Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP! I've been refered here cos I'm in Deep Sh*t!!!


  • This topic is locked This topic is locked
7 replies to this topic

#1 BigTim

BigTim

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:52 AM

Posted 21 January 2012 - 11:13 AM

Allo!!! :hello: I've been sent here by 'Broni' as I'm in serious trouble regarding my PC. Please read the correspondance : http://www.bleepingcomputer.com/forums/topic439060.html/page__gopid__2564921#entry2564921

OK here's the logs as I was instructed in order!

Thanx in advance guys.
:thumbsup::hug:


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Run by Tim at 14:32:34 on 2012-01-21
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.44.1033.18.2047.915 [GMT 0:00]
.
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\System32\CtHelper.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.virginmedia.com/
uInternet Settings,ProxyOverride = local
TB: {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [CTHelper] CTHELPER.EXE
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
LSP: mswsock.dll
Trusted Zone: bikermatch.com
Trusted Zone: facebook.com
Trusted Zone: live.com
Trusted Zone: microsoft.com
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{7DBC2411-856D-4268-9785-0937A725AFA6} : DhcpNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {7070D8E0-650A-46b3-B03C-9497582E6A74} - %SystemRoot%\system32\soundschemes.exe /AddRegistration
mASetup: {B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24} - %SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\tim\appdata\roaming\mozilla\firefox\profiles\iewan1zv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.virginmedia.com/
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\virtual earth 3d\npVE3D.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2011-8-4 50624]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2011-3-14 11448]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2011-8-4 118104]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\drivers\EpfwLWF.sys [2011-8-4 33656]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 176128]
R2 AMD FUEL Service;AMD FUEL Service;c:\program files\ati technologies\ati.ace\fuel\Fuel.Service.exe [2011-11-9 291840]
R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2010-12-20 21992]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2011-8-9 163424]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2011-8-9 974944]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-5-23 21504]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2008-5-26 652872]
R2 NIHardwareService;NIHardwareService;c:\program files\common files\native instruments\hardware\NIHardwareService.exe [2011-4-7 3857408]
R3 amdiox86;AMD IO Driver;c:\windows\system32\drivers\amdiox86.sys [2011-3-9 37944]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atikmdag.sys [2011-11-10 8913920]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2011-11-10 263680]
R3 AVHook;AVHook;c:\windows\system32\drivers\AVHook.sys [2008-5-25 28568]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\system32\drivers\COMMONFX.sys [2010-3-18 99416]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\system32\drivers\CTAUDFX.sys [2010-3-18 555096]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\system32\drivers\CTSBLFX.sys [2010-3-18 566360]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2008-5-26 20464]
S2 AMService;AMService;c:\windows\temp\fykarw\setup.exe run --> c:\windows\temp\fykarw\setup.exe run [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AODDriver4.0;AODDriver4.0;c:\program files\ati technologies\ati.ace\fuel\i386\aoddriver2.sys [2011-6-24 39424]
S3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.sys [2010-3-18 99416]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\common files\creative labs shared\service\AL6Licensing.exe [2011-12-15 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\common files\creative labs shared\service\CTAELicensing.exe [2011-12-4 79360]
S3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.sys [2010-3-18 555096]
S3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\system32\drivers\CTERFXFX.sys [2010-3-18 100952]
S3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.sys [2010-3-18 100952]
S3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.sys [2010-3-18 566360]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-19 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2011-5-13 1492840]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-12-12 13224]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys [2007-4-5 17920]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys [2007-1-23 7680]
S3 MotDev;Motorola Inc. USB Device;c:\windows\system32\drivers\motodrv.sys [2007-5-4 42112]
S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files\sony ericsson\sony ericsson pc companion\PCCService.exe [2010-12-12 155344]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-01-20 07:12:31 -------- d-----w- c:\users\tim\appdata\local\AMD
2012-01-19 20:09:01 -------- d-----w- c:\users\tim\appdata\roaming\SUPERAntiSpyware.com
2012-01-19 20:08:27 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-18 15:19:08 -------- d-----w- c:\program files\Origin Games
2012-01-18 15:19:06 -------- d-----w- c:\users\tim\appdata\local\Origin
2012-01-18 15:19:05 -------- d-----w- c:\users\tim\appdata\roaming\Origin
2012-01-18 15:18:50 -------- d-----w- c:\programdata\Origin
2012-01-18 15:18:50 -------- d-----w- c:\programdata\Electronic Arts
2012-01-18 15:17:14 -------- d-----w- c:\program files\Origin
2012-01-18 02:35:06 -------- dc-h--w- c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2012-01-18 02:21:33 662 ----a-w- c:\windows\system32\ealregsnapshot1.reg
2012-01-17 20:16:49 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{27c54f9c-2fba-4596-84d8-2123957e6334}\mpengine.dll
2012-01-15 02:23:12 -------- d-----w- c:\program files\uTorrent185
2012-01-15 01:54:24 -------- d-----w- c:\program files\HHD Software
2012-01-13 23:20:01 3149952 ----a-w- C:\DIR615_v1.00VG_B02.bin
2012-01-13 22:42:44 3149952 ----a-w- C:\DIR615D1_v4.11_B02.bin
2012-01-12 06:15:25 120832 ----a-w- c:\windows\system32\drivers\viamraid.sys
2012-01-10 22:24:20 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-10 22:24:20 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-10 22:24:20 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-10 22:24:20 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-10 22:24:19 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-10 22:24:19 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-10 22:22:40 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-10 22:22:40 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-10 22:22:39 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-10 22:22:38 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-10 22:22:37 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-10 22:22:37 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat
2012-01-10 22:22:35 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-10 22:22:35 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-04 19:52:42 -------- d-----w- c:\users\tim\appdata\local\Native Instruments
2012-01-04 19:52:09 -------- dc-h--w- c:\programdata\{9327ACE9-CC82-4A33-9B33-291ACA1E267B}
2012-01-04 19:48:18 -------- dc-h--w- c:\programdata\{B0CAD5CC-867E-473E-B55F-339F9635A45D}
2012-01-04 19:46:50 -------- dc-h--w- c:\programdata\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
2012-01-04 19:46:33 -------- dc-h--w- c:\programdata\{DCC412E7-393B-4016-91FB-9307F059AFB6}
2012-01-04 19:46:00 -------- dc-h--w- c:\programdata\{49FAB1E7-7D4E-4015-BBCA-E52669133FB7}
2012-01-04 03:28:05 0 ----a-w- c:\windows\ativpsrm.bin
2012-01-04 03:07:04 -------- d-----w- c:\program files\ATI Technologies
2012-01-04 03:07:01 -------- d-----w- c:\program files\ATI
2012-01-04 03:06:08 -------- d-----w- C:\ATI
2012-01-04 02:31:33 -------- d-----w- c:\program files\AMD APP
2011-12-27 18:02:10 -------- d-----w- c:\program files\Defraggler
.
==================== Find3M ====================
.
2012-01-18 02:35:33 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-12-13 02:09:13 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-12-10 15:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-05 04:00:07 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-12-05 03:59:59 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-12-05 03:59:52 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-12-05 03:59:51 669184 ----a-w- c:\windows\system32\pbsvc.exe
2011-12-04 23:55:55 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-12-04 23:55:55 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-11-26 02:43:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:37:27 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-15 14:29:56 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 03:44:12 8913920 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-10 03:17:10 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-11-10 03:16:56 774656 ----a-w- c:\windows\system32\aticfx32.dll
2011-11-10 03:12:24 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-10 03:11:50 417792 ----a-w- c:\windows\system32\atieclxx.exe
2011-11-10 03:11:20 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-11-10 03:10:08 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2011-11-10 03:09:52 360448 ----a-w- c:\windows\system32\atipdlxx.dll
2011-11-10 03:09:40 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-11-10 03:09:32 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-11-10 03:09:24 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-11-10 03:06:20 6077952 ----a-w- c:\windows\system32\atidxx32.dll
2011-11-10 02:58:20 18996224 ----a-w- c:\windows\system32\atioglxx.dll
2011-11-10 02:40:18 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-11-10 02:34:52 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-11-10 02:34:42 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-11-10 02:33:52 5852672 ----a-w- c:\windows\system32\atiumdag.dll
2011-11-10 02:29:58 11300864 ----a-w- c:\windows\system32\aticaldd.dll
2011-11-10 02:29:46 4200960 ----a-w- c:\windows\system32\atiumdva.dll
2011-11-10 02:18:40 51200 ----a-w- c:\windows\system32\coinst.dll
2011-11-10 02:13:20 348160 ----a-w- c:\windows\system32\atiadlxx.dll
2011-11-10 02:13:04 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-11-10 02:12:52 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-11-10 02:12:20 263680 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-10 02:11:46 32256 ----a-w- c:\windows\system32\atiuxpag.dll
2011-11-10 02:11:32 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-11-10 02:11:26 53760 ----a-w- c:\windows\system32\atimpc32.dll
2011-11-10 02:11:26 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2011-11-10 02:11:06 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2011-11-10 02:10:54 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-09 22:39:44 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2011-11-09 22:39:32 54784 ----a-w- c:\windows\system32\OVDecode.dll
2011-11-09 22:38:40 14375936 ----a-w- c:\windows\system32\amdocl.dll
2011-11-09 22:37:46 44032 ----a-w- c:\windows\system32\OpenCL.dll
2011-11-08 14:42:19 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 08:01:53 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01:53 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 21:21:34 56832 ----a-w- c:\windows\system32\OVDecoder.dll
2011-10-25 15:56:04 49152 ----a-w- c:\windows\system32\csrsrv.dll
.
============= FINISH: 14:32:59.02 ===============


--------------


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 04/02/2007 02:54:37
System Uptime: 21/01/2012 14:21:30 (0 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | A8V Deluxe
Processor: AMD Athlon™ 64 X2 Dual Core Processor 3800+ | Socket 939 | 2002/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 373 GiB total, 71.402 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: PCI\VEN_1102&DEV_7003&SUBSYS_00401102&REV_03\3&267A616A&0&71
Manufacturer:
Name:
PNP Device ID: PCI\VEN_1102&DEV_7003&SUBSYS_00401102&REV_03\3&267A616A&0&71
Service:
.
==== System Restore Points ===================
.
RP1371: 18/01/2012 18:13:23 - Scheduled Checkpoint
RP1372: 20/01/2012 00:14:23 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
AC3Filter 1.63b
Active@ DVD Eraser v 1.1
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.5
Advertising Center
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
ASUSUpdate
µTorrent
Auslogics Disk Defrag
Auslogics Registry Defrag
Bing Maps 3D
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility
CCC Help English
CCleaner
Cole2k Media - Nero Audio Plugin Pack
Compatibility Pack for the 2007 Office system
Creative ALchemy
Creative Audio Console
Creative Software AutoUpdate
Crysis WARHEAD®
Crysis®
CyberTweak Version 1.2 Final
D3DX10
Dan Elwell's Broadband Speed Test
DBOX2 Image-Flashing-Assistent 1.5.6
Defraggler
DivX Plus DirectShow Filters
DivX Setup
DolbyFiles
Driver Sweeper version 3.2.0
Dropbox
EA Download Manager
eReg
ESET Smart Security
Far Cry (Patch 1.4)
FLAC 1.2.1b (remove only)
FlashFXP v3
Foxit Reader
GameSpy Comrade
Google Earth
Google Update Helper
GTR 2 1.0.0.0
HHD Software Free Hex Editor Neo 5.01
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hurrican 1.0.0.3
ImagXpress
IrfanView (remove only)
Java Auto Updater
Java™ 6 Update 26
Java™ 6 Update 3
Java™ 6 Update 5
Java™ 6 Update 7
Java™ SE Runtime Environment 6
Junk Mail filter update
KhalInstallWrapper
Logitech SetPoint 6.32
M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player v 1.1
Malwarebytes Anti-Malware version 1.60.0.1800
MDK
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Crimson Skies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access MUI (Greek) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel MUI (Greek) 2007
Microsoft Office Excel Viewer 2003
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove MUI (Greek) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office InfoPath MUI (Greek) 2007
Microsoft Office Language Pack 2007 - Greek/????????
Microsoft Office Live Add-in 1.5
Microsoft Office O MUI (Greek) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office OneNote MUI (Greek) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office Outlook MUI (Greek) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint MUI (Greek) 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Greek) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (Greek) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Publisher MUI (Greek) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (Greek) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer MUI (Greek) 2007
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word MUI (Greek) 2007
Microsoft Office X MUI (Greek) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mozilla Firefox 9.0.1 (x86 en-GB)
MSVC80_x86
MSVC80_x86_v2
MSVC90_x86
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Native Instruments Controller Editor
Native Instruments Guitar Rig 3
Native Instruments Guitar Rig 4
Native Instruments Guitar Rig 5
Native Instruments Guitar Rig Mobile I/O
Native Instruments Guitar Rig Session I/O
Native Instruments GuitarRig2 RTAS VSTi DXi
Native Instruments Service Center
Nero 7 Ultra Edition
Nero ControlCenter
Nero Installer
Nero Mega Plugin Pack
Nero Reloaded PlugIn Pack 2.0.4 by GEAR
Nero Vision
neroxml
OGA Notifier 2.0.0048.0
oggcodecs 0.71.0946
OpenAL
Origin
PC Connectivity Solution
PC Wizard 2010.1.96
Platform
Power Tab Editor 1.7
PunkBuster Services
QuickTime
Revo Uninstaller 1.93
Samsung Kies
Samsung PC Studio 3
SAMSUNG USB Driver for Mobile Phones
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
SecuROM Diagnostic Tool
Segoe UI
Sibelius Scorch (Firefox, Opera, Netscape only)
Skype™ 5.3
Sony Ericsson PC Companion 2.01.210
Sony Ericsson Update Engine
SoulSeek Client 156c
Steam
SUPERAntiSpyware
Ultimate Extras sounds from Microsoft® Tinker™
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596686) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.6195
VIA Platform Device Manager
VLC media player 1.1.11
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live OneCare safety scanner
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Windows Sound Schemes
WinRAR archiver
WinUAE 2.3.1
Xfire (remove only)
Xvid 1.2.2 final uninstall
.
==== Event Viewer Messages From Past Week ========
.
21/01/2012 14:23:31, Error: Service Control Manager [7003] - The Internet Connection Sharing (ICS) service depends the following service: BFE. This service might not be installed.
21/01/2012 14:21:46, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.
21/01/2012 04:50:28, Error: Service Control Manager [7031] - The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
21/01/2012 04:50:21, Error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
21/01/2012 02:06:03, Error: EventLog [6008] - The previous system shutdown at 22:08:13 on 20/01/2012 was unexpected.
20/01/2012 17:02:09, Error: EventLog [6008] - The previous system shutdown at 17:00:37 on 20/01/2012 was unexpected.
20/01/2012 04:47:04, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO AsUpIO CSC DfsC ehdrv ElbyCDIO EpfwLWF NetBIOS netbt nsiproxy PSched RasAcd rdbss SASDIFSV SASKUTIL Smb spldr sptd StarOpen tdx Wanarpv6 ws2ifsl
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The Network Connections service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The DHCP Client service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
20/01/2012 04:47:04, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.
20/01/2012 04:46:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
20/01/2012 04:46:46, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
20/01/2012 04:46:13, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
20/01/2012 04:46:12, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
20/01/2012 04:46:12, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
20/01/2012 04:46:11, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
20/01/2012 04:45:58, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
20/01/2012 04:45:37, Error: EventLog [6008] - The previous system shutdown at 02:03:49 on 20/01/2012 was unexpected.
20/01/2012 04:45:08, Error: sptd [4] - Driver detected an internal error in its data structures for .
20/01/2012 04:45:08, Error: sfsync02 [12] -
19/01/2012 19:16:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wcncsvc with arguments "" in order to run the server: {375FF000-DD27-11D9-8F9C-0002B3988E81}
19/01/2012 19:16:39, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F}
19/01/2012 19:14:42, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AsIO AsUpIO CSC DfsC ehdrv ElbyCDIO EpfwLWF NetBIOS netbt nsiproxy PSched RasAcd rdbss Smb spldr sptd StarOpen tdx Wanarpv6 ws2ifsl
19/01/2012 19:14:15, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
19/01/2012 15:12:33, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
19/01/2012 04:51:45, Error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).
19/01/2012 04:51:23, Error: Service Control Manager [7034] - The NIHardwareService service terminated unexpectedly. It has done this 1 time(s).
19/01/2012 04:51:17, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
18/01/2012 15:00:26, Error: Service Control Manager [7030] - The AMService service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
14/01/2012 20:22:44, Error: Service Control Manager [7034] - The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================



------------------------------


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-21 15:59:34
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Scsi\UlSata1Port2Path0Target2Lun0 Hitachi_ rev.V5CO
Running: 6xs0c1rx.exe; Driver: C:\Users\Tim\AppData\Local\Temp\pxldipod.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwCreateThread [0x9D3C67F0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwLoadDriver [0x9D3C68B0]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetSystemInformation [0x9D3C6870]
SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSystemDebugControl [0x9D3C6830]

INT 0x52 ? 956B8CD0
INT 0x62 ? 93E152D0
INT 0x72 ? 93E15550
INT 0x81 ? 9575DA50
INT 0x82 ? 93E157D0
INT 0x92 ? 93E15A50
INT 0x93 ? 956B8A50
INT 0xA2 ? 9575D550
INT 0xA3 ? 9575DCD0
INT 0xB1 ? 93E15CD0
INT 0xB2 ? 9575D7D0
INT 0xB3 ? 93E15050

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 221 90EF29A4 4 Bytes [F0, 67, 3C, 9D]
.text ntkrnlpa.exe!KeSetEvent + 37D 90EF2B00 4 Bytes [B0, 68, 3C, 9D] {MOV AL, 0x68; CMP AL, 0x9d}
.text ntkrnlpa.exe!KeSetEvent + 5DD 90EF2D60 4 Bytes [70, 68, 3C, 9D] {JO 0x6a; CMP AL, 0x9d}
.text ntkrnlpa.exe!KeSetEvent + 619 90EF2D9C 4 Bytes [30, 68, 3C, 9D] {XOR [EAX+0x3c], CH; POPF }
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x9C201000, 0x3BEEC5, 0xE8000020]
? C:\Users\Tim\AppData\Local\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtProtectVirtualMemory 76F64BA4 5 Bytes JMP 008D000A
.text C:\Windows\system32\svchost.exe[1076] ntdll.dll!NtWriteVirtualMemory 76F654E4 5 Bytes JMP 00CB000A
.text C:\Windows\system32\svchost.exe[1076] ntdll.dll!KiUserExceptionDispatcher 76F65C28 5 Bytes JMP 0029000A
.text C:\Windows\System32\ping.exe[1512] ntdll.dll!NtCreateProcess 76F64304 5 Bytes JMP 0078000A
.text C:\Windows\System32\ping.exe[1512] ntdll.dll!NtCreateProcessEx 76F64314 5 Bytes JMP 0079000A
.text C:\Windows\System32\ping.exe[1512] ntdll.dll!NtProtectVirtualMemory 76F64BA4 5 Bytes JMP 000E000A
.text C:\Windows\System32\ping.exe[1512] ntdll.dll!NtWriteVirtualMemory 76F654E4 5 Bytes JMP 0074000A
.text C:\Windows\System32\ping.exe[1512] ntdll.dll!NtCreateUserProcess 76F65674 5 Bytes JMP 007A000A
.text C:\Windows\System32\ping.exe[1512] ntdll.dll!KiUserExceptionDispatcher 76F65C28 5 Bytes JMP 000D000A
.text C:\Windows\System32\ping.exe[1512] USER32.dll!WindowFromPoint 75B6884F 5 Bytes JMP 0094000A
.text C:\Windows\System32\ping.exe[1512] USER32.dll!GetForegroundWindow 75B732C4 5 Bytes JMP 0095000A
.text C:\Windows\System32\ping.exe[1512] USER32.dll!GetCursorPos 75B80B88 5 Bytes JMP 0093000A
.text C:\Windows\System32\ping.exe[1512] ole32.dll!CoCreateInstance 75A19F3E 5 Bytes JMP 0092000A
.text C:\Program Files\ESET\ESET Smart Security\ekrn.exe[1816] kernel32.dll!SetUnhandledExceptionFilter 7603A8C5 4 Bytes [C2, 04, 00, 00]

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVHook.sys (PC Tools Filter Driver for Windows 2000/XP/PC Tools Research Pty Ltd.)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

Device \Driver\atapi \Device\Ide\IdePort0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T1L0-2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\UlSata \Device\Scsi\UlSata1Port2Path0Target2Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\UlSata \Device\Scsi\UlSata1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology)

---- Processes - GMER 1.0.15 ----

Process C:\Windows\System32\ping.exe (*** hidden *** ) 1512

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\ControlSet001\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet002\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet003\Control\Creative Tech\Ctstring\Strings\{B281720C-75BF-4F9D-AE1F-9ABDF85A8CC2}@ Stereo Envelopment, Expand
Reg HKLM\SYSTEM\ControlSet003\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet004\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet005\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet006\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet007\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet007\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet008\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet008\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet009\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet009\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet010\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet010\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet011\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet011\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet012\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet012\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet013\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet013\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet014\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet014\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\CurrentControlSet\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF-
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet016\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet016\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet017\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet017\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet018\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet018\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet019\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet019\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet020\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet020\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet021\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet021\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet022\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet022\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet023\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet023\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet024\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet024\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet025\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet025\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet026\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet026\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet027\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet027\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet028\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet028\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet029\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet029\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet030\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet030\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet031\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet031\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet032\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet032\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet033\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet033\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet034\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet034\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet035\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet035\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet036\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet036\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet037\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet037\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet038\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet038\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet039\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet039\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet040\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet040\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet041\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet041\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet042\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet042\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet043\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet043\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet044\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet044\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet045\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet045\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet046\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet046\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet047\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet047\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet048\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet048\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...
Reg HKLM\SYSTEM\ControlSet049\Control\Creative Tech\Ctstring\Strings\{C892BAA7-DEBF- (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x1C 0x35 0x27 0x7B ...
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 1
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE1 0x9C 0x19 0x58 ...
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xC1 0xB8 0xF1 0x6D ...
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet049\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x27 0x9B 0xC5 0x43 ...

---- Files - GMER 1.0.15 ----

File C:\Windows\$NtUninstallKB25465$\1450259720 0 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\@ 2048 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\bckfg.tmp 846 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\cfg.ini 185 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\Desktop.ini 4608 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\keywords 269 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\kwrd.dll 223744 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\L 0 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\L\fomtmfeh 75264 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\U 0 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\U\00000001.@ 2048 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\U\00000002.@ 224768 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\U\00000004.@ 1024 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\U\80000000.@ 11264 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\U\80000004.@ 12800 bytes
File C:\Windows\$NtUninstallKB25465$\1450259720\U\80000032.@ 77312 bytes
File C:\Windows\$NtUninstallKB25465$\153093685 0 bytes
File C:\Windows\temp\fla7639.tmp 1351752 bytes
File C:\Windows\temp\Temporary Internet Files\Content.IE5\W0PBMTTS\g[2].js 0 bytes

---- EOF - GMER 1.0.15 ----

BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:52 PM

Posted 21 January 2012 - 11:37 AM

Hello BigTim,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.


1.
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.


2.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


Things to include in our next reply::
Tdsskiller log
Combofix.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 BigTim

BigTim
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:52 AM

Posted 21 January 2012 - 08:34 PM

Hello, right I did exactly as you asked. The thing is, when I ran ComboFix, it kept stalling so I rebooted the pc into Safe Mode and then Tried it again!
It ran right through and did it's job, then I uninstalled ComboFix. So far my pc is running fine an a lot more faster too! So, Here's the results.

17:48:38.0463 3968 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
17:48:38.0741 3968 ============================================================
17:48:38.0741 3968 Current date / time: 2012/01/21 17:48:38.0741
17:48:38.0741 3968 SystemInfo:
17:48:38.0741 3968
17:48:38.0741 3968 OS Version: 6.0.6002 ServicePack: 2.0
17:48:38.0741 3968 Product type: Workstation
17:48:38.0741 3968 ComputerName: TIMS-PC
17:48:38.0741 3968 UserName: Tim
17:48:38.0741 3968 Windows directory: C:\Windows
17:48:38.0741 3968 System windows directory: C:\Windows
17:48:38.0741 3968 Processor architecture: Intel x86
17:48:38.0741 3968 Number of processors: 2
17:48:38.0741 3968 Page size: 0x1000
17:48:38.0741 3968 Boot type: Normal boot
17:48:38.0741 3968 ============================================================
17:48:40.0098 3968 Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000020
17:48:40.0117 3968 Initialize success
17:49:23.0176 1156 ============================================================
17:49:23.0176 1156 Scan started
17:49:23.0176 1156 Mode: Manual;
17:49:23.0176 1156 ============================================================
17:49:24.0192 1156 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
17:49:24.0207 1156 ACPI - ok
17:49:24.0317 1156 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
17:49:24.0332 1156 adp94xx - ok
17:49:24.0379 1156 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
17:49:24.0379 1156 adpahci - ok
17:49:24.0426 1156 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
17:49:24.0442 1156 adpu160m - ok
17:49:24.0457 1156 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
17:49:24.0473 1156 adpu320 - ok
17:49:24.0536 1156 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
17:49:24.0536 1156 AFD - ok
17:49:24.0598 1156 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
17:49:24.0598 1156 agp440 - ok
17:49:24.0629 1156 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
17:49:24.0629 1156 aic78xx - ok
17:49:24.0676 1156 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
17:49:24.0676 1156 aliide - ok
17:49:24.0723 1156 ALSysIO - ok
17:49:24.0801 1156 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
17:49:24.0817 1156 amdagp - ok
17:49:24.0864 1156 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
17:49:24.0864 1156 amdide - ok
17:49:24.0895 1156 amdiox86 (ff258424f0b2ef25eb98f04ee386e6e3) C:\Windows\system32\DRIVERS\amdiox86.sys
17:49:24.0911 1156 amdiox86 - ok
17:49:24.0957 1156 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
17:49:24.0957 1156 AmdK7 - ok
17:49:24.0989 1156 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
17:49:25.0004 1156 AmdK8 - ok
17:49:25.0973 1156 amdkmdag (ab70f110143892eb41aa46500aa5cf00) C:\Windows\system32\DRIVERS\atikmdag.sys
17:49:26.0348 1156 amdkmdag - ok
17:49:26.0442 1156 amdkmdap (32d68d05b871eed5572d0c2c764ea4ec) C:\Windows\system32\DRIVERS\atikmpag.sys
17:49:26.0442 1156 amdkmdap - ok
17:49:26.0551 1156 AnyDVD (2dc0453092230c19a913702360ba717f) C:\Windows\system32\Drivers\AnyDVD.sys
17:49:26.0567 1156 AnyDVD - ok
17:49:26.0661 1156 AODDriver4.0 (62b03afe5cc83bacf064848daa295d9c) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
17:49:26.0676 1156 AODDriver4.0 - ok
17:49:26.0786 1156 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
17:49:26.0786 1156 arc - ok
17:49:26.0817 1156 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
17:49:26.0817 1156 arcsas - ok
17:49:26.0879 1156 AsIO (9d8cb58b9a9e177ddd599791a58a654d) C:\Windows\system32\drivers\AsIO.sys
17:49:26.0879 1156 AsIO - ok
17:49:26.0926 1156 Aspi32 (ed8cee58c1e4c5893f5b2fd686a272bf) C:\Windows\system32\drivers\Aspi32.sys
17:49:26.0942 1156 Aspi32 - ok
17:49:27.0004 1156 AsUpIO (e67493490466b5f04b58c22d2590e8ca) C:\Windows\system32\drivers\AsUpIO.sys
17:49:27.0020 1156 AsUpIO - ok
17:49:27.0082 1156 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
17:49:27.0114 1156 AsyncMac - ok
17:49:27.0176 1156 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
17:49:27.0192 1156 atapi - ok
17:49:27.0239 1156 AVFilter (1e238735f42cfa3429bee1e7c52d360f) C:\Windows\system32\drivers\AVFilter.sys
17:49:27.0239 1156 AVFilter - ok
17:49:27.0254 1156 AVHook (c7d6aeae29826584cc24a10adaff86fc) C:\Windows\system32\drivers\AVHook.sys
17:49:27.0270 1156 AVHook - ok
17:49:27.0286 1156 AVRec (d38dd9338ae5038833e1308d84418708) C:\Windows\system32\drivers\AVRec.sys
17:49:27.0301 1156 AVRec - ok
17:49:27.0332 1156 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
17:49:27.0332 1156 Beep - ok
17:49:27.0364 1156 blbdrive - ok
17:49:27.0411 1156 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
17:49:27.0442 1156 bowser - ok
17:49:27.0489 1156 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
17:49:27.0489 1156 Brserid - ok
17:49:27.0504 1156 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
17:49:27.0504 1156 BrSerWdm - ok
17:49:27.0551 1156 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
17:49:27.0551 1156 BrUsbMdm - ok
17:49:27.0567 1156 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
17:49:27.0567 1156 BTHMODEM - ok
17:49:27.0645 1156 catchme - ok
17:49:27.0676 1156 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
17:49:27.0692 1156 cdfs - ok
17:49:27.0739 1156 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
17:49:27.0770 1156 cdrom - ok
17:49:27.0801 1156 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
17:49:27.0801 1156 circlass - ok
17:49:27.0848 1156 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
17:49:27.0864 1156 CLFS - ok
17:49:27.0895 1156 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
17:49:27.0895 1156 cmdide - ok
17:49:27.0942 1156 COMMONFX (ef44c32b1aef62380426b260bf2c66f1) C:\Windows\system32\drivers\COMMONFX.SYS
17:49:27.0942 1156 COMMONFX - ok
17:49:27.0957 1156 COMMONFX.SYS (ef44c32b1aef62380426b260bf2c66f1) C:\Windows\System32\drivers\COMMONFX.SYS
17:49:27.0973 1156 COMMONFX.SYS - ok
17:49:28.0004 1156 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
17:49:28.0004 1156 Compbatt - ok
17:49:28.0036 1156 cpuz135 (c2eb4539a4f6ab6edd01bdc191619975) C:\Windows\system32\drivers\cpuz135_x32.sys
17:49:28.0051 1156 cpuz135 - ok
17:49:28.0067 1156 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
17:49:28.0082 1156 crcdisk - ok
17:49:28.0129 1156 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
17:49:28.0129 1156 Crusoe - ok
17:49:28.0192 1156 CSC (9bdb2e89be8d0ef37b1f25c3d3fc192c) C:\Windows\system32\drivers\csc.sys
17:49:28.0223 1156 CSC - ok
17:49:28.0286 1156 ctac32k (357c534b38019b597f51c8bf7186c118) C:\Windows\system32\drivers\ctac32k.sys
17:49:28.0317 1156 ctac32k - ok
17:49:28.0348 1156 ctaud2k (691f8259a1f9c983356d8db2cde8043c) C:\Windows\system32\drivers\ctaud2k.sys
17:49:28.0379 1156 ctaud2k - ok
17:49:28.0426 1156 CTAUDFX (7fc78aa6521ef3d9f16e51efab0bf13b) C:\Windows\system32\drivers\CTAUDFX.SYS
17:49:28.0426 1156 CTAUDFX - ok
17:49:28.0457 1156 CTAUDFX.SYS (7fc78aa6521ef3d9f16e51efab0bf13b) C:\Windows\System32\drivers\CTAUDFX.SYS
17:49:28.0457 1156 CTAUDFX.SYS - ok
17:49:28.0520 1156 ctdvda2k (8545d70b0335a05498f34e7e3f8ca9a2) C:\Windows\system32\drivers\ctdvda2k.sys
17:49:28.0551 1156 ctdvda2k - ok
17:49:28.0567 1156 CTERFXFX (16f448354067914e7deaea709011bd60) C:\Windows\system32\drivers\CTERFXFX.SYS
17:49:28.0567 1156 CTERFXFX - ok
17:49:28.0614 1156 CTERFXFX.SYS (16f448354067914e7deaea709011bd60) C:\Windows\System32\drivers\CTERFXFX.SYS
17:49:28.0614 1156 CTERFXFX.SYS - ok
17:49:28.0645 1156 ctprxy2k (4d71541283aea28fb839007be90b5fc7) C:\Windows\system32\drivers\ctprxy2k.sys
17:49:28.0661 1156 ctprxy2k - ok
17:49:28.0739 1156 CTSBLFX (64c83684661be137023f5186a612cf34) C:\Windows\system32\drivers\CTSBLFX.SYS
17:49:28.0754 1156 CTSBLFX - ok
17:49:28.0786 1156 CTSBLFX.SYS (64c83684661be137023f5186a612cf34) C:\Windows\System32\drivers\CTSBLFX.SYS
17:49:28.0801 1156 CTSBLFX.SYS - ok
17:49:28.0817 1156 ctsfm2k (632194572ebde8d461728cf382a7e964) C:\Windows\system32\drivers\ctsfm2k.sys
17:49:28.0848 1156 ctsfm2k - ok
17:49:28.0879 1156 DfsC (02f9989bba6b511e28d557330f9959bd) C:\Windows\system32\Drivers\dfsc.sys
17:49:28.0879 1156 Suspicious file (NoAccess): C:\Windows\system32\Drivers\dfsc.sys. md5: 02f9989bba6b511e28d557330f9959bd
17:49:28.0879 1156 DfsC ( Virus.Win32.ZAccess.k ) - infected
17:49:28.0879 1156 DfsC - detected Virus.Win32.ZAccess.k (0)
17:49:28.0942 1156 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
17:49:28.0973 1156 disk - ok
17:49:29.0145 1156 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
17:49:29.0176 1156 drmkaud - ok
17:49:29.0223 1156 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
17:49:29.0223 1156 DXGKrnl - ok
17:49:29.0254 1156 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
17:49:29.0286 1156 E1G60 - ok
17:49:29.0332 1156 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys
17:49:29.0364 1156 eamonm - ok
17:49:29.0395 1156 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
17:49:29.0411 1156 Ecache - ok
17:49:29.0473 1156 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys
17:49:29.0504 1156 ehdrv - ok
17:49:29.0567 1156 ElbyCDFL (c61c83501268b0110b5c5db7e63dee0c) C:\Windows\system32\Drivers\ElbyCDFL.sys
17:49:29.0598 1156 ElbyCDFL - ok
17:49:29.0629 1156 ElbyCDIO (44996a2addd2db7454f2ca40b67d8941) C:\Windows\system32\Drivers\ElbyCDIO.sys
17:49:29.0645 1156 ElbyCDIO - ok
17:49:29.0676 1156 ElbyDelay (df9957db3bfe5136aad3c2c101806c98) C:\Windows\system32\Drivers\ElbyDelay.sys
17:49:29.0676 1156 ElbyDelay - ok
17:49:29.0723 1156 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
17:49:29.0739 1156 elxstor - ok
17:49:29.0801 1156 emupia (bacd9cc06d7a787e529e7ebf56b671aa) C:\Windows\system32\drivers\emupia2k.sys
17:49:29.0817 1156 emupia - ok
17:49:29.0864 1156 epfw (5ba193ca0ae31209aaa39939ce6736b2) C:\Windows\system32\DRIVERS\epfw.sys
17:49:29.0895 1156 epfw - ok
17:49:29.0942 1156 EpfwLWF (9cefd59c8e5ebfb48165aef54617f539) C:\Windows\system32\DRIVERS\EpfwLWF.sys
17:49:29.0973 1156 EpfwLWF - ok
17:49:30.0020 1156 epfwwfp (7144a06ac105a2a7302944602e415ec1) C:\Windows\system32\DRIVERS\epfwwfp.sys
17:49:30.0036 1156 epfwwfp - ok
17:49:30.0098 1156 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
17:49:30.0098 1156 exfat - ok
17:49:30.0145 1156 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
17:49:30.0145 1156 fastfat - ok
17:49:30.0176 1156 fasttx2k (3acbc73531dedd69837fe73b1623d49c) C:\Windows\system32\DRIVERS\fasttx2k.sys
17:49:30.0207 1156 fasttx2k - ok
17:49:30.0239 1156 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
17:49:30.0270 1156 fdc - ok
17:49:30.0301 1156 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
17:49:30.0348 1156 FileInfo - ok
17:49:30.0379 1156 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
17:49:30.0395 1156 Filetrace - ok
17:49:30.0411 1156 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
17:49:30.0442 1156 flpydisk - ok
17:49:30.0457 1156 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
17:49:30.0504 1156 FltMgr - ok
17:49:30.0551 1156 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
17:49:30.0582 1156 fssfltr - ok
17:49:30.0614 1156 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
17:49:30.0614 1156 Fs_Rec - ok
17:49:30.0645 1156 fvevol (fecf4c2e42440a8d132bf94eee3c3fc9) C:\Windows\system32\DRIVERS\fvevol.sys
17:49:30.0676 1156 fvevol - ok
17:49:30.0723 1156 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:49:30.0739 1156 gagp30kx - ok
17:49:30.0770 1156 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys
17:49:30.0786 1156 ggflt - ok
17:49:30.0801 1156 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys
17:49:30.0817 1156 ggsemc - ok
17:49:30.0864 1156 ha10kx2k (70606233f3ed0e53cb3ea17f846d6a4f) C:\Windows\system32\drivers\ha10kx2k.sys
17:49:30.0895 1156 ha10kx2k - ok
17:49:30.0942 1156 hap16v2k (a0c69ad2a61e576b0207acdd9626e167) C:\Windows\system32\drivers\hap16v2k.sys
17:49:30.0973 1156 hap16v2k - ok
17:49:30.0989 1156 hap17v2k (2ee89452c574d259ada4fc9fc1c07243) C:\Windows\system32\drivers\hap17v2k.sys
17:49:31.0004 1156 hap17v2k - ok
17:49:31.0036 1156 HDAudBus (5fd053f305b77ebe97f284b20d89dc1c) C:\Windows\system32\drivers\hdaudbus.sys
17:49:31.0036 1156 HDAudBus - ok
17:49:31.0067 1156 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
17:49:31.0067 1156 HidBth - ok
17:49:31.0114 1156 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
17:49:31.0114 1156 HidIr - ok
17:49:31.0145 1156 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
17:49:31.0161 1156 HidUsb - ok
17:49:31.0192 1156 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
17:49:31.0192 1156 HpCISSs - ok
17:49:31.0223 1156 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
17:49:31.0286 1156 HTTP - ok
17:49:31.0348 1156 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
17:49:31.0348 1156 i2omp - ok
17:49:31.0411 1156 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
17:49:31.0426 1156 i8042prt - ok
17:49:31.0442 1156 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
17:49:31.0457 1156 iaStorV - ok
17:49:31.0504 1156 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
17:49:31.0504 1156 iirsp - ok
17:49:31.0536 1156 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
17:49:31.0536 1156 intelide - ok
17:49:31.0567 1156 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
17:49:31.0582 1156 intelppm - ok
17:49:31.0645 1156 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:49:31.0661 1156 IpFilterDriver - ok
17:49:31.0723 1156 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
17:49:31.0723 1156 IPMIDRV - ok
17:49:31.0786 1156 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
17:49:31.0801 1156 IPNAT - ok
17:49:31.0832 1156 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
17:49:31.0848 1156 IRENUM - ok
17:49:31.0879 1156 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
17:49:31.0879 1156 isapnp - ok
17:49:31.0911 1156 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
17:49:31.0942 1156 iScsiPrt - ok
17:49:31.0973 1156 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
17:49:31.0989 1156 iteatapi - ok
17:49:32.0036 1156 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
17:49:32.0036 1156 iteraid - ok
17:49:32.0067 1156 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
17:49:32.0098 1156 kbdclass - ok
17:49:32.0114 1156 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
17:49:32.0114 1156 kbdhid - ok
17:49:32.0176 1156 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
17:49:32.0207 1156 KSecDD - ok
17:49:32.0239 1156 L8042Kbd (3ce13abc9f612e08f6b23eecc63780e4) C:\Windows\system32\DRIVERS\L8042Kbd.sys
17:49:32.0239 1156 L8042Kbd - ok
17:49:32.0270 1156 L8042mou (d6fc755ff505d99e6cc73e83492310df) C:\Windows\system32\DRIVERS\L8042mou.Sys
17:49:32.0286 1156 L8042mou - ok
17:49:32.0364 1156 LHidFilt (01cc7fb6e790ef044b411377f3a1ff41) C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:49:32.0364 1156 LHidFilt - ok
17:49:32.0411 1156 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
17:49:32.0426 1156 lltdio - ok
17:49:32.0457 1156 LMouFilt (a2e7eae8898d7b4b8c302b8f4e836bb5) C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:49:32.0473 1156 LMouFilt - ok
17:49:32.0489 1156 LMouKE (c149bdad13194df16ea33f9f601ed7bf) C:\Windows\system32\DRIVERS\LMouKE.Sys
17:49:32.0504 1156 LMouKE - ok
17:49:32.0551 1156 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
17:49:32.0567 1156 LSI_FC - ok
17:49:32.0582 1156 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
17:49:32.0582 1156 LSI_SAS - ok
17:49:32.0629 1156 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
17:49:32.0629 1156 LSI_SCSI - ok
17:49:32.0676 1156 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
17:49:32.0692 1156 luafv - ok
17:49:32.0723 1156 LVPr2Mon (c57c48fb9ae3efb9848af594e3123a63) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
17:49:32.0723 1156 LVPr2Mon - ok
17:49:32.0786 1156 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
17:49:32.0801 1156 MBAMProtector - ok
17:49:32.0832 1156 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
17:49:32.0848 1156 megasas - ok
17:49:32.0895 1156 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
17:49:32.0926 1156 Modem - ok
17:49:32.0957 1156 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
17:49:32.0973 1156 monitor - ok
17:49:33.0004 1156 motccgp (ce5a453095127fba8355322cbb1a995f) C:\Windows\system32\DRIVERS\motccgp.sys
17:49:33.0020 1156 motccgp - ok
17:49:33.0051 1156 motccgpfl (aad6191a4daa519f04ab12b2af73e356) C:\Windows\system32\DRIVERS\motccgpfl.sys
17:49:33.0051 1156 motccgpfl - ok
17:49:33.0067 1156 MotDev (20ff89c59b0a50f53822303064988e00) C:\Windows\system32\DRIVERS\motodrv.sys
17:49:33.0114 1156 MotDev - ok
17:49:33.0145 1156 motmodem (49bc2ea84db5320b880a222e6e11b28b) C:\Windows\system32\DRIVERS\motmodem.sys
17:49:33.0145 1156 motmodem - ok
17:49:33.0176 1156 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
17:49:33.0192 1156 mouclass - ok
17:49:33.0239 1156 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
17:49:33.0254 1156 mouhid - ok
17:49:33.0286 1156 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
17:49:33.0317 1156 MountMgr - ok
17:49:33.0332 1156 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
17:49:33.0348 1156 mpio - ok
17:49:33.0379 1156 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
17:49:33.0426 1156 mpsdrv - ok
17:49:33.0457 1156 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
17:49:33.0457 1156 Mraid35x - ok
17:49:33.0473 1156 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
17:49:33.0473 1156 MRxDAV - ok
17:49:33.0504 1156 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:49:33.0536 1156 mrxsmb - ok
17:49:33.0567 1156 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:49:33.0582 1156 mrxsmb10 - ok
17:49:33.0629 1156 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:49:33.0661 1156 mrxsmb20 - ok
17:49:33.0692 1156 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
17:49:33.0692 1156 msahci - ok
17:49:33.0723 1156 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
17:49:33.0723 1156 msdsm - ok
17:49:33.0786 1156 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
17:49:33.0786 1156 Msfs - ok
17:49:33.0817 1156 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
17:49:33.0832 1156 msisadrv - ok
17:49:33.0879 1156 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
17:49:33.0911 1156 MSKSSRV - ok
17:49:33.0942 1156 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
17:49:33.0942 1156 MSPCLOCK - ok
17:49:33.0957 1156 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
17:49:33.0973 1156 MSPQM - ok
17:49:34.0004 1156 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
17:49:34.0020 1156 MsRPC - ok
17:49:34.0051 1156 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
17:49:34.0082 1156 mssmbios - ok
17:49:34.0098 1156 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
17:49:34.0129 1156 MSTEE - ok
17:49:34.0145 1156 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
17:49:34.0176 1156 Mup - ok
17:49:34.0207 1156 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
17:49:34.0239 1156 NativeWifiP - ok
17:49:34.0270 1156 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
17:49:34.0301 1156 NDIS - ok
17:49:34.0348 1156 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
17:49:34.0348 1156 NdisTapi - ok
17:49:34.0379 1156 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
17:49:34.0411 1156 Ndisuio - ok
17:49:34.0442 1156 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
17:49:34.0473 1156 NdisWan - ok
17:49:34.0504 1156 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
17:49:34.0520 1156 NDProxy - ok
17:49:34.0536 1156 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
17:49:34.0551 1156 NetBIOS - ok
17:49:34.0582 1156 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
17:49:34.0598 1156 netbt - ok
17:49:34.0692 1156 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
17:49:34.0692 1156 nfrd960 - ok
17:49:34.0770 1156 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
17:49:34.0786 1156 Npfs - ok
17:49:34.0817 1156 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
17:49:34.0832 1156 nsiproxy - ok
17:49:34.0895 1156 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
17:49:34.0911 1156 Ntfs - ok
17:49:34.0942 1156 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
17:49:34.0942 1156 ntrigdigi - ok
17:49:34.0973 1156 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
17:49:34.0973 1156 Null - ok
17:49:35.0051 1156 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
17:49:35.0051 1156 ohci1394 - ok
17:49:35.0098 1156 ossrv (ae896073e1bbf98fefc2ec52f62c0fba) C:\Windows\system32\drivers\ctoss2k.sys
17:49:35.0114 1156 ossrv - ok
17:49:35.0176 1156 Parport (8a79fdf04a73428597e2caf9d0d67850) C:\Windows\system32\DRIVERS\parport.sys
17:49:35.0192 1156 Parport - ok
17:49:35.0223 1156 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
17:49:35.0254 1156 partmgr - ok
17:49:35.0270 1156 Parvdm (6c580025c81caf3ae9e3617c22cad00e) C:\Windows\system32\DRIVERS\parvdm.sys
17:49:35.0286 1156 Parvdm - ok
17:49:35.0332 1156 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys
17:49:35.0332 1156 pccsmcfd - ok
17:49:35.0364 1156 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
17:49:35.0379 1156 pci - ok
17:49:35.0426 1156 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
17:49:35.0426 1156 pciide - ok
17:49:35.0457 1156 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
17:49:35.0457 1156 pcmcia - ok
17:49:35.0520 1156 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
17:49:35.0551 1156 pcouffin - ok
17:49:35.0614 1156 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
17:49:35.0629 1156 PEAUTH - ok
17:49:35.0723 1156 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
17:49:35.0739 1156 PptpMiniport - ok
17:49:35.0801 1156 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
17:49:35.0801 1156 Processor - ok
17:49:35.0832 1156 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
17:49:35.0864 1156 PSched - ok
17:49:35.0895 1156 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
17:49:35.0926 1156 ql2300 - ok
17:49:35.0942 1156 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
17:49:35.0957 1156 ql40xx - ok
17:49:35.0989 1156 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
17:49:35.0989 1156 QWAVEdrv - ok
17:49:36.0020 1156 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
17:49:36.0036 1156 RasAcd - ok
17:49:36.0082 1156 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:49:36.0129 1156 Rasl2tp - ok
17:49:36.0161 1156 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
17:49:36.0176 1156 RasPppoe - ok
17:49:36.0192 1156 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
17:49:36.0223 1156 RasSstp - ok
17:49:36.0270 1156 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
17:49:36.0270 1156 rdbss - ok
17:49:36.0301 1156 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:49:36.0317 1156 RDPCDD - ok
17:49:36.0364 1156 rdpdr (943b18305eae3935598a9b4a3d560b4c) C:\Windows\system32\DRIVERS\rdpdr.sys
17:49:36.0395 1156 rdpdr - ok
17:49:36.0426 1156 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
17:49:36.0442 1156 RDPENCDD - ok
17:49:36.0489 1156 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
17:49:36.0489 1156 RDPWD - ok
17:49:36.0520 1156 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys
17:49:36.0536 1156 ROOTMODEM - ok
17:49:36.0582 1156 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
17:49:37.0270 1156 rspndr - ok
17:49:37.0364 1156 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:49:37.0364 1156 SASDIFSV - ok
17:49:37.0379 1156 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:49:37.0379 1156 SASKUTIL - ok
17:49:37.0457 1156 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
17:49:37.0457 1156 sbp2port - ok
17:49:37.0489 1156 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
17:49:37.0504 1156 secdrv - ok
17:49:37.0551 1156 Serenum (ce9ec966638ef0b10b864ddedf62a099) C:\Windows\system32\DRIVERS\serenum.sys
17:49:37.0567 1156 Serenum - ok
17:49:37.0582 1156 Serial (6d663022db3e7058907784ae14b69898) C:\Windows\system32\DRIVERS\serial.sys
17:49:37.0614 1156 Serial - ok
17:49:37.0629 1156 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
17:49:37.0629 1156 sermouse - ok
17:49:37.0692 1156 sfdrv01 (aad95fe3e005489c7156fa111f744eaf) C:\Windows\system32\drivers\sfdrv01.sys
17:49:37.0739 1156 sfdrv01 - ok
17:49:37.0754 1156 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
17:49:37.0754 1156 sffdisk - ok
17:49:37.0786 1156 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
17:49:37.0786 1156 sffp_mmc - ok
17:49:37.0848 1156 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
17:49:37.0848 1156 sffp_sd - ok
17:49:37.0864 1156 sfhlp02 (daad4c099ebf5094d32c373ac1ac0f3c) C:\Windows\system32\drivers\sfhlp02.sys
17:49:37.0879 1156 sfhlp02 - ok
17:49:37.0895 1156 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
17:49:37.0911 1156 sfloppy - ok
17:49:37.0926 1156 sfsync02 (6dc03269f4c71e4ab313c3597f42a340) C:\Windows\system32\drivers\sfsync02.sys
17:49:37.0957 1156 sfsync02 - ok
17:49:37.0973 1156 sfvfs02 (197cef62eb4bc043e1578529fa2b9a48) C:\Windows\system32\drivers\sfvfs02.sys
17:49:37.0989 1156 sfvfs02 - ok
17:49:38.0036 1156 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
17:49:38.0036 1156 SiSRaid2 - ok
17:49:38.0067 1156 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
17:49:38.0067 1156 SiSRaid4 - ok
17:49:38.0098 1156 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
17:49:38.0129 1156 Smb - ok
17:49:38.0161 1156 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
17:49:38.0161 1156 spldr - ok
17:49:38.0176 1156 sptd - ok
17:49:38.0207 1156 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
17:49:38.0254 1156 srv - ok
17:49:38.0317 1156 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
17:49:38.0332 1156 srv2 - ok
17:49:38.0348 1156 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
17:49:38.0379 1156 srvnet - ok
17:49:38.0411 1156 StarOpen (306521935042fc0a6988d528643619b3) C:\Windows\system32\drivers\StarOpen.sys
17:49:38.0411 1156 StarOpen - ok
17:49:38.0457 1156 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
17:49:38.0457 1156 swenum - ok
17:49:38.0504 1156 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
17:49:38.0504 1156 Symc8xx - ok
17:49:38.0520 1156 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
17:49:38.0520 1156 Sym_hi - ok
17:49:38.0551 1156 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
17:49:38.0551 1156 Sym_u3 - ok
17:49:38.0629 1156 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
17:49:38.0645 1156 Tcpip - ok
17:49:38.0707 1156 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
17:49:38.0723 1156 Tcpip6 - ok
17:49:38.0754 1156 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
17:49:38.0770 1156 tcpipreg - ok
17:49:38.0801 1156 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
17:49:38.0817 1156 TDPIPE - ok
17:49:38.0848 1156 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
17:49:38.0879 1156 TDTCP - ok
17:49:38.0911 1156 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
17:49:38.0926 1156 tdx - ok
17:49:38.0957 1156 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
17:49:38.0989 1156 TermDD - ok
17:49:39.0051 1156 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:49:39.0067 1156 tssecsrv - ok
17:49:39.0098 1156 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
17:49:39.0114 1156 tunmp - ok
17:49:39.0161 1156 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
17:49:39.0192 1156 tunnel - ok
17:49:39.0223 1156 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
17:49:39.0223 1156 uagp35 - ok
17:49:39.0270 1156 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
17:49:39.0286 1156 udfs - ok
17:49:39.0332 1156 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
17:49:39.0332 1156 uliagpkx - ok
17:49:39.0364 1156 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
17:49:39.0364 1156 uliahci - ok
17:49:39.0395 1156 UlSata (42de74d4c4be1ac9b27b56302209e536) C:\Windows\system32\DRIVERS\ulsata.sys
17:49:39.0395 1156 UlSata - ok
17:49:39.0426 1156 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\DRIVERS\ulsata2.sys
17:49:39.0457 1156 ulsata2 - ok
17:49:39.0489 1156 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
17:49:39.0489 1156 umbus - ok
17:49:39.0551 1156 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
17:49:39.0551 1156 usbaudio - ok
17:49:39.0582 1156 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
17:49:39.0614 1156 usbccgp - ok
17:49:39.0645 1156 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
17:49:39.0645 1156 usbcir - ok
17:49:39.0676 1156 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
17:49:39.0692 1156 usbehci - ok
17:49:39.0723 1156 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
17:49:39.0754 1156 usbhub - ok
17:49:39.0786 1156 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
17:49:39.0786 1156 usbohci - ok
17:49:39.0817 1156 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
17:49:39.0817 1156 usbprint - ok
17:49:39.0848 1156 usbsermpt (caad3467fbfae8a380f67e9c7150a85e) C:\Windows\system32\DRIVERS\usbsermpt.sys
17:49:39.0848 1156 usbsermpt - ok
17:49:39.0911 1156 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:49:39.0926 1156 USBSTOR - ok
17:49:39.0957 1156 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
17:49:39.0989 1156 usbuhci - ok
17:49:40.0020 1156 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
17:49:40.0051 1156 vga - ok
17:49:40.0082 1156 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
17:49:40.0082 1156 VgaSave - ok
17:49:40.0114 1156 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
17:49:40.0114 1156 viaagp - ok
17:49:40.0145 1156 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
17:49:40.0145 1156 ViaC7 - ok
17:49:40.0176 1156 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
17:49:40.0207 1156 viaide - ok
17:49:40.0254 1156 viamraid (9e897f955ab8f912e4c1c9adaf35762c) C:\Windows\system32\DRIVERS\viamraid.sys
17:49:40.0286 1156 viamraid - ok
17:49:40.0317 1156 videX32 (4cc623591204acd5fc89bd0dad70e838) C:\Windows\system32\DRIVERS\videX32.sys
17:49:40.0332 1156 videX32 - ok
17:49:40.0364 1156 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
17:49:40.0379 1156 volmgr - ok
17:49:40.0411 1156 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
17:49:40.0442 1156 volmgrx - ok
17:49:40.0473 1156 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
17:49:40.0489 1156 volsnap - ok
17:49:40.0520 1156 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
17:49:40.0536 1156 vsmraid - ok
17:49:40.0598 1156 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
17:49:40.0598 1156 WacomPen - ok
17:49:40.0629 1156 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:49:40.0661 1156 Wanarp - ok
17:49:40.0676 1156 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
17:49:40.0676 1156 Wanarpv6 - ok
17:49:40.0723 1156 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
17:49:40.0723 1156 Wd - ok
17:49:40.0770 1156 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
17:49:40.0832 1156 Wdf01000 - ok
17:49:40.0926 1156 WinUSB (676f4b665bdd8053eaa53ac1695b8074) C:\Windows\system32\DRIVERS\WinUSB.sys
17:49:40.0926 1156 WinUSB - ok
17:49:40.0973 1156 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
17:49:40.0973 1156 WmiAcpi - ok
17:49:41.0036 1156 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
17:49:41.0051 1156 WpdUsb - ok
17:49:41.0114 1156 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
17:49:41.0114 1156 ws2ifsl - ok
17:49:41.0161 1156 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:49:41.0176 1156 WUDFRd - ok
17:49:41.0254 1156 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
17:49:41.0301 1156 yukonwlh - ok
17:49:41.0317 1156 MBR (0x1B8) (239841e1ae8e4843c0676f3681a7d6be) \Device\Harddisk0\DR0
17:49:41.0332 1156 \Device\Harddisk0\DR0 - ok
17:49:41.0348 1156 Boot (0x1200) (86154bc4e210602011e9a187e046a1d3) \Device\Harddisk0\DR0\Partition0
17:49:41.0348 1156 \Device\Harddisk0\DR0\Partition0 - ok
17:49:41.0348 1156 ============================================================
17:49:41.0348 1156 Scan finished
17:49:41.0348 1156 ============================================================
17:49:41.0364 2752 Detected object count: 1
17:49:41.0364 2752 Actual detected object count: 1
17:49:58.0301 2752 Backup copy not found, trying to cure infected file..
17:49:58.0332 2752 Cure success, using it..
17:49:58.0411 2752 C:\Windows\system32\Drivers\dfsc.sys - will be cured on reboot
17:50:01.0520 2752 DfsC ( Virus.Win32.ZAccess.k ) - User select action: Cure
17:50:05.0989 3348 Deinitialize success



-----------------------------



ComboFix 12-01-21.02 - Tim 22/01/2012 0:47.7.2 - x86 MINIMAL
Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.44.1033.18.2047.1266 [GMT 0:00]
Running from: c:\users\Tim\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\$NtUninstallKB25465$\1450259720\@
c:\windows\$NtUninstallKB25465$\1450259720\bckfg.tmp
c:\windows\$NtUninstallKB25465$\1450259720\cfg.ini
c:\windows\$NtUninstallKB25465$\1450259720\Desktop.ini
c:\windows\$NtUninstallKB25465$\1450259720\keywords
c:\windows\$NtUninstallKB25465$\1450259720\kwrd.dll
c:\windows\$NtUninstallKB25465$\1450259720\L\fomtmfeh
c:\windows\$NtUninstallKB25465$\1450259720\U\00000001.@
c:\windows\$NtUninstallKB25465$\1450259720\U\00000002.@
c:\windows\$NtUninstallKB25465$\1450259720\U\00000004.@
c:\windows\$NtUninstallKB25465$\1450259720\U\80000000.@
c:\windows\$NtUninstallKB25465$\1450259720\U\80000004.@
c:\windows\$NtUninstallKB25465$\1450259720\U\80000032.@
c:\windows\$NtUninstallKB25465$\153093685
c:\windows\system32\SET6B06.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AMService
.
.
((((((((((((((((((((((((( Files Created from 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))))
.
.
2012-01-22 01:00 . 2012-01-22 01:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-22 00:27 . 2012-01-22 01:00 -------- d-----w- c:\users\Tim\AppData\Local\temp
2012-01-20 07:12 . 2012-01-20 07:12 -------- d-----w- c:\users\Tim\AppData\Local\AMD
2012-01-19 20:09 . 2012-01-19 20:09 -------- d-----w- c:\users\Tim\AppData\Roaming\SUPERAntiSpyware.com
2012-01-19 20:08 . 2012-01-19 20:09 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-18 15:19 . 2012-01-18 15:19 -------- d-----w- c:\program files\Origin Games
2012-01-18 15:19 . 2012-01-18 15:19 -------- d-----w- c:\users\Tim\AppData\Local\Origin
2012-01-18 15:19 . 2012-01-18 15:19 -------- d-----w- c:\users\Tim\AppData\Roaming\Origin
2012-01-18 15:18 . 2012-01-18 15:19 -------- d-----w- c:\programdata\Origin
2012-01-18 15:18 . 2012-01-18 15:18 -------- d-----w- c:\programdata\Electronic Arts
2012-01-18 15:17 . 2012-01-18 15:18 -------- d-----w- c:\program files\Origin
2012-01-18 02:54 . 2012-01-18 02:54 -------- d--h--r- c:\users\Tim\AppData\Roaming\SecuROM
2012-01-18 02:35 . 2012-01-18 02:35 -------- dc-h--w- c:\programdata\{0691F710-1ECA-4B5A-9727-25554F1BFDC6}
2012-01-17 20:16 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{27C54F9C-2FBA-4596-84D8-2123957E6334}\mpengine.dll
2012-01-15 02:23 . 2012-01-15 02:23 -------- d-----w- c:\program files\uTorrent185
2012-01-15 01:54 . 2012-01-19 02:28 -------- d-sha-w- c:\users\Public\DRM
2012-01-15 01:54 . 2012-01-15 01:54 -------- d-----w- c:\program files\HHD Software
2012-01-13 23:20 . 2012-01-13 23:20 3149952 ----a-w- C:\DIR615_v1.00VG_B02.bin
2012-01-13 22:42 . 2009-04-14 13:21 3149952 ----a-w- C:\DIR615D1_v4.11_B02.bin
2012-01-12 06:15 . 2007-07-13 13:05 120832 ----a-w- c:\windows\system32\drivers\viamraid.sys
2012-01-10 22:24 . 2011-11-17 06:48 440192 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-01-10 22:24 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2012-01-10 22:24 . 2011-11-16 16:23 278528 ----a-w- c:\windows\system32\schannel.dll
2012-01-10 22:24 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2012-01-10 22:24 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2012-01-10 22:24 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2012-01-10 22:22 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-01-10 22:22 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-01-10 22:22 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2012-01-10 22:22 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2012-01-10 22:22 . 2011-12-01 15:21 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2012-01-10 22:22 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2012-01-10 22:22 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2012-01-10 22:22 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2012-01-04 19:52 . 2012-01-04 19:52 -------- d-----w- c:\users\Tim\AppData\Local\Native Instruments
2012-01-04 19:52 . 2012-01-04 19:52 -------- dc-h--w- c:\programdata\{9327ACE9-CC82-4A33-9B33-291ACA1E267B}
2012-01-04 19:48 . 2012-01-04 19:48 -------- dc-h--w- c:\programdata\{B0CAD5CC-867E-473E-B55F-339F9635A45D}
2012-01-04 19:46 . 2012-01-04 19:46 -------- dc-h--w- c:\programdata\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
2012-01-04 19:46 . 2012-01-04 19:46 -------- dc-h--w- c:\programdata\{DCC412E7-393B-4016-91FB-9307F059AFB6}
2012-01-04 19:46 . 2012-01-04 19:46 -------- dc-h--w- c:\programdata\{49FAB1E7-7D4E-4015-BBCA-E52669133FB7}
2012-01-04 03:28 . 2012-01-04 03:28 0 ----a-w- c:\windows\ativpsrm.bin
2012-01-04 03:08 . 2012-01-04 03:08 -------- d-----w- c:\programdata\ATI
2012-01-04 03:07 . 2012-01-04 03:08 -------- d-----w- c:\program files\ATI Technologies
2012-01-04 03:07 . 2012-01-04 03:07 -------- d-----w- c:\program files\ATI
2012-01-04 03:06 . 2012-01-04 03:06 -------- d-----w- C:\ATI
2012-01-04 02:31 . 2012-01-04 02:31 -------- d-----w- c:\program files\AMD APP
2011-12-27 18:02 . 2011-12-27 18:02 -------- d-----w- c:\program files\Defraggler
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-21 17:51 . 2011-06-15 18:43 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys
2012-01-18 02:35 . 2007-05-22 03:20 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
2011-12-13 02:09 . 2011-12-13 02:09 53248 ----a-r- c:\users\Tim\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2011-12-13 02:09 . 2011-12-13 02:09 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2011-12-10 15:24 . 2008-05-26 23:54 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-05 04:00 . 2011-12-05 04:00 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2011-12-05 03:59 . 2011-12-05 04:00 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2011-12-05 03:59 . 2011-12-05 03:59 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2011-12-05 03:59 . 2011-12-05 03:59 669184 ----a-w- c:\windows\system32\pbsvc.exe
2011-12-04 23:55 . 2011-08-26 02:19 109144 ----a-w- c:\windows\system32\OpenAL32.dll
2011-12-04 23:55 . 2007-02-04 13:24 445016 ----a-w- c:\windows\system32\wrap_oal.dll
2011-12-04 09:10 . 2011-12-04 09:10 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-11-26 02:43 . 2011-05-16 12:38 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-23 13:37 . 2011-12-13 18:16 2043904 ----a-w- c:\windows\system32\win32k.sys
2011-11-15 14:29 . 2009-10-05 18:36 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-11-10 03:44 . 2011-11-10 03:44 8913920 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2011-11-10 03:17 . 2011-11-10 03:17 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2011-11-10 03:16 . 2011-11-10 03:16 774656 ----a-w- c:\windows\system32\aticfx32.dll
2011-11-10 03:12 . 2011-11-10 03:12 466944 ----a-w- c:\windows\system32\ATIDEMGX.dll
2011-11-10 03:11 . 2011-11-10 03:11 417792 ----a-w- c:\windows\system32\atieclxx.exe
2011-11-10 03:11 . 2011-11-10 03:11 176128 ----a-w- c:\windows\system32\atiesrxx.exe
2011-11-10 03:10 . 2011-11-10 03:10 163840 ----a-w- c:\windows\system32\atitmmxx.dll
2011-11-10 03:09 . 2011-11-10 03:09 360448 ----a-w- c:\windows\system32\atipdlxx.dll
2011-11-10 03:09 . 2011-11-10 03:09 278528 ----a-w- c:\windows\system32\Oemdspif.dll
2011-11-10 03:09 . 2011-11-10 03:09 20992 ----a-w- c:\windows\system32\atimuixx.dll
2011-11-10 03:09 . 2011-11-10 03:09 43520 ----a-w- c:\windows\system32\ati2edxx.dll
2011-11-10 03:06 . 2011-11-10 03:06 6077952 ----a-w- c:\windows\system32\atidxx32.dll
2011-11-10 02:58 . 2011-11-10 02:58 18996224 ----a-w- c:\windows\system32\atioglxx.dll
2011-11-10 02:40 . 2011-11-10 02:40 1828864 ----a-w- c:\windows\system32\atiumdmv.dll
2011-11-10 02:34 . 2011-11-10 02:34 46080 ----a-w- c:\windows\system32\aticalrt.dll
2011-11-10 02:34 . 2011-11-10 02:34 44032 ----a-w- c:\windows\system32\aticalcl.dll
2011-11-10 02:33 . 2011-11-10 02:33 5852672 ----a-w- c:\windows\system32\atiumdag.dll
2011-11-10 02:29 . 2011-11-10 02:29 11300864 ----a-w- c:\windows\system32\aticaldd.dll
2011-11-10 02:29 . 2011-11-10 02:29 4200960 ----a-w- c:\windows\system32\atiumdva.dll
2011-11-10 02:18 . 2011-12-05 00:53 51200 ----a-w- c:\windows\system32\coinst.dll
2011-11-10 02:13 . 2011-11-10 02:13 348160 ----a-w- c:\windows\system32\atiadlxx.dll
2011-11-10 02:13 . 2011-11-10 02:13 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2011-11-10 02:12 . 2011-11-10 02:12 32768 ----a-w- c:\windows\system32\atigktxx.dll
2011-11-10 02:12 . 2011-11-10 02:12 263680 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2011-11-10 02:11 . 2011-11-10 02:11 32256 ----a-w- c:\windows\system32\atiuxpag.dll
2011-11-10 02:11 . 2011-11-10 02:11 29184 ----a-w- c:\windows\system32\atiu9pag.dll
2011-11-10 02:11 . 2011-11-10 02:11 53760 ----a-w- c:\windows\system32\atimpc32.dll
2011-11-10 02:11 . 2011-11-10 02:11 53760 ----a-w- c:\windows\system32\amdpcom32.dll
2011-11-10 02:11 . 2011-11-10 02:11 37376 ----a-w- c:\windows\system32\atitmpxx.dll
2011-11-10 02:10 . 2011-11-10 02:10 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2011-11-09 22:39 . 2011-11-09 22:39 59904 ----a-w- c:\windows\system32\OpenVideo.dll
2011-11-09 22:39 . 2011-11-09 22:39 54784 ----a-w- c:\windows\system32\OVDecode.dll
2011-11-09 22:38 . 2011-11-09 22:38 14375936 ----a-w- c:\windows\system32\amdocl.dll
2011-11-09 22:37 . 2011-11-09 22:37 44032 ----a-w- c:\windows\system32\OpenCL.dll
2011-11-08 14:42 . 2011-12-13 18:16 2048 ----a-w- c:\windows\system32\tzres.dll
2011-11-03 22:47 . 2011-12-13 18:21 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40 . 2011-12-13 18:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39 . 2011-12-13 18:22 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31 . 2011-12-13 18:22 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-27 08:01 . 2011-12-13 18:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-10-27 08:01 . 2011-12-13 18:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-10-25 21:21 . 2011-10-25 21:21 56832 ----a-w- c:\windows\system32\OVDecoder.dll
2011-10-25 15:56 . 2011-12-13 18:16 49152 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-21 07:42 . 2012-01-03 01:15 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-08-09 3076144]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-09 343168]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1387288]
"CTHelper"="CTHELPER.EXE" [2010-03-18 19456]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2870204183-3854321115-3945554432-1000]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2870204183-3854321115-3945554432-1003]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-2870204183-3854321115-3945554432-1005]
"EnableNotificationsRef"=dword:00000001
.
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
2008-04-11 16:23 38400 ----a-w- c:\windows\System32\SoundSchemes.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
2008-08-28 10:50 30720 ----a-w- c:\windows\System32\soundschemes2.exe
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.virginmedia.com/
uInternet Settings,ProxyOverride = local
Trusted Zone: bikermatch.com
Trusted Zone: facebook.com
Trusted Zone: live.com
Trusted Zone: microsoft.com
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\iewan1zv.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.virginmedia.com/
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-75142792.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-22 01:00
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\users\Tim\AppData\Roaming\Dropbox\shellext\l\4f1b603f 124 bytes
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-2870204183-3854321115-3945554432-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*¢
gL]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2870204183-3854321115-3945554432-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*¢
gL\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2870204183-3854321115-3945554432-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*;LB{]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2870204183-3854321115-3945554432-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*S*;LB{\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2870204183-3854321115-3945554432-1000\Software\SecuROM\License information*]
"datasecu"=hex:73,51,16,73,d4,db,37,41,1a,c6,d5,6f,ef,23,f3,41,b2,83,05,32,f6,
04,bb,cc,74,31,80,38,b5,75,54,47,a1,b7,2d,73,83,56,67,5c,03,a5,16,5c,b0,c1,\
"rkeysecu"=hex:ed,1d,34,68,11,39,88,b2,9f,88,f2,b6,18,d8,16,52
.
[HKEY_LOCAL_MACHINE\system\ControlSet015\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet015\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet015\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet015\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1428)
c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
Completion time: 2012-01-22 01:06:09
ComboFix-quarantined-files.txt 2012-01-22 01:06
.
Pre-Run: 75,526,479,872 bytes free
Post-Run: 75,002,060,800 bytes free
.
- - End Of File - - 731A14FCD1A45929CB4C84CDDD6027AD


Thanx in advance. :wink:

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:52 PM

Posted 21 January 2012 - 10:43 PM

Hello,

Why did you uninstall Combofix? Exactly how did you uninstall it? Please run the following.


1.
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


2.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Things to include in your next reply::
MBAM log
Eset log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 BigTim

BigTim
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:52 AM

Posted 22 January 2012 - 05:41 AM

Hiya. I did as you asked, results as follows. As for Combofix, well it makes changes to the system at a very 'low' level so you have to take it out for it to restore the changes, it's got something to do with the way it runs - to take it out, you just type in 'combofix /uininstall' and it'll do just that! check out http://www.bleepingcomputer.com/combofix/how-to-use-combofix...




Malwarebytes Anti-Malware (PRO) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.22.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Tim :: TIMS-PC [administrator]

Protection: Disabled

22/01/2012 04:00:57
mbam-log-2012-01-22 (04-00-57).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 191778
Time elapsed: 8 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)






-----------------------------------------




C:\DownLoads\DriverSweeper_3.1.0.exe Win32/OpenCandy application deleted - quarantined
C:\DownLoads\DriverSweeper_3.2.0.exe Win32/OpenCandy application deleted - quarantined
C:\DownLoads\Hirens Boot CD 14.1 Team MJY MovieJockeY.CoM\Hiren's.BootCD.14.1.UK.Keyboard.iso Win32/PSWTool.KonBoot.A application deleted - quarantined
C:\DownLoads\Nero 7.10.1.0\Nero-7.10.1.0_eng_full.exe Win32/Toolbar.AskSBar application deleted - quarantined




Thanx in advance




#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:52 PM

Posted 22 January 2012 - 01:28 PM

Hello,

As for Combofix, well it makes changes to the system at a very 'low' level so you have to take it out for it to restore the changes, it's got something to do with the way it runs - to take it out, you just type in 'combofix /uininstall' and it'll do just that! check out http://www.bleepingcomputer.com/combofix/how-to-use-combofix...


This is incorrect. I know all about Combofix. Do you realize that when you uninstall Combofix like that it does way more than just uninstall Combofix? This is why we say and give warnings about this and also never uninstall it until we are done. One thing it does is clears all the restore points in your machine to that exact moment. Thus if we had a problem or anything went wrong with Combofix. This does happen from time to time. We would of had no restore points to work off of. In the future when you being helped here at BC please don't do anything other that the helper has asked you to do. There are reasons for doing things in steps and ways we do.


Having said all this your machine appears to be clean now.


Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 7 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7-windows-i586.exe to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered to install a Toolbar, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.
Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.



Congratulations! You now appear clean! :cool:

Are things running okay? Do you have any more questions?

System Still Slow?
You may wish to try StartupLite. Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance.
If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware.

We Need to Clean Up Our Mess
  • Download OTC by OldTimer and save it to your desktop.
  • Double click Posted Image icon to start the program. If you are using Vista, please right-click and choose run as administrator
  • Then Click the big Posted Image button.
  • You will get a prompt saying "Being Cleanup Process". Please select Yes.
  • Restart your computer when prompted.

One of the most common questions found when cleaning malware is "how did my machine get infected?". There are a variety of reasons, but the most common ones are that you are not practicing Safe Internet, you are not running the proper security software or that your computer's security settings are set too low.

Below I have outlined a series of categories that outline how you can increase the security of your computer to help reduce the chance of being infected again in the future.

Do not use P2P programs
Peer-to-peer or file-sharing programs (such as uTorrent, Limewire and Bitorrent) are probably the primary route of infection nowadays. These programs allow file sharing between users as the name(s) suggest. It is almost impossible to know whether the file you’re downloading through P2P programs is safe.

It is therefore possible to be infected by downloading infected files via peer-to-peer programs and so I recommend that you do not use these programs. Should you wish to use them, they must be used with extreme care. Some further reading on this subject, along with included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

In addition, P2P programs facilitate cyber crime and help distribute pirated software, movies and other illegal material.

Practice Safe Internet
Another one of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on. Whether these things are files or sites it doesn't really matter. If something is out to get you, and you click on it, it most likely will.

Below are a list of simple precautions to take to keep your computer clean and running securely:
  • If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that. Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.
  • If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.
  • If you receive an attachment from someone you know, and it looks suspicious, then it probably is. The email could be from someone you know who is themselves infected with malware which is trying to infect everyone in their address book. A key thing to look out for here is: does the email sound as though it’s from the person you know? Often, the email may simply have a web link or a “Run this file to make your PC run fast” message in it.
  • If you are browsing the Internet and a popup appears saying that you are infected, ignore it!. These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software. For an example of these types of pop-ups, or Foistware, you should read this article: Foistware, And how to avoid it.
    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. Removal instructions for a lot of these "rogues" can be found here.
  • Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message or alert. When you click on them, though, they instead bring you to another site that is trying to push a product on you, or will download a file to your PC without your knowledge. You can check to see if it's a real alert by right-clicking on the window. If there is a menu that comes up saying Add to Favorites... you know it's a fake. DO NOT click on these windows, instead close them by finding the open window on your http://en.wikipedia.org/wiki/Taskbar#Screenshots '>Taskbar, right click and chose close.
  • Do not visit pornographic websites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do, as this can often form part of their funding.
  • When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection. Instead when you receive a message that contains a link you should message back to the person asking if it is legit.
  • Stay away from Warez and Crack sites! As with Peer-2-Peer programs, in addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.
  • Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download files from a site, and are not sure if they are legitimate, you can use tools such as BitDefender Traffic Light, Norton Safe Web, or McAfee SiteAdvisor to look up info on the site and stay protected against malicious sites. Please be sure to only choose and install one of those tool bars.
  • DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money. By reading the agreement there is a good chance you can spot this and not install the software.
    Sometimes even legitimate programs will try to bundle extra, unwanted, software with the program you want - this is done to raise money for the program. Be sure to untick any boxes which may indicate that other programs will be downloaded.

Keep Windows up-to-date
Microsoft continually releases security and stability updates for its supported operating systems and you should always apply these to help keep your PC secure.

  • Windows XP users
    You should visit Windows Update to check for the latest updates to your system. The latest service pack (SP3) can be obtained directly from Microsoft here.
  • Windows Vista users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP2) can be obtained directly from Microsoft here.
  • Windows 7 users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP1) can be obtained directly from Microsoft here


Keep your browser secure
Most modern browsers have come on in leaps and bounds with their inbuilt, default security. The best way to keep your browser secure nowadays is simply to keep it up-to-date.

The latest versions of the three common browsers can be found below:

Use an AntiVirus Software
It is very important that your computer has an up-to-date anti-virus software on it which has a real-time agent running. This alone can save you a lot of trouble with malware in the future.
See this link for a listing of some online & their stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources, a couple of free Anti-Virus programs you may be interested in are Microsoft Security Essentials and Avast.

It is imperative that you update your Antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out. If you use a commercial antivirus program you must make sure you keep renewing your subscription. Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.

Use a Firewall
I can not stress how important it is that you use a Firewall on your computer. Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.

All versions of Windows starting from XP have an in-built firewall. With Windows XP this firewall will protect you from incoming traffic (i.e. hackers). Starting with Windows Vista, the firewall was beefed up to also protect you against outgoing traffic (i.e. malicious programs installed on your machine should be blocked from sending data, such as your bank details and passwords, out).

In addition, if you connect to the internet via a router, this will normally have a firewall in-built.

Some people will recommend installing a different firewall (instead of the Windows’ built one), this is personal choice, but the message is to definitely have one! For a tutorial on Firewalls and a listing of some available ones see this link: Understanding and Using Firewalls

Install an Anti-Malware program
Recommended, and free, Anti-Malware programs are Malwarebytes Anti-Malware and SuperAntiSpyware.

You should regularly (perhaps once a week) scan your computer with an Anti-Malware program just as you would with an antivirus software.

Make sure your applications have all of their updates
It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you. Therefore, it is very important to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities (such as Adobe Reader and Java). You can check these by visiting Secunia Software Inspector.

Follow this list and your potential for being infected again will reduce dramatically.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 BigTim

BigTim
  • Topic Starter

  • Members
  • 36 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:52 AM

Posted 22 January 2012 - 01:40 PM

Allo!, I'll do exactly as you instruct! Thanx again for yer patience and understanding!

All the best

Tim :clapping::thumbsup::thumbup2::busy:

#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:52 PM

Posted 22 January 2012 - 01:43 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users