; C:\Windows\System32\DRIVERS\msiscsi.sys [186960 2009-07-13] (Microsoft Corporation)
3 kbdclass; C:\Windows\System32\DRIVERS\kbdclass.sys [42576 2009-07-13] (Microsoft Corporation)
3 kbdhid; C:\Windows\System32\DRIVERS\kbdhid.sys [28160 2009-07-13] (Microsoft Corporation)
3 KeyIso; C:\Windows\System32\lsass.exe [22528 2009-07-13] (Microsoft Corporation)
0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [67664 2009-07-13] (Microsoft Corporation)
0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [133720 2009-12-10] (Microsoft Corporation)
3 KtmRm; C:\Windows\System32\msdtckrm.dll [308736 2009-07-13] (Microsoft Corporation)
2 LanmanServer; C:\Windows\System32\srvsvc.dll [168448 2010-08-26] (Microsoft Corporation)
2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [84480 2009-07-13] (Microsoft Corporation)
2 LightScribeService; "C:\Program Files\Common Files\LightScribe\LSSrvc.exe" [73728 2009-08-20] (Hewlett-Packard Company)
2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [48128 2009-07-13] (Microsoft Corporation)
3 lltdsvc; C:\Windows\System32\lltdsvc.dll [189952 2009-07-13] (Microsoft Corporation)
2 lmhosts; C:\Windows\System32\lmhsvc.dll [18432 2009-07-13] (Microsoft Corporation)
3 LSI_FC; C:\Windows\System32\DRIVERS\lsi_fc.sys [95824 2009-07-13] (LSI Corporation)
3 LSI_SAS; C:\Windows\System32\DRIVERS\lsi_sas.sys [89168 2009-07-13] (LSI Corporation)
3 LSI_SAS2; C:\Windows\System32\DRIVERS\lsi_sas2.sys [54864 2009-07-13] (LSI Corporation)
3 LSI_SCSI; C:\Windows\System32\DRIVERS\lsi_scsi.sys [96848 2009-07-13] (LSI Corporation)
2 luafv; C:\Windows\System32\drivers\luafv.sys [86528 2009-07-13] (Microsoft Corporation)
3 McComponentHostService; "C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
4 Mcx2Svc; C:\Windows\System32\Mcx2Svc.dll [67584 2009-07-13] (Microsoft Corporation)
3 megasas; C:\Windows\System32\DRIVERS\megasas.sys [30800 2009-07-13] (LSI Corporation)
3 MegaSR; C:\Windows\System32\DRIVERS\MegaSR.sys [235584 2009-07-13] (LSI Corporation, Inc.)
3 Microsoft Office Groove Audit Service; "C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe" [65888 2008-10-25] (Microsoft Corporation)
2 MMCSS; C:\Windows\System32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation)
3 Modem; C:\Windows\System32\drivers\modem.sys [31744 2009-07-13] (Microsoft Corporation)
3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [23552 2009-07-13] (Microsoft Corporation)
3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [81168 2011-01-01] (MotioninJoy)
3 mouclass; C:\Windows\System32\DRIVERS\mouclass.sys [41552 2009-07-13] (Microsoft Corporation)
3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [26112 2009-07-13] (Microsoft Corporation)
0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [78416 2009-07-13] (Microsoft Corporation)
3 mpio; C:\Windows\System32\DRIVERS\mpio.sys [130624 2009-07-13] (Microsoft Corporation)
3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [60416 2009-07-13] (Microsoft Corporation)
2 MpsSvc; C:\Windows\System32\mpssvc.dll [565760 2009-07-13] (Microsoft Corporation)
3 MRxDAV; C:\Windows\System32\drivers\mrxdav.sys [115712 2009-07-13] (Microsoft Corporation)
3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [123392 2011-02-22] (Microsoft Corporation)
3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [221696 2011-02-22] (Microsoft Corporation)
3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [95744 2011-02-22] (Microsoft Corporation)
0 msahci; C:\Windows\System32\DRIVERS\msahci.sys [27712 2009-07-13] (Microsoft Corporation)
3 msdsm; C:\Windows\System32\DRIVERS\msdsm.sys [115792 2009-07-13] (Microsoft Corporation)
3 MSDTC; C:\Windows\System32\msdtc.exe [134144 2009-07-13] (Microsoft Corporation)
1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [22528 2009-07-13] (Microsoft Corporation)
3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [4096 2009-07-13] (Microsoft Corporation)
0 msisadrv; C:\Windows\System32\DRIVERS\msisadrv.sys [13888 2009-07-13] (Microsoft Corporation)
3 MSiSCSI; C:\Windows\System32\iscsiexe.dll [114688 2009-07-13] (Microsoft Corporation)
3 msiserver; C:\Windows\System32\msiexec.exe /V [73216 2009-07-13] (Microsoft Corporation)
3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [8320 2009-07-13] (Microsoft Corporation)
3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [5888 2009-07-13] (Microsoft Corporation)
3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [5504 2009-07-13] (Microsoft Corporation)
3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [162896 2009-07-13] (Microsoft Corporation)
1 mssmbios; C:\Windows\System32\DRIVERS\mssmbios.sys [28240 2009-07-13] (Microsoft Corporation)
3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [6144 2009-07-13] (Microsoft Corporation)
3 MTConfig; C:\Windows\System32\DRIVERS\MTConfig.sys [12288 2009-07-13] (Microsoft Corporation)
0 Mup; C:\Windows\System32\Drivers\mup.sys [49728 2009-07-13] (Microsoft Corporation)
3 napagent; C:\Windows\System32\qagentRT.dll [330240 2009-07-13] (Microsoft Corporation)
3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [267264 2009-07-13] (Microsoft Corporation)
0 NDIS; C:\Windows\System32\drivers\ndis.sys [710720 2009-07-13] (Microsoft Corporation)
3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [27136 2009-07-13] (Microsoft Corporation)
3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [20992 2009-07-13] (Microsoft Corporation)
3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [45568 2009-07-13] (Microsoft Corporation)
3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [118784 2009-07-13] (Microsoft Corporation)
3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [48128 2009-07-13] (Microsoft Corporation)
2 Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208 2009-09-23] (Nero AG)
1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [36352 2009-07-13] (Microsoft Corporation)
1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [187904 2009-07-13] (Microsoft Corporation)
3 Netlogon; C:\Windows\System32\lsass.exe [22528 2009-07-13] (Microsoft Corporation)
3 Netman; C:\Windows\System32\netman.dll [280576 2009-07-13] (Microsoft Corporation)
3 netprofm; C:\Windows\System32\netprofm.dll [360448 2009-07-13] (Microsoft Corporation)
4 NetTcpPortSharing; "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" [128848 2009-06-10] (Microsoft Corporation)
3 nfrd960; C:\Windows\System32\DRIVERS\nfrd960.sys [44624 2009-07-13] (IBM Corporation)
2 NlaSvc; C:\Windows\System32\nlasvc.dll [242688 2009-07-13] (Microsoft Corporation)
1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [35328 2009-07-13] (Microsoft Corporation)
2 nsi; C:\Windows\System32\nsisvc.dll [19456 2009-07-13] (Microsoft Corporation)
1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [16896 2009-07-13] (Microsoft Corporation)
3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1210432 2009-07-13] (Microsoft Corporation)
1 Null; C:\Windows\System32\Drivers\Null.sys [4608 2009-07-13] (Microsoft Corporation)
3 nvraid; C:\Windows\System32\DRIVERS\nvraid.sys [117312 2009-07-13] (NVIDIA Corporation)
3 nvstor; C:\Windows\System32\DRIVERS\nvstor.sys [142416 2009-07-13] (NVIDIA Corporation)
3 nv_agp; C:\Windows\System32\DRIVERS\nv_agp.sys [105024 2009-07-13] (Microsoft Corporation)
3 odserv; "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" [441712 2008-11-03] (Microsoft Corporation)
3 ohci1394; C:\Windows\System32\DRIVERS\ohci1394.sys [62464 2009-07-13] (Microsoft Corporation)
3 ose; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [145184 2006-10-26] (Microsoft Corporation)
3 p2pimsvc; C:\Windows\System32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation)
3 p2psvc; C:\Windows\System32\p2psvc.dll [327680 2009-07-13] (Microsoft Corporation)
3 Parport; C:\Windows\System32\DRIVERS\parport.sys [79360 2009-07-13] (Microsoft Corporation)
0 partmgr; C:\Windows\System32\drivers\partmgr.sys [56912 2009-07-13] (Microsoft Corporation)
2 Parvdm; C:\Windows\System32\DRIVERS\parvdm.sys [8704 2009-07-13] (Microsoft Corporation)
3 PcaSvc; C:\Windows\System32\pcasvc.dll [154624 2009-07-13] (Microsoft Corporation)
0 pci; C:\Windows\System32\DRIVERS\pci.sys [153680 2009-07-13] (Microsoft Corporation)
3 pciide; C:\Windows\System32\DRIVERS\pciide.sys [12368 2009-07-13] (Microsoft Corporation)
3 pcmcia; C:\Windows\System32\DRIVERS\pcmcia.sys [180288 2009-07-13] (Microsoft Corporation)
2 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools)
0 pcw; C:\Windows\System32\drivers\pcw.sys [43088 2009-07-13] (Microsoft Corporation)
3 PDAgent; "C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe" [931080 2009-06-08] (Raxco Software, Inc.)
3 PDEngine; "C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe" [1033480 2009-06-08] (Raxco Software, Inc.)
2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [586752 2009-07-13] (Microsoft Corporation)
3 PeerDistSvc; C:\Windows\System32\peerdistsvc.dll [1004544 2009-07-13] (Microsoft Corporation)
3 pla; C:\Windows\System32\pla.dll [1508864 2009-07-13] (Microsoft Corporation)
2 PlugPlay; C:\Windows\System32\umpnpmgr.dll [294400 2009-07-13] (Microsoft Corporation)
3 PNRPAutoReg; C:\Windows\System32\pnrpauto.dll [20480 2009-07-13] (Microsoft Corporation)
3 PNRPsvc; C:\Windows\System32\pnrpsvc.dll [269824 2009-07-13] (Microsoft Corporation)
3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [350720 2009-07-13] (Microsoft Corporation)
2 Power; C:\Windows\System32\umpo.dll [119808 2009-07-13] (Microsoft Corporation)
3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [73728 2009-07-13] (Microsoft Corporation)
3 Processor; C:\Windows\System32\DRIVERS\processr.sys [52224 2009-07-13] (Microsoft Corporation)
3 Profos; \??\C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\profos.sys [14720 2009-11-26] (BitDefender S.R.L.)
2 ProfSvc; C:\Windows\System32\profsvc.dll [162816 2009-07-13] (Microsoft Corporation)
3 ProtectedStorage; C:\Windows\System32\lsass.exe [22528 2009-07-13] (Microsoft Corporation)
1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [104448 2009-07-13] (Microsoft Corporation)
2 QBCFMonitorService; "C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe" [24576 2009-08-20] (Intuit)
3 QBFCService; "C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe" [61440 2008-11-18] (Intuit Inc.)
3 ql2300; C:\Windows\System32\DRIVERS\ql2300.sys [1383488 2009-07-13] (QLogic Corporation)
3 ql40xx; C:\Windows\System32\DRIVERS\ql40xx.sys [106064 2009-07-13] (QLogic Corporation)
3 QWAVE; C:\Windows\system32\qwave.dll [210944 2009-07-13] (Microsoft Corporation)
3 QWAVEdrv; C:\Windows\System32\drivers\qwavedrv.sys [31744 2009-07-13] (Microsoft Corporation)
2 Radialpoint Security Services; "C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe" [166944 2010-06-07] (Rogers)
2 RadialpointIDSAgent; "C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe" RadialpointIDSAgent [5832712 2009-11-02] (AVG Technologies CZ, s.r.o.)
3 RadialpointIDSDriver; \??\C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys [122376 2009-11-02] (AVG Technologies )
0 RadialpointIDSEH; C:\Windows\System32\drivers\AVGIDSEH.sys [25608 2009-11-02] (AVG Technologies )
3 RadialpointIDSFilter; \??\C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSFilter.sys [30216 2009-11-02] (AVG Technologies )
3 RadialpointIDSShim; \??\C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys [21208 2009-11-02] (AVG Technologies )
3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [11776 2009-07-13] (Microsoft Corporation)
3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [49152 2009-07-13] (Microsoft Corporation)
3 RasAuto; C:\Windows\System32\rasauto.dll [90624 2009-07-13] (Microsoft Corporation)
3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [78848 2009-07-13] (Microsoft Corporation)
3 RasMan; C:\Windows\System32\rasmans.dll [285184 2009-07-13] (Microsoft Corporation)
3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [77824 2009-07-13] (Microsoft Corporation)
3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [75264 2009-07-13] (Microsoft Corporation)
1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [241664 2009-07-13] (Microsoft Corporation)
3 rdpbus; C:\Windows\System32\DRIVERS\rdpbus.sys [18944 2009-07-13] (Microsoft Corporation)
1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [6656 2009-07-13] (Microsoft Corporation)
3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [133120 2009-07-13] (Microsoft Corporation)
1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [6656 2009-07-13] (Microsoft Corporation)
1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [7168 2009-07-13] (Microsoft Corporation)
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [177152 2009-07-13] (Microsoft Corporation)
0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [173648 2009-07-13] (Microsoft Corporation)
4 RemoteAccess; C:\Windows\System32\mprdim.dll [75264 2009-07-13] (Microsoft Corporation)
3 RemoteRegistry; C:\Windows\System32\regsvc.dll [112640 2009-07-13] (Microsoft Corporation)
3 RimUsb; C:\Windows\System32\Drivers\RimUsb.sys [75776 2010-06-16] (Research In Motion Limited)
3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial.sys [27136 2009-01-09] (Research in Motion Ltd)
3 ROOTMODEM; C:\Windows\System32\Drivers\RootMdm.sys [8192 2009-07-13] (Microsoft Corporation)
2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [43520 2009-07-13] (Microsoft Corporation)
3 RpcLocator; C:\Windows\System32\locator.exe [9216 2009-07-13] (Microsoft Corporation)
2 RpcSs; C:\Windows\System32\rpcss.dll [376320 2009-07-13] (Microsoft Corporation)
3 RPPKT; C:\Windows\System32\DRIVERS\rp_pkt32.sys [48384 2011-02-03] (Radialpoint, Inc.)
2 RPSKT; C:\Windows\System32\DRIVERS\rp_skt32.sys [53192 2011-02-03] (Radialpoint Inc.)
2 RP_FWS; C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe [382208 2010-06-07] (Rogers)
2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [60928 2009-07-13] (Microsoft Corporation)
3 RTL8167; C:\Windows\System32\DRIVERS\Rt86win7.sys [139776 2009-07-13] (Realtek Corporation )
3 s3cap; C:\Windows\System32\DRIVERS\vms3cap.sys [5632 2009-07-13] (Microsoft Corporation)
2 SamSs; C:\Windows\System32\lsass.exe [22528 2009-07-13] (Microsoft Corporation)
3 sbp2port; C:\Windows\System32\DRIVERS\sbp2port.sys [85568 2009-07-13] (Microsoft Corporation)
3 scan; C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\scan.dll [315392 2011-02-05] (S.C. BitDefender S.R.L)
3 SCardSvr; C:\Windows\System32\SCardSvr.dll [132608 2009-07-13] (Microsoft Corporation)
3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [26624 2009-07-13] (Microsoft Corporation)
2 Schedule; C:\Windows\System32\schedsvc.dll [749056 2010-11-01] (Microsoft Corporation)
3 SCPolicySvc; C:\Windows\System32\certprop.dll [67584 2009-07-13] (Microsoft Corporation)
3 SDRSVC; C:\Windows\System32\SDRSVC.dll [125952 2009-07-13] (Microsoft Corporation)
2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [20480 2009-07-13] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
3 seclogon; C:\Windows\system32\seclogon.dll [21504 2009-07-13] (Microsoft Corporation)
2 SENS; C:\Windows\System32\sens.dll [49664 2009-07-13] (Microsoft Corporation)
3 SensrSvc; C:\Windows\System32\sensrsvc.dll [25088 2009-07-13] (Microsoft Corporation)
3 Serenum; C:\Windows\System32\DRIVERS\serenum.sys [17920 2009-07-13] (Microsoft Corporation)
3 Serial; C:\Windows\System32\DRIVERS\serial.sys [83456 2009-07-13] (Microsoft Corporation)
3 sermouse; C:\Windows\System32\DRIVERS\sermouse.sys [19968 2009-07-13] (Microsoft Corporation)
2 ServicepointService; "C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe" [689464 2011-01-04] (Radialpoint Inc.)
3 SessionEnv; C:\Windows\System32\sessenv.dll [99328 2009-07-13] (Microsoft Corporation)
3 sffdisk; C:\Windows\System32\DRIVERS\sffdisk.sys [11264 2009-07-13] (Microsoft Corporation)
3 sffp_mmc; C:\Windows\System32\DRIVERS\sffp_mmc.sys [12288 2009-07-13] (Microsoft Corporation)
3 sffp_sd; C:\Windows\System32\DRIVERS\sffp_sd.sys [12800 2009-07-13] (Microsoft Corporation)
3 sfloppy; C:\Windows\System32\DRIVERS\sfloppy.sys [13824 2009-07-13] (Microsoft Corporation)
3 SharedAccess; C:\Windows\System32\ipnathlp.dll [300544 2009-07-13] (Microsoft Corporation)
2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [328192 2009-07-13] (Microsoft Corporation)
3 sisagp; C:\Windows\System32\DRIVERS\sisagp.sys [52304 2009-07-13] (Microsoft Corporation)
3 SiSRaid2; C:\Windows\System32\DRIVERS\SiSRaid2.sys [40016 2009-07-13] (Silicon Integrated Systems Corp.)
3 SiSRaid4; C:\Windows\System32\DRIVERS\sisraid4.sys [77888 2009-07-13] (Silicon Integrated Systems)
3 Smb; C:\Windows\System32\DRIVERS\smb.sys [71168 2009-07-13] (Microsoft Corporation)
3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [12800 2009-07-13] (Microsoft Corporation)
0 spldr; C:\Windows\System32\Drivers\spldr.sys [17472 2009-07-13] (Microsoft Corporation)
2 Spooler; C:\Windows\System32\spoolsv.exe [316928 2010-08-20] (Microsoft Corporation)
2 sppsvc; C:\Windows\System32\sppsvc.exe [3179520 2009-07-13] (Microsoft Corporation)
3 sppuinotify; C:\Windows\System32\sppuinotify.dll [53760 2009-07-13] (Microsoft Corporation)
0 sptd; C:\Windows\System32\Drivers\sptd.sys [697328 2010-10-03] (Duplex Secure Ltd.)
3 srv; C:\Windows\System32\DRIVERS\srv.sys [311296 2011-02-22] (Microsoft Corporation)
3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [309760 2011-02-22] (Microsoft Corporation)
3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL3.SYS [207360 2009-07-13] (Conexant Systems, Inc.)
3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Conexant Systems, Inc.)
3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT3.SYS [661504 2009-07-13] (Conexant Systems, Inc.)
3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [113664 2011-02-22] (Microsoft Corporation)
3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [162816 2009-07-13] (Microsoft Corporation)
3 SstpSvc; C:\Windows\System32\sstpsvc.dll [90112 2009-07-13] (Microsoft Corporation)
2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
3 stexstor; C:\Windows\System32\DRIVERS\stexstor.sys [21072 2009-07-13] (Promise Technology)
2 StiSvc; C:\Windows\System32\wiaservc.dll [462336 2009-07-13] (Microsoft Corporation)
0 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [40896 2009-07-13] (Microsoft Corporation)
3 storvsc; C:\Windows\System32\DRIVERS\storvsc.sys [28224 2009-07-13] (Microsoft Corporation)
3 swenum; C:\Windows\System32\DRIVERS\swenum.sys [12240 2009-07-13] (Microsoft Corporation)
3 swprv; C:\Windows\System32\swprv.dll [313856 2009-07-13] (Microsoft Corporation)
2 SysMain; C:\Windows\System32\sysmain.dll [1169408 2009-07-13] (Microsoft Corporation)
3 TabletInputService; C:\Windows\System32\TabSvc.dll [73728 2009-07-13] (Microsoft Corporation)
3 TapiSrv; C:\Windows\System32\tapisrv.dll [241664 2009-07-13] (Microsoft Corporation)
3 TBS; C:\Windows\System32\tbssvc.dll [55808 2009-07-13] (Microsoft Corporation)
1 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1286016 2010-06-13] (Microsoft Corporation)
3 TCPIP6; C:\Windows\System32\DRIVERS\tcpip.sys [1286016 2010-06-13] (Microsoft Corporation)
2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [34816 2009-07-13] (Microsoft Corporation)
3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [17920 2009-07-13] (Microsoft Corporation)
3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [24064 2009-07-13] (Microsoft Corporation)
1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [74240 2009-07-13] (Microsoft Corporation)
1 TermDD; C:\Windows\System32\DRIVERS\termdd.sys [51776 2009-07-13] (Microsoft Corporation)
3 TermService; C:\Windows\System32\termsrv.dll [543232 2009-07-13] (Microsoft Corporation)
2 Themes; C:\Windows\System32\themeservice.dll [37376 2009-07-13] (Microsoft Corporation)
3 THREADORDER; C:\Windows\System32\mmcss.dll [49664 2009-07-13] (Microsoft Corporation)
2 TrkWks; C:\Windows\System32\trkwks.dll [77312 2009-07-13] (Microsoft Corporation)
3 Trufos; \??\C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\trufos.sys [39808 2009-11-26] (BitDefender S.R.L.)
3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [204800 2009-07-13] (Microsoft Corporation)
3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [30208 2009-07-13] (Microsoft Corporation)
3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [108544 2009-07-13] (Microsoft Corporation)
3 uagp35; C:\Windows\System32\DRIVERS\uagp35.sys [55888 2009-07-13] (Microsoft Corporation)
4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [246784 2009-07-13] (Microsoft Corporation)
3 UI0Detect; C:\Windows\System32\UI0Detect.exe [35840 2009-07-13] (Microsoft Corporation)
3 uliagpkx; C:\Windows\System32\DRIVERS\uliagpkx.sys [57424 2009-07-13] (Microsoft Corporation)
3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [39936 2009-07-13] (Microsoft Corporation)
3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [8192 2009-07-13] (Microsoft Corporation)
3 UmRdpService; C:\Windows\System32\umrdp.dll [154624 2009-07-13] (Microsoft Corporation)
3 upnphost; C:\Windows\System32\upnphost.dll [266752 2009-07-13] (Microsoft Corporation)
3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [75264 2009-07-13] (Microsoft Corporation)
3 usbcir; C:\Windows\System32\DRIVERS\usbcir.sys [86016 2009-07-13] (Microsoft Corporation)
3 usbehci; C:\Windows\System32\DRIVERS\usbehci.sys [41472 2009-07-13] (Microsoft Corporation)
3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2009-07-13] (Microsoft Corporation)
3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [20480 2009-07-13] (Microsoft Corporation)
3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-13] (Microsoft Corporation)
3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [35840 2009-07-13] (Microsoft Corporation)
3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [74752 2009-07-13] (Microsoft Corporation)
3 usbuhci; C:\Windows\System32\DRIVERS\usbuhci.sys [24064 2009-07-13] (Microsoft Corporation)
3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146176 2009-07-13] (Microsoft Corporation)
2 UxSms; C:\Windows\System32\uxsms.dll [29696 2009-07-13] (Microsoft Corporation)
2 VaultClientSRV; C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe [1053936 2010-06-07] (Radialpoint SafeCare Inc.)
2 VaultClientUpgrade; C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe [120048 2010-06-07] (Radialpoint SafeCare Inc.)
3 VaultSvc; C:\Windows\System32\lsass.exe [22528 2009-07-13] (Microsoft Corporation)
0 vdrvroot; C:\Windows\System32\DRIVERS\vdrvroot.sys [32832 2009-07-13] (Microsoft Corporation)
3 vds; C:\Windows\System32\vds.exe [452608 2009-07-13] (Microsoft Corporation)
3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-13] (Microsoft Corporation)
1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-13] (Microsoft Corporation)
3 vhdmp; C:\Windows\System32\DRIVERS\vhdmp.sys [159824 2009-07-13] (Microsoft Corporation)
3 viaagp; C:\Windows\System32\DRIVERS\viaagp.sys [53328 2009-07-13] (Microsoft Corporation)
3 ViaC7; C:\Windows\System32\DRIVERS\viac7.sys [52736 2009-07-13] (Microsoft Corporation)
3 viaide; C:\Windows\System32\DRIVERS\viaide.sys [16976 2009-07-13] (VIA Technologies, Inc.)
3 vmbus; C:\Windows\System32\DRIVERS\vmbus.sys [175824 2009-07-13] (Microsoft Corporation)
3 VMBusHID; C:\Windows\System32\DRIVERS\VMBusHID.sys [17920 2009-07-13] (Microsoft Corporation)
0 volmgr; C:\Windows\System32\DRIVERS\volmgr.sys [53312 2009-07-13] (Microsoft Corporation)
0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [297040 2009-07-13] (Microsoft Corporation)
0 volsnap; C:\Windows\System32\DRIVERS\volsnap.sys [245328 2009-07-13] (Microsoft Corporation)
3 vsmraid; C:\Windows\System32\DRIVERS\vsmraid.sys [141904 2009-07-13] (VIA Technologies Inc.,Ltd)
3 VSS; C:\Windows\System32\vssvc.exe [1025536 2009-07-13] (Microsoft Corporation)
3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-13] (Microsoft Corporation)
1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-13] (Microsoft Corporation)
3 vwifimp; C:\Windows\System32\DRIVERS\vwifimp.sys [14336 2009-07-13] (Microsoft Corporation)
3 W32Time; C:\Windows\System32\w32time.dll [288768 2009-07-13] (Microsoft Corporation)
3 WacomPen; C:\Windows\System32\DRIVERS\wacompen.sys [21632 2009-07-13] (Microsoft Corporation)
3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2009-07-13] (Microsoft Corporation)
1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2009-07-13] (Microsoft Corporation)
3 WatAdminSvc; C:\Windows\System32\Wat\WatAdminSvc.exe [1343400 2010-02-27] (Microsoft Corporation)
3 wbengine; "C:\Windows\system32\wbengine.exe" [1202688 2009-07-13] (Microsoft Corporation)
3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [151552 2009-07-13] (Microsoft Corporation)
3 wcncsvc; C:\Windows\System32\wcncsvc.dll [276480 2009-07-13] (Microsoft Corporation)
3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [32768 2009-07-13] (Microsoft Corporation)
3 Wd; C:\Windows\System32\DRIVERS\wd.sys [19024 2009-07-13] (Microsoft Corporation)
0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [445008 2009-07-13] (Microsoft Corporation)
3 WdiServiceHost; C:\Windows\System32\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
3 WdiSystemHost; C:\Windows\System32\wdi.dll [76288 2009-07-13] (Microsoft Corporation)
3 WebClient; C:\Windows\System32\webclnt.dll [202240 2009-07-13] (Microsoft Corporation)
3 Wecsvc; C:\Windows\System32\wecsvc.dll [147968 2009-07-13] (Microsoft Corporation)
3 wercplsupport; C:\Windows\System32\wercplsupport.dll [61440 2009-07-13] (Microsoft Corporation)
3 WerSvc; C:\Windows\System32\WerSvc.dll [65024 2009-07-13] (Microsoft Corporation)
1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-13] (Microsoft Corporation)
3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [19008 2009-07-13] (Microsoft Corporation)
3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
3 WinHttpAutoProxySvc; C:\Windows\System32\winhttp.dll [348672 2009-07-13] (Microsoft Corporation)
2 Winmgmt; C:\Windows\System32\wbem\WMIsvc.dll [168960 2009-07-13] (Microsoft Corporation)
3 WinRM; C:\Windows\System32\WsmSvc.dll [1175040 2009-07-13] (Microsoft Corporation)
3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [34944 2009-07-13] (Microsoft Corporation)
2 Wlansvc; C:\Windows\System32\wlansvc.dll [829440 2009-07-13] (Microsoft Corporation)
3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [11264 2009-07-13] (Microsoft Corporation)
3 wmiApSrv; C:\Windows\System32\wbem\WmiApSrv.exe [136192 2009-07-13] (Microsoft Corporation)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [1121280 2009-07-13] (Microsoft Corporation)
3 WPCSvc; C:\Windows\System32\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation)
3 WPDBusEnum; C:\Windows\System32\wpdbusenum.dll [84480 2009-07-13] (Microsoft Corporation)
4 ws2ifsl; C:\Windows\System32\drivers\ws2ifsl.sys [16384 2009-07-13] (Microsoft Corporation)
2 wscsvc; C:\Windows\System32\wscsvc.dll [73728 2009-07-13] (Microsoft Corporation)
2 WSearch; C:\Windows\System32\SearchIndexer.exe /Embedding [428032 2009-07-13] (Microsoft Corporation)
2 wuauserv; C:\Windows\System32\wuaueng.dll [1912832 2009-07-13] (Microsoft Corporation)
3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [92672 2009-07-13] (Microsoft Corporation)
3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [132224 2009-07-13] (Microsoft Corporation)
2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [64512 2009-07-13] (Microsoft Corporation)
3 WwanSvc; C:\Windows\System32\wwansvc.dll [185856 2009-07-13] (Microsoft Corporation)
3 xusb21; C:\Windows\System32\DRIVERS\xusb21.sys [61984 2010-08-19] (Microsoft Corporation)
1 StarOpen; [x]

========================= NetSvcs ============================

============ One Month Created Files and folders ============

2011-05-02 21:46 - 2011-05-02 21:48 - 0133650 ____A C:\TDSSKiller.2.4.21.0_03.05.2011_01.46.36_log.txt
2011-05-02 21:43 - 2011-05-02 21:43 - 2001660 ___AH C:\Users\Administrator\AppData\Local\IconCache.db
2011-05-02 21:39 - 2011-05-02 21:39 - 0002024 ____A C:\TDSSKiller.2.4.21.0_03.05.2011_01.39.23_log.txt
2011-05-02 21:38 - 2011-05-02 21:38 - 0002024 ____A C:\TDSSKiller.2.4.21.0_03.05.2011_01.38.50_log.txt
2011-05-02 21:38 - 2011-05-02 21:38 - 0001588 ____A C:\Users\Administrator\Desktop\GooredFix.txt
2011-05-02 21:38 - 2011-05-02 21:38 - 0000000 ____D C:\Users\Administrator\Desktop\GooredFix Backups
2011-05-02 20:54 - 2011-05-02 20:54 - 0000000 ____D C:\_OTM
2011-05-02 20:50 - 2011-05-03 02:36 - 0000000 ____D C:\Users\Administrator\Documents\registry backup
2011-05-02 19:28 - 2011-05-02 19:28 - 0018174 ____A C:\Users\Administrator\AppData\Local\Temp14.html
2011-05-02 19:21 - 2011-05-03 02:36 - 0000000 ____D C:\Program Files\WhoCrashed
2011-05-02 19:21 - 2011-05-02 19:21 - 0001667 ____A C:\Users\Administrator\AppData\Local\Temp1.html
2011-05-02 19:14 - 2011-05-02 19:14 - 0000000 ____D C:\Users\All Users\Avira
2011-05-02 19:14 - 2011-05-02 19:14 - 0000000 ____D C:\ProgramData\Avira
2011-05-02 19:14 - 2011-05-02 19:14 - 0000000 ____D C:\Program Files\Avira
2011-05-02 18:47 - 2011-05-02 18:47 - 0000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2011-05-02 16:18 - 2011-05-02 16:18 - 0002024 ____A C:\TDSSKiller.2.4.21.0_02.05.2011_20.18.09_log.txt
2011-05-02 16:17 - 2011-05-02 16:17 - 0002024 ____A C:\TDSSKiller.2.4.21.0_02.05.2011_20.17.52_log.txt
2011-05-02 15:18 - 2011-05-03 18:56 - 0000000 ____D C:\Program Files\CA-SupportBridge
2011-05-02 15:18 - 2011-05-02 15:18 - 0000556 ____A C:\Program Files\RejoinCommandLine.txt
2011-05-02 14:46 - 2011-05-02 14:46 - 0000000 ____D C:\Users\Public\Documents\COMODO
2011-05-02 14:35 - 2011-05-02 14:35 - 0000078 ____A C:\Users\Administrator\AppData\Local\xobni_installer_updater.log
2011-05-02 14:35 - 2011-05-02 14:35 - 0000000 ____D C:\Program Files\Xobni
2011-05-02 14:34 - 2011-05-02 14:34 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\AVG10
2011-05-02 14:30 - 2011-05-02 18:18 - 0000000 ____D C:\Users\All Users\AVG10
2011-05-02 14:30 - 2011-05-02 18:18 - 0000000 ____D C:\ProgramData\AVG10
2011-05-02 14:29 - 2011-05-03 02:34 - 0000000 ____D C:\Program Files\AVG
2011-05-02 14:23 - 2011-05-03 18:56 - 0000000 ____D C:\Users\All Users\MFAData
2011-05-02 14:23 - 2011-05-03 18:56 - 0000000 ____D C:\ProgramData\MFAData
2011-05-02 14:18 - 2011-05-03 18:56 - 0000000 ____D C:\Users\All Users\Comodo
2011-05-02 14:18 - 2011-05-03 18:56 - 0000000 ____D C:\ProgramData\Comodo
2011-05-02 14:18 - 2011-05-02 14:19 - 0000000 ____D C:\Program Files\COMODO
2011-05-02 14:13 - 2011-05-03 18:56 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2011-05-02 14:13 - 2011-05-03 18:56 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy
2011-05-02 14:13 - 2011-05-03 18:56 - 0000000 ____D C:\Program Files\Spybot - Search & Destroy
2011-05-02 13:54 - 2011-05-02 13:54 - 0000000 __SHD C:\Users\Default\Desktop\%APPDATA%
2011-05-02 13:54 - 2011-05-02 13:54 - 0000000 __SHD C:\Users\Default User\Desktop\%APPDATA%
2011-05-02 13:53 - 2011-05-02 15:23 - 0000000 ____D C:\Users\Default\AppData\Roaming\Rogers Online Protection
2011-05-02 13:53 - 2011-05-02 15:23 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Rogers Online Protection
2011-05-01 22:05 - 2011-05-01 22:05 - 0000000 ____D C:\Users\All Users\AVAST Software
2011-05-01 22:05 - 2011-05-01 22:05 - 0000000 ____D C:\ProgramData\AVAST Software
2011-05-01 22:05 - 2011-05-01 22:05 - 0000000 ____D C:\Program Files\AVAST Software
2011-05-01 21:52 - 2011-05-01 21:54 - 56189640 ____A C:\Users\Administrator\Downloads\setup_av_free.exe
2011-05-01 21:39 - 2011-05-01 21:40 - 0446464 ____A (OldTimer Tools) C:\Users\Administrator\Downloads\TFC.exe
2011-05-01 21:32 - 2011-05-01 21:32 - 52676424 ____A C:\Users\Administrator\Downloads\avira_antivir_personal_en.exe
2011-05-01 20:53 - 2011-05-03 19:10 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2011-05-01 20:53 - 2011-05-03 19:05 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-05-01 20:53 - 2011-05-03 19:05 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-05-01 20:53 - 2011-05-01 20:53 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
2011-05-01 20:53 - 2010-12-20 14:09 - 0038224 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2011-05-01 20:53 - 2010-12-20 14:08 - 0020952 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2011-04-30 22:14 - 2011-04-30 22:14 - 0023487 ____A C:\Users\Administrator\Desktop\Attach report.txt
2011-04-30 22:14 - 2011-04-30 22:14 - 0019172 ____A C:\Users\Administrator\Desktop\DDS report.txt
2011-04-27 22:05 - 2011-04-27 22:05 - 0000039 ____A C:\Users\Administrator\Desktop\bank info.txt
2011-04-27 14:57 - 2011-04-27 14:58 - 51043073 ____A C:\Users\Administrator\Desktop\final_fantasy_battle_medley_02.zip
2011-04-27 14:56 - 2011-04-27 14:57 - 26967456 ____A C:\Users\Administrator\Desktop\ffbm_opx.zip
2011-04-27 14:38 - 2011-04-27 14:38 - 5026157 ____A C:\Users\Administrator\Desktop\ff8_fyw.zip
2011-04-25 16:18 - 2011-04-30 22:01 - 0000000 ____D C:\Program Files\BatteryBar
2011-04-25 12:28 - 2011-04-25 12:31 - 0000000 ____D C:\Users\Administrator\Documents\Wii
2011-04-25 11:27 - 2011-04-25 11:28 - 0000000 ____D C:\Users\Administrator\Downloads\Vertical Jump Bible
2011-04-25 11:27 - 2011-04-25 11:27 - 0000926 ____A C:\Users\Administrator\Downloads\[isoHunt]_Vertical_Jump_Bible.torrent
2011-04-24 00:56 - 2011-04-24 00:56 - 0550478 ____A C:\Users\Administrator\Downloads\winkawaks162.zip
2011-04-24 00:37 - 2011-04-24 00:50 - 0001225 ____A C:\Users\Administrator\Documents\ps3 layout.xpaddercontroller
2011-04-24 00:09 - 2011-04-24 00:09 - 0435979 ____A C:\Users\Administrator\Downloads\Xpadder5-3.zip
2011-04-24 00:07 - 2011-04-24 00:07 - 1978098 ____A C:\Users\Administrator\Downloads\MotioninJoy_060001_x86.zip
2011-04-20 23:20 - 2011-04-20 23:20 - 0000350 ____A C:\Users\Administrator\Downloads\[isoHunt] download (1).torrent
2011-04-18 22:29 - 2011-04-18 22:29 - 0000000 ____D C:\Users\Administrator\Documents\Gaming
2011-04-17 22:29 - 2011-05-03 19:10 - 0000000 ____D C:\Users\Administrator\Desktop\wiiflow
2011-04-17 21:56 - 2011-01-09 08:48 - 0000942 ____A C:\Users\Administrator\Desktop\Changelog.txt
2011-04-17 10:15 - 2011-05-03 19:07 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\mIRC
2011-04-15 10:57 - 2011-02-22 21:06 - 0311296 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-04-15 10:57 - 2011-02-22 21:05 - 0309760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-04-15 10:57 - 2011-02-22 21:05 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-04-15 10:56 - 2011-03-02 21:29 - 0269824 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-04-15 10:56 - 2011-03-02 21:29 - 0132608 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-04-15 10:56 - 2011-03-02 21:27 - 0028672 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-04-15 10:56 - 2011-02-17 21:36 - 0428032 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-04-15 10:56 - 2011-02-17 21:35 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-04-15 10:55 - 2011-02-23 21:32 - 1228800 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-04-15 10:55 - 2011-02-23 21:32 - 0981504 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-04-15 10:55 - 2011-02-23 21:30 - 5981696 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-04-15 10:55 - 2011-02-23 21:30 - 0606208 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-04-15 10:55 - 2011-02-23 21:30 - 0599040 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-04-15 10:55 - 2011-02-23 21:30 - 0067072 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-04-15 10:55 - 2011-02-23 21:30 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-04-15 10:55 - 2011-02-23 21:30 - 0048128 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-04-15 10:55 - 2011-02-23 21:30 - 0044544 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-04-15 10:55 - 2011-02-23 21:29 - 2063360 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-04-15 10:55 - 2011-02-23 21:29 - 10989056 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-04-15 10:55 - 2011-02-23 21:29 - 0381440 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-04-15 10:55 - 2011-02-23 21:29 - 0185856 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-04-15 10:55 - 2011-02-23 21:29 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-04-15 10:55 - 2011-02-23 21:27 - 0012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-04-15 10:55 - 2011-02-23 20:23 - 0386048 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-04-15 10:55 - 2011-02-23 19:50 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-04-15 10:55 - 2011-02-18 21:32 - 0034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-04-15 10:55 - 2011-02-18 19:37 - 0294912 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2011-04-15 10:54 - 2011-03-02 19:31 - 2331136 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-04-15 10:53 - 2011-03-07 21:38 - 0740864 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-04-15 10:53 - 2011-02-11 21:30 - 0191488 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2011-04-15 10:52 - 2011-03-10 21:40 - 1164288 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-04-15 10:52 - 2011-03-10 21:40 - 1137664 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-04-15 10:52 - 2011-02-22 21:05 - 0221696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-04-15 10:52 - 2011-02-22 21:05 - 0123392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-04-15 10:52 - 2011-02-22 21:05 - 0095744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-04-15 10:52 - 2011-02-22 21:05 - 0069632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-04-12 13:53 - 2011-05-03 19:10 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\FinalMediaPlayer
2011-04-12 13:53 - 2011-05-03 19:10 - 0000000 ____D C:\Program Files\FinalMediaPlayer
2011-04-12 13:53 - 2011-05-01 21:56 - 0000402 ____A C:\Windows\Tasks\Final Media Player Update Checker.job
2011-04-12 13:53 - 2011-04-12 13:53 - 0001061 ____A C:\Users\Administrator\Desktop\FinalMediaPlayer.lnk
2011-04-12 13:53 - 2011-04-12 13:53 - 0000000 ____D C:\Program Files\File Type Assistant
2011-04-12 13:51 - 2011-04-12 13:51 - 2325112 ____A (W3i, LLC) C:\Users\Administrator\Downloads\FinalMediaPlayer2011Setup.exe
2011-04-12 12:46 - 2011-04-12 13:49 - 0000000 ____D C:\Users\Administrator\Documents\Somali
2011-04-07 12:10 - 2011-04-07 12:10 - 0000162 ___AH C:\Users\Administrator\Desktop\~$20 mcq mistakes.docx
2011-04-06 23:07 - 2011-04-06 23:07 - 0081706 ____A C:\Users\Administrator\Desktop\2320 MCQS only.docx
2011-04-06 23:07 - 2011-04-06 23:07 - 0000162 ___AH C:\Users\Administrator\Desktop\~$20 MCQS only.docx
2011-04-06 21:11 - 2011-04-06 22:56 - 0028042 ____A C:\Users\Administrator\Desktop\2320 mcq mistakes.docx
2011-04-05 14:29 - 2011-04-05 14:29 - 6394368 ____A C:\Users\Administrator\Downloads\Charles_Darwin (1).ppt
2011-04-05 14:09 - 2011-04-05 14:10 - 2320896 ____A C:\Users\Administrator\Downloads\Sigmund_Freud.ppt
2011-04-05 13:47 - 2011-04-05 13:49 - 6394368 ____A C:\Users\Administrator\Downloads\Charles_Darwin.ppt
2011-04-05 13:46 - 2011-04-05 13:48 - 7408640 ____A C:\Users\Administrator\Downloads\Frankenstein_lecture-huma1720_1_.ppt
2011-04-05 13:46 - 2011-04-05 13:48 - 5745664 ____A C:\Users\Administrator\Downloads\SLAVERY1A.ppt
2011-04-04 23:22 - 2011-04-04 23:22 - 8392704 ____A C:\Users\Administrator\Downloads\Smith_Marx.ppt
2011-04-04 19:16 - 2011-04-04 19:16 - 5529088 ____A C:\Users\Administrator\Downloads\Hedda_Gabler_1720_1_1_.ppt
2011-04-04 19:11 - 2011-04-04 19:11 - 0096129 ____A C:\Users\Administrator\Downloads\Wrist_Communicator.mp3
2011-04-04 14:11 - 2011-04-04 14:13 - 0000000 ____D C:\Program Files\Lame For Audacity
2011-04-04 13:45 - 2011-05-03 19:03 - 0000000 ____D C:\Program Files\Audacity 1.3 Beta (Unicode)
2011-04-04 13:45 - 2011-04-04 21:45 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Audacity
2011-04-04 13:45 - 2011-04-04 13:45 - 0001012 ____A C:\Users\Administrator\Desktop\Audacity 1.3 Beta (Unicode).lnk
2011-04-04 13:44 - 2011-04-04 13:45 - 11873890 ____A (Audacity Team ) C:\Users\Administrator\Desktop\audacity-win-unicode-1.3.12.exe
2011-04-04 13:38 - 2011-04-04 14:32 - 1705078784 ____A C:\Users\Administrator\Downloads\Dissidia 012 duodecim [US].iso
2011-04-04 12:11 - 2011-04-04 12:11 - 0000018 ____A C:\Users\Administrator\Desktop\3410 lecture material.txt
2011-04-04 00:25 - 2011-04-04 00:25 - 0439673 ____A C:\Users\Administrator\Documents\mba_admits_sample.pdf
2011-04-04 00:24 - 2011-04-04 00:24 - 0142823 ____A C:\Users\Administrator\Documents\duke_essay_1.pdf


============ 3 Months Modified Files and folders =============

2011-05-04 03:32 - 2011-05-04 03:17 - 0000000 ____D C:\FRST
2011-05-03 19:11 - 2010-09-06 04:16 - 0000000 ____D C:\Windows\Minidump
2011-05-03 19:11 - 2010-09-06 03:26 - 0000000 ____D C:\users\temp.User-PC
2011-05-03 19:11 - 2010-09-05 14:50 - 0000000 ____D C:\users\Administrator
2011-05-03 19:11 - 2010-03-06 15:08 - 0000000 ____D C:\Windows\System32\athan
2011-05-03 19:11 - 2010-01-30 14:23 - 0000000 ____D C:\Windows\System32\TVUAx
2011-05-03 19:11 - 2009-07-13 20:52 - 0000000 ____D C:\Windows\Downloaded Program Files
2011-05-03 19:11 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\Windows Sidebar
2011-05-03 19:11 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\wfp
2011-05-03 19:11 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\wbem
2011-05-03 19:11 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\DriverStore
2011-05-03 19:10 - 2011-05-01 20:53 - 0000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2011-05-03 19:10 - 2011-04-17 22:29 - 0000000 ____D C:\Users\Administrator\Desktop\wiiflow
2011-05-03 19:10 - 2011-04-12 13:53 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\FinalMediaPlayer
2011-05-03 19:10 - 2011-04-12 13:53 - 0000000 ____D C:\Program Files\FinalMediaPlayer
2011-05-03 19:10 - 2011-03-16 13:13 - 0000000 ____D C:\Users\All Users\McAfee Security Scan
2011-05-03 19:10 - 2011-03-16 13:13 - 0000000 ____D C:\ProgramData\McAfee Security Scan
2011-05-03 19:10 - 2011-03-16 13:13 - 0000000 ____D C:\Program Files\McAfee Security Scan
2011-05-03 19:10 - 2011-03-02 21:44 - 0000000 ____D C:\Program Files\GGPO
2011-05-03 19:10 - 2011-02-14 21:01 - 0000000 ____D C:\Program Files\MotioninJoy
2011-05-03 19:10 - 2011-02-03 03:09 - 0000000 ____D C:\Program Files\Rogers Backup Manager
2011-05-03 19:10 - 2011-02-03 03:07 - 0000000 ____D C:\Program Files\Raxco
2011-05-03 19:10 - 2011-02-03 01:57 - 0000000 ____D C:\Users\All Users\Rogers Online Protection
2011-05-03 19:10 - 2011-02-03 01:57 - 0000000 ____D C:\ProgramData\Rogers Online Protection
2011-05-03 19:10 - 2010-10-03 18:37 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\uTorrent
2011-05-03 19:10 - 2010-09-25 21:48 - 0000000 ____D C:\Users\Administrator\AppData\Local\WBFSManager
2011-05-03 19:10 - 2010-09-06 03:26 - 0000000 ____D C:\Users\temp.User-PC\AppData\Roaming\Macromedia
2011-05-03 19:10 - 2010-09-05 14:52 - 0000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2011-05-03 19:10 - 2010-09-05 14:50 - 0000000 ____D C:\Users\Administrator\AppData\Local\Hewlett-Packard
2011-05-03 19:10 - 2010-09-05 12:02 - 0000000 ____D C:\Users\TEMP\AppData\Local\Mozilla
2011-05-03 19:10 - 2010-06-29 22:57 - 0000000 ____D C:\Program Files\Mozilla Firefox
2011-05-03 19:10 - 2010-03-10 12:03 - 0000000 ___RD C:\Program Files\Skype
2011-05-03 19:10 - 2010-03-10 12:03 - 0000000 ____D C:\Program Files\Common Files\Skype
2011-05-03 19:10 - 2010-03-06 15:07 - 0000000 ____D C:\Program Files\Athan
2011-05-03 19:10 - 2010-03-04 18:31 - 0000000 ____D C:\Program Files\Common Files\Intuit
2011-05-03 19:10 - 2010-03-04 18:30 - 0000000 ____D C:\Program Files\ProFile
2011-05-03 19:10 - 2010-02-17 19:41 - 0000000 ____D C:\Program Files\Common Files\xing shared
2011-05-03 19:10 - 2010-02-15 23:17 - 0000000 ____D C:\Program Files\WinRAR
2011-05-03 19:10 - 2010-02-15 16:17 - 0000000 ____D C:\Program Files\Ask.com
2011-05-03 19:10 - 2010-02-15 16:16 - 0000000 ____D C:\Program Files\uTorrent
2011-05-03 19:10 - 2010-02-02 23:34 - 0000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2011-05-03 19:10 - 2010-02-02 23:34 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2011-05-03 19:10 - 2010-02-02 23:33 - 0000000 ____D C:\Users\TEMP\AppData\Local\Adobe
2011-05-03 19:10 - 2010-02-02 18:03 - 0000000 ____D C:\Program Files\Windows Live SkyDrive
2011-05-03 19:10 - 2010-01-31 20:29 - 0000000 ____D C:\Program Files\SystemRequirementsLab
2011-05-03 19:10 - 2010-01-30 15:13 - 0000000 ____D C:\Program Files\Google
2011-05-03 19:10 - 2010-01-30 14:21 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Macromedia
2011-05-03 19:10 - 2010-01-30 11:13 - 0000000 ____D C:\Program Files\Common Files\LightScribe
2011-05-03 19:10 - 2010-01-30 10:59 - 0000000 ____D C:\Program Files\Microsoft Works
2011-05-03 19:10 - 2010-01-30 10:58 - 0000000 ____D C:\Program Files\Microsoft Visual Studio
2011-05-03 19:10 - 2010-01-30 10:58 - 0000000 ____D C:\Program Files\Common Files\DESIGNER
2011-05-03 19:10 - 2009-07-13 20:56 - 0000000 ____D C:\Windows\System32\winrm
2011-05-03 19:10 - 2009-07-13 20:52 - 0000000 ____D C:\Windows\System32\WindowsPowerShell
2011-05-03 19:10 - 2009-07-13 20:52 - 0000000 ____D C:\Windows\System32\WinBioPlugIns
2011-05-03 19:10 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Web
2011-05-03 19:10 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Vss
2011-05-03 19:10 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\registration
2011-05-03 19:10 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Common Files\microsoft shared
2011-05-03 19:09 - 2010-09-05 04:31 - 0000000 __SHD C:\Windows\System32\%APPDATA%
2011-05-03 19:09 - 2010-01-30 14:21 - 0000000 ____D C:\Windows\System32\Macromed
2011-05-03 19:09 - 2010-01-30 10:58 - 0000000 ____D C:\Windows\PCHEALTH
2011-05-03 19:09 - 2009-07-13 20:56 - 0000000 ____D C:\Windows\System32\WCN
2011-05-03 19:09 - 2009-07-13 20:56 - 0000000 ____D C:\Windows\System32\slmgr
2011-05-03 19:09 - 2009-07-13 20:56 - 0000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2011-05-03 19:09 - 2009-07-13 20:52 - 0000000 ____D C:\Windows\Performance
2011-05-03 19:09 - 2009-07-13 20:34 - 0000000 ____D C:\Windows\Setup
2011-05-03 19:09 - 2009-07-13 20:34 - 0000000 ____D C:\Windows\ServiceProfiles
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\sysprep
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\spp
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\spool
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\Speech
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\SMI
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\oobe
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\NetworkList
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\MUI
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\Msdtc
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\migwiz
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\IME
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\Dism
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\System32\com
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Speech
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\servicing
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\security
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\schemas
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Resources
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\rescache
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\PolicyDefinitions
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\PLA
2011-05-03 19:09 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Microsoft.NET
2011-05-03 19:08 - 2010-09-06 03:26 - 0000000 ____D C:\Users\temp.User-PC\AppData\LocalLow
2011-05-03 19:08 - 2010-09-05 12:14 - 0000000 ____D C:\Users\TEMP\AppData\LocalLow
2011-05-03 19:08 - 2010-09-05 12:02 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Mozilla
2011-05-03 19:08 - 2010-08-16 13:44 - 0000000 ____D C:\Users\TEMP\AppData\Local\Intuit
2011-05-03 19:08 - 2010-06-08 10:04 - 0000000 ____D C:\Users\User.old\AppData\Roaming\Mozilla
2011-05-03 19:08 - 2010-03-27 20:40 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\mIRC
2011-05-03 19:08 - 2010-03-07 15:54 - 0000000 ____D C:\Users\TEMP\Documents\My ProFile Data
2011-05-03 19:08 - 2010-03-04 18:31 - 0000000 ____D C:\Windows\Downloaded Installations
2011-05-03 19:08 - 2010-02-17 19:41 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Real
2011-05-03 19:08 - 2010-02-15 23:11 - 0000000 ____D C:\Users\TEMP\AppData\Local\WBFSManager
2011-05-03 19:08 - 2010-02-14 11:52 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Skype
2011-05-03 19:08 - 2010-02-01 18:17 - 0000000 ____D C:\Users\TEMP\AppData\Local\Microsoft Games
2011-05-03 19:08 - 2010-01-30 23:03 - 0000000 ____D C:\Users\TEMP\AppData\Local\Hewlett-Packard
2011-05-03 19:08 - 2010-01-30 15:13 - 0000000 ____D C:\Users\TEMP\AppData\Local\Google
2011-05-03 19:08 - 2010-01-30 14:21 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Adobe
2011-05-03 19:08 - 2010-01-30 11:27 - 0000000 ____D C:\Users\TEMP\AppData\Roaming\Nero
2011-05-03 19:08 - 2010-01-30 10:48 - 0000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2011-05-03 19:08 - 2009-07-13 18:37 - 0000000 __RSD C:\Windows\Media
2011-05-03 19:08 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\IME
2011-05-03 19:08 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Help
2011-05-03 19:08 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Globalization
2011-05-03 19:08 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\Branding
2011-05-03 19:08 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\AppCompat
2011-05-03 19:07 - 2011-04-17 10:15 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\mIRC
2011-05-03 19:07 - 2011-04-03 15:45 - 0000000 ____D C:\Users\Administrator\Downloads\Driving with Disney -2 CD- 52 original Songs {MUST HAVE} [h33t][migel]
2011-05-03 19:07 - 2011-03-23 09:03 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Research In Motion
2011-05-03 19:07 - 2011-03-21 16:37 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Filipe Lourenço
2011-05-03 19:07 - 2011-03-08 09:29 - 0000000 ____D C:\Users\Administrator\Documents\Fax
2011-05-03 19:07 - 2011-02-07 23:06 - 0000000 ____D C:\Users\Administrator\Desktop\Macrofire
2011-05-03 19:07 - 2011-02-04 23:49 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\McAfee
2011-05-03 19:07 - 2011-02-03 01:58 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Rogers Online Protection
2011-05-03 19:07 - 2011-01-02 19:53 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\EuroTalk
2011-05-03 19:07 - 2010-10-20 09:13 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2011-05-03 19:07 - 2010-10-03 18:57 - 0000000 ____D C:\Users\Administrator\Desktop\Alcohol_120_2.0.1.1820_DMZ
2011-05-03 19:07 - 2010-09-06 14:04 - 0000000 ____D C:\Users\Administrator\Downloads\128060_macrofire324
2011-05-03 19:07 - 2010-09-06 03:47 - 0000000 ____D C:\Users\Administrator\Documents\My ProFile Data
2011-05-03 19:07 - 2010-09-06 03:26 - 0000000 ____D C:\Users\temp.User-PC\AppData\Local\Hewlett-Packard
2011-05-03 19:07 - 2010-09-05 14:54 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2011-05-03 19:07 - 2010-09-05 14:54 - 0000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2011-05-03 19:07 - 2010-09-05 14:52 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Real
2011-05-03 19:07 - 2010-09-05 14:52 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2011-05-03 19:07 - 2010-09-05 14:50 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2011-05-03 19:07 - 2010-09-05 14:50 - 0000000 ____D C:\Users\Administrator\AppData\LocalLow
2011-05-03 19:07 - 2010-09-05 04:55 - 0000000 ____D C:\Users\Default\AppData\Local\Hewlett-Packard
2011-05-03 19:07 - 2010-09-05 04:55 - 0000000 ____D C:\Users\Default User\AppData\Local\Hewlett-Packard
2011-05-03 19:07 - 2009-07-13 18:37 - 0000000 __RHD C:\users\Default
2011-05-03 19:07 - 2009-07-13 18:37 - 0000000 ___RD C:\users\Public
2011-05-03 19:06 - 2010-10-08 22:29 - 0000000 ____D C:\Users\Administrator\AppData\Local\Intuit
2011-05-03 19:06 - 2010-09-05 14:52 - 0000000 ____D C:\Users\Administrator\AppData\Local\Google
2011-05-03 19:06 - 2010-02-17 19:41 - 0000000 ____D C:\Users\All Users\Real
2011-05-03 19:06 - 2010-02-17 19:41 - 0000000 ____D C:\ProgramData\Real
2011-05-03 19:06 - 2010-02-14 11:51 - 0000000 ____D C:\Users\All Users\Skype
2011-05-03 19:06 - 2010-02-14 11:51 - 0000000 ____D C:\ProgramData\Skype
2011-05-03 19:06 - 2010-01-30 22:46 - 0000000 ____D C:\swsetup
2011-05-03 19:06 - 2010-01-30 11:16 - 0000000 ____D C:\Users\All Users\Nero
2011-05-03 19:06 - 2010-01-30 11:16 - 0000000 ____D C:\ProgramData\Nero
2011-05-03 19:06 - 2010-01-30 11:01 - 0000000 ____D C:\Users\All Users\McAfee
2011-05-03 19:06 - 2010-01-30 11:01 - 0000000 ____D C:\ProgramData\McAfee
2011-05-03 19:05 - 2011-05-01 20:53 - 0000000 ____D C:\Users\All Users\Malwarebytes
2011-05-03 19:05 - 2011-05-01 20:53 - 0000000 ____D C:\ProgramData\Malwarebytes
2011-05-03 19:05 - 2011-03-23 11:32 - 0000000 ____D C:\Users\All Users\Duality Software
2011-05-03 19:05 - 2011-03-23 11:32 - 0000000 ____D C:\ProgramData\Duality Software
2011-05-03 19:05 - 2011-03-23 09:01 - 0000000 ____D C:\Program Files\Research In Motion
2011-05-03 19:05 - 2011-03-23 08:34 - 0000000 ____D C:\Program Files\Research In Motion Limited
2011-05-03 19:05 - 2011-03-04 16:37 - 0000000 ____D C:\Program Files\Orbitdownloader
2011-05-03 19:05 - 2011-03-04 15:51 - 0000000 ____D C:\Program Files\Replay AV 8
2011-05-03 19:05 - 2011-03-04 14:59 - 0000000 ____D C:\Program Files\WMR14
2011-05-03 19:05 - 2011-02-14 20:56 - 0000000 ____D C:\Program Files\Spawn Labs
2011-05-03 19:05 - 2011-02-03 01:57 - 0000000 ____D C:\Program Files\Rogers Online Protection
2011-05-03 19:05 - 2011-01-29 20:42 - 0000000 ____D C:\Program Files\Microsoft Silverlight
2011-05-03 19:05 - 2010-09-05 11:37 - 0000000 ____D C:\Program Files\Registry Mechanic
2011-05-03 19:05 - 2010-08-11 11:50 - 0000000 ____D C:\Users\All Users\Intuit
2011-05-03 19:05 - 2010-08-11 11:50 - 0000000 ____D C:\ProgramData\Intuit
2011-05-03 19:05 - 2010-03-27 20:40 - 0000000 ____D C:\Program Files\mIRC
2011-05-03 19:05 - 2010-03-13 00:55 - 0000000 ____D C:\Program Files\PSP ISO Compressor
2011-05-03 19:05 - 2010-03-04 18:31 - 0000000 ____D C:\Users\All Users\GreenPoint
2011-05-03 19:05 - 2010-03-04 18:31 - 0000000 ____D C:\ProgramData\GreenPoint
2011-05-03 19:05 - 2010-02-17 19:41 - 0000000 ____D C:\Program Files\Real
2011-05-03 19:05 - 2010-02-15 23:10 - 0000000 ____D C:\Program Files\WBFS
2011-05-03 19:05 - 2010-02-05 21:33 - 0000000 ____D C:\Program Files\Veetle
2011-05-03 19:05 - 2010-02-02 23:34 - 0000000 ____D C:\Users\All Users\Adobe
2011-05-03 19:05 - 2010-02-02 23:34 - 0000000 ____D C:\ProgramData\Adobe
2011-05-03 19:05 - 2010-02-02 18:03 - 0000000 ____D C:\Program Files\Windows Live
2011-05-03 19:05 - 2010-01-30 22:58 - 0000000 ____D C:\Users\All Users\Hewlett-Packard
2011-05-03 19:05 - 2010-01-30 22:58 - 0000000 ____D C:\ProgramData\Hewlett-Packard
2011-05-03 19:05 - 2010-01-30 15:13 - 0000000 ____D C:\Users\All Users\Google
2011-05-03 19:05 - 2010-01-30 15:13 - 0000000 ____D C:\ProgramData\Google
2011-05-03 19:05 - 2010-01-30 11:17 - 0000000 ____D C:\Program Files\Nero
2011-05-03 19:05 - 2010-01-30 10:58 - 0000000 ____D C:\Program Files\Microsoft.NET
2011-05-03 19:05 - 2010-01-30 10:57 - 0000000 ____D C:\Program Files\Microsoft Visual Studio 8
2011-05-03 19:05 - 2009-07-13 23:50 - 0000000 ____D C:\Program Files\Windows Journal
2011-05-03 19:05 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\Windows Photo Viewer
2011-05-03 19:05 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\Windows Defender
2011-05-03 19:05 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\Reference Assemblies
2011-05-03 19:05 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\MSBuild
2011-05-03 19:05 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Windows NT
2011-05-03 19:04 - 2011-02-05 00:01 - 0000000 ____D C:\Program Files\Intel
2011-05-03 19:04 - 2010-08-11 11:50 - 0000000 ____D C:\Program Files\Intuit
2011-05-03 19:04 - 2010-02-24 09:28 - 0000000 ____D C:\Program Files\Java
2011-05-03 19:04 - 2010-02-16 10:44 - 0000000 ____D C:\Program Files\HooTech
2011-05-03 19:04 - 2010-01-30 22:57 - 0000000 ____D C:\Program Files\Hewlett-Packard
2011-05-03 19:04 - 2010-01-30 22:47 - 0000000 ___HD C:\Program Files\InstallShield Installation Information
2011-05-03 19:04 - 2010-01-30 22:47 - 0000000 ____D C:\Program Files\HPQ
2011-05-03 19:04 - 2010-01-30 22:47 - 0000000 ____D C:\Program Files\HP
2011-05-03 19:04 - 2010-01-30 11:05 - 0000000 ____D C:\Program Files\McAfee
2011-05-03 19:04 - 2010-01-30 10:56 - 0000000 ____D C:\Program Files\Microsoft Office
2011-05-03 19:04 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\Microsoft Games
2011-05-03 19:03 - 2011-04-04 13:45 - 0000000 ____D C:\Program Files\Audacity 1.3 Beta (Unicode)
2011-05-03 19:03 - 2011-03-23 08:34 - 0000000 ____D C:\Program Files\Common Files\Research In Motion
2011-05-03 19:03 - 2011-01-02 19:53 - 0000000 ____D C:\Program Files\EuroTalk
2011-05-03 19:03 - 2010-09-05 11:37 - 0000000 ____D C:\Program Files\Common Files\PC Tools
2011-05-03 19:03 - 2010-08-30 17:46 - 0000000 ____D C:\Program Files\Common Files\Macrovision Shared
2011-05-03 19:03 - 2010-08-11 11:55 - 0000000 ____D C:\Program Files\Common Files\supportsoft
2011-05-03 19:03 - 2010-06-29 21:30 - 0000000 ____D C:\Program Files\Alcohol Soft
2011-05-03 19:03 - 2010-03-12 15:31 - 0000000 ____D C:\PFiles
2011-05-03 19:03 - 2010-02-24 09:29 - 0000000 ____D C:\Program Files\Common Files\Java
2011-05-03 19:03 - 2010-02-17 19:41 - 0000000 ____D C:\Program Files\Common Files\Real
2011-05-03 19:03 - 2010-02-02 23:35 - 0000000 ____D C:\Program Files\Common Files\Adobe
2011-05-03 19:03 - 2010-02-02 23:34 - 0000000 ____D C:\Program Files\Common Files\Adobe AIR
2011-05-03 19:03 - 2010-02-02 23:34 - 0000000 ____D C:\Program Files\Adobe
2011-05-03 19:03 - 2010-02-02 18:00 - 0000000 ____D C:\Program Files\Common Files\Windows Live
2011-05-03 19:03 - 2010-01-30 22:46 - 0000000 ____D C:\Program Files\Common Files\InstallShield
2011-05-03 19:03 - 2010-01-30 11:16 - 0000000 ____D C:\Program Files\Common Files\Nero
2011-05-03 19:03 - 2010-01-30 11:05 - 0000000 ____D C:\Program Files\Common Files\McAfee
2011-05-03 19:03 - 2010-01-30 10:55 - 0000000 __RHD C:\MSOCache
2011-05-03 19:03 - 2009-07-13 20:52 - 0000000 ____D C:\Program Files\DVD Maker
2011-05-03 19:03 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Common Files\System
2011-05-03 19:03 - 2009-07-13 18:37 - 0000000 ____D C:\Program Files\Common Files\SpeechEngines
2011-05-03 19:03 - 2009-07-13 18:36 - 0000000 __SHD C:\$Recycle.Bin
2011-05-03 18:56 - 2011-05-02 15:18 - 0000000 ____D C:\Program Files\CA-SupportBridge
2011-05-03 18:56 - 2011-05-02 14:23 - 0000000 ____D C:\Users\All Users\MFAData
2011-05-03 18:56 - 2011-05-02 14:23 - 0000000 ____D C:\ProgramData\MFAData
2011-05-03 18:56 - 2011-05-02 14:18 - 0000000 ____D C:\Users\All Users\Comodo
2011-05-03 18:56 - 2011-05-02 14:18 - 0000000 ____D C:\ProgramData\Comodo
2011-05-03 18:56 - 2011-05-02 14:13 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy
2011-05-03 18:56 - 2011-05-02 14:13 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy
2011-05-03 18:56 - 2011-05-02 14:13 - 0000000 ____D C:\Program Files\Spybot - Search & Destroy
2011-05-03 02:36 - 2011-05-02 20:50 - 0000000 ____D C:\Users\Administrator\Documents\registry backup
2011-05-03 02:36 - 2011-05-02 19:21 - 0000000 ____D C:\Program Files\WhoCrashed
2011-05-03 02:34 - 2011-05-02 14:29 - 0000000 ____D C:\Program Files\AVG
2011-05-02 21:48 - 2011-05-02 21:46 - 0133650 ____A C:\TDSSKiller.2.4.21.0_03.05.2011_01.46.36_log.txt
2011-05-02 21:46 - 2010-09-25 20:45 - 0000000 ____D C:\Users\Administrator\Tracing
2011-05-02 21:44 - 2010-01-30 13:30 - 2339782656 __ASH C:\hiberfil.sys
2011-05-02 21:43 - 2011-05-02 21:43 - 2001660 ___AH C:\Users\Administrator\AppData\Local\IconCache.db
2011-05-02 21:39 - 2011-05-02 21:39 - 0002024 ____A C:\TDSSKiller.2.4.21.0_03.05.2011_01.39.23_log.txt
2011-05-02 21:38 - 2011-05-02 21:38 - 0002024 ____A C:\TDSSKiller.2.4.21.0_03.05.2011_01.38.50_log.txt
2011-05-02 21:38 - 2011-05-02 21:38 - 0001588 ____A C:\Users\Administrator\Desktop\GooredFix.txt
2011-05-02 21:38 - 2011-05-02 21:38 - 0000000 ____D C:\Users\Administrator\Desktop\GooredFix Backups
2011-05-02 20:54 - 2011-05-02 20:54 - 0000000 ____D C:\_OTM
2011-05-02 19:28 - 2011-05-02 19:28 - 0018174 ____A C:\Users\Administrator\AppData\Local\Temp14.html
2011-05-02 19:21 - 2011-05-02 19:21 - 0001667 ____A C:\Users\Administrator\AppData\Local\Temp1.html
2011-05-02 19:14 - 2011-05-02 19:14 - 0000000 ____D C:\Users\All Users\Avira
2011-05-02 19:14 - 2011-05-02 19:14 - 0000000 ____D C:\ProgramData\Avira
2011-05-02 19:14 - 2011-05-02 19:14 - 0000000 ____D C:\Program Files\Avira
2011-05-02 18:47 - 2011-05-02 18:47 - 0000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2011-05-02 18:18 - 2011-05-02 14:30 - 0000000 ____D C:\Users\All Users\AVG10
2011-05-02 18:18 - 2011-05-02 14:30 - 0000000 ____D C:\ProgramData\AVG10
2011-05-02 18:08 - 2010-01-30 13:29 - 0000000 ____D C:\Windows\Panther
2011-05-02 16:18 - 2011-05-02 16:18 - 0002024 ____A C:\TDSSKiller.2.4.21.0_02.05.2011_20.18.09_log.txt
2011-05-02 16:17 - 2011-05-02 16:17 - 0002024 ____A C:\TDSSKiller.2.4.21.0_02.05.2011_20.17.52_log.txt
2011-05-02 15:23 - 2011-05-02 13:53 - 0000000 ____D C:\Users\Default\AppData\Roaming\Rogers Online Protection
2011-05-02 15:23 - 2011-05-02 13:53 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Rogers Online Protection
2011-05-02 15:18 - 2011-05-02 15:18 - 0000556 ____A C:\Program Files\RejoinCommandLine.txt
2011-05-02 14:46 - 2011-05-02 14:46 - 0000000 ____D C:\Users\Public\Documents\COMODO
2011-05-02 14:35 - 2011-05-02 14:35 - 0000078 ____A C:\Users\Administrator\AppData\Local\xobni_installer_updater.log
2011-05-02 14:35 - 2011-05-02 14:35 - 0000000 ____D C:\Program Files\Xobni
2011-05-02 14:34 - 2011-05-02 14:34 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\AVG10
2011-05-02 14:19 - 2011-05-02 14:18 - 0000000 ____D C:\Program Files\COMODO
2011-05-02 13:54 - 2011-05-02 13:54 - 0000000 __SHD C:\Users\Default\Desktop\%APPDATA%
2011-05-02 13:54 - 2011-05-02 13:54 - 0000000 __SHD C:\Users\Default User\Desktop\%APPDATA%
2011-05-02 13:50 - 2009-07-13 20:53 - 0032610 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2011-05-01 22:05 - 2011-05-01 22:05 - 0000000 ____D C:\Users\All Users\AVAST Software
2011-05-01 22:05 - 2011-05-01 22:05 - 0000000 ____D C:\ProgramData\AVAST Software
2011-05-01 22:05 - 2011-05-01 22:05 - 0000000 ____D C:\Program Files\AVAST Software
2011-05-01 22:00 - 2010-01-30 10:46 - 1592030 ____A C:\Windows\WindowsUpdate.log
2011-05-01 21:56 - 2011-04-12 13:53 - 0000402 ____A C:\Windows\Tasks\Final Media Player Update Checker.job
2011-05-01 21:56 - 2010-01-30 15:14 - 0000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2011-05-01 21:56 - 2009-07-13 20:53 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2011-05-01 21:55 - 2010-12-07 18:17 - 0046328 ____A C:\Windows\setupact.log
2011-05-01 21:55 - 2010-01-30 15:08 - 0037978 ____A C:\Windows\PFRO.log
2011-05-01 21:55 - 2009-07-13 20:57 - 0067584 ___AS C:\Windows\bootstat(265).dat
2011-05-01 21:54 - 2011-05-01 21:52 - 56189640 ____A C:\Users\Administrator\Downloads\setup_av_free.exe
2011-05-01 21:54 - 2009-07-13 20:34 - 0009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2011-05-01 21:54 - 2009-07-13 20:34 - 0009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2011-05-01 21:46 - 2011-02-22 11:41 - 0000938 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2188935924-1853560162-3959991470-500UA.job
2011-05-01 21:46 - 2010-02-16 13:14 - 0000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2188935924-1853560162-3959991470-1001UA.job
2011-05-01 21:40 - 2011-05-01 21:39 - 0446464 ____A (OldTimer Tools) C:\Users\Administrator\Downloads\TFC.exe
2011-05-01 21:32 - 2011-05-01 21:32 - 52676424 ____A C:\Users\Administrator\Downloads\avira_antivir_personal_en.exe
2011-05-01 21:23 - 2009-07-13 23:49 - 0000000 ____D C:\Windows\ShellNew
2011-05-01 20:53 - 2011-05-01 20:53 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Malwarebytes
2011-05-01 20:26 - 2010-01-30 15:14 - 0000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2011-05-01 20:26 - 2009-07-13 20:53 - 0032610 ____A C:\Windows\Tasks\SCHEDLGU(275).TXT
2011-05-01 16:43 - 2010-02-16 13:14 - 0000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2188935924-1853560162-3959991470-1001Core.job
2011-05-01 12:00 - 2011-02-04 23:49 - 0000418 ____A C:\Windows\Tasks\vtscheduletask.job
2011-05-01 11:01 - 2011-03-14 13:00 - 0000352 ____A C:\Windows\Tasks\HPCeeScheduleForAdministrator.job
2011-04-30 22:15 - 2010-10-25 11:59 - 0000052 ____A C:\Windows\System32\DOErrors.log
2011-04-30 22:14 - 2011-04-30 22:14 - 0023487 ____A C:\Users\Administrator\Desktop\Attach report.txt
2011-04-30 22:14 - 2011-04-30 22:14 - 0019172 ____A C:\Users\Administrator\Desktop\DDS report.txt
2011-04-30 22:08 - 2010-01-30 10:52 - 0717892 ____A C:\Windows\System32\PerfStringBackup.INI
2011-04-30 22:08 - 2009-07-13 18:05 - 0618264 ____A C:\Windows\System32\perfh009.dat
2011-04-30 22:08 - 2009-07-13 18:05 - 0104546 ____A C:\Windows\System32\perfc009.dat
2011-04-30 22:01 - 2011-04-25 16:18 - 0000000 ____D C:\Program Files\BatteryBar
2011-04-29 21:43 - 2011-03-04 16:02 - 0000000 ____D C:\Users\Administrator\Documents\USC
2011-04-27 22:05 - 2011-04-27 22:05 - 0000039 ____A C:\Users\Administrator\Desktop\bank info.txt
2011-04-27 14:58 - 2011-04-27 14:57 - 51043073 ____A C:\Users\Administrator\Desktop\final_fantasy_battle_medley_02.zip
2011-04-27 14:57 - 2011-04-27 14:56 - 26967456 ____A C:\Users\Administrator\Desktop\ffbm_opx.zip
2011-04-27 14:38 - 2011-04-27 14:38 - 5026157 ____A C:\Users\Administrator\Desktop\ff8_fyw.zip
2011-04-25 12:31 - 2011-04-25 12:28 - 0000000 ____D C:\Users\Administrator\Documents\Wii
2011-04-25 11:28 - 2011-04-25 11:27 - 0000000 ____D C:\Users\Administrator\Downloads\Vertical Jump Bible
2011-04-25 11:27 - 2011-04-25 11:27 - 0000926 ____A C:\Users\Administrator\Downloads\[isoHunt]_Vertical_Jump_Bible.torrent
2011-04-24 00:56 - 2011-04-24 00:56 - 0550478 ____A C:\Users\Administrator\Downloads\winkawaks162.zip
2011-04-24 00:50 - 2011-04-24 00:37 - 0001225 ____A C:\Users\Administrator\Documents\ps3 layout.xpaddercontroller
2011-04-24 00:09 - 2011-04-24 00:09 - 0435979 ____A C:\Users\Administrator\Downloads\Xpadder5-3.zip
2011-04-24 00:07 - 2011-04-24 00:07 - 1978098 ____A C:\Users\Administrator\Downloads\MotioninJoy_060001_x86.zip
2011-04-23 22:23 - 2010-10-20 09:22 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\skypePM
2011-04-21 14:45 - 2011-02-22 11:41 - 0000886 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2188935924-1853560162-3959991470-500Core.job
2011-04-20 23:20 - 2011-04-20 23:20 - 0000350 ____A C:\Users\Administrator\Downloads\[isoHunt] download (1).torrent
2011-04-19 12:06 - 2010-09-06 03:47 - 0000000 ____D C:\Users\Administrator\Documents\Resumes
2011-04-18 22:29 - 2011-04-18 22:29 - 0000000 ____D C:\Users\Administrator\Documents\Gaming
2011-04-16 09:51 - 2009-07-13 20:33 - 0425920 ____A C:\Windows\System32\FNTCACHE.DAT
2011-04-15 23:06 - 2010-01-30 10:56 - 0000000 ____D C:\Users\All Users\Microsoft Help
2011-04-15 23:06 - 2010-01-30 10:56 - 0000000 ____D C:\ProgramData\Microsoft Help
2011-04-12 13:53 - 2011-04-12 13:53 - 0001061 ____A C:\Users\Administrator\Desktop\FinalMediaPlayer.lnk
2011-04-12 13:53 - 2011-04-12 13:53 - 0000000 ____D C:\Program Files\File Type Assistant
2011-04-12 13:51 - 2011-04-12 13:51 - 2325112 ____A (W3i, LLC) C:\Users\Administrator\Downloads\FinalMediaPlayer2011Setup.exe
2011-04-12 13:49 - 2011-04-12 12:46 - 0000000 ____D C:\Users\Administrator\Documents\Somali
2011-04-07 22:52 - 2011-03-28 12:12 - 0000194 ____A C:\Users\Administrator\Desktop\jobs.txt
2011-04-07 12:10 - 2011-04-07 12:10 - 0000162 ___AH C:\Users\Administrator\Desktop\~$20 mcq mistakes.docx
2011-04-06 23:07 - 2011-04-06 23:07 - 0081706 ____A C:\Users\Administrator\Desktop\2320 MCQS only.docx
2011-04-06 23:07 - 2011-04-06 23:07 - 0000162 ___AH C:\Users\Administrator\Desktop\~$20 MCQS only.docx
2011-04-06 22:56 - 2011-04-06 21:11 - 0028042 ____A C:\Users\Administrator\Desktop\2320 mcq mistakes.docx
2011-04-05 14:29 - 2011-04-05 14:29 - 6394368 ____A C:\Users\Administrator\Downloads\Charles_Darwin (1).ppt
2011-04-05 14:10 - 2011-04-05 14:09 - 2320896 ____A C:\Users\Administrator\Downloads\Sigmund_Freud.ppt
2011-04-05 13:49 - 2011-04-05 13:47 - 6394368 ____A C:\Users\Administrator\Downloads\Charles_Darwin.ppt
2011-04-05 13:48 - 2011-04-05 13:46 - 7408640 ____A C:\Users\Administrator\Downloads\Frankenstein_lecture-huma1720_1_.ppt
2011-04-05 13:48 - 2011-04-05 13:46 - 5745664 ____A C:\Users\Administrator\Downloads\SLAVERY1A.ppt
2011-04-04 23:22 - 2011-04-04 23:22 - 8392704 ____A C:\Users\Administrator\Downloads\Smith_Marx.ppt
2011-04-04 21:45 - 2011-04-04 13:45 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Audacity
2011-04-04 19:16 - 2011-04-04 19:16 - 5529088 ____A C:\Users\Administrator\Downloads\Hedda_Gabler_1720_1_1_.ppt
2011-04-04 19:11 - 2011-04-04 19:11 - 0096129 ____A C:\Users\Administrator\Downloads\Wrist_Communicator.mp3
2011-04-04 14:32 - 2011-04-04 13:38 - 1705078784 ____A C:\Users\Administrator\Downloads\Dissidia 012 duodecim [US].iso
2011-04-04 14:13 - 2011-04-04 14:11 - 0000000 ____D C:\Program Files\Lame For Audacity
2011-04-04 13:45 - 2011-04-04 13:45 - 0001012 ____A C:\Users\Administrator\Desktop\Audacity 1.3 Beta (Unicode).lnk
2011-04-04 13:45 - 2011-04-04 13:44 - 11873890 ____A (Audacity Team ) C:\Users\Administrator\Desktop\audacity-win-unicode-1.3.12.exe
2011-04-04 12:11 - 2011-04-04 12:11 - 0000018 ____A C:\Users\Administrator\Desktop\3410 lecture material.txt
2011-04-04 00:25 - 2011-04-04 00:25 - 0439673 ____A C:\Users\Administrator\Documents\mba_admits_sample.pdf
2011-04-04 00:24 - 2011-04-04 00:24 - 0142823 ____A C:\Users\Administrator\Documents\duke_essay_1.pdf
2011-04-03 16:22 - 2010-12-02 05:36 - 0000000 ____D C:\Users\Administrator\Downloads\Resident Evil Archives - Resident Evil (Wii) (NTSC)
2011-03-30 20:50 - 2011-03-30 20:50 - 0000119 ____A C:\Users\Administrator\Documents\jokes.txt
2011-03-29 16:06 - 2011-03-29 16:06 - 1904727 ____A C:\Users\Administrator\Downloads\Deep Voice Mastery-Rudy Haynes - 2nd Ed.pdf
2011-03-27 12:51 - 2011-03-27 12:51 - 0207136 ____A C:\Windows\Minidump\032711-19000-01.dmp
2011-03-27 12:51 - 2011-02-03 15:59 - 333569452 ____A C:\Windows\MEMORY.DMP
2011-03-25 18:20 - 2011-03-25 18:20 - 0000087 ____A C:\Users\Administrator\Desktop\job list.txt
2011-03-25 15:06 - 2011-03-25 15:06 - 0001119 ____A C:\Users\Administrator\Desktop\WM Converter 14.lnk
2011-03-25 15:06 - 2011-03-25 15:06 - 0000909 ____A C:\Users\Public\Desktop\WM Recorder 14.lnk
2011-03-25 12:33 - 2010-09-06 03:47 - 0000000 ____D C:\Users\Administrator\Documents\Uni
2011-03-25 09:46 - 2011-02-22 11:42 - 0002436 ____A C:\Users\Administrator\Desktop\Google Chrome.lnk
2011-03-25 08:52 - 2011-03-25 08:52 - 0207120 ____A C:\Windows\Minidump\032511-20670-01.dmp
2011-03-23 11:32 - 2011-03-23 11:32 - 2604942 ____A (Duality Software ) C:\Users\Administrator\Desktop\cs510r.exe
2011-03-23 11:32 - 2011-03-23 11:32 - 0000976 ____A C:\Users\Public\Desktop\Calendarscope.lnk
2011-03-23 11:32 - 2011-03-23 11:32 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Duality Software
2011-03-23 11:32 - 2011-03-23 11:32 - 0000000 ____D C:\Program Files\Calendarscope
2011-03-23 11:12 - 2011-03-23 11:12 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_RimUsb_01009.Wdf
2011-03-23 10:00 - 2011-03-23 09:03 - 0000077 ____A C:\Users\Administrator\AppData\Roaming\Rim.Desktop.Exception.log
2011-03-23 09:03 - 2011-03-23 09:03 - 0000000 ____D C:\Users\Administrator\AppData\Local\Research In Motion
2011-03-23 09:02 - 2011-03-23 09:02 - 0002189 ____A C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
2011-03-23 09:02 - 2011-03-23 09:02 - 0001147 ____A C:\Users\Administrator\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-03-23 09:01 - 2011-03-23 09:01 - 0000000 ____D C:\Users\All Users\Research In Motion
2011-03-23 09:01 - 2011-03-23 09:01 - 0000000 ____D C:\ProgramData\Research In Motion
2011-03-23 08:51 - 2011-03-23 08:51 - 113284440 ____A C:\Users\Administrator\Desktop\601_b021_multilanguage.exe
2011-03-23 08:33 - 2011-03-23 08:33 - 0923648 ____A C:\Users\Administrator\Desktop\AppWorldInstaller-en.msi
2011-03-21 10:51 - 2011-03-21 10:51 - 0000162 ___AH C:\Users\Administrator\Desktop\~$rmulaCard.doc
2011-03-20 14:35 - 2011-03-20 14:35 - 0000000 ____D C:\Users\Administrator\Downloads\Lupe Fiasco - Lasers (2011) - Hip-Hop [www.torrentazos.com]
2011-03-19 23:05 - 2011-03-16 13:13 - 0001812 ____A C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2011-03-19 23:05 - 2011-03-16 13:13 - 0001810 ____A C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
2011-03-18 15:00 - 2011-03-18 15:00 - 0000000 ____D C:\Keller8e
2011-03-16 12:54 - 2011-03-16 12:53 - 0235168 ____A (Adobe Systems, Inc.) C:\Users\Administrator\Desktop\uninstall_flash_player.exe
2011-03-14 01:20 - 2011-03-14 01:20 - 0207120 ____A C:\Windows\Minidump\031411-24117-01.dmp
2011-03-13 14:26 - 2011-03-13 14:25 - 0000000 ____D C:\Users\Administrator\Downloads\Jay-Z - The Blueprint 2 The Gift And The Curse
2011-03-11 12:09 - 2011-03-11 12:09 - 0207120 ____A C:\Windows\Minidump\031111-26520-01.dmp
2011-03-11 12:04 - 2010-09-05 12:17 - 0000000 ____D C:\users\NEW USER
2011-03-10 21:40 - 2011-04-15 10:52 - 1164288 ____A (Microsoft Corporation) C:\Windows\System32\mfc42u.dll
2011-03-10 21:40 - 2011-04-15 10:52 - 1137664 ____A (Microsoft Corporation) C:\Windows\System32\mfc42.dll
2011-03-08 09:55 - 2011-03-08 09:39 - 293217711 ____A C:\Users\Administrator\Downloads\Marvel.vs.Capcom.3.-.Fate.of.Two.Worlds.Signature.Series.Strategy.Guide.pdf
2011-03-08 09:43 - 2011-03-07 19:01 - 0000042 ____A C:\Users\Administrator\Desktop\telemarketing job.txt
2011-03-08 09:30 - 2011-03-08 09:30 - 0000000 ___RD C:\Users\Administrator\Documents\Scanned Documents
2011-03-08 09:30 - 2009-07-13 18:37 - 0000000 ____D C:\Windows\ModemLogs
2011-03-07 21:38 - 2011-04-15 10:53 - 0740864 ____A (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2011-03-06 10:56 - 2011-02-24 22:44 - 0000000 ____D C:\Users\Administrator\AppData\Local\Conduit
2011-03-04 21:58 - 2011-03-04 21:58 - 0021031 ____A C:\Users\Administrator\Downloads\March11 Mohamed.xlsx
2011-03-04 18:41 - 2011-03-04 16:37 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Orbit
2011-03-04 18:41 - 2011-03-04 15:42 - 0000000 ____D C:\Users\Administrator\Downloads\Replay.AV.v8.04
2011-03-04 18:41 - 2011-03-04 15:27 - 0000000 ____D C:\Program Files\Softonic-Eng7
2011-03-04 18:41 - 2011-03-04 15:00 - 0000000 ____D C:\Program Files\WinPcap
2011-03-04 16:37 - 2011-03-04 16:37 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\ProgSense
2011-03-04 16:37 - 2011-03-04 16:37 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\GrabPro
2011-03-04 14:54 - 2011-03-04 14:48 - 0000000 ____D C:\Users\Administrator\Downloads\WM Recorder v14.1+Serial [ kk ]
2011-03-04 14:53 - 2011-01-04 16:57 - 0000113 ____A C:\Users\Administrator\Documents\nslsc confirm.txt
2011-03-03 21:54 - 2011-03-03 21:54 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\MotioninJoy
2011-03-02 21:49 - 2011-03-02 21:49 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\com.doubleperfect.ggpo.0753AD3679DBFCA1E7F470171B7D0DB8B404A7EA.1
2011-03-02 21:44 - 2011-03-02 21:44 - 5021184 ____A C:\Users\Administrator\Desktop\ggpo-beta-rc3.msi
2011-03-02 21:39 - 2011-03-02 21:39 - 12674968 ____A (Adobe Systems Inc.) C:\Users\Administrator\Desktop\AdobeAIRInstaller.exe
2011-03-02 21:29 - 2011-04-15 10:56 - 0269824 ____A (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2011-03-02 21:29 - 2011-04-15 10:56 - 0132608 ____A (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2011-03-02 21:27 - 2011-04-15 10:56 - 0028672 ____A (Microsoft Corporation) C:\Windows\System32\dnscacheugc.exe
2011-03-02 19:31 - 2011-04-15 10:54 - 2331136 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2011-02-24 23:26 - 2011-02-24 23:26 - 0000178 ____A C:\Users\Administrator\Documents\2-25-2011 job list.txt
2011-02-24 22:30 - 2011-02-24 22:30 - 0000034 ____A C:\Users\Administrator\Documents\work locations.txt
2011-02-24 22:28 - 2011-02-21 00:34 - 0001389 ____A C:\Users\Administrator\Documents\2-21-2011 jobs.txt
2011-02-24 15:47 - 2011-02-24 15:47 - 0000104 ____A C:\Users\Administrator\Documents\salesleadpro.txt
2011-02-24 15:47 - 2011-02-24 15:47 - 0000097 ____A C:\Users\Administrator\Documents\g4s security booking.txt
2011-02-24 15:46 - 2011-02-18 01:24 - 0000081 ____A C:\Users\Administrator\Documents\market watch job.txt
2011-02-24 15:45 - 2011-02-24 15:45 - 0000007 ____A C:\Users\Administrator\Documents\gemmahiring line.txt
2011-02-24 15:44 - 2011-02-24 15:44 - 0000075 ____A C:\Users\Administrator\Documents\health food items.txt
2011-02-23 21:32 - 2011-04-15 10:55 - 1228800 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2011-02-23 21:32 - 2011-04-15 10:55 - 0981504 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2011-02-23 21:30 - 2011-04-15 10:55 - 5981696 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2011-02-23 21:30 - 2011-04-15 10:55 - 0606208 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2011-02-23 21:30 - 2011-04-15 10:55 - 0599040 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2011-02-23 21:30 - 2011-04-15 10:55 - 0067072 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2011-02-23 21:30 - 2011-04-15 10:55 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2011-02-23 21:30 - 2011-04-15 10:55 - 0048128 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2011-02-23 21:30 - 2011-04-15 10:55 - 0044544 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2011-02-23 21:29 - 2011-04-15 10:55 - 2063360 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2011-02-23 21:29 - 2011-04-15 10:55 - 10989056 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2011-02-23 21:29 - 2011-04-15 10:55 - 0381440 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2011-02-23 21:29 - 2011-04-15 10:55 - 0185856 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2011-02-23 21:29 - 2011-04-15 10:55 - 0176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2011-02-23 21:27 - 2011-04-15 10:55 - 0012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2011-02-23 20:23 - 2011-04-15 10:55 - 0386048 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2011-02-23 19:50 - 2011-04-15 10:55 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2011-02-22 21:06 - 2011-04-15 10:57 - 0311296 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2011-02-22 21:05 - 2011-04-15 10:57 - 0309760 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2011-02-22 21:05 - 2011-04-15 10:57 - 0113664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2011-02-22 21:05 - 2011-04-15 10:52 - 0221696 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2011-02-22 21:05 - 2011-04-15 10:52 - 0123392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2011-02-22 21:05 - 2011-04-15 10:52 - 0095744 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2011-02-22 21:05 - 2011-04-15 10:52 - 0069632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\bowser.sys
2011-02-22 12:18 - 2011-02-22 12:18 - 0027120 ____A C:\Users\Administrator\Downloads\[isoHunt] Prescription For Nutritional Healing [GeneGeter.com].torrent
2011-02-22 12:18 - 2011-02-22 12:18 - 0027120 ____A C:\Users\Administrator\Downloads\[isoHunt] Prescription For Nutritional Healing [GeneGeter.com] (1).torrent
2011-02-22 12:18 - 2011-02-22 12:18 - 0000000 ____D C:\Users\Administrator\Downloads\Prescription For Nutritional Healing [GeneGeter.com]
2011-02-18 21:32 - 2011-04-15 10:55 - 0034304 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2011-02-18 19:37 - 2011-04-15 10:55 - 0294912 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2011-02-17 21:36 - 2011-04-15 10:56 - 0428032 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2011-02-17 21:35 - 2011-04-15 10:56 - 0716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2011-02-14 21:48 - 2011-02-14 20:56 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Spawn Player
2011-02-14 21:18 - 2011-02-14 21:18 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Spawn-Player-Window
2011-02-14 21:04 - 2011-02-14 21:04 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2011-02-14 21:04 - 2011-02-14 21:04 - 0000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2011-02-14 20:58 - 2011-02-14 20:58 - 0024975 ____A C:\virt_map_share
2011-02-14 20:56 - 2011-02-14 20:56 - 0001153 ____A C:\Users\Public\Desktop\Spawn Player.lnk
2011-02-13 21:27 - 2011-02-13 21:25 - 105097927 ____A C:\Users\Administrator\Downloads\284324048(2).mp3
2011-02-13 21:20 - 2010-09-06 03:47 - 0000000 ____D C:\Users\Administrator\Documents\street fighter 4
2011-02-11 21:30 - 2011-04-15 10:53 - 0191488 ____A (Microsoft Corporation) C:\Windows\System32\FXSCOVER.exe
2011-02-07 23:11 - 2011-02-07 23:10 - 0353691 ____A C:\Users\Administrator\Downloads\macrofire310.rar
2011-02-07 22:56 - 2011-02-07 22:56 - 0407716 ____A C:\Users\Administrator\Downloads\macrofire325.zip
2011-02-07 22:37 - 2011-02-07 22:23 - 0000000 ____D C:\Users\Administrator\Downloads\(PSP) Capcom Play System 1 & 2 Plus All Working Roms [ResourceRG Games by KloWn]
2011-02-07 22:23 - 2011-02-07 22:23 - 0019079 ____A C:\Users\Administrator\Downloads\[isoHunt] (PSP)_Capcom_Play_System_1___2_Plus_Complete_Working_Rom_Sets_[R.4989068.TPB.torrent
2011-02-07 22:11 - 2011-02-07 22:11 - 2623328 ____A C:\Users\Administrator\Downloads\njemu.tar.bz2
2011-02-05 00:20 - 2011-02-03 02:02 - 0059351 ____A C:\Windows\FreedomInstallScript.log
2011-02-05 00:01 - 2011-02-05 00:01 - 0000000 ____D C:\Intel
2011-02-04 23:49 - 2011-02-04 23:49 - 0002098 ____A C:\Users\Public\Desktop\McAfee Virtual Technician.lnk

============ Known DLLs ============

[2009-07-13 16:20] - [2009-07-13 17:14] - 0640000 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll
[2009-07-13 15:44] - [2009-07-13 17:15] - 0522240 ____A (Microsoft Corporation) C:\Windows\System32\clbcatq.dll
[2009-07-13 15:39] - [2009-07-13 17:15] - 0486912 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
[2009-07-13 15:26] - [2009-07-13 17:15] - 0304640 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll
[2011-04-15 10:55] - [2011-02-23 21:29] - 2063360 ____A (Microsoft Corporation) C:\Windows\System32\IERTUTIL.dll
[2009-07-13 15:57] - [2009-07-13 17:15] - 0154624 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0118272 ____A (Microsoft Corporation) C:\Windows\System32\IMM32.dll
[2009-07-13 15:16] - [2009-07-13 17:15] - 0857088 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) C:\Windows\System32\LPK.dll
[2009-07-13 15:12] - [2009-07-13 17:06] - 0002560 ____A (Microsoft Corporation) C:\Windows\System32\lz32.dll
[2009-07-13 15:28] - [2009-07-13 17:15] - 0828928 ____A (Microsoft Corporation) C:\Windows\System32\MSCTF.dll
[2009-07-13 15:12] - [2009-07-13 17:15] - 0690688 ____A (Microsoft Corporation) C:\Windows\System32\MSVCRT.dll
[2009-07-13 15:15] - [2009-07-13 17:09] - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\NORMALIZ.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0008704 ____A (Microsoft Corporation) C:\Windows\System32\NSI.dll
[2010-10-14 07:57] - [2010-06-28 21:02] - 1413632 ____A (Microsoft Corporation) C:\Windows\System32\ole32.dll
[2009-07-13 15:44] - [2009-07-13 17:16] - 0571904 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
[2009-07-13 15:44] - [2009-07-13 17:16] - 0080384 ____A (Microsoft Corporation) C:\Windows\System32\olecli32.dll
[2009-07-13 15:43] - [2009-07-13 17:16] - 0028672 ____A (Microsoft Corporation) C:\Windows\System32\olesvr32.dll
[2009-07-13 15:43] - [2009-07-13 17:16] - 0077312 ____A (Microsoft Corporation) C:\Windows\System32\olethk32.dll
[2009-07-13 15:13] - [2009-07-13 17:16] - 0652288 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
[2009-07-13 15:16] - [2009-07-13 17:16] - 1668608 ____A (Microsoft Corporation) C:\Windows\System32\Setupapi.dll
[2010-08-02 12:46] - [2010-07-27 06:03] - 12867584 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
[2009-07-13 15:39] - [2009-07-13 17:16] - 0350208 ____A (Microsoft Corporation) C:\Windows\System32\SHLWAPI.dll
[2009-07-13 15:43] - [2009-07-13 17:16] - 0131584 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
[2011-04-15 10:55] - [2011-02-23 21:32] - 1228800 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
[2009-07-13 15:24] - [2009-07-13 17:16] - 0811520 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll
[2009-07-13 15:25] - [2009-07-13 17:16] - 0627200 ____A (Microsoft Corporation) C:\Windows\System32\USP10.dll
[2009-07-13 15:41] - [2009-07-13 17:16] - 0021504 ____A (Microsoft Corporation) C:\Windows\System32\version.dll
[2011-04-15 10:55] - [2011-02-23 21:32] - 0981504 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
[2009-07-13 15:38] - [2009-07-13 17:16] - 0268800 ____A (Microsoft Corporation) C:\Windows\System32\wldap32.dll
[2009-07-13 15:12] - [2009-07-13 17:16] - 0206336 ____A (Microsoft Corporation) C:\Windows\System32\WS2_32.dll

========================= Memory info ========================

Percentage of memory in use: 12%
Total physical RAM: 3999.19 MB
Available physical RAM: 3507.86 MB
Total Pagefile: 3997.47 MB
Available Pagefile: 3521.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.63 MB

======================= Partitions ===========================

1 Drive c: () (Fixed) (Total:297.99 GB) (Free:54.68 GB) NTFS
4 Drive g: () (Removable) (Total:7.45 GB) (Free:7.45 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS

Edited by moem986, 04 May 2011 - 02:43 AM.


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:59 PM

Posted 04 May 2011 - 04:05 AM

Well done.

Let's before anything take a look at TDSS logs:

Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

cmd: type c:\tdsskiller*.txt

Now please enter System Recovery Options.
Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please attach it to your reply.

#5 moem986

moem986
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:59 PM

Posted 04 May 2011 - 02:37 PM

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.0.6)
Ran by SYSTEM at 2011-05-04 15:35:32 R:2
Running from G:\

==============================================


========= typec:\tdsskiller*.txt =========

The system cannot find the path specified.

========= End of CMD: =========

Doesnt look good

#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:59 PM

Posted 04 May 2011 - 04:17 PM

Doesnt look good

No worries. It seems the content of the code is typed instead of copy and paste and by doing that did not leave the space between type and c:\tdsskiller*.txt.

In addition, the fix is done twice while it was instructed to ran it just once.

In the eventual subsequent fixes it would be better to do as instructed to avoid redoing or messing up with something.:)

Please redo it again.

Edited by farbar, 05 May 2011 - 06:37 PM.


#7 moem986

moem986
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:59 PM

Posted 04 May 2011 - 05:07 PM

Understood,


Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.0.6)
Ran by SYSTEM at 2011-05-04 18:04:11 R:4
Running from G:\

==============================================


========= type c:\tdsskiller*.txt =========


c:\TDSSKiller.2.4.21.0_02.05.2011_20.17.52_log.txt


2011/05/02 20:17:52.0026 1392 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/05/02 20:17:52.0728 1392 ================================================================================
2011/05/02 20:17:52.0728 1392 SystemInfo:
2011/05/02 20:17:52.0728 1392
2011/05/02 20:17:52.0728 1392 OS Version: 6.1.7600 ServicePack: 0.0
2011/05/02 20:17:52.0728 1392 Product type: Workstation
2011/05/02 20:17:52.0728 1392 ComputerName: USER-PC
2011/05/02 20:17:52.0728 1392 UserName: Administrator
2011/05/02 20:17:52.0728 1392 Windows directory: C:\Windows
2011/05/02 20:17:52.0728 1392 System windows directory: C:\Windows
2011/05/02 20:17:52.0728 1392 Processor architecture: Intel x86
2011/05/02 20:17:52.0728 1392 Number of processors: 2
2011/05/02 20:17:52.0728 1392 Page size: 0x1000
2011/05/02 20:17:52.0728 1392 Boot type: Normal boot
2011/05/02 20:17:52.0728 1392 ================================================================================
2011/05/02 20:17:55.0489 1392 !crdlk

c:\TDSSKiller.2.4.21.0_02.05.2011_20.18.09_log.txt


2011/05/02 20:18:09.0420 4904 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/05/02 20:18:09.0826 4904 ================================================================================
2011/05/02 20:18:09.0826 4904 SystemInfo:
2011/05/02 20:18:09.0826 4904
2011/05/02 20:18:09.0826 4904 OS Version: 6.1.7600 ServicePack: 0.0
2011/05/02 20:18:09.0826 4904 Product type: Workstation
2011/05/02 20:18:09.0826 4904 ComputerName: USER-PC
2011/05/02 20:18:09.0826 4904 UserName: Administrator
2011/05/02 20:18:09.0826 4904 Windows directory: C:\Windows
2011/05/02 20:18:09.0826 4904 System windows directory: C:\Windows
2011/05/02 20:18:09.0826 4904 Processor architecture: Intel x86
2011/05/02 20:18:09.0826 4904 Number of processors: 2
2011/05/02 20:18:09.0826 4904 Page size: 0x1000
2011/05/02 20:18:09.0826 4904 Boot type: Normal boot
2011/05/02 20:18:09.0826 4904 ================================================================================
2011/05/02 20:18:11.0620 4904 !crdlk

c:\TDSSKiller.2.4.21.0_03.05.2011_01.38.50_log.txt


2011/05/03 01:38:50.0762 4148 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/05/03 01:38:51.0222 4148 ================================================================================
2011/05/03 01:38:51.0222 4148 SystemInfo:
2011/05/03 01:38:51.0222 4148
2011/05/03 01:38:51.0222 4148 OS Version: 6.1.7600 ServicePack: 0.0
2011/05/03 01:38:51.0222 4148 Product type: Workstation
2011/05/03 01:38:51.0222 4148 ComputerName: USER-PC
2011/05/03 01:38:51.0222 4148 UserName: Administrator
2011/05/03 01:38:51.0222 4148 Windows directory: C:\Windows
2011/05/03 01:38:51.0222 4148 System windows directory: C:\Windows
2011/05/03 01:38:51.0222 4148 Processor architecture: Intel x86
2011/05/03 01:38:51.0222 4148 Number of processors: 2
2011/05/03 01:38:51.0222 4148 Page size: 0x1000
2011/05/03 01:38:51.0222 4148 Boot type: Normal boot
2011/05/03 01:38:51.0222 4148 ================================================================================
2011/05/03 01:38:54.0618 4148 !crdlk

c:\TDSSKiller.2.4.21.0_03.05.2011_01.39.23_log.txt


2011/05/03 01:39:23.0644 5016 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/05/03 01:39:24.0176 5016 ================================================================================
2011/05/03 01:39:24.0176 5016 SystemInfo:
2011/05/03 01:39:24.0176 5016
2011/05/03 01:39:24.0176 5016 OS Version: 6.1.7600 ServicePack: 0.0
2011/05/03 01:39:24.0176 5016 Product type: Workstation
2011/05/03 01:39:24.0176 5016 ComputerName: USER-PC
2011/05/03 01:39:24.0176 5016 UserName: Administrator
2011/05/03 01:39:24.0176 5016 Windows directory: C:\Windows
2011/05/03 01:39:24.0176 5016 System windows directory: C:\Windows
2011/05/03 01:39:24.0176 5016 Processor architecture: Intel x86
2011/05/03 01:39:24.0176 5016 Number of processors: 2
2011/05/03 01:39:24.0176 5016 Page size: 0x1000
2011/05/03 01:39:24.0176 5016 Boot type: Normal boot
2011/05/03 01:39:24.0176 5016 ================================================================================
2011/05/03 01:39:25.0432 5016 !crdlk

c:\TDSSKiller.2.4.21.0_03.05.2011_01.46.36_log.txt


2011/05/03 01:46:36.0748 5560 TDSS rootkit removing tool 2.4.21.0 Mar 10 2011 12:26:28
2011/05/03 01:46:37.0623 5560 ================================================================================
2011/05/03 01:46:37.0623 5560 SystemInfo:
2011/05/03 01:46:37.0623 5560
2011/05/03 01:46:37.0623 5560 OS Version: 6.1.7600 ServicePack: 0.0
2011/05/03 01:46:37.0623 5560 Product type: Workstation
2011/05/03 01:46:37.0623 5560 ComputerName: USER-PC
2011/05/03 01:46:37.0623 5560 UserName: Administrator
2011/05/03 01:46:37.0623 5560 Windows directory: C:\Windows
2011/05/03 01:46:37.0623 5560 System windows directory: C:\Windows
2011/05/03 01:46:37.0623 5560 Processor architecture: Intel x86
2011/05/03 01:46:37.0623 5560 Number of processors: 2
2011/05/03 01:46:37.0623 5560 Page size: 0x1000
2011/05/03 01:46:37.0623 5560 Boot type: Normal boot
2011/05/03 01:46:37.0623 5560 ================================================================================
2011/05/03 01:46:54.0323 5560 Initialize success
2011/05/03 01:47:01.0053 6036 ================================================================================
2011/05/03 01:47:01.0053 6036 Scan started
2011/05/03 01:47:01.0053 6036 Mode: Manual;
2011/05/03 01:47:01.0053 6036 ================================================================================
2011/05/03 01:47:06.0293 6036 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/05/03 01:47:06.0483 6036 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/05/03 01:47:06.0603 6036 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/05/03 01:47:06.0783 6036 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/03 01:47:06.0873 6036 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/03 01:47:06.0933 6036 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/03 01:47:07.0073 6036 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/05/03 01:47:07.0143 6036 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/05/03 01:47:07.0265 6036 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/05/03 01:47:07.0397 6036 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/05/03 01:47:07.0437 6036 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/05/03 01:47:07.0487 6036 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/05/03 01:47:07.0557 6036 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/03 01:47:07.0617 6036 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/03 01:47:07.0737 6036 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2011/05/03 01:47:07.0841 6036 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/03 01:47:07.0941 6036 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2011/05/03 01:47:08.0111 6036 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/05/03 01:47:08.0219 6036 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/05/03 01:47:08.0269 6036 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/03 01:47:08.0359 6036 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/03 01:47:08.0419 6036 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/05/03 01:47:08.0509 6036 athr (76bab0c824e2d05b940c4dd40a9b08bf) C:\Windows\system32\DRIVERS\athr.sys
2011/05/03 01:47:08.0799 6036 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/05/03 01:47:09.0023 6036 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/05/03 01:47:09.0165 6036 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/05/03 01:47:09.0285 6036 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/05/03 01:47:09.0455 6036 bdfsfltr (9b281f5f673cbc5b9ec886d59e0b4f26) C:\Windows\system32\drivers\bdfsfltr.sys
2011/05/03 01:47:09.0595 6036 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/05/03 01:47:09.0765 6036 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/03 01:47:09.0835 6036 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/03 01:47:09.0915 6036 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/03 01:47:09.0965 6036 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/03 01:47:10.0215 6036 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/05/03 01:47:10.0455 6036 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/03 01:47:10.0545 6036 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/03 01:47:10.0585 6036 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/03 01:47:10.0655 6036 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/03 01:47:10.0745 6036 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/03 01:47:10.0845 6036 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/03 01:47:10.0925 6036 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/03 01:47:10.0975 6036 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/05/03 01:47:11.0155 6036 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/03 01:47:11.0245 6036 cmderd (dee2298f837bd809e0323a6d442afdfe) C:\Windows\system32\DRIVERS\cmderd.sys
2011/05/03 01:47:11.0345 6036 cmdGuard (25257833bfe9751c54751477123f174e) C:\Windows\system32\DRIVERS\cmdguard.sys
2011/05/03 01:47:11.0515 6036 cmdHlp (85b5d9ffa0b0d20a5137a356918e2e38) C:\Windows\system32\DRIVERS\cmdhlp.sys
2011/05/03 01:47:11.0595 6036 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/05/03 01:47:11.0665 6036 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/05/03 01:47:11.0845 6036 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/03 01:47:11.0915 6036 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/05/03 01:47:11.0995 6036 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/03 01:47:12.0105 6036 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2011/05/03 01:47:12.0365 6036 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/05/03 01:47:12.0445 6036 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/05/03 01:47:12.0545 6036 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/05/03 01:47:12.0675 6036 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/05/03 01:47:12.0745 6036 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/03 01:47:13.0027 6036 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/05/03 01:47:13.0449 6036 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/03 01:47:13.0529 6036 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/05/03 01:47:13.0709 6036 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/05/03 01:47:13.0759 6036 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/05/03 01:47:13.0849 6036 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/03 01:47:13.0909 6036 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/05/03 01:47:13.0939 6036 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/05/03 01:47:14.0029 6036 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/03 01:47:14.0099 6036 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/05/03 01:47:14.0189 6036 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/05/03 01:47:14.0229 6036 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/03 01:47:14.0329 6036 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/03 01:47:14.0429 6036 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/03 01:47:14.0669 6036 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/03 01:47:14.0819 6036 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/05/03 01:47:14.0959 6036 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/03 01:47:14.0989 6036 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/03 01:47:15.0039 6036 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/03 01:47:15.0109 6036 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/03 01:47:15.0209 6036 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/03 01:47:15.0339 6036 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/05/03 01:47:15.0409 6036 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/05/03 01:47:15.0479 6036 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/03 01:47:15.0559 6036 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/03 01:47:15.0619 6036 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/05/03 01:47:16.0089 6036 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/05/03 01:47:16.0889 6036 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/03 01:47:17.0019 6036 inspect (3fd25c91bc2be3465559e64801c10e33) C:\Windows\system32\DRIVERS\inspect.sys
2011/05/03 01:47:17.0089 6036 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/05/03 01:47:17.0179 6036 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/03 01:47:17.0269 6036 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/03 01:47:17.0379 6036 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/05/03 01:47:17.0439 6036 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/05/03 01:47:17.0989 6036 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/05/03 01:47:18.0049 6036 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/05/03 01:47:18.0129 6036 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/03 01:47:18.0219 6036 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/03 01:47:18.0319 6036 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/03 01:47:18.0379 6036 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/03 01:47:18.0469 6036 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/03 01:47:18.0609 6036 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/03 01:47:18.0719 6036 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/03 01:47:18.0789 6036 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/03 01:47:18.0839 6036 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/03 01:47:18.0929 6036 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/03 01:47:19.0059 6036 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/05/03 01:47:19.0119 6036 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/03 01:47:19.0179 6036 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/03 01:47:19.0289 6036 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/05/03 01:47:19.0379 6036 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/03 01:47:19.0469 6036 MotioninJoyXFilter (61448ba3cca3063541437694a5527af2) C:\Windows\system32\DRIVERS\MijXfilt.sys
2011/05/03 01:47:19.0659 6036 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/03 01:47:19.0879 6036 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/03 01:47:19.0929 6036 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/05/03 01:47:19.0989 6036 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/05/03 01:47:20.0079 6036 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/03 01:47:20.0159 6036 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/05/03 01:47:20.0239 6036 mrxsmb (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/03 01:47:20.0339 6036 mrxsmb10 (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/03 01:47:20.0429 6036 mrxsmb20 (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/03 01:47:20.0469 6036 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/05/03 01:47:20.0519 6036 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/05/03 01:47:20.0609 6036 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/05/03 01:47:20.0669 6036 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/03 01:47:20.0719 6036 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/05/03 01:47:20.0869 6036 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/03 01:47:20.0889 6036 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/03 01:47:20.0939 6036 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/05/03 01:47:20.0979 6036 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/05/03 01:47:21.0029 6036 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/03 01:47:21.0069 6036 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/05/03 01:47:21.0099 6036 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/03 01:47:21.0139 6036 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/05/03 01:47:21.0229 6036 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/03 01:47:21.0339 6036 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/05/03 01:47:21.0409 6036 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/03 01:47:21.0469 6036 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/03 01:47:21.0539 6036 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/03 01:47:21.0589 6036 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/03 01:47:21.0639 6036 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/05/03 01:47:21.0729 6036 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/03 01:47:21.0759 6036 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/03 01:47:21.0879 6036 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/03 01:47:21.0959 6036 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/05/03 01:47:22.0139 6036 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/03 01:47:22.0219 6036 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/05/03 01:47:22.0409 6036 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/05/03 01:47:22.0489 6036 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/05/03 01:47:22.0569 6036 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2011/05/03 01:47:22.0699 6036 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/05/03 01:47:22.0909 6036 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/05/03 01:47:23.0169 6036 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/05/03 01:47:23.0269 6036 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/05/03 01:47:23.0339 6036 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/05/03 01:47:23.0409 6036 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/05/03 01:47:23.0479 6036 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/05/03 01:47:23.0539 6036 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/03 01:47:23.0879 6036 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/05/03 01:47:23.0949 6036 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/05/03 01:47:24.0199 6036 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/03 01:47:24.0539 6036 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/05/03 01:47:25.0049 6036 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/03 01:47:25.0509 6036 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/03 01:47:25.0679 6036 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/03 01:47:25.0749 6036 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/03 01:47:26.0049 6036 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/03 01:47:26.0109 6036 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/03 01:47:26.0199 6036 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/03 01:47:26.0299 6036 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/03 01:47:26.0359 6036 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/03 01:47:26.0399 6036 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/03 01:47:26.0459 6036 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/03 01:47:26.0499 6036 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/03 01:47:26.0549 6036 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2011/05/03 01:47:26.0639 6036 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/03 01:47:26.0689 6036 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/03 01:47:26.0759 6036 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/05/03 01:47:26.0879 6036 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/05/03 01:47:26.0989 6036 RimUsb (92d33f76769a028ddc54a863eb7de4a2) C:\Windows\system32\Drivers\RimUsb.sys
2011/05/03 01:47:27.0176 6036 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
2011/05/03 01:47:27.0261 6036 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
2011/05/03 01:47:27.0564 6036 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/03 01:47:27.0659 6036 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/05/03 01:47:27.0727 6036 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/05/03 01:47:27.0813 6036 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/05/03 01:47:27.0945 6036 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/03 01:47:28.0059 6036 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/03 01:47:28.0124 6036 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/03 01:47:28.0161 6036 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/05/03 01:47:28.0201 6036 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/03 01:47:28.0371 6036 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/05/03 01:47:28.0441 6036 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/05/03 01:47:28.0507 6036 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/05/03 01:47:28.0553 6036 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/03 01:47:28.0629 6036 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/05/03 01:47:28.0715 6036 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/03 01:47:28.0755 6036 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/03 01:47:28.0845 6036 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/05/03 01:47:28.0947 6036 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/05/03 01:47:29.0119 6036 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\Windows\system32\Drivers\sptd.sys
2011/05/03 01:47:29.0119 6036 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2011/05/03 01:47:29.0129 6036 sptd - detected Locked file (1)
2011/05/03 01:47:29.0231 6036 srv (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys
2011/05/03 01:47:29.0301 6036 srv2 (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/03 01:47:29.0401 6036 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/05/03 01:47:29.0481 6036 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2011/05/03 01:47:29.0602 6036 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2011/05/03 01:47:29.0693 6036 srvnet (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/03 01:47:29.0825 6036 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/05/03 01:47:29.0977 6036 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/03 01:47:30.0067 6036 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/05/03 01:47:30.0147 6036 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2011/05/03 01:47:30.0197 6036 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/03 01:47:30.0349 6036 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/05/03 01:47:30.0451 6036 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/03 01:47:30.0511 6036 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/03 01:47:30.0563 6036 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/05/03 01:47:30.0603 6036 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/05/03 01:47:30.0635 6036 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/03 01:47:30.0665 6036 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/03 01:47:30.0855 6036 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/03 01:47:30.0945 6036 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/03 01:47:30.0975 6036 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/03 01:47:31.0025 6036 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/03 01:47:31.0155 6036 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/05/03 01:47:31.0225 6036 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/03 01:47:31.0265 6036 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/03 01:47:31.0325 6036 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/03 01:47:31.0355 6036 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/05/03 01:47:31.0415 6036 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/03 01:47:31.0455 6036 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/03 01:47:31.0515 6036 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/03 01:47:31.0595 6036 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/03 01:47:31.0665 6036 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/03 01:47:31.0715 6036 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/03 01:47:31.0755 6036 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/03 01:47:31.0835 6036 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
2011/05/03 01:47:31.0955 6036 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/05/03 01:47:31.0995 6036 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/03 01:47:32.0025 6036 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/05/03 01:47:32.0075 6036 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/05/03 01:47:32.0155 6036 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/05/03 01:47:32.0205 6036 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/05/03 01:47:32.0255 6036 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/05/03 01:47:32.0295 6036 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2011/05/03 01:47:32.0335 6036 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/05/03 01:47:32.0375 6036 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/05/03 01:47:32.0425 6036 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/05/03 01:47:32.0495 6036 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/05/03 01:47:32.0595 6036 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/03 01:47:32.0765 6036 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/05/03 01:47:32.0805 6036 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/05/03 01:47:32.0875 6036 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/05/03 01:47:32.0925 6036 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/03 01:47:33.0005 6036 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/03 01:47:33.0035 6036 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/03 01:47:33.0155 6036 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/05/03 01:47:33.0205 6036 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/03 01:47:33.0365 6036 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/03 01:47:33.0395 6036 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/05/03 01:47:33.0545 6036 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/05/03 01:47:33.0605 6036 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/05/03 01:47:33.0724 6036 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/03 01:47:33.0787 6036 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/05/03 01:47:33.0877 6036 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/03 01:47:33.0998 6036 xusb21 (ee9144207ee0211eb5656ba6808ac4a0) C:\Windows\system32\DRIVERS\xusb21.sys
2011/05/03 01:47:34.0219 6036 ================================================================================
2011/05/03 01:47:34.0219 6036 Scan finished
2011/05/03 01:47:34.0219 6036 ================================================================================
2011/05/03 01:47:34.0239 6028 Detected object count: 1
2011/05/03 01:47:42.0255 6028 Locked file(sptd) - User select action: Skip
2011/05/03 01:47:50.0615 3024 ================================================================================
2011/05/03 01:47:50.0615 3024 Scan started
2011/05/03 01:47:50.0615 3024 Mode: Manual;
2011/05/03 01:47:50.0615 3024 ================================================================================
2011/05/03 01:47:51.0745 3024 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys
2011/05/03 01:47:51.0816 3024 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys
2011/05/03 01:47:51.0847 3024 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys
2011/05/03 01:47:51.0877 3024 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/05/03 01:47:51.0917 3024 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
2011/05/03 01:47:51.0957 3024 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
2011/05/03 01:47:52.0017 3024 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\Windows\system32\drivers\afd.sys
2011/05/03 01:47:52.0047 3024 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys
2011/05/03 01:47:52.0077 3024 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
2011/05/03 01:47:52.0127 3024 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys
2011/05/03 01:47:52.0147 3024 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys
2011/05/03 01:47:52.0187 3024 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys
2011/05/03 01:47:52.0217 3024 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
2011/05/03 01:47:52.0247 3024 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
2011/05/03 01:47:52.0287 3024 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\Windows\system32\DRIVERS\amdsata.sys
2011/05/03 01:47:52.0327 3024 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/05/03 01:47:52.0357 3024 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\Windows\system32\DRIVERS\amdxata.sys
2011/05/03 01:47:52.0407 3024 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys
2011/05/03 01:47:52.0467 3024 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
2011/05/03 01:47:52.0497 3024 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
2011/05/03 01:47:52.0527 3024 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/03 01:47:52.0557 3024 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys
2011/05/03 01:47:52.0647 3024 athr (76bab0c824e2d05b940c4dd40a9b08bf) C:\Windows\system32\DRIVERS\athr.sys
2011/05/03 01:47:52.0747 3024 avgntflt (47b879406246ffdced59e18d331a0e7d) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/05/03 01:47:52.0797 3024 avipbb (5fedef54757b34fb611b9ec8fb399364) C:\Windows\system32\DRIVERS\avipbb.sys
2011/05/03 01:47:52.0847 3024 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
2011/05/03 01:47:52.0887 3024 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
2011/05/03 01:47:52.0987 3024 bdfsfltr (9b281f5f673cbc5b9ec886d59e0b4f26) C:\Windows\system32\drivers\bdfsfltr.sys
2011/05/03 01:47:53.0027 3024 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
2011/05/03 01:47:53.0067 3024 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/05/03 01:47:53.0137 3024 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/03 01:47:53.0177 3024 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/05/03 01:47:53.0240 3024 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/05/03 01:47:53.0298 3024 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
2011/05/03 01:47:53.0331 3024 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/05/03 01:47:53.0361 3024 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/05/03 01:47:53.0391 3024 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/05/03 01:47:53.0421 3024 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/05/03 01:47:53.0471 3024 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/03 01:47:53.0511 3024 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/03 01:47:53.0551 3024 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
2011/05/03 01:47:53.0601 3024 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
2011/05/03 01:47:53.0661 3024 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/03 01:47:53.0721 3024 cmderd (dee2298f837bd809e0323a6d442afdfe) C:\Windows\system32\DRIVERS\cmderd.sys
2011/05/03 01:47:53.0861 3024 cmdGuard (25257833bfe9751c54751477123f174e) C:\Windows\system32\DRIVERS\cmdguard.sys
2011/05/03 01:47:53.0901 3024 cmdHlp (85b5d9ffa0b0d20a5137a356918e2e38) C:\Windows\system32\DRIVERS\cmdhlp.sys
2011/05/03 01:47:53.0931 3024 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys
2011/05/03 01:47:53.0971 3024 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
2011/05/03 01:47:54.0001 3024 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/03 01:47:54.0041 3024 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys
2011/05/03 01:47:54.0081 3024 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/05/03 01:47:54.0141 3024 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys
2011/05/03 01:47:54.0201 3024 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\Windows\system32\Drivers\dfsc.sys
2011/05/03 01:47:54.0251 3024 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
2011/05/03 01:47:54.0281 3024 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
2011/05/03 01:47:54.0351 3024 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
2011/05/03 01:47:54.0421 3024 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/03 01:47:54.0541 3024 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
2011/05/03 01:47:54.0641 3024 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
2011/05/03 01:47:54.0691 3024 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys
2011/05/03 01:47:54.0763 3024 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
2011/05/03 01:47:54.0813 3024 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
2011/05/03 01:47:54.0853 3024 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/03 01:47:54.0903 3024 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
2011/05/03 01:47:54.0933 3024 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
2011/05/03 01:47:54.0973 3024 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/03 01:47:55.0013 3024 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
2011/05/03 01:47:55.0063 3024 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
2011/05/03 01:47:55.0113 3024 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/03 01:47:55.0153 3024 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\Windows\system32\DRIVERS\fvevol.sys
2011/05/03 01:47:55.0183 3024 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/05/03 01:47:55.0263 3024 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
2011/05/03 01:47:55.0333 3024 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys
2011/05/03 01:47:55.0383 3024 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/03 01:47:55.0413 3024 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/05/03 01:47:55.0443 3024 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
2011/05/03 01:47:55.0473 3024 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
2011/05/03 01:47:55.0513 3024 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/03 01:47:55.0583 3024 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys
2011/05/03 01:47:55.0653 3024 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys
2011/05/03 01:47:55.0683 3024 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys
2011/05/03 01:47:55.0723 3024 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/03 01:47:55.0773 3024 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\DRIVERS\iaStorV.sys
2011/05/03 01:47:56.0333 3024 igfx (8266ae06df974e5ba047b3e9e9e70b3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
2011/05/03 01:47:56.0533 3024 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
2011/05/03 01:47:56.0603 3024 inspect (3fd25c91bc2be3465559e64801c10e33) C:\Windows\system32\DRIVERS\inspect.sys
2011/05/03 01:47:56.0653 3024 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys
2011/05/03 01:47:56.0683 3024 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/03 01:47:56.0723 3024 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/03 01:47:56.0773 3024 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2011/05/03 01:47:56.0813 3024 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
2011/05/03 01:47:56.0833 3024 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
2011/05/03 01:47:56.0873 3024 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys
2011/05/03 01:47:56.0913 3024 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/03 01:47:56.0943 3024 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/03 01:47:56.0973 3024 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/03 01:47:57.0023 3024 KSecDD (e36a061ec11b373826905b21be10948f) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/03 01:47:57.0093 3024 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\Windows\system32\Drivers\ksecpkg.sys
2011/05/03 01:47:57.0173 3024 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/03 01:47:57.0263 3024 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/05/03 01:47:57.0293 3024 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/05/03 01:47:57.0333 3024 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/05/03 01:47:57.0383 3024 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/05/03 01:47:57.0433 3024 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
2011/05/03 01:47:57.0473 3024 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
2011/05/03 01:47:57.0513 3024 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/05/03 01:47:57.0563 3024 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
2011/05/03 01:47:57.0603 3024 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/03 01:47:57.0673 3024 MotioninJoyXFilter (61448ba3cca3063541437694a5527af2) C:\Windows\system32\DRIVERS\MijXfilt.sys
2011/05/03 01:47:57.0723 3024 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/03 01:47:57.0743 3024 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/03 01:47:57.0783 3024 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys
2011/05/03 01:47:57.0823 3024 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys
2011/05/03 01:47:57.0863 3024 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/03 01:47:57.0903 3024 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys
2011/05/03 01:47:58.0073 3024 mrxsmb (b4c76ef46322a9711c7b0f4e21ef6ea5) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/03 01:47:58.0243 3024 mrxsmb10 (e593d45024a3fdd11e93cc4a6ca91101) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/03 01:47:58.0413 3024 mrxsmb20 (a9f86c82c9cc3b679cc3957e1183a30f) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/03 01:47:58.0583 3024 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys
2011/05/03 01:47:58.0713 3024 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys
2011/05/03 01:47:58.0823 3024 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
2011/05/03 01:47:58.0863 3024 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
2011/05/03 01:47:58.0913 3024 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys
2011/05/03 01:47:59.0063 3024 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/03 01:47:59.0133 3024 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/03 01:47:59.0163 3024 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
2011/05/03 01:47:59.0203 3024 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
2011/05/03 01:47:59.0253 3024 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/03 01:47:59.0283 3024 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
2011/05/03 01:47:59.0313 3024 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/05/03 01:47:59.0413 3024 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
2011/05/03 01:47:59.0533 3024 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/03 01:47:59.0635 3024 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys
2011/05/03 01:47:59.0685 3024 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/05/03 01:47:59.0755 3024 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/03 01:47:59.0805 3024 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/03 01:47:59.0935 3024 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/03 01:47:59.0993 3024 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys
2011/05/03 01:48:00.0037 3024 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/03 01:48:00.0077 3024 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/03 01:48:00.0169 3024 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/05/03 01:48:00.0281 3024 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
2011/05/03 01:48:00.0373 3024 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/03 01:48:00.0495 3024 Ntfs (3795dcd21f740ee799fb7223234215af) C:\Windows\system32\drivers\Ntfs.sys
2011/05/03 01:48:00.0525 3024 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
2011/05/03 01:48:00.0585 3024 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\Windows\system32\DRIVERS\nvraid.sys
2011/05/03 01:48:00.0615 3024 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\Windows\system32\DRIVERS\nvstor.sys
2011/05/03 01:48:00.0755 3024 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys
2011/05/03 01:48:00.0857 3024 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/05/03 01:48:00.0937 3024 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
2011/05/03 01:48:00.0967 3024 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys
2011/05/03 01:48:01.0007 3024 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
2011/05/03 01:48:01.0047 3024 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys
2011/05/03 01:48:01.0087 3024 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys
2011/05/03 01:48:01.0117 3024 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/05/03 01:48:01.0177 3024 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
2011/05/03 01:48:01.0227 3024 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
2011/05/03 01:48:01.0439 3024 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/03 01:48:01.0469 3024 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
2011/05/03 01:48:01.0599 3024 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/03 01:48:01.0689 3024 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
2011/05/03 01:48:01.0739 3024 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/05/03 01:48:01.0779 3024 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/03 01:48:01.0979 3024 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/03 01:48:02.0029 3024 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/05/03 01:48:02.0069 3024 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/03 01:48:02.0119 3024 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/03 01:48:02.0149 3024 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/03 01:48:02.0179 3024 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/03 01:48:02.0219 3024 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/05/03 01:48:02.0249 3024 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/03 01:48:02.0299 3024 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys
2011/05/03 01:48:02.0339 3024 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/03 01:48:02.0399 3024 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
2011/05/03 01:48:02.0449 3024 RDPWD (801371ba9782282892d00aadb08ee367) C:\Windows\system32\drivers\RDPWD.sys
2011/05/03 01:48:02.0479 3024 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys
2011/05/03 01:48:02.0559 3024 RimUsb (92d33f76769a028ddc54a863eb7de4a2) C:\Windows\system32\Drivers\RimUsb.sys
2011/05/03 01:48:02.0609 3024 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
2011/05/03 01:48:02.0659 3024 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
2011/05/03 01:48:02.0749 3024 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/03 01:48:02.0799 3024 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys
2011/05/03 01:48:02.0859 3024 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys
2011/05/03 01:48:02.0899 3024 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys
2011/05/03 01:48:02.0979 3024 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys
2011/05/03 01:48:03.0029 3024 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/05/03 01:48:03.0089 3024 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
2011/05/03 01:48:03.0129 3024 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
2011/05/03 01:48:03.0149 3024 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
2011/05/03 01:48:03.0229 3024 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
2011/05/03 01:48:03.0299 3024 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2011/05/03 01:48:03.0349 3024 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys
2011/05/03 01:48:03.0389 3024 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/03 01:48:03.0439 3024 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys
2011/05/03 01:48:03.0469 3024 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/05/03 01:48:03.0509 3024 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/05/03 01:48:03.0539 3024 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
2011/05/03 01:48:03.0589 3024 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
2011/05/03 01:48:03.0709 3024 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\Windows\system32\Drivers\sptd.sys
2011/05/03 01:48:03.0709 3024 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: c4bb8a12843d9cbb65f5ff617f389bbd
2011/05/03 01:48:03.0719 3024 sptd - detected Locked file (1)
2011/05/03 01:48:03.0789 3024 srv (4a9b0f215de2519e2363f91df25c1e97) C:\Windows\system32\DRIVERS\srv.sys
2011/05/03 01:48:03.0829 3024 srv2 (14c44875518ae1c982e54ea8c5f7fe28) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/03 01:48:03.0869 3024 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/05/03 01:48:03.0939 3024 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
2011/05/03 01:48:03.0999 3024 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
2011/05/03 01:48:04.0109 3024 srvnet (07a14223b0a50e76ade003fdf95d4fec) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/03 01:48:04.0239 3024 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
2011/05/03 01:48:04.0389 3024 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
2011/05/03 01:48:04.0459 3024 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys
2011/05/03 01:48:04.0499 3024 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys
2011/05/03 01:48:04.0569 3024 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/03 01:48:04.0719 3024 Tcpip (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\drivers\tcpip.sys
2011/05/03 01:48:04.0789 3024 TCPIP6 (bb7f39c31c4a4417fd318e7cd184e225) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/03 01:48:04.0839 3024 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/03 01:48:04.0879 3024 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys
2011/05/03 01:48:04.0919 3024 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\Windows\system32\drivers\tdtcp.sys
2011/05/03 01:48:04.0949 3024 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/03 01:48:04.0989 3024 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/03 01:48:05.0179 3024 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/03 01:48:05.0209 3024 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/03 01:48:05.0249 3024 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
2011/05/03 01:48:05.0301 3024 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/03 01:48:05.0361 3024 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys
2011/05/03 01:48:05.0391 3024 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/03 01:48:05.0421 3024 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
2011/05/03 01:48:05.0481 3024 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/03 01:48:05.0511 3024 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys
2011/05/03 01:48:05.0571 3024 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/03 01:48:05.0601 3024 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/03 01:48:05.0631 3024 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
2011/05/03 01:48:05.0681 3024 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/03 01:48:05.0741 3024 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/03 01:48:05.0781 3024 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/03 01:48:05.0811 3024 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/03 01:48:05.0861 3024 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\Windows\system32\Drivers\usbvideo.sys
2011/05/03 01:48:05.0941 3024 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys
2011/05/03 01:48:05.0981 3024 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/03 01:48:06.0021 3024 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
2011/05/03 01:48:06.0061 3024 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys
2011/05/03 01:48:06.0091 3024 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys
2011/05/03 01:48:06.0121 3024 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
2011/05/03 01:48:06.0171 3024 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys
2011/05/03 01:48:06.0211 3024 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys
2011/05/03 01:48:06.0241 3024 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys
2011/05/03 01:48:06.0311 3024 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys
2011/05/03 01:48:06.0351 3024 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
2011/05/03 01:48:06.0391 3024 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys
2011/05/03 01:48:06.0441 3024 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/05/03 01:48:06.0481 3024 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/05/03 01:48:06.0511 3024 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/05/03 01:48:06.0541 3024 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/05/03 01:48:06.0591 3024 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
2011/05/03 01:48:06.0631 3024 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/03 01:48:06.0651 3024 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/03 01:48:06.0731 3024 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
2011/05/03 01:48:06.0781 3024 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/03 01:48:06.0861 3024 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/05/03 01:48:06.0891 3024 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
2011/05/03 01:48:07.0031 3024 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/05/03 01:48:07.0091 3024 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys
2011/05/03 01:48:07.0171 3024 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/03 01:48:07.0271 3024 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys
2011/05/03 01:48:07.0311 3024 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/03 01:48:07.0381 3024 xusb21 (ee9144207ee0211eb5656ba6808ac4a0) C:\Windows\system32\DRIVERS\xusb21.sys
2011/05/03 01:48:07.0471 3024 ================================================================================
2011/05/03 01:48:07.0471 3024 Scan finished
2011/05/03 01:48:07.0471 3024 ================================================================================
2011/05/03 01:48:07.0491 1556 Detected object count: 1
2011/05/03 01:48:23.0771 1556 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted after reboot
2011/05/03 01:48:23.0821 1556 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted after reboot
2011/05/03 01:48:23.0871 1556 C:\Windows\system32\Drivers\sptd.sys - will be deleted after reboot
2011/05/03 01:48:23.0871 1556 Locked file(sptd) - User select action: Delete
2011/05/03 01:48:30.0483 5532 Deinitialize success

========= End of CMD: =========

#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:59 PM

Posted 05 May 2011 - 05:58 AM

Well done. :thumbup2:

Your log(s) show that you are using so called peer-to-peer or file-sharing programs. These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

********************************

The TDSSKiller has attempted to remove a driver related to Alcohol software. But the driver it has attempted to delete is still there. So it is a mystery why the system doesn't boot after running TDSSKiller. Perhaps the system doesn't boot due to malware and not due to the failed TDSSKiller attempt. We need to dig up.

  • We need to check the MBR.
    Please download MBR.EXE by GMER. Save the file on your flash drive.
  • Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the flashdrive as fixlist.txt

    cmd: copy /y g:\mbr.exe c:\
    cmd: c:\mbr.exe -c 0 1 g:\MBR.zip
    

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Now please enter System Recovery Options.
    Run FRST and press the Fix button just once and wait.
    The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
    Also there be be a MBR.zip file on your flashdrive. Please attach it to your reply.


#9 moem986

moem986
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:59 PM

Posted 05 May 2011 - 03:16 PM

Fix result of Farbars's Recovery Tool (FRST written by farbar Version 2.0.6)
Ran by SYSTEM at 2011-05-05 16:13:53 R:6
Running from G:\

==============================================


========= copy /y g:\mbr.exe c:\ =========

1 file(s) copied.

========= End of CMD: =========


========= c:\mbr.exe -c 0 1 g:\MBR.zip =========

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7600 Disk: WDC_WD3200BEVT-60ZCT1 rev.13.01A13 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

0x1 sector(s) have been successfully saved to "g:\MBR.zip".

========= End of CMD: =========

Attached Files

  • Attached File  MBR.zip   512bytes   2 downloads


#10 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:59 PM

Posted 05 May 2011 - 04:47 PM

The MBR looks clean.

We are going to try a series of steps now. Please give me full feedback on each step.

  • Disable automatic restart, to do that:
    • During the rebooting process, repeatedly press the F8 key to enter Windows Advance Options Menu.
    • Use the up and down arrow keys to select Disable automatic restart on system failure and then press the Enter key.
    • Use up and down arrow keys to select the operating system to start (if more than one OS is installed).
    • Press the Enter key.
    • Windows should start. This time when you get a BSOD it will not restart. What we need is the information of the type of error, the error code and more important the description of error and any file it mentions.
  • Start in Safe Mode Using the F8 key:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
    • Use the arrow keys to select the Safe Mode menu item.
    • Press the Enter key.
    • Log to your usual account and tell me if you can boot to Safe Mode or any error you get.


#11 moem986

moem986
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:59 PM

Posted 06 May 2011 - 04:32 AM

This is the string that appears in the BSOD (not including the usual windows telling the user what to do when seeing this screen)

0x0000007B (0x80786B58, 0xc000000D, 0x00000000, 0x00000000)

Also I am unable to boot the system even in safe mode

#12 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:59 PM

Posted 06 May 2011 - 05:24 AM

Unfortunately the name of the driver involved is not mentioned.

Start in Safe Mode Using the F8 key:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
  • Use the arrow keys to select the Last Known Good Configuration menu item.
  • Press the Enter key and tell me how it went.


#13 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:59 PM

Posted 06 May 2011 - 05:37 AM

Please don't miss my previous post.

Also please give me full feedback about this:

Also I am unable to boot the system even in safe mode

Did you get any error, or BSOD or anything else?

#14 moem986

moem986
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:02:59 PM

Posted 06 May 2011 - 03:31 PM

Same result a BSOD screen will appear under "last known good configuration" and safe mode, the bsod appears at the same time as it would during a normal startup.

#15 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:59 PM

Posted 06 May 2011 - 03:51 PM

Let's try system restore once more.

  • Tell me if you have a Windows installation DVD in case it is needed.
  • Please use F8 method to get to Advanced boot options. Select "Repair Your computer". After getting into System Recovery options select "System Restore" and try to restore system to an earlier date. Please wait as it might take some times.
    Then reboot and tell me how it went.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users