Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with consrv.dll.


  • This topic is locked This topic is locked
25 replies to this topic

#1 vasiica

vasiica

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 21 February 2012 - 07:06 AM

Hello,
yesterday, my av program start popping allert of infection with sirefef. is pointing to a file named consrv.dll from c:\Windows\system32 witch infects a svchost process.
at first i was ok , my belief was that av program is killing the bug, but is keep coming back. tryed boot scans, hitman pro, malwarebytes anti-malware : nothing.
help will be appreciated. thank you in advance.

DDS log :


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.2.0
Run by marius at 12:50:58 on 2012-02-21
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2560 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Core temp\Core Temp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Echobit\LAN Bridger\LbSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
c:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ro/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.ro
uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~2\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No File
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [AsioReg] REGSVR32 /S CTASIO.DLL
mRun: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: Download with Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~2\SDHelper.dll
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{C6715BA8-0A7B-4EC6-99F0-32784C29AA41} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~2\SDHelper.dll
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No File
BHO-X64: Babylon IE plugin - No File
BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO-X64: SkypeIEPluginBHO - No File
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [AsioReg] REGSVR32 /S CTASIO.DLL
mRun-x64: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
IE-X64: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\marius\AppData\Roaming\Mozilla\Firefox\Profiles\i9i3s3gr.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ro/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=
FF - prefs.js: network.proxy.ftp - PROXY.TVR.RO
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 200.76.101.152
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - PROXY.TVR.RO
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - PROXY.TVR.RO
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - PROXY.TVR.RO
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----

.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-1-13 44768]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2012-2-21 105800]
R2 LbSvc;LAN Bridger Service;C:\Program Files\Echobit\LAN Bridger\LbSvc.exe [2010-6-17 2158744]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-4 652360]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-9-7 2253120]
R2 regi;regi;\??\C:\Windows\system32\drivers\regi.sys --> C:\Windows\system32\drivers\regi.sys [?]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-5-31 1153368]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2006-12-31 11576]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-9-22 381248]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-1-19 3027840]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-21 136176]
S3 adusbser;AnyDATA USB Device for Legacy Serial Communication;C:\Windows\system32\DRIVERS\adusbser.sys --> C:\Windows\system32\DRIVERS\adusbser.sys [?]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
S3 COMMONFX.SYS;COMMONFX.SYS;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
S3 COMMONFX;COMMONFX;C:\Windows\system32\drivers\COMMONFX.SYS --> C:\Windows\system32\drivers\COMMONFX.SYS [?]
S3 CTAUDFX.SYS;CTAUDFX.SYS;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
S3 CTAUDFX;CTAUDFX;C:\Windows\system32\drivers\CTAUDFX.SYS --> C:\Windows\system32\drivers\CTAUDFX.SYS [?]
S3 CTSBLFX.SYS;CTSBLFX.SYS;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
S3 CTSBLFX;CTSBLFX;C:\Windows\system32\drivers\CTSBLFX.SYS --> C:\Windows\system32\drivers\CTSBLFX.SYS [?]
S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-21 136176]
S3 LbAdapter;LAN Bridger Virtual Miniport Driver;C:\Windows\system32\DRIVERS\lb.sys --> C:\Windows\system32\DRIVERS\lb.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 51740536]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-2-4 129992]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PAC207;PC Camera;C:\Windows\system32\DRIVERS\PFC027.SYS --> C:\Windows\system32\DRIVERS\PFC027.SYS [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2009-8-22 19952]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?]
S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\system32\DRIVERS\teamviewervpn.sys --> C:\Windows\system32\DRIVERS\teamviewervpn.sys [?]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]
S4 WatAdminSvc;WatAdminSvc;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-02-21 11:14:40 -------- d-----w- C:\sh4ldr
2012-02-21 11:14:40 -------- d-----w- C:\Program Files\Enigma Software Group
2012-02-21 11:14:15 -------- d-----w- C:\Windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP
2012-02-20 23:43:03 25160 ----a-w- C:\Windows\System32\drivers\hitmanpro36.sys
2012-02-20 23:43:02 -------- d-----w- C:\Program Files\HitmanPro
2012-02-20 23:42:37 -------- d-----w- C:\ProgramData\HitmanPro
2012-02-20 20:18:18 -------- d-sh--w- C:\$RECYCLE.BIN
2012-02-20 20:01:46 -------- d-----w- C:\MSCache
2012-02-20 20:01:44 -------- d-----w- C:\Program Files (x86)\Media Center Programs
2012-02-20 20:01:44 -------- d-----w- C:\Program Files (x86)\Macromedia
2012-02-20 20:01:44 -------- d-----w- C:\Program Files (x86)\Intel Corporation
2012-02-20 19:59:24 -------- d-----w- C:\Users\marius\AppData\Local\temp
2012-02-20 19:47:40 -------- d-----w- C:\ComboFix
2012-02-20 19:21:44 691 ----a-w- C:\Users\marius\AppData\Roaming\GetValue.vbs
2012-02-20 19:21:44 35 ----a-w- C:\Users\marius\AppData\Roaming\SetValue.bat
2012-02-20 12:56:17 0 --sha-w- C:\Windows\System32\dds_trash_log.cmd
2012-02-17 08:45:21 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63BAFB53-B5D9-426B-AD34-52BAB5BF1039}\mpengine.dll
2012-02-16 13:19:56 509952 ----a-w- C:\Windows\System32\ntshrui.dll
2012-02-16 13:19:56 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll
2012-02-16 12:47:44 515584 ----a-w- C:\Windows\System32\timedate.cpl
2012-02-16 12:47:44 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl
2012-02-16 12:31:59 3145728 ----a-w- C:\Windows\System32\win32k.sys
2012-02-16 12:31:56 498688 ----a-w- C:\Windows\System32\drivers\afd.sys
2012-02-16 12:31:40 690688 ----a-w- C:\Windows\SysWow64\msvcrt.dll
2012-02-16 12:31:40 634880 ----a-w- C:\Windows\System32\msvcrt.dll
2012-02-15 13:54:28 -------- d-----w- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2012-02-14 15:44:20 -------- d-----w- C:\Program Files (x86)\Palringo
2012-02-14 00:10:21 -------- d-----w- C:\Users\marius\AppData\Roaming\.Tribler
2012-02-12 17:30:06 -------- d-----w- C:\Windows\SysWow64\Adobe
2012-02-10 14:08:35 -------- d-----w- C:\Program Files (x86)\Lame For Audacity
2012-02-10 14:07:19 -------- d-----w- C:\Program Files (x86)\Foxit Software
2012-02-10 14:00:47 -------- d-----w- C:\Program Files\Defraggler
2012-02-10 13:59:44 -------- d-----w- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
2012-02-07 00:21:33 40960 ----a-r- C:\Users\marius\AppData\Roaming\Microsoft\Installer\{2B8AEEF8-8104-45E3-9A5C-521E8E6A6490}\NewShortcut11_2B8AEEF8810445E39A5C521E8E6A6490.exe
2012-02-07 00:21:33 40960 ----a-r- C:\Users\marius\AppData\Roaming\Microsoft\Installer\{2B8AEEF8-8104-45E3-9A5C-521E8E6A6490}\NewShortcut1_2B8AEEF8810445E39A5C521E8E6A6490.exe
2012-02-07 00:21:33 40960 ----a-r- C:\Users\marius\AppData\Roaming\Microsoft\Installer\{2B8AEEF8-8104-45E3-9A5C-521E8E6A6490}\ARPPRODUCTICON.exe
2012-02-07 00:21:33 262144 ----a-r- C:\Users\marius\AppData\Roaming\Microsoft\Installer\{2B8AEEF8-8104-45E3-9A5C-521E8E6A6490}\NewShortcut3_2B8AEEF8810445E39A5C521E8E6A6490.exe
2012-02-07 00:21:21 -------- d-----w- C:\Program Files (x86)\Great Game Products
2012-02-05 00:12:11 -------- d-----w- C:\Users\marius\AppData\Local\Echobit
2012-02-05 00:11:58 -------- d-----w- C:\ProgramData\Echobit
2012-02-05 00:11:43 -------- d-----w- C:\Program Files\Echobit
2012-02-04 21:31:12 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-02-04 21:31:11 -------- d-----w- C:\Program Files (x86)\Aurora
2012-01-26 20:11:33 -------- d-----w- C:\Users\marius\AppData\Local\Opera
2012-01-26 18:43:59 -------- d-----w- C:\Users\marius\AppData\Roaming\.purple
2012-01-26 18:43:36 -------- d-----w- C:\Program Files (x86)\Pidgin
2012-01-26 18:23:14 750488 ----a-w- C:\Windows\System32\npdeployJava1.dll
2012-01-26 18:20:43 637848 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-01-26 14:52:15 -------- d-----w- C:\Users\marius\AppData\Local\Babylon
2012-01-26 14:51:44 142336 ----a-w- C:\Program Files (x86)\Mozilla Firefox\BabyFox.dll
2012-01-26 14:51:41 -------- d-----w- C:\Users\marius\AppData\Roaming\Acapela Group
2012-01-26 14:51:17 -------- d-----w- C:\Users\marius\AppData\Roaming\Babylon
2012-01-26 14:51:17 -------- d-----w- C:\ProgramData\Babylon
2012-01-23 16:52:51 -------- d-----w- C:\Users\marius\AppData\Roaming\Jaran Nilsen
2012-01-23 16:51:35 -------- d-----w- C:\Program Files\iPod
2012-01-23 16:51:34 -------- d-----w- C:\Program Files\iTunes
2012-01-23 16:51:34 -------- d-----w- C:\Program Files (x86)\iTunes
2012-01-23 16:49:52 -------- d-----w- C:\Program Files\Bonjour
2012-01-23 16:49:52 -------- d-----w- C:\Program Files (x86)\Bonjour
2012-01-23 13:12:01 -------- d-----w- C:\Users\marius\AppData\Roaming\FLAC to MP3 Converter
2012-01-23 13:11:41 -------- d-----w- C:\Program Files (x86)\FLAC to MP3 Converter
2012-01-22 16:53:11 340992 ----a-w- C:\Windows\System32\schannel.dll
2012-01-22 16:53:10 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2012-01-22 16:53:10 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2012-01-22 16:53:10 31232 ----a-w- C:\Windows\System32\lsass.exe
2012-01-22 16:53:10 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2012-01-22 16:53:10 28160 ----a-w- C:\Windows\System32\secur32.dll
2012-01-22 16:53:10 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2012-01-22 16:53:10 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2012-01-22 16:53:10 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2012-01-22 16:53:10 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
.
==================== Find3M ====================
.
2012-02-20 19:31:31 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-26 23:52:58 279656 ------w- C:\Windows\System32\MpSigStub.exe
2012-01-26 18:23:11 660368 ----a-w- C:\Windows\System32\deployJava1.dll
2012-01-26 18:20:39 567184 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-12-14 07:11:03 2308096 ----a-w- C:\Windows\System32\jscript9.dll
2011-12-14 07:04:30 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-12-14 07:03:38 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-12-14 06:57:28 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-12-14 03:04:54 1798656 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-12-10 14:24:08 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-12-09 19:00:31 530488 ----a-w- C:\Windows\System32\drivers\sptd.sys
2011-11-28 18:01:25 41184 ----a-w- C:\Windows\avastSS.scr
2011-11-28 17:54:06 591192 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2011-11-28 17:52:11 66904 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2011-11-24 12:33:30 1071088 --s---r- C:\Windows\SysWow64\MSCOMCTL.OCX
.
============= FINISH: 12:54:08,13 ===============

Attached Files


Edited by vasiica, 21 February 2012 - 07:17 AM.


BC AdBot (Login to Remove)

 


#2 vasiica

vasiica
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 22 February 2012 - 06:55 AM

Updates :
scanned with everything possible : avast antivirus (normal scan and boot scan), ad-aware, tdsskiller, eset nod, kaspersky antivirus. they all reported no problem, BUT now and then, at random intervals i got this notification about sirefef related with consrv.dll.
my head is blowing up...

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:12 PM

Posted 22 February 2012 - 09:03 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.
  • Do not run any other tool untill instructed to do so!


Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 vasiica

vasiica
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 22 February 2012 - 11:59 AM

Hello,
First of all thank you for help, much appreciated!!!

Disabled all AV programs and drive emulations software.
COMBOFIX was running smooth - no problem encountered.
Computer is running OK : no problem, a little bit sluggish but in parameters.
Here is the combofix log :


ComboFix 12-02-21.02 - marius 22.02.2012 17:39:42.6.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2420 [GMT 1:00]
Running from: c:\users\marius\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\assembly\temp\@
c:\windows\assembly\temp\cfg.ini
.
.
((((((((((((((((((((((((( Files Created from 2012-01-22 to 2012-02-22 )))))))))))))))))))))))))))))))
.
.
2012-02-22 16:44 . 2012-02-22 16:44 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-02-22 16:44 . 2012-02-22 16:44 -------- d-----w- c:\users\UpdatusUser.marius-PC\AppData\Local\temp
2012-02-22 16:44 . 2012-02-22 16:44 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-02-22 16:44 . 2012-02-22 16:44 -------- d-----w- c:\users\marius\AppData\Local\temp
2012-02-22 16:44 . 2012-02-22 16:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-02-21 19:50 . 2012-02-08 07:13 8643640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49225CC2-A495-48AB-BB2C-8EDA276C6DE6}\mpengine.dll
2012-02-21 19:45 . 2012-02-21 19:45 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2012-02-21 19:15 . 2012-02-21 19:16 -------- d-----w- c:\users\marius\AppData\Roaming\QuickScan
2012-02-21 18:49 . 2012-02-21 18:49 -------- d-----w- c:\program files (x86)\Toolbar Cleaner
2012-02-21 18:49 . 2012-02-22 16:33 -------- d-----w- c:\programdata\Lavasoft
2012-02-21 18:49 . 2012-02-21 18:49 -------- d-----w- c:\program files (x86)\Lavasoft
2012-02-21 16:51 . 2012-02-21 16:51 -------- d-----w- c:\program files (x86)\ESET
2012-02-21 11:14 . 2012-02-21 11:38 -------- d-----w- C:\sh4ldr
2012-02-21 11:14 . 2012-02-21 11:14 -------- d-----w- c:\program files\Enigma Software Group
2012-02-21 11:14 . 2012-02-21 11:38 -------- d-----w- c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP
2012-02-20 23:43 . 2012-02-22 11:41 25160 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-02-20 23:43 . 2012-02-20 23:43 -------- d-----w- c:\program files\HitmanPro
2012-02-20 23:42 . 2012-02-21 00:25 -------- d-----w- c:\programdata\HitmanPro
2012-02-20 20:01 . 2012-02-20 20:01 -------- d-----w- C:\MSCache
2012-02-20 20:01 . 2012-02-20 20:01 -------- d-----w- c:\program files (x86)\Media Center Programs
2012-02-20 20:01 . 2012-02-20 20:01 -------- d-----w- c:\program files (x86)\Macromedia
2012-02-20 20:01 . 2012-02-20 20:01 -------- d-----w- c:\program files (x86)\Intel Corporation
2012-02-20 19:21 . 2012-02-20 19:21 691 ----a-w- c:\users\marius\AppData\Roaming\GetValue.vbs
2012-02-20 19:21 . 2012-02-20 19:21 35 ----a-w- c:\users\marius\AppData\Roaming\SetValue.bat
2012-02-20 12:56 . 2012-02-20 12:56 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-02-16 13:19 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-16 13:19 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-02-16 12:47 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-02-16 12:47 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-02-16 12:31 . 2012-01-14 04:06 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-02-16 12:31 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-02-16 12:31 . 2011-12-16 08:46 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-16 12:31 . 2011-12-16 07:52 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-02-15 13:54 . 2012-02-15 13:55 -------- d-----w- c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
2012-02-14 15:44 . 2012-02-14 15:44 -------- d-----w- c:\program files (x86)\Palringo
2012-02-14 00:10 . 2012-02-14 00:20 -------- d-----w- c:\users\marius\AppData\Roaming\.Tribler
2012-02-12 17:30 . 2012-02-12 17:32 -------- d-----w- c:\windows\SysWow64\Adobe
2012-02-10 14:08 . 2012-02-10 14:08 -------- d-----w- c:\program files (x86)\Lame For Audacity
2012-02-10 14:07 . 2012-02-10 14:07 -------- d-----w- c:\program files (x86)\Foxit Software
2012-02-10 14:03 . 2012-02-10 14:28 -------- d-----w- c:\users\marius\AppData\Roaming\Audacity
2012-02-10 14:00 . 2012-02-10 14:00 -------- d-----w- c:\program files\Defraggler
2012-02-10 13:59 . 2012-02-10 13:59 -------- d-----w- c:\program files (x86)\Audacity 1.3 Beta (Unicode)
2012-02-10 13:54 . 2012-02-10 13:54 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-02-07 00:21 . 2012-02-07 00:21 40960 ----a-r- c:\users\marius\AppData\Roaming\Microsoft\Installer\{2B8AEEF8-8104-45E3-9A5C-521E8E6A6490}\NewShortcut11_2B8AEEF8810445E39A5C521E8E6A6490.exe
2012-02-07 00:21 . 2012-02-07 00:21 40960 ----a-r- c:\users\marius\AppData\Roaming\Microsoft\Installer\{2B8AEEF8-8104-45E3-9A5C-521E8E6A6490}\NewShortcut1_2B8AEEF8810445E39A5C521E8E6A6490.exe
2012-02-07 00:21 . 2012-02-07 00:21 40960 ----a-r- c:\users\marius\AppData\Roaming\Microsoft\Installer\{2B8AEEF8-8104-45E3-9A5C-521E8E6A6490}\ARPPRODUCTICON.exe
2012-02-07 00:21 . 2012-02-07 00:21 262144 ----a-r- c:\users\marius\AppData\Roaming\Microsoft\Installer\{2B8AEEF8-8104-45E3-9A5C-521E8E6A6490}\NewShortcut3_2B8AEEF8810445E39A5C521E8E6A6490.exe
2012-02-07 00:21 . 2012-02-07 00:21 -------- d-----w- c:\program files (x86)\Great Game Products
2012-02-05 00:12 . 2012-02-05 00:12 -------- d-----w- c:\users\marius\AppData\Local\Echobit
2012-02-05 00:11 . 2012-02-05 00:11 -------- d-----w- c:\programdata\Echobit
2012-02-05 00:11 . 2012-02-05 00:11 -------- d-----w- c:\program files\Echobit
2012-02-04 21:31 . 2012-02-09 11:46 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-02-04 21:31 . 2012-02-05 23:28 -------- d-----w- c:\program files (x86)\Aurora
2012-01-26 20:11 . 2012-01-26 20:15 -------- d-----w- c:\users\marius\AppData\Local\Opera
2012-01-26 18:43 . 2012-01-26 18:44 -------- d-----w- c:\users\marius\AppData\Roaming\.purple
2012-01-26 18:43 . 2012-01-26 18:43 -------- d-----w- c:\program files (x86)\Pidgin
2012-01-26 18:41 . 2012-01-26 18:41 -------- d-----w- c:\program files (x86)\Opera
2012-01-26 18:25 . 2012-01-26 18:25 -------- d-----w- c:\program files\Microsoft Silverlight
2012-01-26 18:25 . 2012-01-26 18:25 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-01-26 18:23 . 2012-01-26 18:23 750488 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-01-26 18:20 . 2012-01-26 18:20 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-01-26 18:20 . 2012-01-26 18:20 637848 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-01-26 14:52 . 2012-01-26 14:54 -------- d-----w- c:\users\marius\AppData\Local\Babylon
2012-01-26 14:51 . 2011-01-25 14:40 142336 ----a-w- c:\program files (x86)\Mozilla Firefox\BabyFox.dll
2012-01-26 14:51 . 2012-01-26 14:51 -------- d-----w- c:\users\marius\AppData\Roaming\Acapela Group
2012-01-26 14:51 . 2012-01-26 20:23 -------- d-----w- c:\users\marius\AppData\Roaming\Babylon
2012-01-26 14:51 . 2012-01-26 20:23 -------- d-----w- c:\programdata\Babylon
2012-01-23 16:52 . 2012-01-23 16:52 -------- d-----w- c:\users\marius\AppData\Roaming\Jaran Nilsen
2012-01-23 16:51 . 2012-01-23 16:51 -------- d-----w- c:\program files\iPod
2012-01-23 16:51 . 2012-01-23 16:51 -------- d-----w- c:\program files\iTunes
2012-01-23 16:51 . 2012-01-23 16:51 -------- d-----w- c:\program files (x86)\iTunes
2012-01-23 16:50 . 2012-01-23 16:50 -------- d-----w- c:\program files\Common Files\Apple
2012-01-23 16:49 . 2012-01-23 16:49 -------- d-----w- c:\program files\Bonjour
2012-01-23 16:49 . 2012-01-23 16:49 -------- d-----w- c:\program files (x86)\Bonjour
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-20 19:31 . 2011-06-13 20:47 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-01-29 04:10 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-01-26 18:23 . 2011-04-04 15:34 660368 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-26 18:20 . 2011-04-23 11:02 567184 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-01-14 18:51 . 2012-01-14 18:51 45056 ----a-r- c:\users\marius\AppData\Roaming\Microsoft\Installer\{3FD9FADF-E9C2-440B-B787-F44C7185C3D4}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
2012-01-14 18:51 . 2012-01-14 18:51 45056 ----a-r- c:\users\marius\AppData\Roaming\Microsoft\Installer\{3FD9FADF-E9C2-440B-B787-F44C7185C3D4}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe
2012-01-14 18:51 . 2012-01-14 18:51 45056 ----a-r- c:\users\marius\AppData\Roaming\Microsoft\Installer\{3FD9FADF-E9C2-440B-B787-F44C7185C3D4}\ARPPRODUCTICON.exe
2012-01-14 18:47 . 2012-01-14 18:47 40960 ----a-r- c:\users\marius\AppData\Roaming\Microsoft\Installer\{6BC0CDD6-E0C2-434D-9365-23E79E42DA95}\Options.exe_6BC0CDD6E0C2434D936523E79E42DA95.exe
2011-12-10 14:24 . 2012-01-13 15:09 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-09 19:00 . 2011-04-04 14:53 530488 ----a-w- c:\windows\system32\drivers\sptd.sys
2011-11-28 18:01 . 2012-01-13 15:30 41184 ----a-w- c:\windows\avastSS.scr
2011-11-28 18:01 . 2012-01-13 15:30 199816 ----a-w- c:\windows\SysWow64\aswBoot.exe
2011-11-28 18:01 . 2011-04-03 17:52 256960 ----a-w- c:\windows\system32\aswBoot.exe
2011-11-28 17:54 . 2012-01-13 15:31 591192 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-11-28 17:53 . 2012-01-13 15:31 304472 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-11-28 17:52 . 2012-01-13 15:31 42328 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-11-28 17:52 . 2012-01-13 15:31 58712 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-11-28 17:52 . 2012-01-13 15:31 66904 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-11-28 17:51 . 2012-01-13 15:31 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-02-22_16.13.02 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-06-14 17:30 . 2012-02-22 16:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2011-06-14 17:30 . 2012-02-22 11:39 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
- 2009-07-14 04:54 . 2012-02-22 16:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-02-22 16:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-02-22 16:12 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-02-22 16:12 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-02-22 16:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-02-22 16:12 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2012-02-22 16:14 53094 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-04-03 18:00 . 2012-02-22 16:14 17844 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3317962166-3655415217-2618718703-1000_UserData.bin
+ 2009-07-13 23:31 . 2009-07-14 01:39 51712 c:\windows\system32\consrv.dll
- 2012-02-22 16:12 . 2012-02-22 16:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-22 16:45 . 2012-02-22 16:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-02-22 16:45 . 2012-02-22 16:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-02-22 16:12 . 2012-02-22 16:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 02:36 . 2012-02-22 11:46 663184 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-02-22 16:19 663184 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-02-22 11:46 122052 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-02-22 16:19 122052 c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2012-02-22 16:11 416004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-02-22 16:44 416004 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-04-21 22:30 . 2012-02-22 16:44 22256576 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3317962166-3655415217-2618718703-1000-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll" [2011-03-16 214840]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]
[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-02-19 740216]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AsioReg"="CTASIO.DLL" [2011-04-03 47104]
"AsioThk32Reg"="CTASIO.DLL" [2011-04-03 47104]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-11-28 3744552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Device Detector"=DevDetect.exe -autorun
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AutoShutdown"=
"3200 Scan2PC"="c:\windows\twain_32\Samsung\SCX3200\Scan2Pc.exe"
"Bonus.SSR.FR10"="c:\program files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"KiesTrayAgent"=c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R1 ArcSec;archlp;c:\windows\system32\drivers\ArcSec.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-21 136176]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [x]
R3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS [x]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS [x]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS [x]
R3 ctgame;Game Port;c:\windows\system32\DRIVERS\ctgame.sys [x]
R3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS [x]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 GPU-Z;GPU-Z;c:\temp\GPU-Z.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-21 136176]
R3 LbAdapter;LAN Bridger Virtual Miniport Driver;c:\windows\system32\DRIVERS\lb.sys [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-02-05 129992]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 PAC207;PC Camera;c:\windows\system32\DRIVERS\PFC027.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2012-02-15 19952]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [2012-02-20 105800]
S2 LbSvc;LAN Bridger Service;c:\program files\Echobit\LAN Bridger\LbSvc.exe [2010-06-17 2158744]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-11-17 11576]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S3 ALSysIO;ALSysIO;c:\temp\ALSysIO64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-02-22 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-11-02 11:08]
.
2012-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-21 22:03]
.
2012-02-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-21 22:03]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-11-28 18:01 134384 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-09 12666984]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
iviVD
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ro/
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.ro
IE: Download with Mipony - file://c:\program files (x86)\MiPony\Browser\IEContext.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Translate this web page with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
LSP: mswsock.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\marius\AppData\Roaming\Mozilla\Firefox\Profiles\i9i3s3gr.default\
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ro/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=utf-8&mssrc=ms_kwd&mstb=adawaretb&q=
FF - prefs.js: network.proxy.ftp - PROXY.TVR.RO
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.gopher - 200.76.101.152
FF - prefs.js: network.proxy.gopher_port - 8080
FF - prefs.js: network.proxy.http - PROXY.TVR.RO
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - PROXY.TVR.RO
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - PROXY.TVR.RO
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0

.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.032"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.abr"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.amr"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.apd"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.arw"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.bay"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.bmp"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.bw"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.bwf"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.cel"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.cr2"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.crw"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.cs1"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.dcr"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.dcx"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.dib"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.djv"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.djvu"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.dng"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.emf"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.eps"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.erf"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.fff"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.flc"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.fli"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.fpx"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.gif"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.hdr"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.icn"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.iff"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ilbm"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.int"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.inta"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.iw4"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.j2c"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.j2k"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jbr"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jfif"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jif"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jp2"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jpc"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jpe"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jpeg"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jpg"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jpk"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.jpx"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.kdc"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.lbm"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m15"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m1a"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m2a"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="M4V"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.m75"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.mef"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.mos"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.mpv"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.mrw"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.nef"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.orf"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pbm"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pbr"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pcd"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pct"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pcx"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pef"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pgm"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pic"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pics"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pict"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pix"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.png"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ppm"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.psd"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.psp"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pspbrush"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.pspimage"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.qcp"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.qtpf"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.raf"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ras"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.raw"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rgb"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rgba"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rle"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rsb"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rw2"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.rwl"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sdv"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sfil"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sgi"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.smf"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sml"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.sr2"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.srf"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.srw"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.swa"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.tga"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.thm"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.tif"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.tiff"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.ulw"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40po\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40po"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40pp\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40pp"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v40ppf\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.v40ppf"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.vfw"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.wbm"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.wbmp"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.wmf"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xbm"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xif"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xmp"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (S-1-5-21-3317962166-3655415217-2618718703-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 4.xpm"
.
[HKEY_USERS\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\SecuROM\License information*]
"datasecu"=hex:4d,d6,14,bd,bc,06,d6,b0,cf,0a,da,a9,f8,4f,a2,90,80,64,4f,67,61,
a9,2d,89,54,0e,99,b6,8f,21,3e,43,b1,c4,3f,ca,c1,d3,71,87,75,b8,09,f8,80,c5,\
"rkeysecu"=hex:cd,40,d6,77,dd,7e,10,25,f5,08,3a,93,29,35,9b,f9
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\CDBurnerXP\NMSAccessU.exe
c:\program files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
.
**************************************************************************
.
Completion time: 2012-02-22 17:49:24 - machine was rebooted
ComboFix-quarantined-files.txt 2012-02-22 16:49
ComboFix2.txt 2012-01-13 15:08
.
Pre-Run: 96.250.359.808 bytes free
Post-Run: 95.692.738.560 bytes free
.
- - End Of File - - 494015BE73BA8E9B9E0E4CAB870F5EC7

Edited by vasiica, 22 February 2012 - 12:01 PM.


#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:12 PM

Posted 22 February 2012 - 12:17 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 vasiica

vasiica
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 22 February 2012 - 01:45 PM

Ok, back in bussiness.

!!!UPDATE!!! After COMBOFIX scan, i enabled avast antivirus. 2 new messages apeared : Win32:DNSChanger-VJ and Win64:ZAcces-A.
I downloaded both programs, no problem with them running.
aswMBR detected about 10-12 bugs. I saved the log and clicked on Fix button from aswMBR. he cleaned the files and restarted the system. after POST, chkdsk started to verify the system drive.
And in the root of system drive have apeared a lot of file with .gif extension (17), 2 with .bmp extension 1 with .ico and 1 with .dat extension. Also a new directory called "e" with 10 .png files. i made print-screens, but i don`t deleted. wait for advice for those files .



Logs:

18:59:17.0489 3524 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
18:59:17.0727 3524 ============================================================
18:59:17.0727 3524 Current date / time: 2012/02/22 18:59:17.0727
18:59:17.0727 3524 SystemInfo:
18:59:17.0727 3524
18:59:17.0727 3524 OS Version: 6.1.7601 ServicePack: 1.0
18:59:17.0727 3524 Product type: Workstation
18:59:17.0728 3524 ComputerName: MARIUS-PC
18:59:17.0728 3524 UserName: marius
18:59:17.0728 3524 Windows directory: C:\Windows
18:59:17.0728 3524 System windows directory: C:\Windows
18:59:17.0728 3524 Running under WOW64
18:59:17.0728 3524 Processor architecture: Intel x64
18:59:17.0728 3524 Number of processors: 2
18:59:17.0728 3524 Page size: 0x1000
18:59:17.0728 3524 Boot type: Normal boot
18:59:17.0728 3524 ============================================================
18:59:18.0387 3524 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
18:59:18.0396 3524 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:59:18.0409 3524 Drive \Device\Harddisk2\DR2 - Size: 0x7A000000 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:59:18.0411 3524 \Device\Harddisk0\DR0:
18:59:18.0412 3524 MBR used
18:59:18.0412 3524 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:59:18.0412 3524 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866D800
18:59:18.0412 3524 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x186A0000, BlocksNum 0x5C065800
18:59:18.0412 3524 \Device\Harddisk1\DR1:
18:59:18.0412 3524 MBR used
18:59:18.0412 3524 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
18:59:18.0412 3524 \Device\Harddisk2\DR2:
18:59:18.0413 3524 MBR used
18:59:18.0492 3524 Initialize success
18:59:18.0492 3524 ============================================================
18:59:42.0721 3752 ============================================================
18:59:42.0721 3752 Scan started
18:59:42.0721 3752 Mode: Manual;
18:59:42.0721 3752 ============================================================
18:59:43.0237 3752 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
18:59:43.0239 3752 1394ohci - ok
18:59:43.0258 3752 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
18:59:43.0261 3752 ACPI - ok
18:59:43.0275 3752 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
18:59:43.0276 3752 AcpiPmi - ok
18:59:43.0316 3752 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
18:59:43.0320 3752 adp94xx - ok
18:59:43.0339 3752 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
18:59:43.0343 3752 adpahci - ok
18:59:43.0362 3752 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
18:59:43.0364 3752 adpu320 - ok
18:59:43.0394 3752 adusbser (7579943faa36c7f4c15ab368fdb7db23) C:\Windows\system32\DRIVERS\adusbser.sys
18:59:43.0395 3752 adusbser - ok
18:59:43.0434 3752 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
18:59:43.0438 3752 AFD - ok
18:59:43.0456 3752 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
18:59:43.0457 3752 agp440 - ok
18:59:43.0483 3752 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
18:59:43.0484 3752 aliide - ok
18:59:43.0505 3752 ALSysIO - ok
18:59:43.0527 3752 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
18:59:43.0528 3752 amdide - ok
18:59:43.0550 3752 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
18:59:43.0552 3752 AmdK8 - ok
18:59:43.0579 3752 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
18:59:43.0581 3752 AmdPPM - ok
18:59:43.0613 3752 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
18:59:43.0615 3752 amdsata - ok
18:59:43.0651 3752 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
18:59:43.0653 3752 amdsbs - ok
18:59:43.0672 3752 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
18:59:43.0673 3752 amdxata - ok
18:59:43.0702 3752 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
18:59:43.0703 3752 androidusb - ok
18:59:43.0719 3752 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
18:59:43.0721 3752 AppID - ok
18:59:43.0759 3752 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
18:59:43.0761 3752 arc - ok
18:59:43.0779 3752 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
18:59:43.0781 3752 arcsas - ok
18:59:43.0812 3752 ArcSec - ok
18:59:43.0860 3752 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
18:59:43.0861 3752 aswFsBlk - ok
18:59:43.0892 3752 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
18:59:43.0893 3752 aswMonFlt - ok
18:59:43.0931 3752 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
18:59:43.0932 3752 aswRdr - ok
18:59:43.0957 3752 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
18:59:43.0963 3752 aswSnx - ok
18:59:43.0985 3752 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
18:59:43.0989 3752 aswSP - ok
18:59:44.0019 3752 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
18:59:44.0020 3752 aswTdi - ok
18:59:44.0038 3752 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
18:59:44.0038 3752 AsyncMac - ok
18:59:44.0055 3752 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
18:59:44.0055 3752 atapi - ok
18:59:44.0096 3752 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
18:59:44.0101 3752 b06bdrv - ok
18:59:44.0123 3752 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
18:59:44.0126 3752 b57nd60a - ok
18:59:44.0143 3752 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
18:59:44.0144 3752 Beep - ok
18:59:44.0172 3752 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
18:59:44.0173 3752 blbdrive - ok
18:59:44.0202 3752 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
18:59:44.0204 3752 bowser - ok
18:59:44.0224 3752 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
18:59:44.0225 3752 BrFiltLo - ok
18:59:44.0240 3752 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
18:59:44.0242 3752 BrFiltUp - ok
18:59:44.0278 3752 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
18:59:44.0280 3752 BridgeMP - ok
18:59:44.0298 3752 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
18:59:44.0301 3752 Brserid - ok
18:59:44.0313 3752 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
18:59:44.0315 3752 BrSerWdm - ok
18:59:44.0326 3752 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:59:44.0327 3752 BrUsbMdm - ok
18:59:44.0337 3752 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
18:59:44.0338 3752 BrUsbSer - ok
18:59:44.0357 3752 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
18:59:44.0358 3752 BTHMODEM - ok
18:59:44.0371 3752 catchme - ok
18:59:44.0388 3752 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
18:59:44.0389 3752 cdfs - ok
18:59:44.0414 3752 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
18:59:44.0417 3752 cdrom - ok
18:59:44.0454 3752 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
18:59:44.0456 3752 circlass - ok
18:59:44.0482 3752 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
18:59:44.0486 3752 CLFS - ok
18:59:44.0518 3752 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
18:59:44.0520 3752 CmBatt - ok
18:59:44.0533 3752 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
18:59:44.0534 3752 cmdide - ok
18:59:44.0567 3752 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
18:59:44.0572 3752 CNG - ok
18:59:44.0596 3752 COMMONFX (463be8e74657c88232d8294e35b57a14) C:\Windows\system32\drivers\COMMONFX.SYS
18:59:44.0598 3752 COMMONFX - ok
18:59:44.0606 3752 COMMONFX.DLL - ok
18:59:44.0617 3752 COMMONFX.SYS (463be8e74657c88232d8294e35b57a14) C:\Windows\System32\drivers\COMMONFX.SYS
18:59:44.0618 3752 COMMONFX.SYS - ok
18:59:44.0631 3752 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
18:59:44.0632 3752 Compbatt - ok
18:59:44.0649 3752 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
18:59:44.0651 3752 CompositeBus - ok
18:59:44.0758 3752 cpuz135 - ok
18:59:44.0779 3752 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
18:59:44.0780 3752 crcdisk - ok
18:59:44.0811 3752 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
18:59:44.0816 3752 CSC - ok
18:59:44.0847 3752 ctac32k (4a5026d454ed8a356f08fc3949884fff) C:\Windows\system32\drivers\ctac32k.sys
18:59:44.0853 3752 ctac32k - ok
18:59:44.0890 3752 ctaud2k (b5a2cd7a52d25f3fb7cd43ecbe8eda2b) C:\Windows\system32\drivers\ctaud2k.sys
18:59:44.0899 3752 ctaud2k - ok
18:59:44.0926 3752 CTAUDFX (75e6d64b37a20b08fd9edf8fcac779b6) C:\Windows\system32\drivers\CTAUDFX.SYS
18:59:44.0930 3752 CTAUDFX - ok
18:59:44.0941 3752 CTAUDFX.DLL - ok
18:59:44.0959 3752 CTAUDFX.SYS (75e6d64b37a20b08fd9edf8fcac779b6) C:\Windows\System32\drivers\CTAUDFX.SYS
18:59:44.0963 3752 CTAUDFX.SYS - ok
18:59:44.0977 3752 CTEAPSFX.DLL - ok
18:59:45.0002 3752 CTEDSPFX.DLL (95ec8e61ea004244d5b717500acf2ca5) C:\Windows\System32\CTEDSPFX.DLL
18:59:45.0006 3752 CTEDSPFX.DLL - ok
18:59:45.0025 3752 CTEDSPIO.DLL (b6400f4bf7118eabaffd3532708d0ea3) C:\Windows\System32\CTEDSPIO.DLL
18:59:45.0028 3752 CTEDSPIO.DLL - ok
18:59:45.0046 3752 CTEDSPSY.DLL (72fe0686c2e8590a557dda0c5f019ad9) C:\Windows\System32\CTEDSPSY.DLL
18:59:45.0050 3752 CTEDSPSY.DLL - ok
18:59:45.0063 3752 ctgame - ok
18:59:45.0081 3752 ctprxy2k (8ad1bcc81ef6ada2972d9305eaf35730) C:\Windows\system32\drivers\ctprxy2k.sys
18:59:45.0083 3752 ctprxy2k - ok
18:59:45.0132 3752 CTSBLFX (94f78bd6660447b404227f11cd4ab443) C:\Windows\system32\drivers\CTSBLFX.SYS
18:59:45.0136 3752 CTSBLFX - ok
18:59:45.0144 3752 CTSBLFX.DLL - ok
18:59:45.0161 3752 CTSBLFX.SYS (94f78bd6660447b404227f11cd4ab443) C:\Windows\System32\drivers\CTSBLFX.SYS
18:59:45.0165 3752 CTSBLFX.SYS - ok
18:59:45.0185 3752 ctsfm2k (e09eafb16c02cecaaac8bc806f9cec51) C:\Windows\system32\drivers\ctsfm2k.sys
18:59:45.0188 3752 ctsfm2k - ok
18:59:45.0208 3752 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
18:59:45.0210 3752 DfsC - ok
18:59:45.0242 3752 DgiVecp (2d589a2c024b2fb238535db9f7b3597d) C:\Windows\system32\Drivers\DgiVecp.sys
18:59:45.0244 3752 DgiVecp - ok
18:59:45.0256 3752 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
18:59:45.0257 3752 discache - ok
18:59:45.0275 3752 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
18:59:45.0277 3752 Disk - ok
18:59:45.0315 3752 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
18:59:45.0321 3752 dmvsc - ok
18:59:45.0366 3752 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
18:59:45.0367 3752 drmkaud - ok
18:59:45.0404 3752 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
18:59:45.0413 3752 DXGKrnl - ok
18:59:45.0467 3752 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
18:59:45.0511 3752 ebdrv - ok
18:59:45.0575 3752 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
18:59:45.0633 3752 elxstor - ok
18:59:45.0654 3752 emupia (84f11bf126dba1131c1f8fd87fab8330) C:\Windows\system32\drivers\emupia2k.sys
18:59:45.0656 3752 emupia - ok
18:59:45.0677 3752 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
18:59:45.0678 3752 ErrDev - ok
18:59:45.0767 3752 esgiguard - ok
18:59:45.0813 3752 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
18:59:45.0815 3752 exfat - ok
18:59:45.0842 3752 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
18:59:45.0845 3752 fastfat - ok
18:59:45.0866 3752 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
18:59:45.0867 3752 fdc - ok
18:59:45.0889 3752 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
18:59:45.0891 3752 FileInfo - ok
18:59:45.0909 3752 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
18:59:45.0911 3752 Filetrace - ok
18:59:45.0932 3752 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
18:59:45.0933 3752 flpydisk - ok
18:59:45.0952 3752 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
18:59:45.0955 3752 FltMgr - ok
18:59:45.0979 3752 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
18:59:45.0981 3752 FsDepends - ok
18:59:45.0995 3752 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
18:59:45.0996 3752 Fs_Rec - ok
18:59:46.0019 3752 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
18:59:46.0022 3752 fvevol - ok
18:59:46.0039 3752 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
18:59:46.0047 3752 gagp30kx - ok
18:59:46.0085 3752 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
18:59:46.0085 3752 gdrv - ok
18:59:46.0127 3752 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:59:46.0129 3752 GEARAspiWDM - ok
18:59:46.0144 3752 GPU-Z - ok
18:59:46.0189 3752 ha10kx2k (19c51da5d42de5b01a1d5a0ef926f6b4) C:\Windows\system32\drivers\ha10kx2k.sys
18:59:46.0215 3752 ha10kx2k - ok
18:59:46.0235 3752 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
18:59:46.0236 3752 hcw85cir - ok
18:59:46.0278 3752 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
18:59:46.0282 3752 HdAudAddService - ok
18:59:46.0303 3752 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:59:46.0305 3752 HDAudBus - ok
18:59:46.0321 3752 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
18:59:46.0323 3752 HidBatt - ok
18:59:46.0350 3752 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
18:59:46.0352 3752 HidBth - ok
18:59:46.0371 3752 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
18:59:46.0372 3752 HidIr - ok
18:59:46.0394 3752 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
18:59:46.0395 3752 HidUsb - ok
18:59:46.0433 3752 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
18:59:46.0435 3752 HpSAMD - ok
18:59:46.0465 3752 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
18:59:46.0473 3752 HTTP - ok
18:59:46.0487 3752 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
18:59:46.0488 3752 hwpolicy - ok
18:59:46.0504 3752 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
18:59:46.0506 3752 i8042prt - ok
18:59:46.0530 3752 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
18:59:46.0535 3752 iaStorV - ok
18:59:46.0565 3752 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
18:59:46.0567 3752 iirsp - ok
18:59:46.0653 3752 IntcAzAudAddService (4bbb5a55eeb5ec11b20fcbb4cbb49357) C:\Windows\system32\drivers\RTKVHD64.sys
18:59:46.0697 3752 IntcAzAudAddService - ok
18:59:46.0717 3752 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
18:59:46.0718 3752 intelide - ok
18:59:46.0736 3752 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
18:59:46.0736 3752 intelppm - ok
18:59:46.0757 3752 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:59:46.0758 3752 IpFilterDriver - ok
18:59:46.0789 3752 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
18:59:46.0791 3752 IPMIDRV - ok
18:59:46.0804 3752 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
18:59:46.0806 3752 IPNAT - ok
18:59:46.0826 3752 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
18:59:46.0827 3752 IRENUM - ok
18:59:46.0839 3752 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
18:59:46.0840 3752 isapnp - ok
18:59:46.0862 3752 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
18:59:46.0866 3752 iScsiPrt - ok
18:59:46.0882 3752 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
18:59:46.0883 3752 kbdclass - ok
18:59:46.0901 3752 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
18:59:46.0902 3752 kbdhid - ok
18:59:46.0936 3752 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
18:59:46.0938 3752 KSecDD - ok
18:59:46.0975 3752 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
18:59:46.0978 3752 KSecPkg - ok
18:59:46.0995 3752 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
18:59:46.0997 3752 ksthunk - ok
18:59:47.0051 3752 LbAdapter (157da61573ec2e5760afa6d0d634c3c8) C:\Windows\system32\DRIVERS\lb.sys
18:59:47.0053 3752 LbAdapter - ok
18:59:47.0097 3752 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
18:59:47.0099 3752 lltdio - ok
18:59:47.0144 3752 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
18:59:47.0146 3752 LSI_FC - ok
18:59:47.0163 3752 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
18:59:47.0165 3752 LSI_SAS - ok
18:59:47.0186 3752 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
18:59:47.0188 3752 LSI_SAS2 - ok
18:59:47.0213 3752 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
18:59:47.0216 3752 LSI_SCSI - ok
18:59:47.0240 3752 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
18:59:47.0242 3752 luafv - ok
18:59:47.0261 3752 massfilter - ok
18:59:47.0293 3752 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
18:59:47.0293 3752 MBAMProtector - ok
18:59:47.0335 3752 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
18:59:47.0338 3752 mcdbus - ok
18:59:47.0357 3752 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
18:59:47.0359 3752 megasas - ok
18:59:47.0379 3752 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
18:59:47.0382 3752 MegaSR - ok
18:59:47.0406 3752 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
18:59:47.0407 3752 Modem - ok
18:59:47.0437 3752 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
18:59:47.0437 3752 monitor - ok
18:59:47.0451 3752 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
18:59:47.0453 3752 mouclass - ok
18:59:47.0476 3752 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
18:59:47.0480 3752 mouhid - ok
18:59:47.0525 3752 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
18:59:47.0527 3752 mountmgr - ok
18:59:47.0582 3752 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
18:59:47.0584 3752 mpio - ok
18:59:47.0601 3752 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
18:59:47.0605 3752 mpsdrv - ok
18:59:47.0662 3752 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
18:59:47.0664 3752 MRxDAV - ok
18:59:47.0693 3752 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:59:47.0695 3752 mrxsmb - ok
18:59:47.0721 3752 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:59:47.0726 3752 mrxsmb10 - ok
18:59:47.0742 3752 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:59:47.0744 3752 mrxsmb20 - ok
18:59:47.0765 3752 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
18:59:47.0766 3752 msahci - ok
18:59:47.0791 3752 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
18:59:47.0793 3752 msdsm - ok
18:59:47.0812 3752 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
18:59:47.0813 3752 Msfs - ok
18:59:47.0840 3752 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
18:59:47.0841 3752 mshidkmdf - ok
18:59:47.0861 3752 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
18:59:47.0863 3752 msisadrv - ok
18:59:47.0899 3752 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
18:59:47.0900 3752 MSKSSRV - ok
18:59:47.0916 3752 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
18:59:47.0917 3752 MSPCLOCK - ok
18:59:47.0933 3752 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
18:59:47.0934 3752 MSPQM - ok
18:59:47.0959 3752 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
18:59:47.0963 3752 MsRPC - ok
18:59:47.0982 3752 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
18:59:47.0982 3752 mssmbios - ok
18:59:48.0002 3752 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
18:59:48.0003 3752 MSTEE - ok
18:59:48.0025 3752 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
18:59:48.0026 3752 MTConfig - ok
18:59:48.0055 3752 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
18:59:48.0056 3752 Mup - ok
18:59:48.0090 3752 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
18:59:48.0094 3752 NativeWifiP - ok
18:59:48.0118 3752 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
18:59:48.0123 3752 NDIS - ok
18:59:48.0140 3752 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
18:59:48.0141 3752 NdisCap - ok
18:59:48.0153 3752 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
18:59:48.0154 3752 NdisTapi - ok
18:59:48.0174 3752 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
18:59:48.0175 3752 Ndisuio - ok
18:59:48.0187 3752 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
18:59:48.0190 3752 NdisWan - ok
18:59:48.0208 3752 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
18:59:48.0210 3752 NDProxy - ok
18:59:48.0225 3752 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
18:59:48.0226 3752 NetBIOS - ok
18:59:48.0245 3752 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
18:59:48.0249 3752 NetBT - ok
18:59:48.0298 3752 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
18:59:48.0299 3752 nfrd960 - ok
18:59:48.0323 3752 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
18:59:48.0324 3752 Npfs - ok
18:59:48.0340 3752 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
18:59:48.0342 3752 nsiproxy - ok
18:59:48.0391 3752 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
18:59:48.0400 3752 Ntfs - ok
18:59:48.0427 3752 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
18:59:48.0428 3752 Null - ok
18:59:48.0620 3752 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:59:48.0784 3752 nvlddmkm - ok
18:59:48.0810 3752 NVR0Dev (edfa69e9132a56778d6363cd41843893) C:\Windows\nvoclk64.sys
18:59:48.0812 3752 NVR0Dev - ok
18:59:48.0849 3752 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
18:59:48.0851 3752 nvraid - ok
18:59:48.0865 3752 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
18:59:48.0867 3752 nvstor - ok
18:59:48.0912 3752 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
18:59:48.0919 3752 nv_agp - ok
18:59:48.0939 3752 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
18:59:48.0941 3752 ohci1394 - ok
18:59:48.0981 3752 ossrv (979736e1b96c02ac4bc6bea3f7db7f89) C:\Windows\system32\drivers\ctoss2k.sys
18:59:48.0984 3752 ossrv - ok
18:59:49.0023 3752 PAC207 (3bbee4cbcf1b8c0213b59cd564e57229) C:\Windows\system32\DRIVERS\PFC027.SYS
18:59:49.0031 3752 PAC207 - ok
18:59:49.0057 3752 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
18:59:49.0059 3752 Parport - ok
18:59:49.0076 3752 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
18:59:49.0077 3752 partmgr - ok
18:59:49.0099 3752 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
18:59:49.0102 3752 pci - ok
18:59:49.0115 3752 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
18:59:49.0116 3752 pciide - ok
18:59:49.0134 3752 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
18:59:49.0137 3752 pcmcia - ok
18:59:49.0155 3752 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
18:59:49.0157 3752 pcw - ok
18:59:49.0182 3752 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
18:59:49.0189 3752 PEAUTH - ok
18:59:49.0211 3752 pfc - ok
18:59:49.0255 3752 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
18:59:49.0257 3752 PptpMiniport - ok
18:59:49.0272 3752 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
18:59:49.0273 3752 Processor - ok
18:59:49.0299 3752 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
18:59:49.0301 3752 Psched - ok
18:59:49.0344 3752 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
18:59:49.0370 3752 ql2300 - ok
18:59:49.0386 3752 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
18:59:49.0388 3752 ql40xx - ok
18:59:49.0409 3752 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
18:59:49.0410 3752 QWAVEdrv - ok
18:59:49.0428 3752 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
18:59:49.0429 3752 RasAcd - ok
18:59:49.0452 3752 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:59:49.0453 3752 RasAgileVpn - ok
18:59:49.0472 3752 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:59:49.0474 3752 Rasl2tp - ok
18:59:49.0489 3752 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
18:59:49.0493 3752 RasPppoe - ok
18:59:49.0512 3752 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
18:59:49.0514 3752 RasSstp - ok
18:59:49.0547 3752 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
18:59:49.0551 3752 rdbss - ok
18:59:49.0573 3752 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
18:59:49.0575 3752 rdpbus - ok
18:59:49.0593 3752 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:59:49.0594 3752 RDPCDD - ok
18:59:49.0631 3752 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
18:59:49.0633 3752 RDPDR - ok
18:59:49.0664 3752 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
18:59:49.0665 3752 RDPENCDD - ok
18:59:49.0690 3752 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
18:59:49.0691 3752 RDPREFMP - ok
18:59:49.0714 3752 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
18:59:49.0715 3752 RdpVideoMiniport - ok
18:59:49.0739 3752 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
18:59:49.0742 3752 RDPWD - ok
18:59:49.0767 3752 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
18:59:49.0771 3752 rdyboost - ok
18:59:49.0801 3752 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
18:59:49.0803 3752 regi - ok
18:59:49.0888 3752 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
18:59:49.0890 3752 RivaTuner64 - ok
18:59:49.0926 3752 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
18:59:49.0928 3752 rspndr - ok
18:59:49.0971 3752 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
18:59:49.0974 3752 RTL8167 - ok
18:59:50.0005 3752 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
18:59:50.0007 3752 s3cap - ok
18:59:50.0034 3752 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
18:59:50.0036 3752 sbp2port - ok
18:59:50.0085 3752 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
18:59:50.0086 3752 scfilter - ok
18:59:50.0136 3752 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
18:59:50.0138 3752 Serenum - ok
18:59:50.0156 3752 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
18:59:50.0158 3752 Serial - ok
18:59:50.0175 3752 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
18:59:50.0177 3752 sermouse - ok
18:59:50.0211 3752 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
18:59:50.0212 3752 sffdisk - ok
18:59:50.0230 3752 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
18:59:50.0231 3752 sffp_mmc - ok
18:59:50.0246 3752 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
18:59:50.0247 3752 sffp_sd - ok
18:59:50.0268 3752 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
18:59:50.0269 3752 sfloppy - ok
18:59:50.0309 3752 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
18:59:50.0310 3752 SiSRaid2 - ok
18:59:50.0329 3752 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
18:59:50.0331 3752 SiSRaid4 - ok
18:59:50.0345 3752 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
18:59:50.0347 3752 Smb - ok
18:59:50.0377 3752 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
18:59:50.0378 3752 spldr - ok
18:59:50.0431 3752 sptd - ok
18:59:50.0469 3752 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
18:59:50.0474 3752 srv - ok
18:59:50.0502 3752 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
18:59:50.0507 3752 srv2 - ok
18:59:50.0533 3752 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
18:59:50.0536 3752 srvnet - ok
18:59:50.0577 3752 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
18:59:50.0580 3752 ssadbus - ok
18:59:50.0603 3752 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
18:59:50.0606 3752 ssadmdfl - ok
18:59:50.0650 3752 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
18:59:50.0653 3752 ssadmdm - ok
18:59:50.0689 3752 sscdbus (ed161b91fdf7eaa39469d72d463d5f4e) C:\Windows\system32\DRIVERS\sscdbus.sys
18:59:50.0691 3752 sscdbus - ok
18:59:50.0735 3752 sscdmdfl (4cb09e77593dbd8d7af33b37375ca715) C:\Windows\system32\DRIVERS\sscdmdfl.sys
18:59:50.0736 3752 sscdmdfl - ok
18:59:50.0773 3752 sscdmdm (c7b4cf53497a6e5363f3439427663882) C:\Windows\system32\DRIVERS\sscdmdm.sys
18:59:50.0776 3752 sscdmdm - ok
18:59:50.0805 3752 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
18:59:50.0806 3752 SSPORT - ok
18:59:50.0837 3752 StarOpen (e57b778208c783d8debab320c16a1b82) C:\Windows\system32\drivers\StarOpen.sys
18:59:50.0838 3752 StarOpen - ok
18:59:50.0879 3752 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
18:59:50.0880 3752 stexstor - ok
18:59:50.0911 3752 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
18:59:50.0912 3752 storflt - ok
18:59:50.0935 3752 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
18:59:50.0937 3752 storvsc - ok
18:59:50.0952 3752 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
18:59:50.0954 3752 swenum - ok
18:59:50.0989 3752 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys
18:59:50.0991 3752 Synth3dVsc - ok
18:59:51.0107 3752 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
18:59:51.0120 3752 Tcpip - ok
18:59:51.0160 3752 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
18:59:51.0170 3752 TCPIP6 - ok
18:59:51.0197 3752 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
18:59:51.0199 3752 tcpipreg - ok
18:59:51.0222 3752 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
18:59:51.0224 3752 TDPIPE - ok
18:59:51.0250 3752 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
18:59:51.0251 3752 TDTCP - ok
18:59:51.0269 3752 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
18:59:51.0270 3752 tdx - ok
18:59:51.0318 3752 teamviewervpn (f5520dbb47c60ee83024b38720abda24) C:\Windows\system32\DRIVERS\teamviewervpn.sys
18:59:51.0320 3752 teamviewervpn - ok
18:59:51.0404 3752 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
18:59:51.0408 3752 TermDD - ok
18:59:51.0471 3752 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
18:59:51.0473 3752 terminpt - ok
18:59:51.0522 3752 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:59:51.0524 3752 tssecsrv - ok
18:59:51.0547 3752 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
18:59:51.0553 3752 TsUsbFlt - ok
18:59:51.0575 3752 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
18:59:51.0579 3752 TsUsbGD - ok
18:59:51.0607 3752 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
18:59:51.0609 3752 tsusbhub - ok
18:59:51.0638 3752 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
18:59:51.0641 3752 tunnel - ok
18:59:51.0666 3752 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
18:59:51.0668 3752 uagp35 - ok
18:59:51.0699 3752 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
18:59:51.0704 3752 udfs - ok
18:59:51.0734 3752 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
18:59:51.0735 3752 uliagpkx - ok
18:59:51.0756 3752 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
18:59:51.0758 3752 umbus - ok
18:59:51.0784 3752 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
18:59:51.0785 3752 UmPass - ok
18:59:51.0828 3752 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
18:59:51.0830 3752 usbaudio - ok
18:59:51.0853 3752 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
18:59:51.0855 3752 usbccgp - ok
18:59:51.0879 3752 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
18:59:51.0882 3752 usbcir - ok
18:59:51.0902 3752 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
18:59:51.0903 3752 usbehci - ok
18:59:51.0933 3752 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
18:59:51.0937 3752 usbhub - ok
18:59:51.0960 3752 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
18:59:51.0962 3752 usbohci - ok
18:59:51.0982 3752 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
18:59:51.0983 3752 usbprint - ok
18:59:52.0020 3752 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
18:59:52.0021 3752 usbscan - ok
18:59:52.0052 3752 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:59:52.0054 3752 USBSTOR - ok
18:59:52.0094 3752 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
18:59:52.0100 3752 usbuhci - ok
18:59:52.0139 3752 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
18:59:52.0141 3752 usbvideo - ok
18:59:52.0173 3752 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
18:59:52.0174 3752 vdrvroot - ok
18:59:52.0205 3752 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
18:59:52.0206 3752 vga - ok
18:59:52.0224 3752 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
18:59:52.0225 3752 VgaSave - ok
18:59:52.0240 3752 VGPU - ok
18:59:52.0259 3752 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
18:59:52.0262 3752 vhdmp - ok
18:59:52.0280 3752 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
18:59:52.0281 3752 viaide - ok
18:59:52.0315 3752 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
18:59:52.0318 3752 vmbus - ok
18:59:52.0336 3752 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
18:59:52.0337 3752 VMBusHID - ok
18:59:52.0360 3752 VMnetAdapter - ok
18:59:52.0374 3752 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
18:59:52.0376 3752 volmgr - ok
18:59:52.0395 3752 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
18:59:52.0399 3752 volmgrx - ok
18:59:52.0420 3752 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
18:59:52.0424 3752 volsnap - ok
18:59:52.0445 3752 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
18:59:52.0448 3752 vsmraid - ok
18:59:52.0474 3752 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
18:59:52.0475 3752 vwifibus - ok
18:59:52.0507 3752 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
18:59:52.0508 3752 WacomPen - ok
18:59:52.0542 3752 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:59:52.0544 3752 WANARP - ok
18:59:52.0551 3752 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
18:59:52.0552 3752 Wanarpv6 - ok
18:59:52.0606 3752 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
18:59:52.0607 3752 Wd - ok
18:59:52.0633 3752 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
18:59:52.0639 3752 Wdf01000 - ok
18:59:52.0678 3752 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
18:59:52.0680 3752 WfpLwf - ok
18:59:52.0700 3752 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
18:59:52.0702 3752 WIMMount - ok
18:59:52.0775 3752 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
18:59:52.0776 3752 WinUsb - ok
18:59:52.0801 3752 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
18:59:52.0803 3752 WmiAcpi - ok
18:59:52.0838 3752 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
18:59:52.0840 3752 ws2ifsl - ok
18:59:52.0889 3752 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
18:59:52.0891 3752 WudfPf - ok
18:59:52.0925 3752 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:59:52.0927 3752 WUDFRd - ok
18:59:52.0949 3752 ZTEusbmdm6k - ok
18:59:52.0961 3752 ZTEusbnmea - ok
18:59:52.0973 3752 ZTEusbser6k - ok
18:59:53.0000 3752 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:59:53.0040 3752 \Device\Harddisk0\DR0 - ok
18:59:53.0045 3752 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
18:59:53.0046 3752 \Device\Harddisk1\DR1 - ok
18:59:53.0055 3752 MBR (0x1B8) (58c1273b39184d114e71cb61d4755d9b) \Device\Harddisk2\DR2
18:59:56.0324 3752 \Device\Harddisk2\DR2 - ok
18:59:56.0330 3752 Boot (0x1200) (b8cfc7c8e28e6ddba20bf972ef47e5f4) \Device\Harddisk0\DR0\Partition0
18:59:56.0331 3752 \Device\Harddisk0\DR0\Partition0 - ok
18:59:56.0348 3752 Boot (0x1200) (8fde9271c09c380d714c477ee54239ee) \Device\Harddisk0\DR0\Partition1
18:59:56.0349 3752 \Device\Harddisk0\DR0\Partition1 - ok
18:59:56.0367 3752 Boot (0x1200) (fbc6c6639d77744b4022cfa0ed04e9e9) \Device\Harddisk0\DR0\Partition2
18:59:56.0369 3752 \Device\Harddisk0\DR0\Partition2 - ok
18:59:56.0374 3752 Boot (0x1200) (c4ac835a931d6bd6a5e19d90f0617022) \Device\Harddisk1\DR1\Partition0
18:59:56.0375 3752 \Device\Harddisk1\DR1\Partition0 - ok
18:59:56.0377 3752 ============================================================
18:59:56.0377 3752 Scan finished
18:59:56.0377 3752 ============================================================
18:59:56.0388 1468 Detected object count: 0
18:59:56.0388 1468 Actual detected object count: 0
19:00:05.0317 5700 ============================================================
19:00:05.0317 5700 Scan started
19:00:05.0317 5700 Mode: Manual; TDLFS;
19:00:05.0317 5700 ============================================================
19:00:06.0034 5700 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
19:00:06.0035 5700 1394ohci - ok
19:00:06.0055 5700 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:00:06.0057 5700 ACPI - ok
19:00:06.0072 5700 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:00:06.0073 5700 AcpiPmi - ok
19:00:06.0113 5700 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:00:06.0116 5700 adp94xx - ok
19:00:06.0145 5700 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:00:06.0146 5700 adpahci - ok
19:00:06.0168 5700 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:00:06.0169 5700 adpu320 - ok
19:00:06.0191 5700 adusbser (7579943faa36c7f4c15ab368fdb7db23) C:\Windows\system32\DRIVERS\adusbser.sys
19:00:06.0192 5700 adusbser - ok
19:00:06.0223 5700 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:00:06.0225 5700 AFD - ok
19:00:06.0244 5700 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:00:06.0245 5700 agp440 - ok
19:00:06.0263 5700 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:00:06.0264 5700 aliide - ok
19:00:06.0277 5700 ALSysIO - ok
19:00:06.0307 5700 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:00:06.0308 5700 amdide - ok
19:00:06.0322 5700 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:00:06.0323 5700 AmdK8 - ok
19:00:06.0343 5700 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:00:06.0344 5700 AmdPPM - ok
19:00:06.0377 5700 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:00:06.0378 5700 amdsata - ok
19:00:06.0398 5700 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:00:06.0399 5700 amdsbs - ok
19:00:06.0419 5700 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:00:06.0419 5700 amdxata - ok
19:00:06.0450 5700 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
19:00:06.0450 5700 androidusb - ok
19:00:06.0466 5700 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:00:06.0467 5700 AppID - ok
19:00:06.0490 5700 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:00:06.0490 5700 arc - ok
19:00:06.0502 5700 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:00:06.0502 5700 arcsas - ok
19:00:06.0512 5700 ArcSec - ok
19:00:06.0550 5700 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
19:00:06.0550 5700 aswFsBlk - ok
19:00:06.0606 5700 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
19:00:06.0606 5700 aswMonFlt - ok
19:00:06.0670 5700 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
19:00:06.0670 5700 aswRdr - ok
19:00:06.0790 5700 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
19:00:06.0793 5700 aswSnx - ok
19:00:06.0832 5700 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
19:00:06.0834 5700 aswSP - ok
19:00:06.0848 5700 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
19:00:06.0849 5700 aswTdi - ok
19:00:06.0868 5700 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:00:06.0869 5700 AsyncMac - ok
19:00:06.0885 5700 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:00:06.0886 5700 atapi - ok
19:00:06.0919 5700 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:00:06.0921 5700 b06bdrv - ok
19:00:06.0936 5700 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:00:06.0938 5700 b57nd60a - ok
19:00:06.0956 5700 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:00:06.0957 5700 Beep - ok
19:00:06.0986 5700 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:00:06.0986 5700 blbdrive - ok
19:00:07.0016 5700 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:00:07.0017 5700 bowser - ok
19:00:07.0038 5700 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:00:07.0038 5700 BrFiltLo - ok
19:00:07.0054 5700 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:00:07.0055 5700 BrFiltUp - ok
19:00:07.0084 5700 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:00:07.0085 5700 BridgeMP - ok
19:00:07.0103 5700 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:00:07.0105 5700 Brserid - ok
19:00:07.0119 5700 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:00:07.0119 5700 BrSerWdm - ok
19:00:07.0131 5700 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:00:07.0132 5700 BrUsbMdm - ok
19:00:07.0142 5700 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:00:07.0143 5700 BrUsbSer - ok
19:00:07.0162 5700 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:00:07.0163 5700 BTHMODEM - ok
19:00:07.0177 5700 catchme - ok
19:00:07.0218 5700 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:00:07.0219 5700 cdfs - ok
19:00:07.0245 5700 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:00:07.0246 5700 cdrom - ok
19:00:07.0268 5700 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:00:07.0269 5700 circlass - ok
19:00:07.0287 5700 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:00:07.0289 5700 CLFS - ok
19:00:07.0316 5700 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:00:07.0316 5700 CmBatt - ok
19:00:07.0347 5700 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:00:07.0348 5700 cmdide - ok
19:00:07.0381 5700 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:00:07.0383 5700 CNG - ok
19:00:07.0402 5700 COMMONFX (463be8e74657c88232d8294e35b57a14) C:\Windows\system32\drivers\COMMONFX.SYS
19:00:07.0403 5700 COMMONFX - ok
19:00:07.0410 5700 COMMONFX.DLL - ok
19:00:07.0421 5700 COMMONFX.SYS (463be8e74657c88232d8294e35b57a14) C:\Windows\System32\drivers\COMMONFX.SYS
19:00:07.0423 5700 COMMONFX.SYS - ok
19:00:07.0437 5700 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:00:07.0437 5700 Compbatt - ok
19:00:07.0455 5700 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:00:07.0456 5700 CompositeBus - ok
19:00:07.0582 5700 cpuz135 - ok
19:00:07.0609 5700 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:00:07.0610 5700 crcdisk - ok
19:00:07.0650 5700 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:00:07.0653 5700 CSC - ok
19:00:07.0686 5700 ctac32k (4a5026d454ed8a356f08fc3949884fff) C:\Windows\system32\drivers\ctac32k.sys
19:00:07.0689 5700 ctac32k - ok
19:00:07.0712 5700 ctaud2k (b5a2cd7a52d25f3fb7cd43ecbe8eda2b) C:\Windows\system32\drivers\ctaud2k.sys
19:00:07.0717 5700 ctaud2k - ok
19:00:07.0739 5700 CTAUDFX (75e6d64b37a20b08fd9edf8fcac779b6) C:\Windows\system32\drivers\CTAUDFX.SYS
19:00:07.0743 5700 CTAUDFX - ok
19:00:07.0750 5700 CTAUDFX.DLL - ok
19:00:07.0766 5700 CTAUDFX.SYS (75e6d64b37a20b08fd9edf8fcac779b6) C:\Windows\System32\drivers\CTAUDFX.SYS
19:00:07.0770 5700 CTAUDFX.SYS - ok
19:00:07.0777 5700 CTEAPSFX.DLL - ok
19:00:07.0799 5700 CTEDSPFX.DLL (95ec8e61ea004244d5b717500acf2ca5) C:\Windows\System32\CTEDSPFX.DLL
19:00:07.0801 5700 CTEDSPFX.DLL - ok
19:00:07.0818 5700 CTEDSPIO.DLL (b6400f4bf7118eabaffd3532708d0ea3) C:\Windows\System32\CTEDSPIO.DLL
19:00:07.0820 5700 CTEDSPIO.DLL - ok
19:00:07.0835 5700 CTEDSPSY.DLL (72fe0686c2e8590a557dda0c5f019ad9) C:\Windows\System32\CTEDSPSY.DLL
19:00:07.0837 5700 CTEDSPSY.DLL - ok
19:00:07.0845 5700 ctgame - ok
19:00:07.0862 5700 ctprxy2k (8ad1bcc81ef6ada2972d9305eaf35730) C:\Windows\system32\drivers\ctprxy2k.sys
19:00:07.0863 5700 ctprxy2k - ok
19:00:07.0892 5700 CTSBLFX (94f78bd6660447b404227f11cd4ab443) C:\Windows\system32\drivers\CTSBLFX.SYS
19:00:07.0895 5700 CTSBLFX - ok
19:00:07.0902 5700 CTSBLFX.DLL - ok
19:00:07.0918 5700 CTSBLFX.SYS (94f78bd6660447b404227f11cd4ab443) C:\Windows\System32\drivers\CTSBLFX.SYS
19:00:07.0922 5700 CTSBLFX.SYS - ok
19:00:07.0941 5700 ctsfm2k (e09eafb16c02cecaaac8bc806f9cec51) C:\Windows\system32\drivers\ctsfm2k.sys
19:00:07.0942 5700 ctsfm2k - ok
19:00:07.0964 5700 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:00:07.0965 5700 DfsC - ok
19:00:08.0014 5700 DgiVecp (2d589a2c024b2fb238535db9f7b3597d) C:\Windows\system32\Drivers\DgiVecp.sys
19:00:08.0015 5700 DgiVecp - ok
19:00:08.0028 5700 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:00:08.0029 5700 discache - ok
19:00:08.0048 5700 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:00:08.0048 5700 Disk - ok
19:00:08.0071 5700 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
19:00:08.0072 5700 dmvsc - ok
19:00:08.0105 5700 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:00:08.0106 5700 drmkaud - ok
19:00:08.0134 5700 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:00:08.0139 5700 DXGKrnl - ok
19:00:08.0197 5700 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:00:08.0214 5700 ebdrv - ok
19:00:08.0237 5700 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:00:08.0240 5700 elxstor - ok
19:00:08.0258 5700 emupia (84f11bf126dba1131c1f8fd87fab8330) C:\Windows\system32\drivers\emupia2k.sys
19:00:08.0260 5700 emupia - ok
19:00:08.0274 5700 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:00:08.0275 5700 ErrDev - ok
19:00:08.0324 5700 esgiguard - ok
19:00:08.0360 5700 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:00:08.0362 5700 exfat - ok
19:00:08.0381 5700 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:00:08.0382 5700 fastfat - ok
19:00:08.0397 5700 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:00:08.0397 5700 fdc - ok
19:00:08.0428 5700 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:00:08.0430 5700 FileInfo - ok
19:00:08.0449 5700 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:00:08.0450 5700 Filetrace - ok
19:00:08.0464 5700 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:00:08.0465 5700 flpydisk - ok
19:00:08.0483 5700 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:00:08.0485 5700 FltMgr - ok
19:00:08.0502 5700 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:00:08.0503 5700 FsDepends - ok
19:00:08.0518 5700 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:00:08.0519 5700 Fs_Rec - ok
19:00:08.0534 5700 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:00:08.0536 5700 fvevol - ok
19:00:08.0554 5700 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:00:08.0555 5700 gagp30kx - ok
19:00:08.0575 5700 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
19:00:08.0576 5700 gdrv - ok
19:00:08.0609 5700 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:00:08.0609 5700 GEARAspiWDM - ok
19:00:08.0626 5700 GPU-Z - ok
19:00:08.0671 5700 ha10kx2k (19c51da5d42de5b01a1d5a0ef926f6b4) C:\Windows\system32\drivers\ha10kx2k.sys
19:00:08.0678 5700 ha10kx2k - ok
19:00:08.0692 5700 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:00:08.0693 5700 hcw85cir - ok
19:00:08.0726 5700 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:00:08.0728 5700 HdAudAddService - ok
19:00:08.0743 5700 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:00:08.0744 5700 HDAudBus - ok
19:00:08.0761 5700 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:00:08.0762 5700 HidBatt - ok
19:00:08.0782 5700 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:00:08.0783 5700 HidBth - ok
19:00:08.0811 5700 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:00:08.0811 5700 HidIr - ok
19:00:08.0825 5700 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:00:08.0826 5700 HidUsb - ok
19:00:08.0848 5700 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:00:08.0849 5700 HpSAMD - ok
19:00:08.0888 5700 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:00:08.0893 5700 HTTP - ok
19:00:08.0910 5700 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:00:08.0911 5700 hwpolicy - ok
19:00:08.0927 5700 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:00:08.0928 5700 i8042prt - ok
19:00:08.0971 5700 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:00:08.0973 5700 iaStorV - ok
19:00:08.0989 5700 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:00:08.0990 5700 iirsp - ok
19:00:09.0052 5700 IntcAzAudAddService (4bbb5a55eeb5ec11b20fcbb4cbb49357) C:\Windows\system32\drivers\RTKVHD64.sys
19:00:09.0067 5700 IntcAzAudAddService - ok
19:00:09.0082 5700 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:00:09.0083 5700 intelide - ok
19:00:09.0092 5700 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:00:09.0092 5700 intelppm - ok
19:00:09.0113 5700 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:00:09.0114 5700 IpFilterDriver - ok
19:00:09.0129 5700 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:00:09.0130 5700 IPMIDRV - ok
19:00:09.0144 5700 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:00:09.0146 5700 IPNAT - ok
19:00:09.0183 5700 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:00:09.0184 5700 IRENUM - ok
19:00:09.0204 5700 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:00:09.0205 5700 isapnp - ok
19:00:09.0228 5700 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:00:09.0229 5700 iScsiPrt - ok
19:00:09.0247 5700 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:00:09.0248 5700 kbdclass - ok
19:00:09.0257 5700 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:00:09.0258 5700 kbdhid - ok
19:00:09.0301 5700 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:00:09.0302 5700 KSecDD - ok
19:00:09.0332 5700 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:00:09.0333 5700 KSecPkg - ok
19:00:09.0341 5700 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:00:09.0342 5700 ksthunk - ok
19:00:09.0375 5700 LbAdapter (157da61573ec2e5760afa6d0d634c3c8) C:\Windows\system32\DRIVERS\lb.sys
19:00:09.0376 5700 LbAdapter - ok
19:00:09.0395 5700 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:00:09.0396 5700 lltdio - ok
19:00:09.0418 5700 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:00:09.0419 5700 LSI_FC - ok
19:00:09.0462 5700 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:00:09.0463 5700 LSI_SAS - ok
19:00:09.0477 5700 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:00:09.0478 5700 LSI_SAS2 - ok
19:00:09.0495 5700 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:00:09.0497 5700 LSI_SCSI - ok
19:00:09.0514 5700 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:00:09.0515 5700 luafv - ok
19:00:09.0546 5700 massfilter - ok
19:00:09.0591 5700 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
19:00:09.0592 5700 MBAMProtector - ok
19:00:09.0625 5700 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
19:00:09.0627 5700 mcdbus - ok
19:00:09.0647 5700 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:00:09.0648 5700 megasas - ok
19:00:09.0669 5700 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:00:09.0671 5700 MegaSR - ok
19:00:09.0688 5700 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:00:09.0688 5700 Modem - ok
19:00:09.0710 5700 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:00:09.0711 5700 monitor - ok
19:00:09.0722 5700 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:00:09.0723 5700 mouclass - ok
19:00:09.0739 5700 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:00:09.0740 5700 mouhid - ok
19:00:09.0773 5700 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:00:09.0775 5700 mountmgr - ok
19:00:09.0796 5700 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:00:09.0798 5700 mpio - ok
19:00:09.0816 5700 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:00:09.0817 5700 mpsdrv - ok
19:00:09.0852 5700 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:00:09.0854 5700 MRxDAV - ok
19:00:09.0892 5700 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:00:09.0893 5700 mrxsmb - ok
19:00:09.0928 5700 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:00:09.0930 5700 mrxsmb10 - ok
19:00:09.0949 5700 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:00:09.0950 5700 mrxsmb20 - ok
19:00:09.0980 5700 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:00:09.0981 5700 msahci - ok
19:00:09.0998 5700 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:00:09.0999 5700 msdsm - ok
19:00:10.0014 5700 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:00:10.0015 5700 Msfs - ok
19:00:10.0030 5700 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:00:10.0030 5700 mshidkmdf - ok
19:00:10.0043 5700 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:00:10.0044 5700 msisadrv - ok
19:00:10.0089 5700 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:00:10.0090 5700 MSKSSRV - ok
19:00:10.0106 5700 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:00:10.0107 5700 MSPCLOCK - ok
19:00:10.0123 5700 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:00:10.0124 5700 MSPQM - ok
19:00:10.0141 5700 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:00:10.0144 5700 MsRPC - ok
19:00:10.0163 5700 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:00:10.0164 5700 mssmbios - ok
19:00:10.0192 5700 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:00:10.0193 5700 MSTEE - ok
19:00:10.0207 5700 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:00:10.0208 5700 MTConfig - ok
19:00:10.0228 5700 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:00:10.0229 5700 Mup - ok
19:00:10.0264 5700 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:00:10.0266 5700 NativeWifiP - ok
19:00:10.0291 5700 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:00:10.0296 5700 NDIS - ok
19:00:10.0313 5700 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:00:10.0314 5700 NdisCap - ok
19:00:10.0343 5700 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:00:10.0344 5700 NdisTapi - ok
19:00:10.0372 5700 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:00:10.0373 5700 Ndisuio - ok
19:00:10.0385 5700 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:00:10.0386 5700 NdisWan - ok
19:00:10.0398 5700 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:00:10.0399 5700 NDProxy - ok
19:00:10.0415 5700 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:00:10.0416 5700 NetBIOS - ok
19:00:10.0444 5700 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:00:10.0446 5700 NetBT - ok
19:00:10.0472 5700 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:00:10.0472 5700 nfrd960 - ok
19:00:10.0521 5700 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:00:10.0522 5700 Npfs - ok
19:00:10.0539 5700 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:00:10.0540 5700 nsiproxy - ok
19:00:10.0590 5700 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:00:10.0598 5700 Ntfs - ok
19:00:10.0617 5700 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:00:10.0618 5700 Null - ok
19:00:10.0818 5700 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:00:10.0882 5700 nvlddmkm - ok
19:00:10.0900 5700 NVR0Dev (edfa69e9132a56778d6363cd41843893) C:\Windows\nvoclk64.sys
19:00:10.0901 5700 NVR0Dev - ok
19:00:10.0939 5700 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:00:10.0940 5700 nvraid - ok
19:00:10.0955 5700 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:00:10.0957 5700 nvstor - ok
19:00:10.0977 5700 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:00:10.0978 5700 nv_agp - ok
19:00:11.0005 5700 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:00:11.0006 5700 ohci1394 - ok
19:00:11.0038 5700 ossrv (979736e1b96c02ac4bc6bea3f7db7f89) C:\Windows\system32\drivers\ctoss2k.sys
19:00:11.0040 5700 ossrv - ok
19:00:11.0072 5700 PAC207 (3bbee4cbcf1b8c0213b59cd564e57229) C:\Windows\system32\DRIVERS\PFC027.SYS
19:00:11.0076 5700 PAC207 - ok
19:00:11.0097 5700 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:00:11.0098 5700 Parport - ok
19:00:11.0116 5700 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:00:11.0117 5700 partmgr - ok
19:00:11.0148 5700 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:00:11.0150 5700 pci - ok
19:00:11.0163 5700 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:00:11.0164 5700 pciide - ok
19:00:11.0183 5700 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:00:11.0184 5700 pcmcia - ok
19:00:11.0204 5700 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:00:11.0205 5700 pcw - ok
19:00:11.0223 5700 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:00:11.0227 5700 PEAUTH - ok
19:00:11.0248 5700 pfc - ok
19:00:11.0287 5700 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:00:11.0288 5700 PptpMiniport - ok
19:00:11.0304 5700 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:00:11.0305 5700 Processor - ok
19:00:11.0364 5700 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:00:11.0366 5700 Psched - ok
19:00:11.0401 5700 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:00:11.0409 5700 ql2300 - ok
19:00:11.0427 5700 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:00:11.0428 5700 ql40xx - ok
19:00:11.0458 5700 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:00:11.0458 5700 QWAVEdrv - ok
19:00:11.0477 5700 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:00:11.0478 5700 RasAcd - ok
19:00:11.0504 5700 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:00:11.0505 5700 RasAgileVpn - ok
19:00:11.0529 5700 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:00:11.0530 5700 Rasl2tp - ok
19:00:11.0552 5700 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:00:11.0553 5700 RasPppoe - ok
19:00:11.0577 5700 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:00:11.0578 5700 RasSstp - ok
19:00:11.0629 5700 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:00:11.0631 5700 rdbss - ok
19:00:11.0646 5700 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:00:11.0647 5700 rdpbus - ok
19:00:11.0667 5700 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:00:11.0667 5700 RDPCDD - ok
19:00:11.0696 5700 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:00:11.0697 5700 RDPDR - ok
19:00:11.0712 5700 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:00:11.0713 5700 RDPENCDD - ok
19:00:11.0730 5700 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:00:11.0731 5700 RDPREFMP - ok
19:00:11.0771 5700 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
19:00:11.0772 5700 RdpVideoMiniport - ok
19:00:11.0788 5700 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:00:11.0790 5700 RDPWD - ok
19:00:11.0808 5700 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:00:11.0809 5700 rdyboost - ok
19:00:11.0883 5700 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
19:00:11.0884 5700 regi - ok
19:00:11.0979 5700 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
19:00:11.0979 5700 RivaTuner64 - ok
19:00:12.0008 5700 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:00:12.0009 5700 rspndr - ok
19:00:12.0037 5700 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:00:12.0040 5700 RTL8167 - ok
19:00:12.0063 5700 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:00:12.0063 5700 s3cap - ok
19:00:12.0083 5700 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:00:12.0084 5700 sbp2port - ok
19:00:12.0100 5700 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:00:12.0101 5700 scfilter - ok
19:00:12.0128 5700 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:00:12.0129 5700 Serenum - ok
19:00:12.0146 5700 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:00:12.0147 5700 Serial - ok
19:00:12.0166 5700 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:00:12.0167 5700 sermouse - ok
19:00:12.0201 5700 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:00:12.0202 5700 sffdisk - ok
19:00:12.0212 5700 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:00:12.0213 5700 sffp_mmc - ok
19:00:12.0228 5700 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:00:12.0229 5700 sffp_sd - ok
19:00:12.0239 5700 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:00:12.0239 5700 sfloppy - ok
19:00:12.0283 5700 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:00:12.0283 5700 SiSRaid2 - ok
19:00:12.0303 5700 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:00:12.0304 5700 SiSRaid4 - ok
19:00:12.0317 5700 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:00:12.0318 5700 Smb - ok
19:00:12.0367 5700 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:00:12.0368 5700 spldr - ok
19:00:12.0377 5700 sptd - ok
19:00:12.0418 5700 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:00:12.0421 5700 srv - ok
19:00:12.0443 5700 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:00:12.0445 5700 srv2 - ok
19:00:12.0465 5700 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:00:12.0467 5700 srvnet - ok
19:00:12.0501 5700 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
19:00:12.0502 5700 ssadbus - ok
19:00:12.0518 5700 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
19:00:12.0519 5700 ssadmdfl - ok
19:00:12.0533 5700 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
19:00:12.0534 5700 ssadmdm - ok
19:00:12.0571 5700 sscdbus (ed161b91fdf7eaa39469d72d463d5f4e) C:\Windows\system32\DRIVERS\sscdbus.sys
19:00:12.0572 5700 sscdbus - ok
19:00:12.0601 5700 sscdmdfl (4cb09e77593dbd8d7af33b37375ca715) C:\Windows\system32\DRIVERS\sscdmdfl.sys
19:00:12.0601 5700 sscdmdfl - ok
19:00:12.0622 5700 sscdmdm (c7b4cf53497a6e5363f3439427663882) C:\Windows\system32\DRIVERS\sscdmdm.sys
19:00:12.0624 5700 sscdmdm - ok
19:00:12.0647 5700 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
19:00:12.0648 5700 SSPORT - ok
19:00:12.0669 5700 StarOpen (e57b778208c783d8debab320c16a1b82) C:\Windows\system32\drivers\StarOpen.sys
19:00:12.0671 5700 StarOpen - ok
19:00:12.0686 5700 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:00:12.0688 5700 stexstor - ok
19:00:12.0718 5700 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:00:12.0719 5700 storflt - ok
19:00:12.0734 5700 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:00:12.0735 5700 storvsc - ok
19:00:12.0750 5700 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:00:12.0751 5700 swenum - ok
19:00:12.0795 5700 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys
19:00:12.0797 5700 Synth3dVsc - ok
19:00:12.0850 5700 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:00:12.0859 5700 Tcpip - ok
19:00:12.0900 5700 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:00:12.0909 5700 TCPIP6 - ok
19:00:12.0921 5700 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:00:12.0922 5700 tcpipreg - ok
19:00:12.0937 5700 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:00:12.0938 5700 TDPIPE - ok
19:00:12.0956 5700 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:00:12.0957 5700 TDTCP - ok
19:00:12.0975 5700 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:00:12.0977 5700 tdx - ok
19:00:13.0016 5700 teamviewervpn (f5520dbb47c60ee83024b38720abda24) C:\Windows\system32\DRIVERS\teamviewervpn.sys
19:00:13.0017 5700 teamviewervpn - ok
19:00:13.0035 5700 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:00:13.0036 5700 TermDD - ok
19:00:13.0078 5700 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
19:00:13.0079 5700 terminpt - ok
19:00:13.0104 5700 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:00:13.0105 5700 tssecsrv - ok
19:00:13.0120 5700 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:00:13.0121 5700 TsUsbFlt - ok
19:00:13.0144 5700 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:00:13.0145 5700 TsUsbGD - ok
19:00:13.0163 5700 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
19:00:13.0165 5700 tsusbhub - ok
19:00:13.0178 5700 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:00:13.0180 5700 tunnel - ok
19:00:13.0222 5700 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:00:13.0223 5700 uagp35 - ok
19:00:13.0248 5700 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:00:13.0250 5700 udfs - ok
19:00:13.0274 5700 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:00:13.0275 5700 uliagpkx - ok
19:00:13.0296 5700 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:00:13.0297 5700 umbus - ok
19:00:13.0306 5700 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:00:13.0307 5700 UmPass - ok
19:00:13.0334 5700 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:00:13.0336 5700 usbaudio - ok
19:00:13.0360 5700 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:00:13.0361 5700 usbccgp - ok
19:00:13.0377 5700 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:00:13.0378 5700 usbcir - ok
19:00:13.0400 5700 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:00:13.0401 5700 usbehci - ok
19:00:13.0431 5700 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:00:13.0433 5700 usbhub - ok
19:00:13.0450 5700 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:00:13.0451 5700 usbohci - ok
19:00:13.0464 5700 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:00:13.0465 5700 usbprint - ok
19:00:13.0493 5700 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:00:13.0496 5700 usbscan - ok
19:00:13.0550 5700 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:00:13.0551 5700 USBSTOR - ok
19:00:13.0583 5700 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:00:13.0584 5700 usbuhci - ok
19:00:13.0621 5700 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:00:13.0622 5700 usbvideo - ok
19:00:13.0638 5700 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:00:13.0639 5700 vdrvroot - ok
19:00:13.0653 5700 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:00:13.0654 5700 vga - ok
19:00:13.0672 5700 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:00:13.0673 5700 VgaSave - ok
19:00:13.0681 5700 VGPU - ok
19:00:13.0699 5700 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:00:13.0701 5700 vhdmp - ok
19:00:13.0712 5700 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:00:13.0712 5700 viaide - ok
19:00:13.0738 5700 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:00:13.0740 5700 vmbus - ok
19:00:13.0759 5700 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:00:13.0760 5700 VMBusHID - ok
19:00:13.0786 5700 VMnetAdapter - ok
19:00:13.0806 5700 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:00:13.0807 5700 volmgr - ok
19:00:13.0827 5700 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:00:13.0830 5700 volmgrx - ok
19:00:13.0851 5700 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:00:13.0853 5700 volsnap - ok
19:00:13.0868 5700 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:00:13.0870 5700 vsmraid - ok
19:00:13.0889 5700 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
19:00:13.0890 5700 vwifibus - ok
19:00:13.0905 5700 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:00:13.0906 5700 WacomPen - ok
19:00:13.0924 5700 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:00:13.0925 5700 WANARP - ok
19:00:13.0928 5700 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:00:13.0930 5700 Wanarpv6 - ok
19:00:13.0979 5700 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:00:13.0980 5700 Wd - ok
19:00:14.0031 5700 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:00:14.0035 5700 Wdf01000 - ok
19:00:14.0077 5700 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:00:14.0078 5700 WfpLwf - ok
19:00:14.0091 5700 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:00:14.0092 5700 WIMMount - ok
19:00:14.0148 5700 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:00:14.0149 5700 WinUsb - ok
19:00:14.0166 5700 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:00:14.0167 5700 WmiAcpi - ok
19:00:14.0186 5700 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:00:14.0188 5700 ws2ifsl - ok
19:00:14.0229 5700 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:00:14.0230 5700 WudfPf - ok
19:00:14.0248 5700 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:00:14.0250 5700 WUDFRd - ok
19:00:14.0267 5700 ZTEusbmdm6k - ok
19:00:14.0277 5700 ZTEusbnmea - ok
19:00:14.0286 5700 ZTEusbser6k - ok
19:00:14.0315 5700 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:00:14.0411 5700 \Device\Harddisk0\DR0 - ok
19:00:14.0414 5700 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
19:00:14.0465 5700 \Device\Harddisk1\DR1 - ok
19:00:14.0469 5700 MBR (0x1B8) (58c1273b39184d114e71cb61d4755d9b) \Device\Harddisk2\DR2
19:00:17.0579 5700 \Device\Harddisk2\DR2 - ok
19:00:17.0583 5700 Boot (0x1200) (b8cfc7c8e28e6ddba20bf972ef47e5f4) \Device\Harddisk0\DR0\Partition0
19:00:17.0584 5700 \Device\Harddisk0\DR0\Partition0 - ok
19:00:17.0597 5700 Boot (0x1200) (8fde9271c09c380d714c477ee54239ee) \Device\Harddisk0\DR0\Partition1
19:00:17.0598 5700 \Device\Harddisk0\DR0\Partition1 - ok
19:00:17.0616 5700 Boot (0x1200) (fbc6c6639d77744b4022cfa0ed04e9e9) \Device\Harddisk0\DR0\Partition2
19:00:17.0618 5700 \Device\Harddisk0\DR0\Partition2 - ok
19:00:17.0620 5700 Boot (0x1200) (c4ac835a931d6bd6a5e19d90f0617022) \Device\Harddisk1\DR1\Partition0
19:00:17.0621 5700 \Device\Harddisk1\DR1\Partition0 - ok
19:00:17.0622 5700 ============================================================
19:00:17.0622 5700 Scan finished
19:00:17.0622 5700 ============================================================
19:00:17.0629 7116 Detected object count: 0
19:00:17.0629 7116 Actual detected object count: 0
19:00:22.0941 0972 ============================================================
19:00:22.0941 0972 Scan started
19:00:22.0941 0972 Mode: Manual;
19:00:22.0941 0972 ============================================================
19:00:23.0353 0972 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\DRIVERS\1394ohci.sys
19:00:23.0354 0972 1394ohci - ok
19:00:23.0374 0972 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:00:23.0375 0972 ACPI - ok
19:00:23.0391 0972 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:00:23.0391 0972 AcpiPmi - ok
19:00:23.0440 0972 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:00:23.0443 0972 adp94xx - ok
19:00:23.0463 0972 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:00:23.0465 0972 adpahci - ok
19:00:23.0487 0972 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:00:23.0488 0972 adpu320 - ok
19:00:23.0527 0972 adusbser (7579943faa36c7f4c15ab368fdb7db23) C:\Windows\system32\DRIVERS\adusbser.sys
19:00:23.0528 0972 adusbser - ok
19:00:23.0575 0972 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:00:23.0577 0972 AFD - ok
19:00:23.0596 0972 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:00:23.0597 0972 agp440 - ok
19:00:23.0615 0972 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:00:23.0616 0972 aliide - ok
19:00:23.0631 0972 ALSysIO - ok
19:00:23.0668 0972 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:00:23.0668 0972 amdide - ok
19:00:23.0691 0972 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:00:23.0692 0972 AmdK8 - ok
19:00:23.0712 0972 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:00:23.0712 0972 AmdPPM - ok
19:00:23.0737 0972 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:00:23.0738 0972 amdsata - ok
19:00:23.0758 0972 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:00:23.0759 0972 amdsbs - ok
19:00:23.0779 0972 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:00:23.0780 0972 amdxata - ok
19:00:23.0827 0972 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
19:00:23.0827 0972 androidusb - ok
19:00:23.0843 0972 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:00:23.0844 0972 AppID - ok
19:00:23.0875 0972 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:00:23.0876 0972 arc - ok
19:00:23.0895 0972 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:00:23.0896 0972 arcsas - ok
19:00:23.0919 0972 ArcSec - ok
19:00:23.0945 0972 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\Windows\system32\drivers\aswFsBlk.sys
19:00:23.0946 0972 aswFsBlk - ok
19:00:23.0999 0972 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\Windows\system32\drivers\aswMonFlt.sys
19:00:24.0001 0972 aswMonFlt - ok
19:00:24.0038 0972 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\Windows\system32\drivers\aswRdr.sys
19:00:24.0039 0972 aswRdr - ok
19:00:24.0058 0972 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\Windows\system32\drivers\aswSnx.sys
19:00:24.0061 0972 aswSnx - ok
19:00:24.0084 0972 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\Windows\system32\drivers\aswSP.sys
19:00:24.0086 0972 aswSP - ok
19:00:24.0094 0972 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\Windows\system32\drivers\aswTdi.sys
19:00:24.0095 0972 aswTdi - ok
19:00:24.0112 0972 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:00:24.0112 0972 AsyncMac - ok
19:00:24.0146 0972 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:00:24.0146 0972 atapi - ok
19:00:24.0187 0972 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:00:24.0190 0972 b06bdrv - ok
19:00:24.0213 0972 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:00:24.0215 0972 b57nd60a - ok
19:00:24.0234 0972 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:00:24.0234 0972 Beep - ok
19:00:24.0255 0972 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:00:24.0255 0972 blbdrive - ok
19:00:24.0293 0972 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:00:24.0294 0972 bowser - ok
19:00:24.0315 0972 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:00:24.0316 0972 BrFiltLo - ok
19:00:24.0331 0972 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:00:24.0332 0972 BrFiltUp - ok
19:00:24.0353 0972 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:00:24.0354 0972 BridgeMP - ok
19:00:24.0372 0972 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:00:24.0374 0972 Brserid - ok
19:00:24.0387 0972 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:00:24.0388 0972 BrSerWdm - ok
19:00:24.0400 0972 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:00:24.0401 0972 BrUsbMdm - ok
19:00:24.0411 0972 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:00:24.0412 0972 BrUsbSer - ok
19:00:24.0431 0972 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
19:00:24.0432 0972 BTHMODEM - ok
19:00:24.0446 0972 catchme - ok
19:00:24.0478 0972 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:00:24.0479 0972 cdfs - ok
19:00:24.0505 0972 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
19:00:24.0507 0972 cdrom - ok
19:00:24.0528 0972 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:00:24.0529 0972 circlass - ok
19:00:24.0555 0972 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:00:24.0558 0972 CLFS - ok
19:00:24.0584 0972 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:00:24.0585 0972 CmBatt - ok
19:00:24.0616 0972 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:00:24.0616 0972 cmdide - ok
19:00:24.0649 0972 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:00:24.0652 0972 CNG - ok
19:00:24.0671 0972 COMMONFX (463be8e74657c88232d8294e35b57a14) C:\Windows\system32\drivers\COMMONFX.SYS
19:00:24.0672 0972 COMMONFX - ok
19:00:24.0679 0972 COMMONFX.DLL - ok
19:00:24.0691 0972 COMMONFX.SYS (463be8e74657c88232d8294e35b57a14) C:\Windows\System32\drivers\COMMONFX.SYS
19:00:24.0692 0972 COMMONFX.SYS - ok
19:00:24.0706 0972 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:00:24.0706 0972 Compbatt - ok
19:00:24.0724 0972 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
19:00:24.0724 0972 CompositeBus - ok
19:00:24.0810 0972 cpuz135 - ok
19:00:24.0828 0972 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:00:24.0829 0972 crcdisk - ok
19:00:24.0869 0972 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
19:00:24.0872 0972 CSC - ok
19:00:24.0905 0972 ctac32k (4a5026d454ed8a356f08fc3949884fff) C:\Windows\system32\drivers\ctac32k.sys
19:00:24.0908 0972 ctac32k - ok
19:00:24.0931 0972 ctaud2k (b5a2cd7a52d25f3fb7cd43ecbe8eda2b) C:\Windows\system32\drivers\ctaud2k.sys
19:00:24.0936 0972 ctaud2k - ok
19:00:24.0958 0972 CTAUDFX (75e6d64b37a20b08fd9edf8fcac779b6) C:\Windows\system32\drivers\CTAUDFX.SYS
19:00:24.0962 0972 CTAUDFX - ok
19:00:24.0970 0972 CTAUDFX.DLL - ok
19:00:24.0987 0972 CTAUDFX.SYS (75e6d64b37a20b08fd9edf8fcac779b6) C:\Windows\System32\drivers\CTAUDFX.SYS
19:00:24.0990 0972 CTAUDFX.SYS - ok
19:00:24.0997 0972 CTEAPSFX.DLL - ok
19:00:25.0018 0972 CTEDSPFX.DLL (95ec8e61ea004244d5b717500acf2ca5) C:\Windows\System32\CTEDSPFX.DLL
19:00:25.0021 0972 CTEDSPFX.DLL - ok
19:00:25.0037 0972 CTEDSPIO.DLL (b6400f4bf7118eabaffd3532708d0ea3) C:\Windows\System32\CTEDSPIO.DLL
19:00:25.0039 0972 CTEDSPIO.DLL - ok
19:00:25.0053 0972 CTEDSPSY.DLL (72fe0686c2e8590a557dda0c5f019ad9) C:\Windows\System32\CTEDSPSY.DLL
19:00:25.0056 0972 CTEDSPSY.DLL - ok
19:00:25.0064 0972 ctgame - ok
19:00:25.0081 0972 ctprxy2k (8ad1bcc81ef6ada2972d9305eaf35730) C:\Windows\system32\drivers\ctprxy2k.sys
19:00:25.0081 0972 ctprxy2k - ok
19:00:25.0102 0972 CTSBLFX (94f78bd6660447b404227f11cd4ab443) C:\Windows\system32\drivers\CTSBLFX.SYS
19:00:25.0107 0972 CTSBLFX - ok
19:00:25.0114 0972 CTSBLFX.DLL - ok
19:00:25.0130 0972 CTSBLFX.SYS (94f78bd6660447b404227f11cd4ab443) C:\Windows\System32\drivers\CTSBLFX.SYS
19:00:25.0134 0972 CTSBLFX.SYS - ok
19:00:25.0151 0972 ctsfm2k (e09eafb16c02cecaaac8bc806f9cec51) C:\Windows\system32\drivers\ctsfm2k.sys
19:00:25.0153 0972 ctsfm2k - ok
19:00:25.0174 0972 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:00:25.0175 0972 DfsC - ok
19:00:25.0216 0972 DgiVecp (2d589a2c024b2fb238535db9f7b3597d) C:\Windows\system32\Drivers\DgiVecp.sys
19:00:25.0217 0972 DgiVecp - ok
19:00:25.0230 0972 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:00:25.0231 0972 discache - ok
19:00:25.0241 0972 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:00:25.0243 0972 Disk - ok
19:00:25.0265 0972 dmvsc (5db085a8a6600be6401f2b24eecb5415) C:\Windows\system32\drivers\dmvsc.sys
19:00:25.0266 0972 dmvsc - ok
19:00:25.0298 0972 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:00:25.0299 0972 drmkaud - ok
19:00:25.0328 0972 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:00:25.0333 0972 DXGKrnl - ok
19:00:25.0391 0972 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:00:25.0407 0972 ebdrv - ok
19:00:25.0440 0972 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:00:25.0443 0972 elxstor - ok
19:00:25.0461 0972 emupia (84f11bf126dba1131c1f8fd87fab8330) C:\Windows\system32\drivers\emupia2k.sys
19:00:25.0462 0972 emupia - ok
19:00:25.0476 0972 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:00:25.0477 0972 ErrDev - ok
19:00:25.0567 0972 esgiguard - ok
19:00:25.0645 0972 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:00:25.0647 0972 exfat - ok
19:00:25.0675 0972 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:00:25.0676 0972 fastfat - ok
19:00:25.0707 0972 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:00:25.0708 0972 fdc - ok
19:00:25.0772 0972 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:00:25.0773 0972 FileInfo - ok
19:00:25.0792 0972 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:00:25.0793 0972 Filetrace - ok
19:00:25.0806 0972 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:00:25.0807 0972 flpydisk - ok
19:00:25.0826 0972 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:00:25.0828 0972 FltMgr - ok
19:00:25.0846 0972 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:00:25.0846 0972 FsDepends - ok
19:00:25.0861 0972 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:00:25.0861 0972 Fs_Rec - ok
19:00:25.0894 0972 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:00:25.0895 0972 fvevol - ok
19:00:25.0913 0972 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:00:25.0914 0972 gagp30kx - ok
19:00:25.0944 0972 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
19:00:25.0944 0972 gdrv - ok
19:00:25.0986 0972 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:00:25.0986 0972 GEARAspiWDM - ok
19:00:26.0003 0972 GPU-Z - ok
19:00:26.0048 0972 ha10kx2k (19c51da5d42de5b01a1d5a0ef926f6b4) C:\Windows\system32\drivers\ha10kx2k.sys
19:00:26.0055 0972 ha10kx2k - ok
19:00:26.0069 0972 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:00:26.0070 0972 hcw85cir - ok
19:00:26.0103 0972 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:00:26.0105 0972 HdAudAddService - ok
19:00:26.0120 0972 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:00:26.0121 0972 HDAudBus - ok
19:00:26.0138 0972 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:00:26.0139 0972 HidBatt - ok
19:00:26.0167 0972 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:00:26.0168 0972 HidBth - ok
19:00:26.0188 0972 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:00:26.0189 0972 HidIr - ok
19:00:26.0203 0972 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:00:26.0204 0972 HidUsb - ok
19:00:26.0234 0972 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:00:26.0235 0972 HpSAMD - ok
19:00:26.0257 0972 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:00:26.0261 0972 HTTP - ok
19:00:26.0279 0972 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:00:26.0279 0972 hwpolicy - ok
19:00:26.0296 0972 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
19:00:26.0297 0972 i8042prt - ok
19:00:26.0339 0972 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:00:26.0342 0972 iaStorV - ok
19:00:26.0357 0972 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:00:26.0359 0972 iirsp - ok
19:00:26.0421 0972 IntcAzAudAddService (4bbb5a55eeb5ec11b20fcbb4cbb49357) C:\Windows\system32\drivers\RTKVHD64.sys
19:00:26.0436 0972 IntcAzAudAddService - ok
19:00:26.0451 0972 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:00:26.0451 0972 intelide - ok
19:00:26.0461 0972 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:00:26.0462 0972 intelppm - ok
19:00:26.0482 0972 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:00:26.0483 0972 IpFilterDriver - ok
19:00:26.0498 0972 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:00:26.0499 0972 IPMIDRV - ok
19:00:26.0513 0972 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:00:26.0514 0972 IPNAT - ok
19:00:26.0552 0972 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:00:26.0552 0972 IRENUM - ok
19:00:26.0565 0972 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:00:26.0565 0972 isapnp - ok
19:00:26.0580 0972 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:00:26.0582 0972 iScsiPrt - ok
19:00:26.0599 0972 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
19:00:26.0600 0972 kbdclass - ok
19:00:26.0633 0972 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
19:00:26.0634 0972 kbdhid - ok
19:00:26.0670 0972 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:00:26.0671 0972 KSecDD - ok
19:00:26.0702 0972 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:00:26.0703 0972 KSecPkg - ok
19:00:26.0715 0972 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:00:26.0718 0972 ksthunk - ok
19:00:26.0752 0972 LbAdapter (157da61573ec2e5760afa6d0d634c3c8) C:\Windows\system32\DRIVERS\lb.sys
19:00:26.0753 0972 LbAdapter - ok
19:00:26.0797 0972 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:00:26.0798 0972 lltdio - ok
19:00:26.0828 0972 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:00:26.0829 0972 LSI_FC - ok
19:00:26.0880 0972 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:00:26.0881 0972 LSI_SAS - ok
19:00:26.0895 0972 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:00:26.0896 0972 LSI_SAS2 - ok
19:00:26.0939 0972 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:00:26.0940 0972 LSI_SCSI - ok
19:00:26.0957 0972 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:00:26.0958 0972 luafv - ok
19:00:26.0976 0972 massfilter - ok
19:00:27.0010 0972 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
19:00:27.0011 0972 MBAMProtector - ok
19:00:27.0044 0972 mcdbus (79d51e7f5926e8ce1b3ebecebae28cff) C:\Windows\system32\DRIVERS\mcdbus.sys
19:00:27.0046 0972 mcdbus - ok
19:00:27.0066 0972 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:00:27.0067 0972 megasas - ok
19:00:27.0089 0972 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:00:27.0091 0972 MegaSR - ok
19:00:27.0131 0972 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:00:27.0132 0972 Modem - ok
19:00:27.0171 0972 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:00:27.0171 0972 monitor - ok
19:00:27.0183 0972 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
19:00:27.0184 0972 mouclass - ok
19:00:27.0200 0972 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:00:27.0200 0972 mouhid - ok
19:00:27.0217 0972 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:00:27.0218 0972 mountmgr - ok
19:00:27.0248 0972 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:00:27.0249 0972 mpio - ok
19:00:27.0268 0972 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:00:27.0269 0972 mpsdrv - ok
19:00:27.0304 0972 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:00:27.0305 0972 MRxDAV - ok
19:00:27.0344 0972 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:00:27.0345 0972 mrxsmb - ok
19:00:27.0372 0972 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:00:27.0374 0972 mrxsmb10 - ok
19:00:27.0392 0972 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:00:27.0394 0972 mrxsmb20 - ok
19:00:27.0407 0972 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:00:27.0408 0972 msahci - ok
19:00:27.0424 0972 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:00:27.0426 0972 msdsm - ok
19:00:27.0439 0972 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:00:27.0440 0972 Msfs - ok
19:00:27.0457 0972 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:00:27.0458 0972 mshidkmdf - ok
19:00:27.0487 0972 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:00:27.0488 0972 msisadrv - ok
19:00:27.0524 0972 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:00:27.0525 0972 MSKSSRV - ok
19:00:27.0541 0972 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:00:27.0542 0972 MSPCLOCK - ok
19:00:27.0625 0972 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:00:27.0625 0972 MSPQM - ok
19:00:27.0652 0972 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:00:27.0654 0972 MsRPC - ok
19:00:27.0682 0972 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
19:00:27.0683 0972 mssmbios - ok
19:00:27.0703 0972 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:00:27.0703 0972 MSTEE - ok
19:00:27.0717 0972 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:00:27.0718 0972 MTConfig - ok
19:00:27.0738 0972 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:00:27.0739 0972 Mup - ok
19:00:27.0757 0972 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:00:27.0759 0972 NativeWifiP - ok
19:00:27.0785 0972 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:00:27.0790 0972 NDIS - ok
19:00:27.0807 0972 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:00:27.0808 0972 NdisCap - ok
19:00:27.0837 0972 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:00:27.0838 0972 NdisTapi - ok
19:00:27.0858 0972 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:00:27.0859 0972 Ndisuio - ok
19:00:27.0869 0972 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:00:27.0871 0972 NdisWan - ok
19:00:27.0879 0972 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:00:27.0880 0972 NDProxy - ok
19:00:27.0900 0972 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:00:27.0901 0972 NetBIOS - ok
19:00:27.0921 0972 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:00:27.0923 0972 NetBT - ok
19:00:27.0957 0972 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:00:27.0958 0972 nfrd960 - ok
19:00:27.0982 0972 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:00:27.0982 0972 Npfs - ok
19:00:27.0999 0972 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:00:28.0000 0972 nsiproxy - ok
19:00:28.0059 0972 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:00:28.0067 0972 Ntfs - ok
19:00:28.0086 0972 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:00:28.0087 0972 Null - ok
19:00:28.0278 0972 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:00:28.0341 0972 nvlddmkm - ok
19:00:28.0369 0972 NVR0Dev (edfa69e9132a56778d6363cd41843893) C:\Windows\nvoclk64.sys
19:00:28.0370 0972 NVR0Dev - ok
19:00:28.0408 0972 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:00:28.0409 0972 nvraid - ok
19:00:28.0424 0972 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:00:28.0425 0972 nvstor - ok
19:00:28.0446 0972 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:00:28.0447 0972 nv_agp - ok
19:00:28.0473 0972 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:00:28.0474 0972 ohci1394 - ok
19:00:28.0507 0972 ossrv (979736e1b96c02ac4bc6bea3f7db7f89) C:\Windows\system32\drivers\ctoss2k.sys
19:00:28.0508 0972 ossrv - ok
19:00:28.0549 0972 PAC207 (3bbee4cbcf1b8c0213b59cd564e57229) C:\Windows\system32\DRIVERS\PFC027.SYS
19:00:28.0553 0972 PAC207 - ok
19:00:28.0574 0972 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:00:28.0575 0972 Parport - ok
19:00:28.0593 0972 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:00:28.0594 0972 partmgr - ok
19:00:28.0625 0972 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:00:28.0627 0972 pci - ok
19:00:28.0640 0972 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:00:28.0641 0972 pciide - ok
19:00:28.0659 0972 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:00:28.0661 0972 pcmcia - ok
19:00:28.0673 0972 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:00:28.0674 0972 pcw - ok
19:00:28.0692 0972 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:00:28.0695 0972 PEAUTH - ok
19:00:28.0715 0972 pfc - ok
19:00:28.0756 0972 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:00:28.0757 0972 PptpMiniport - ok
19:00:28.0773 0972 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:00:28.0773 0972 Processor - ok
19:00:28.0808 0972 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:00:28.0809 0972 Psched - ok
19:00:28.0845 0972 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:00:28.0853 0972 ql2300 - ok
19:00:28.0870 0972 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:00:28.0872 0972 ql40xx - ok
19:00:28.0901 0972 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:00:28.0902 0972 QWAVEdrv - ok
19:00:28.0920 0972 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:00:28.0921 0972 RasAcd - ok
19:00:28.0935 0972 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:00:28.0936 0972 RasAgileVpn - ok
19:00:28.0956 0972 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:00:28.0957 0972 Rasl2tp - ok
19:00:28.0971 0972 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:00:28.0972 0972 RasPppoe - ok
19:00:28.0988 0972 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:00:28.0989 0972 RasSstp - ok
19:00:29.0030 0972 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:00:29.0032 0972 rdbss - ok
19:00:29.0048 0972 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:00:29.0049 0972 rdpbus - ok
19:00:29.0060 0972 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:00:29.0061 0972 RDPCDD - ok
19:00:29.0090 0972 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
19:00:29.0091 0972 RDPDR - ok
19:00:29.0106 0972 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:00:29.0107 0972 RDPENCDD - ok
19:00:29.0124 0972 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:00:29.0125 0972 RDPREFMP - ok
19:00:29.0165 0972 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
19:00:29.0165 0972 RdpVideoMiniport - ok
19:00:29.0182 0972 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:00:29.0184 0972 RDPWD - ok
19:00:29.0202 0972 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:00:29.0203 0972 rdyboost - ok
19:00:29.0235 0972 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
19:00:29.0236 0972 regi - ok
19:00:29.0281 0972 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
19:00:29.0281 0972 RivaTuner64 - ok
19:00:29.0313 0972 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:00:29.0314 0972 rspndr - ok
19:00:29.0356 0972 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:00:29.0360 0972 RTL8167 - ok
19:00:29.0390 0972 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
19:00:29.0390 0972 s3cap - ok
19:00:29.0418 0972 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:00:29.0419 0972 sbp2port - ok
19:00:29.0444 0972 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:00:29.0445 0972 scfilter - ok
19:00:29.0483 0972 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:00:29.0483 0972 Serenum - ok
19:00:29.0523 0972 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:00:29.0524 0972 Serial - ok
19:00:29.0543 0972 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:00:29.0544 0972 sermouse - ok
19:00:29.0578 0972 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:00:29.0579 0972 sffdisk - ok
19:00:29.0597 0972 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:00:29.0598 0972 sffp_mmc - ok
19:00:29.0688 0972 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:00:29.0689 0972 sffp_sd - ok
19:00:29.0701 0972 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:00:29.0702 0972 sfloppy - ok
19:00:29.0735 0972 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:00:29.0735 0972 SiSRaid2 - ok
19:00:29.0755 0972 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:00:29.0756 0972 SiSRaid4 - ok
19:00:29.0783 0972 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:00:29.0784 0972 Smb - ok
19:00:29.0811 0972 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:00:29.0812 0972 spldr - ok
19:00:29.0829 0972 sptd - ok
19:00:29.0870 0972 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:00:29.0873 0972 srv - ok
19:00:29.0894 0972 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:00:29.0897 0972 srv2 - ok
19:00:29.0917 0972 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:00:29.0919 0972 srvnet - ok
19:00:29.0953 0972 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
19:00:29.0954 0972 ssadbus - ok
19:00:29.0970 0972 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
19:00:29.0971 0972 ssadmdfl - ok
19:00:29.0984 0972 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
19:00:29.0986 0972 ssadmdm - ok
19:00:30.0014 0972 sscdbus (ed161b91fdf7eaa39469d72d463d5f4e) C:\Windows\system32\DRIVERS\sscdbus.sys
19:00:30.0016 0972 sscdbus - ok
19:00:30.0044 0972 sscdmdfl (4cb09e77593dbd8d7af33b37375ca715) C:\Windows\system32\DRIVERS\sscdmdfl.sys
19:00:30.0045 0972 sscdmdfl - ok
19:00:30.0066 0972 sscdmdm (c7b4cf53497a6e5363f3439427663882) C:\Windows\system32\DRIVERS\sscdmdm.sys
19:00:30.0067 0972 sscdmdm - ok
19:00:30.0088 0972 SSPORT (0211ab46b73a2623b86c1cfcb30579ab) C:\Windows\system32\Drivers\SSPORT.sys
19:00:30.0089 0972 SSPORT - ok
19:00:30.0113 0972 StarOpen (e57b778208c783d8debab320c16a1b82) C:\Windows\system32\drivers\StarOpen.sys
19:00:30.0114 0972 StarOpen - ok
19:00:30.0130 0972 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:00:30.0131 0972 stexstor - ok
19:00:30.0153 0972 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
19:00:30.0154 0972 storflt - ok
19:00:30.0170 0972 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
19:00:30.0171 0972 storvsc - ok
19:00:30.0186 0972 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
19:00:30.0186 0972 swenum - ok
19:00:30.0222 0972 Synth3dVsc (c3a39c4079305480972d29c44b868c78) C:\Windows\system32\drivers\synth3dvsc.sys
19:00:30.0224 0972 Synth3dVsc - ok
19:00:30.0277 0972 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:00:30.0287 0972 Tcpip - ok
19:00:30.0327 0972 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:00:30.0336 0972 TCPIP6 - ok
19:00:30.0349 0972 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:00:30.0350 0972 tcpipreg - ok
19:00:30.0364 0972 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:00:30.0365 0972 TDPIPE - ok
19:00:30.0383 0972 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:00:30.0384 0972 TDTCP - ok
19:00:30.0402 0972 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:00:30.0404 0972 tdx - ok
19:00:30.0435 0972 teamviewervpn (f5520dbb47c60ee83024b38720abda24) C:\Windows\system32\DRIVERS\teamviewervpn.sys
19:00:30.0436 0972 teamviewervpn - ok
19:00:30.0454 0972 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
19:00:30.0455 0972 TermDD - ok
19:00:30.0471 0972 terminpt (2b5bdff688ec9871d7ec5837833374e9) C:\Windows\system32\drivers\terminpt.sys
19:00:30.0472 0972 terminpt - ok
19:00:30.0498 0972 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:00:30.0499 0972 tssecsrv - ok
19:00:30.0514 0972 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:00:30.0515 0972 TsUsbFlt - ok
19:00:30.0538 0972 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:00:30.0539 0972 TsUsbGD - ok
19:00:30.0557 0972 tsusbhub (e1748d04ae40118b62bc18ac86032192) C:\Windows\system32\drivers\tsusbhub.sys
19:00:30.0558 0972 tsusbhub - ok
19:00:30.0572 0972 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:00:30.0573 0972 tunnel - ok
19:00:30.0591 0972 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:00:30.0592 0972 uagp35 - ok
19:00:30.0616 0972 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:00:30.0619 0972 udfs - ok
19:00:30.0642 0972 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:00:30.0643 0972 uliagpkx - ok
19:00:30.0682 0972 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:00:30.0683 0972 umbus - ok
19:00:30.0693 0972 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:00:30.0694 0972 UmPass - ok
19:00:30.0728 0972 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
19:00:30.0729 0972 usbaudio - ok
19:00:30.0754 0972 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:00:30.0755 0972 usbccgp - ok
19:00:30.0765 0972 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:00:30.0766 0972 usbcir - ok
19:00:30.0785 0972 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:00:30.0786 0972 usbehci - ok
19:00:30.0816 0972 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:00:30.0819 0972 usbhub - ok
19:00:30.0844 0972 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:00:30.0845 0972 usbohci - ok
19:00:30.0857 0972 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:00:30.0858 0972 usbprint - ok
19:00:30.0887 0972 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:00:30.0888 0972 usbscan - ok
19:00:30.0919 0972 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:00:30.0920 0972 USBSTOR - ok
19:00:30.0944 0972 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:00:30.0945 0972 usbuhci - ok
19:00:30.0972 0972 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
19:00:30.0974 0972 usbvideo - ok
19:00:30.0990 0972 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:00:30.0991 0972 vdrvroot - ok
19:00:31.0013 0972 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:00:31.0014 0972 vga - ok
19:00:31.0032 0972 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:00:31.0033 0972 VgaSave - ok
19:00:31.0041 0972 VGPU - ok
19:00:31.0059 0972 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:00:31.0061 0972 vhdmp - ok
19:00:31.0080 0972 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:00:31.0081 0972 viaide - ok
19:00:31.0107 0972 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
19:00:31.0109 0972 vmbus - ok
19:00:31.0128 0972 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
19:00:31.0129 0972 VMBusHID - ok
19:00:31.0137 0972 VMnetAdapter - ok
19:00:31.0158 0972 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:00:31.0159 0972 volmgr - ok
19:00:31.0179 0972 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:00:31.0182 0972 volmgrx - ok
19:00:31.0203 0972 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:00:31.0206 0972 volsnap - ok
19:00:31.0229 0972 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:00:31.0230 0972 vsmraid - ok
19:00:31.0249 0972 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
19:00:31.0250 0972 vwifibus - ok
19:00:31.0274 0972 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:00:31.0275 0972 WacomPen - ok
19:00:31.0301 0972 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:00:31.0302 0972 WANARP - ok
19:00:31.0308 0972 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:00:31.0309 0972 Wanarpv6 - ok
19:00:31.0340 0972 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:00:31.0341 0972 Wd - ok
19:00:31.0367 0972 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:00:31.0371 0972 Wdf01000 - ok
19:00:31.0395 0972 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:00:31.0396 0972 WfpLwf - ok
19:00:31.0409 0972 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:00:31.0410 0972 WIMMount - ok
19:00:31.0467 0972 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:00:31.0468 0972 WinUsb - ok
19:00:31.0485 0972 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:00:31.0486 0972 WmiAcpi - ok
19:00:31.0511 0972 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:00:31.0512 0972 ws2ifsl - ok
19:00:31.0573 0972 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:00:31.0574 0972 WudfPf - ok
19:00:31.0592 0972 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:00:31.0594 0972 WUDFRd - ok
19:00:31.0610 0972 ZTEusbmdm6k - ok
19:00:31.0620 0972 ZTEusbnmea - ok
19:00:31.0630 0972 ZTEusbser6k - ok
19:00:31.0659 0972 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:00:31.0699 0972 \Device\Harddisk0\DR0 - ok
19:00:31.0702 0972 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
19:00:31.0704 0972 \Device\Harddisk1\DR1 - ok
19:00:31.0708 0972 MBR (0x1B8) (58c1273b39184d114e71cb61d4755d9b) \Device\Harddisk2\DR2
19:00:34.0778 0972 \Device\Harddisk2\DR2 - ok
19:00:34.0781 0972 Boot (0x1200) (b8cfc7c8e28e6ddba20bf972ef47e5f4) \Device\Harddisk0\DR0\Partition0
19:00:34.0782 0972 \Device\Harddisk0\DR0\Partition0 - ok
19:00:34.0799 0972 Boot (0x1200) (8fde9271c09c380d714c477ee54239ee) \Device\Harddisk0\DR0\Partition1
19:00:34.0800 0972 \Device\Harddisk0\DR0\Partition1 - ok
19:00:34.0818 0972 Boot (0x1200) (fbc6c6639d77744b4022cfa0ed04e9e9) \Device\Harddisk0\DR0\Partition2
19:00:34.0819 0972 \Device\Harddisk0\DR0\Partition2 - ok
19:00:34.0822 0972 Boot (0x1200) (c4ac835a931d6bd6a5e19d90f0617022) \Device\Harddisk1\DR1\Partition0
19:00:34.0823 0972 \Device\Harddisk1\DR1\Partition0 - ok
19:00:34.0824 0972 ============================================================
19:00:34.0824 0972 Scan finished
19:00:34.0824 0972 ============================================================
19:00:34.0833 7664 Detected object count: 0
19:00:34.0833 7664 Actual detected object count: 0
19:00:51.0273 5236 Deinitialize success








aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-21 19:10:42
-----------------------------
19:10:42.835 OS Version: Windows x64 6.1.7601 Service Pack 1
19:10:42.835 Number of processors: 2 586 0xF0B
19:10:42.835 ComputerName: MARIUS-PC UserName: marius
19:10:43.703 Initialize success
19:10:44.073 AVAST engine defs: 12022100
19:10:54.331 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
19:10:54.332 Disk 0 Vendor: ST31000524NS SN12 Size: 953868MB BusType: 3
19:10:54.340 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T0L0-6
19:10:54.343 Disk 1 Vendor: SAMSUNG_HD204UI 1AQ10001 Size: 1907729MB BusType: 3
19:10:54.395 Disk 0 MBR read successfully
19:10:54.400 Disk 0 MBR scan
19:10:54.402 Disk 0 Windows 7 default MBR code
19:10:54.422 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:10:54.442 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 199899 MB offset 206848
19:10:54.462 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 753867 MB offset 409600000
19:10:54.467 Service scanning
19:11:11.564 Modules scanning
19:11:11.564 Disk 0 trace - called modules:
19:11:11.585 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
19:11:11.585 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800463b430]
19:11:11.585 3 CLASSPNP.SYS[fffff8800198943f] -> nt!IofCallDriver -> [0xfffffa80037dc520]
19:11:11.585 5 ACPI.sys[fffff88000e0b7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80037e3060]
19:11:12.276 AVAST engine scan C:\Windows
19:11:36.305 AVAST engine scan C:\Windows\system32
19:18:39.329 AVAST engine scan C:\Windows\system32\drivers
19:19:09.353 AVAST engine scan C:\Users\marius
19:23:27.397 AVAST engine scan C:\ProgramData
19:24:35.583 Scan finished successfully
19:34:24.329 Disk 0 MBR has been saved successfully to "C:\Users\marius\Desktop\MBR.dat"
19:34:24.332 The log file has been saved successfully to "C:\Users\marius\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-22 19:01:11
-----------------------------
19:01:11.093 OS Version: Windows x64 6.1.7601 Service Pack 1
19:01:11.093 Number of processors: 2 586 0xF0B
19:01:11.093 ComputerName: MARIUS-PC UserName: marius
19:01:11.777 Initialize success
19:01:11.818 AVAST engine defs: 12022101
19:01:15.701 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
19:01:15.702 Disk 0 Vendor: ST31000524NS SN12 Size: 953868MB BusType: 3
19:01:15.710 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T0L0-6
19:01:15.711 Disk 1 Vendor: SAMSUNG_HD204UI 1AQ10001 Size: 1907729MB BusType: 3
19:01:15.727 Disk 0 MBR read successfully
19:01:15.729 Disk 0 MBR scan
19:01:15.731 Disk 0 Windows 7 default MBR code
19:01:15.736 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
19:01:15.738 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 199899 MB offset 206848
19:01:15.750 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 753867 MB offset 409600000
19:01:15.753 Service scanning
19:01:28.504 Modules scanning
19:01:28.508 Disk 0 trace - called modules:
19:01:28.519 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
19:01:28.523 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800463a280]
19:01:28.526 3 CLASSPNP.SYS[fffff8800161743f] -> nt!IofCallDriver -> [0xfffffa800379e670]
19:01:28.530 5 ACPI.sys[fffff88000eea7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80037da680]
19:01:29.487 AVAST engine scan C:\Windows
19:01:32.089 AVAST engine scan C:\Windows\system32
19:01:39.700 File: C:\Windows\system32\consrv.dll **INFECTED** Win32:Sirefef-HO [Rtk]
19:02:45.779 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-FQ [Drp]
19:02:47.046 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-HO [Rtk]
19:03:48.630 File: C:\Windows\assembly\tmp\1AQBS8H4\Policy.11.0.Microsoft.Office.Interop.Word.dll **SUSPICIOUS**
19:03:48.657 File: C:\Windows\assembly\tmp\2YEDJ82K\Microsoft.Office.Interop.Excel.dll **SUSPICIOUS**
19:03:48.749 File: C:\Windows\assembly\tmp\8FJZ7I3G\Policy.11.0.Microsoft.Office.Interop.Excel.dll **SUSPICIOUS**
19:03:48.794 File: C:\Windows\assembly\tmp\8FJZ7I3G\R6EQQS41 **SUSPICIOUS**
19:03:48.841 File: C:\Windows\assembly\tmp\BP53F6NZ\Microsoft.Office.Interop.PowerPoint.dll **SUSPICIOUS**
19:03:48.894 File: C:\Windows\assembly\tmp\DCNOP0ZS\Microsoft.Office.Interop.Graph.dll **SUSPICIOUS**
19:03:48.932 File: C:\Windows\assembly\tmp\N013XQNJ\Microsoft.Office.Interop.Word.dll **SUSPICIOUS**
19:03:48.981 File: C:\Windows\assembly\tmp\PYFUBOGT\Policy.11.0.Microsoft.Office.Interop.SmartTag.dll **SUSPICIOUS**
19:03:49.022 File: C:\Windows\assembly\tmp\UV8M2GLJ\Microsoft.Office.Interop.SmartTag.dll **SUSPICIOUS**
19:03:49.052 File: C:\Windows\assembly\tmp\V17E6LZN\Policy.11.0.Microsoft.Office.Interop.PowerPoint.dll **SUSPICIOUS**
19:03:49.080 File: C:\Windows\assembly\tmp\ZO7DVVZR\Policy.11.0.Microsoft.Office.Interop.Graph.dll **SUSPICIOUS**
19:03:49.103 File: C:\Windows\assembly\tmp\ZO7DVVZR\ZFSDIB8G **SUSPICIOUS**
19:03:49.573 AVAST engine scan C:\Windows\system32\drivers
19:03:58.350 AVAST engine scan C:\Users\marius
19:07:47.061 AVAST engine scan C:\ProgramData
19:09:04.670 Scan finished successfully
19:10:12.608 Disk 0 MBR has been saved successfully to "C:\Users\marius\Desktop\MBR.dat"
19:10:12.611 The log file has been saved successfully to "C:\Users\marius\Desktop\aswMBR.txt"

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:12 PM

Posted 22 February 2012 - 01:48 PM

Hello

I don't think they are part of any infection



Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 vasiica

vasiica
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 22 February 2012 - 02:01 PM

Hello ,
here is the log :




OTL logfile created on: 22.02.2012 19:50:58 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\marius\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000418 | Country: Romania | Language: ROM | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,60 Gb Available Physical Memory | 65,11% Memory free
8,00 Gb Paging File | 6,53 Gb Available in Paging File | 81,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 195,21 Gb Total Space | 89,14 Gb Free Space | 45,66% Space Free | Partition Type: NTFS
Drive D: | 736,20 Gb Total Space | 163,49 Gb Free Space | 22,21% Space Free | Partition Type: NTFS
Drive E: | 1863,01 Gb Total Space | 615,27 Gb Free Space | 33,03% Space Free | Partition Type: NTFS
Drive I: | 1,91 Gb Total Space | 1,90 Gb Free Space | 99,93% Space Free | Partition Type: FAT

Computer Name: MARIUS-PC | User Name: marius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\marius\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\totalcmd\TOTALCMD.EXE (Ghisler Software GmbH)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\WinRAR\RarExt32.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (HitmanProScheduler) -- C:\Program Files\HitmanPro\hmpsched.exe (SurfRight B.V.)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (LbSvc) -- C:\Program Files\Echobit\LAN Bridger\LbSvc.exe (Echobit LLC)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (iviVD) -- C:\Windows\SysNative\cpuidlep.dll (Oak Technology Inc.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (NMSAccess) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (nTuneService) -- c:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (PnkBstrA) -- C:\Program Files (x86)\Electronic Arts\Medal of Honor Airborne\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe ()


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) SAMSUNG Android USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) SAMSUNG Android USB Modem (Filter) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (ha10kx2k) -- C:\Windows\SysNative\drivers\ha10kx2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (CTAUDFX.SYS) -- C:\Windows\SysNative\drivers\CTAUDFX.sys (Creative Technology Ltd)
DRV:64bit: - (CTAUDFX) -- C:\Windows\SysNative\drivers\CTAUDFX.sys (Creative Technology Ltd)
DRV:64bit: - (CTSBLFX.SYS) -- C:\Windows\SysNative\drivers\CTSBLFX.sys (Creative Technology Ltd)
DRV:64bit: - (CTSBLFX) -- C:\Windows\SysNative\drivers\CTSBLFX.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (COMMONFX.SYS) -- C:\Windows\SysNative\drivers\COMMONFX.sys (Creative Technology Ltd)
DRV:64bit: - (COMMONFX) -- C:\Windows\SysNative\drivers\COMMONFX.sys (Creative Technology Ltd)
DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\ssadadb.sys (Google Inc)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (LbAdapter) -- C:\Windows\SysNative\drivers\lb.sys (Echobit, LLC)
DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.sys (Samsung Electronics)
DRV:64bit: - (StarOpen) -- C:\Windows\SysNative\drivers\StarOpen.sys ()
DRV:64bit: - (adusbser) -- C:\Windows\SysNative\drivers\adusbser.sys (AnyDATA.NET INC.)
DRV:64bit: - (DgiVecp) -- C:\Windows\SysNative\drivers\DgivEcp.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
DRV:64bit: - (PAC207) -- C:\Windows\SysNative\drivers\PFC027.SYS (PixArt Imaging Inc.)
DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo)
DRV:64bit: - (CTEDSPSY.DLL) -- C:\Windows\SysNative\CTEDSPSY.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPFX.DLL) -- C:\Windows\SysNative\CTEDSPFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPIO.DLL) -- C:\Windows\SysNative\CTEDSPIO.DLL (Creative Technology Ltd)
DRV - (RivaTuner64) -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys ()
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows ® Server 2003 DDK provider)
DRV - (pfc) -- C:\Windows\SysWOW64\drivers\pfc.sys (Padus, Inc.)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (SSPORT) -- C:\Windows\SysWOW64\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NVR0Dev) -- C:\Windows\nvoclk64.sys (NVidia Corp.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.ro


IE - HKU\.DEFAULT\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ro/
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 79 80 7F E6 33 00 CC 01 [binary data]
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.ro
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.ro
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.windowsxlive.net
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 79 80 7F E6 33 00 CC 01 [binary data]
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Search the Web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.ro/"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: DeviceDetection@logitech.com:1.20.0.66
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10
FF - prefs.js..extensions.enabledItems: {9BAE5926-8513-417d-8E47-774955A7C60D}:1.1.1d
FF - prefs.js..extensions.enabledItems: YoutubeDownloader@PeterOlayev.com:1.5
FF - prefs.js..extensions.enabledItems: {bee6eb20-01e0-ebd1-da83-080329fb9a3a}:0.1
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: wrc@avast.com:20110101
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=utf-8&mssrc=ms_kwd&mstb=adawaretb&q="
FF - prefs.js..network.proxy.backup.ftp: "200.76.101.152"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "proxy.tvr.ro"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "200.76.101.152"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "200.76.101.152"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "PROXY.TVR.RO"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "200.76.101.152"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "PROXY.TVR.RO"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "PROXY.TVR.RO"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "PROXY.TVR.RO"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 12.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components [2012.02.06 00:28:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 12.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.01.13 16:30:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 00:18:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.26 19:20:43 | 000,000,000 | ---D | M]

[2011.10.15 22:33:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marius\AppData\Roaming\Mozilla\Extensions
[2011.10.15 22:33:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marius\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
[2012.02.22 17:32:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\marius\AppData\Roaming\Mozilla\Firefox\Profiles\i9i3s3gr.default\extensions
[2011.12.08 15:17:30 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Users\marius\AppData\Roaming\Mozilla\Firefox\Profiles\i9i3s3gr.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011.06.13 16:59:08 | 000,000,000 | ---D | M] (FireFTP button) -- C:\Users\marius\AppData\Roaming\Mozilla\Firefox\Profiles\i9i3s3gr.default\extensions\{9BAE5926-8513-417d-8E47-774955A7C60D}
[2012.02.21 20:14:25 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\marius\AppData\Roaming\Mozilla\Firefox\Profiles\i9i3s3gr.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
[2012.02.21 20:14:26 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\marius\AppData\Roaming\Mozilla\Firefox\Profiles\i9i3s3gr.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.04.13 13:27:32 | 000,002,255 | ---- | M] () -- C:\Users\marius\AppData\Roaming\Mozilla\Firefox\Profiles\i9i3s3gr.default\searchplugins\askcom.xml
[2012.02.21 12:03:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.11.06 11:33:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.02.21 12:03:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.01.26 15:51:45 | 000,000,000 | ---D | M] ("Babylon Spelling and Proofreading") -- C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@babylontc.com
[2012.01.13 16:30:54 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
() (No name found) -- C:\USERS\MARIUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9I3S3GR.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\USERS\MARIUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9I3S3GR.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.XPI
() (No name found) -- C:\USERS\MARIUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9I3S3GR.DEFAULT\EXTENSIONS\{A7C6CF7F-112C-4500-A7EA-39801A327E5F}.XPI
() (No name found) -- C:\USERS\MARIUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9I3S3GR.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\MARIUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9I3S3GR.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
() (No name found) -- C:\USERS\MARIUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9I3S3GR.DEFAULT\EXTENSIONS\SAVE-AS-PDF-FF@PDFCROWD.COM.XPI
() (No name found) -- C:\USERS\MARIUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9I3S3GR.DEFAULT\EXTENSIONS\STATUS4EVAR@CALIGONSTUDIOS.COM.XPI
() (No name found) -- C:\USERS\MARIUS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I9I3S3GR.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2012.02.18 00:18:49 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.12.09 18:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2007.03.10 00:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npyaxmpb.dll
[2011.10.17 19:14:28 | 000,002,149 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
[2012.01.09 22:01:59 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.09 22:01:59 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U24 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.7280_0\npSkypeChromePlugin.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\
CHR - Extension: Google Search = C:\Users\marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: avast! WebRep = C:\Users\marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: Skype Click to Call = C:\Users\marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.7.0.8524_0\
CHR - Extension: Gmail = C:\Users\marius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

Hosts file not found
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AsioReg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [AsioThk32Reg] C:\Windows\SysWow64\ctasio.dll (Creative Technology Ltd)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006..\Run: [NVIDIA nTune] c:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe (NVIDIA)
O4 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Bing Search
O7 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://search.bing.com/results.aspx?q=%w
O7 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: NVIDIA nTune = c:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe resetprofile (NVIDIA)
O7 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionName = Bing Search
O7 - HKU\S-1-5-21-3317962166-3655415217-2618718703-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\SearchExtensions: InternetExtensionAction = http://search.bing.com/results.aspx?q=%w
O8:64bit: - Extra context menu item: Download with Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8:64bit: - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
O8 - Extra context menu item: Download with Mipony - C:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C6715BA8-0A7B-4EC6-99F0-32784C29AA41}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O34 - HKLM BootExecute: (bootdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.02.22 19:49:10 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\marius\Desktop\OTL.exe
[2012.02.22 19:17:47 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012.02.22 19:04:52 | 000,000,000 | ---D | C] -- C:\e
[2012.02.22 19:04:51 | 000,000,000 | ---D | C] -- C:\Data
[2012.02.22 17:49:25 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.02.22 17:49:25 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Local\temp
[2012.02.22 17:45:47 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012.02.22 17:38:53 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012.02.21 20:45:28 | 000,055,384 | ---- | C] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2012.02.21 20:15:59 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\QuickScan
[2012.02.21 19:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2012.02.21 19:49:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2012.02.21 19:49:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lavasoft
[2012.02.21 17:51:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.02.21 16:53:32 | 024,742,720 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012.02.21 16:53:32 | 018,871,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012.02.21 16:53:32 | 015,693,120 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012.02.21 16:53:32 | 008,791,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012.02.21 16:53:32 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.02.21 16:53:32 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.02.21 16:53:31 | 024,796,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012.02.21 16:53:31 | 017,248,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012.02.21 16:53:31 | 007,581,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012.02.21 16:53:31 | 005,578,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012.02.21 16:53:31 | 002,542,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012.02.21 16:53:31 | 002,401,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012.02.21 16:53:31 | 002,232,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012.02.21 16:53:31 | 002,099,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012.02.21 15:20:34 | 004,729,344 | ---- | C] (AVAST Software) -- C:\Users\marius\Desktop\aswMBR.exe
[2012.02.21 15:20:18 | 002,060,336 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\marius\Desktop\tdsskiller.exe
[2012.02.21 13:10:55 | 004,414,945 | R--- | C] (Swearware) -- C:\Users\marius\Desktop\ComboFix.exe
[2012.02.21 13:10:18 | 000,123,712 | ---- | C] (ESET) -- C:\Users\marius\Desktop\ESETSirefefRemover.exe
[2012.02.21 13:10:14 | 000,187,464 | ---- | C] (Webroot) -- C:\Users\marius\Desktop\antizeroaccess.exe
[2012.02.21 12:43:48 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\marius\Desktop\dds.scr
[2012.02.21 12:14:40 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2012.02.21 12:14:40 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012.02.21 12:03:48 | 000,223,112 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.02.21 12:03:48 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.02.21 12:03:48 | 000,173,960 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.02.21 00:43:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
[2012.02.21 00:43:02 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2012.02.21 00:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012.02.20 21:02:04 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2012.02.20 21:01:46 | 000,000,000 | ---D | C] -- C:\MSCache
[2012.02.20 21:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Media Center Programs
[2012.02.20 21:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Macromedia
[2012.02.20 21:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Corporation
[2012.02.20 20:32:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.02.18 23:21:54 | 000,000,000 | ---D | C] -- C:\Users\marius\Desktop\PowerAMP_v.1.4_387
[2012.02.17 00:29:26 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.17 00:29:26 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.17 00:29:24 | 002,308,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.02.17 00:29:24 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.17 00:29:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.17 00:29:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.17 00:29:23 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.02.17 00:29:23 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.02.17 00:29:23 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.17 00:29:22 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.02.17 00:29:22 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.02.16 14:19:56 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.02.16 13:47:44 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.02.16 13:47:44 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.02.16 13:31:40 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.02.15 14:55:23 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2012.02.15 14:54:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
[2012.02.14 16:44:20 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Palringo
[2012.02.14 16:44:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Palringo
[2012.02.14 01:10:21 | 000,000,000 | ---D | C] -- C:\Users\marius\Desktop\TriblerDownloads
[2012.02.14 01:10:21 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\.Tribler
[2012.02.14 01:10:14 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tribler
[2012.02.12 18:30:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012.02.10 15:09:18 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.02.10 15:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.02.10 15:08:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity
[2012.02.10 15:07:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2012.02.10 15:07:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2012.02.10 15:03:10 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\Audacity
[2012.02.10 15:00:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2012.02.10 15:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
[2012.02.10 14:59:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
[2012.02.10 14:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.02.10 14:54:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.02.07 01:21:33 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bridge Baron
[2012.02.07 01:21:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Great Game Products
[2012.02.05 01:12:11 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Local\Echobit
[2012.02.05 01:11:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Echobit
[2012.02.05 01:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\Echobit
[2012.02.04 22:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.02.04 22:31:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.02.04 22:31:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aurora
[2012.02.03 01:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seamless Entertainment
[2012.02.01 16:26:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Earth Defense Force Insect Armageddon
[2012.01.31 10:47:33 | 000,000,000 | ---D | C] -- C:\Users\marius\Desktop\buila 2012
[2012.01.26 21:11:33 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\Opera
[2012.01.26 21:11:33 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Local\Opera
[2012.01.26 19:43:59 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\.purple
[2012.01.26 19:43:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2012.01.26 19:41:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2012.01.26 19:26:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.01.26 19:25:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.01.26 19:25:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.01.26 19:23:14 | 000,750,488 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll
[2012.01.26 19:23:14 | 000,263,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.01.26 19:23:14 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.01.26 19:23:14 | 000,188,808 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.01.26 19:20:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.01.26 19:20:43 | 000,637,848 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012.01.26 15:52:15 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Local\Babylon
[2012.01.26 15:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon
[2012.01.26 15:51:41 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\Acapela Group
[2012.01.26 15:51:17 | 000,000,000 | ---D | C] -- C:\Users\marius\AppData\Roaming\Babylon
[2012.01.26 15:51:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.02.22 19:52:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.22 19:49:21 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\marius\Desktop\OTL.exe
[2012.02.22 19:41:39 | 000,065,261 | ---- | M] () -- C:\Users\marius\Desktop\new files 2.jpg
[2012.02.22 19:39:16 | 000,115,346 | ---- | M] () -- C:\Users\marius\Desktop\new files 1.jpg
[2012.02.22 19:22:37 | 000,783,334 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.22 19:22:37 | 000,663,184 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.22 19:22:37 | 000,122,052 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.22 19:17:47 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\SysNative\bootdelete.exe
[2012.02.22 19:17:47 | 000,000,144 | ---- | M] () -- C:\Windows\SysNative\bootdelete.lst
[2012.02.22 19:16:26 | 000,025,160 | ---- | M] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys
[2012.02.22 19:15:45 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.22 19:15:41 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At8.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At6.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At48.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At46.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At44.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At42.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At4.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At38.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At36.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At34.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At32.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At30.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At28.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At26.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At24.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At22.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At20.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At2.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At18.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At16.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At14.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At12.job
[2012.02.22 19:15:39 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At10.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At9.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At7.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At5.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At47.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At45.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At43.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At41.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At37.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At35.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At33.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At31.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At3.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At29.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At27.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At25.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At23.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At21.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At19.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At17.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At15.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At13.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At11.job
[2012.02.22 19:15:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At1.job
[2012.02.22 19:14:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.22 19:14:52 | 3220,037,632 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.22 19:14:06 | 000,003,400 | ---- | M] () -- C:\bootsqm.dat
[2012.02.22 19:10:12 | 000,000,512 | ---- | M] () -- C:\Users\marius\Desktop\MBR.dat
[2012.02.22 19:09:45 | 000,000,112 | ---- | M] () -- C:\ProgramData\WQ867BRMt.dat
[2012.02.22 19:08:03 | 000,000,352 | ---- | M] () -- C:\Windows\tasks\At40.job
[2012.02.22 19:08:03 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\At39.job
[2012.02.22 19:04:54 | 000,000,380 | ---- | M] () -- C:\edu.bmp
[2012.02.22 19:04:54 | 000,000,284 | ---- | M] () -- C:\srch_map_1.gif
[2012.02.22 19:04:54 | 000,000,277 | ---- | M] () -- C:\mov_1.gif
[2012.02.22 19:04:54 | 000,000,274 | ---- | M] () -- C:\trav_1.gif
[2012.02.22 19:04:54 | 000,000,273 | ---- | M] () -- C:\srch_stk_1.gif
[2012.02.22 19:04:54 | 000,000,268 | ---- | M] () -- C:\ab_1.gif
[2012.02.22 19:04:54 | 000,000,240 | ---- | M] () -- C:\srch_site_1.gif
[2012.02.22 19:04:54 | 000,000,138 | ---- | M] () -- C:\flk2.gif
[2012.02.22 19:04:54 | 000,000,113 | ---- | M] () -- C:\del_1.gif
[2012.02.22 19:04:53 | 000,000,304 | ---- | M] () -- C:\dir.bmp
[2012.02.22 19:04:53 | 000,000,279 | ---- | M] () -- C:\hj_1.gif
[2012.02.22 19:04:53 | 000,000,265 | ---- | M] () -- C:\srch_ans_1.gif
[2012.02.22 19:04:53 | 000,000,235 | ---- | M] () -- C:\srch_1.gif
[2012.02.22 19:04:53 | 000,000,131 | ---- | M] () -- C:\srch_loc_1.gif
[2012.02.22 19:04:53 | 000,000,123 | ---- | M] () -- C:\srch_sh_1.gif
[2012.02.22 19:04:53 | 000,000,121 | ---- | M] () -- C:\srch_nws_1.gif
[2012.02.22 19:04:53 | 000,000,113 | ---- | M] () -- C:\srch_aud_1.gif
[2012.02.22 19:04:53 | 000,000,112 | ---- | M] () -- C:\srch_vid_1.gif
[2012.02.22 19:04:53 | 000,000,112 | ---- | M] () -- C:\srch_img_1.gif
[2012.02.22 18:01:58 | 000,000,000 | -HS- | M] () -- C:\Windows\SysNative\dds_trash_log.cmd
[2012.02.21 20:45:27 | 000,055,384 | ---- | M] (Sunbelt Software) -- C:\Windows\SysNative\drivers\SBREDrv.sys
[2012.02.21 19:40:29 | 000,006,644 | ---- | M] () -- C:\Windows\wininit.ini
[2012.02.21 16:00:56 | 000,302,592 | ---- | M] () -- C:\Users\marius\Desktop\cw6ig4y5.exe
[2012.02.21 15:58:21 | 000,302,592 | ---- | M] () -- C:\Users\marius\Desktop\nejx9kpv.exe
[2012.02.21 15:22:05 | 004,729,344 | ---- | M] (AVAST Software) -- C:\Users\marius\Desktop\aswMBR.exe
[2012.02.21 15:21:27 | 002,060,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\marius\Desktop\tdsskiller.exe
[2012.02.21 13:12:08 | 004,414,945 | R--- | M] (Swearware) -- C:\Users\marius\Desktop\ComboFix.exe
[2012.02.21 13:10:19 | 000,123,712 | ---- | M] (ESET) -- C:\Users\marius\Desktop\ESETSirefefRemover.exe
[2012.02.21 13:10:16 | 000,187,464 | ---- | M] (Webroot) -- C:\Users\marius\Desktop\antizeroaccess.exe
[2012.02.21 12:44:36 | 000,000,188 | ---- | M] () -- C:\Users\marius\defogger_reenable
[2012.02.21 12:44:01 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\marius\Desktop\dds.scr
[2012.02.21 12:43:28 | 000,050,477 | ---- | M] () -- C:\Users\marius\Desktop\Defogger.exe
[2012.02.21 01:13:12 | 000,001,897 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2012.02.21 00:59:46 | 000,002,360 | ---- | M] () -- C:\Windows\SysNative\.crusader
[2012.02.20 20:31:31 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.02.20 20:21:44 | 000,000,691 | ---- | M] () -- C:\Users\marius\AppData\Roaming\GetValue.vbs
[2012.02.20 20:21:44 | 000,000,035 | ---- | M] () -- C:\Users\marius\AppData\Roaming\SetValue.bat
[2012.02.20 08:51:20 | 000,012,766 | ---- | M] () -- C:\Users\marius\AppData\Roaming\SmarThruOptions.xml
[2012.02.20 08:50:55 | 000,275,041 | ---- | M] () -- C:\Users\marius\Desktop\recipisa.pdf
[2012.02.19 13:04:18 | 000,546,169 | ---- | M] () -- C:\Users\marius\Desktop\DIPLOMA BAC.pdf
[2012.02.17 14:26:43 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.17 14:26:43 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.17 09:29:50 | 000,436,008 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.14 21:28:17 | 000,565,873 | ---- | M] () -- C:\Users\marius\Desktop\certificat.pdf
[2012.02.13 22:30:06 | 000,029,696 | ---- | M] () -- C:\Users\marius\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.07 01:21:33 | 000,002,253 | ---- | M] () -- C:\Users\marius\Desktop\Bridge Baron 17.lnk
[2012.02.05 01:14:29 | 000,003,553 | ---- | M] () -- C:\Users\marius\Documents\acasa.priv_profile
[2012.02.05 01:14:22 | 000,000,837 | ---- | M] () -- C:\Users\marius\Documents\acasa.pub_profile
[2012.02.05 01:11:57 | 000,002,523 | ---- | M] () -- C:\Users\Public\Desktop\LAN Bridger.lnk
[2012.02.05 01:09:26 | 000,366,837 | ---- | M] () -- C:\Users\marius\Desktop\valdore-screen1.jpg
[2012.02.04 22:31:13 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Aurora.lnk
[2012.02.03 01:53:21 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\SOL Exodus.lnk
[2012.02.01 14:33:15 | 000,002,048 | ---- | M] () -- C:\Users\marius\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012.01.26 23:10:48 | 000,001,007 | ---- | M] () -- C:\Users\marius\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2012.01.26 19:23:11 | 000,750,488 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll
[2012.01.26 19:23:11 | 000,660,368 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2012.01.26 19:23:11 | 000,263,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2012.01.26 19:23:11 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2012.01.26 19:23:11 | 000,188,808 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2012.01.26 19:20:39 | 000,637,848 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2012.01.26 19:20:39 | 000,567,184 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.01.26 19:20:39 | 000,223,112 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.01.26 19:20:39 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.01.26 19:20:39 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.01.26 15:51:44 | 000,001,173 | ---- | M] () -- C:\Users\marius\Application Data\Microsoft\Internet Explorer\Quick Launch\Babylon.lnk
[5 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.02.22 19:41:38 | 000,065,261 | ---- | C] () -- C:\Users\marius\Desktop\new files 2.jpg
[2012.02.22 19:39:16 | 000,115,346 | ---- | C] () -- C:\Users\marius\Desktop\new files 1.jpg
[2012.02.22 19:17:47 | 000,000,144 | ---- | C] () -- C:\Windows\SysNative\bootdelete.lst
[2012.02.22 19:14:06 | 000,003,400 | ---- | C] () -- C:\bootsqm.dat
[2012.02.22 19:04:54 | 000,000,380 | ---- | C] () -- C:\edu.bmp
[2012.02.22 19:04:54 | 000,000,284 | ---- | C] () -- C:\srch_map_1.gif
[2012.02.22 19:04:54 | 000,000,277 | ---- | C] () -- C:\mov_1.gif
[2012.02.22 19:04:54 | 000,000,274 | ---- | C] () -- C:\trav_1.gif
[2012.02.22 19:04:54 | 000,000,273 | ---- | C] () -- C:\srch_stk_1.gif
[2012.02.22 19:04:54 | 000,000,240 | ---- | C] () -- C:\srch_site_1.gif
[2012.02.22 19:04:54 | 000,000,138 | ---- | C] () -- C:\flk2.gif
[2012.02.22 19:04:54 | 000,000,113 | ---- | C] () -- C:\del_1.gif
[2012.02.22 19:04:53 | 000,000,304 | ---- | C] () -- C:\dir.bmp
[2012.02.22 19:04:53 | 000,000,279 | ---- | C] () -- C:\hj_1.gif
[2012.02.22 19:04:53 | 000,000,268 | ---- | C] () -- C:\ab_1.gif
[2012.02.22 19:04:53 | 000,000,265 | ---- | C] () -- C:\srch_ans_1.gif
[2012.02.22 19:04:53 | 000,000,235 | ---- | C] () -- C:\srch_1.gif
[2012.02.22 19:04:53 | 000,000,131 | ---- | C] () -- C:\srch_loc_1.gif
[2012.02.22 19:04:53 | 000,000,123 | ---- | C] () -- C:\srch_sh_1.gif
[2012.02.22 19:04:53 | 000,000,121 | ---- | C] () -- C:\srch_nws_1.gif
[2012.02.22 19:04:53 | 000,000,113 | ---- | C] () -- C:\srch_aud_1.gif
[2012.02.22 19:04:53 | 000,000,112 | ---- | C] () -- C:\srch_vid_1.gif
[2012.02.22 19:04:53 | 000,000,112 | ---- | C] () -- C:\srch_img_1.gif
[2012.02.22 18:12:20 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At48.job
[2012.02.22 18:12:20 | 000,000,112 | ---- | C] () -- C:\ProgramData\WQ867BRMt.dat
[2012.02.22 18:12:19 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At46.job
[2012.02.22 18:12:19 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At47.job
[2012.02.22 18:12:19 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At45.job
[2012.02.22 18:12:18 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At44.job
[2012.02.22 18:12:18 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At43.job
[2012.02.22 18:12:17 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At42.job
[2012.02.22 18:12:17 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At40.job
[2012.02.22 18:12:17 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At41.job
[2012.02.22 18:12:16 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At38.job
[2012.02.22 18:12:16 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At39.job
[2012.02.22 18:12:16 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At37.job
[2012.02.22 18:12:15 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At36.job
[2012.02.22 18:12:15 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At34.job
[2012.02.22 18:12:15 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At35.job
[2012.02.22 18:12:14 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At32.job
[2012.02.22 18:12:14 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At33.job
[2012.02.22 18:12:14 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At31.job
[2012.02.22 18:12:13 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At30.job
[2012.02.22 18:12:13 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At29.job
[2012.02.22 18:12:12 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At28.job
[2012.02.22 18:12:12 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At26.job
[2012.02.22 18:12:12 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At27.job
[2012.02.22 18:12:11 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At24.job
[2012.02.22 18:12:11 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At25.job
[2012.02.22 18:12:10 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At22.job
[2012.02.22 18:12:10 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At23.job
[2012.02.22 18:12:10 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At21.job
[2012.02.22 18:12:09 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At20.job
[2012.02.22 18:12:09 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At18.job
[2012.02.22 18:12:09 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At19.job
[2012.02.22 18:12:08 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At16.job
[2012.02.22 18:12:08 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At17.job
[2012.02.22 18:12:08 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At15.job
[2012.02.22 18:12:07 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At14.job
[2012.02.22 18:12:06 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At12.job
[2012.02.22 18:12:06 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At13.job
[2012.02.22 18:12:06 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At11.job
[2012.02.22 18:12:05 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At8.job
[2012.02.22 18:12:05 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At10.job
[2012.02.22 18:12:05 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At9.job
[2012.02.22 18:12:04 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At6.job
[2012.02.22 18:12:04 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At7.job
[2012.02.22 18:12:04 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At5.job
[2012.02.22 18:12:03 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At4.job
[2012.02.22 18:12:03 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At3.job
[2012.02.22 18:12:02 | 000,000,352 | ---- | C] () -- C:\Windows\tasks\At2.job
[2012.02.22 18:12:02 | 000,000,350 | ---- | C] () -- C:\Windows\tasks\At1.job
[2012.02.21 19:34:24 | 000,000,512 | ---- | C] () -- C:\Users\marius\Desktop\MBR.dat
[2012.02.21 16:00:52 | 000,302,592 | ---- | C] () -- C:\Users\marius\Desktop\cw6ig4y5.exe
[2012.02.21 15:58:18 | 000,302,592 | ---- | C] () -- C:\Users\marius\Desktop\nejx9kpv.exe
[2012.02.21 12:44:36 | 000,000,188 | ---- | C] () -- C:\Users\marius\defogger_reenable
[2012.02.21 12:43:26 | 000,050,477 | ---- | C] () -- C:\Users\marius\Desktop\Defogger.exe
[2012.02.21 00:59:46 | 000,002,360 | ---- | C] () -- C:\Windows\SysNative\.crusader
[2012.02.21 00:43:03 | 000,025,160 | ---- | C] () -- C:\Windows\SysNative\drivers\hitmanpro36.sys
[2012.02.21 00:43:02 | 000,001,897 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk
[2012.02.20 20:21:44 | 000,000,691 | ---- | C] () -- C:\Users\marius\AppData\Roaming\GetValue.vbs
[2012.02.20 20:21:44 | 000,000,035 | ---- | C] () -- C:\Users\marius\AppData\Roaming\SetValue.bat
[2012.02.20 20:19:37 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\swsc.exe
[2012.02.20 13:56:17 | 000,000,000 | -HS- | C] () -- C:\Windows\SysNative\dds_trash_log.cmd
[2012.02.20 08:50:55 | 000,275,041 | ---- | C] () -- C:\Users\marius\Desktop\recipisa.pdf
[2012.02.19 13:04:18 | 000,546,169 | ---- | C] () -- C:\Users\marius\Desktop\DIPLOMA BAC.pdf
[2012.02.14 21:28:16 | 000,565,873 | ---- | C] () -- C:\Users\marius\Desktop\certificat.pdf
[2012.02.10 14:59:49 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk
[2012.02.07 01:21:33 | 000,002,253 | ---- | C] () -- C:\Users\marius\Desktop\Bridge Baron 17.lnk
[2012.02.05 01:14:18 | 000,003,553 | ---- | C] () -- C:\Users\marius\Documents\acasa.priv_profile
[2012.02.05 01:14:18 | 000,000,837 | ---- | C] () -- C:\Users\marius\Documents\acasa.pub_profile
[2012.02.05 01:11:57 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LAN Bridger.lnk
[2012.02.05 01:11:57 | 000,002,523 | ---- | C] () -- C:\Users\Public\Desktop\LAN Bridger.lnk
[2012.02.05 01:09:26 | 000,366,837 | ---- | C] () -- C:\Users\marius\Desktop\valdore-screen1.jpg
[2012.02.04 22:31:13 | 000,001,081 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora.lnk
[2012.02.04 22:31:13 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Aurora.lnk
[2012.02.03 01:53:21 | 000,000,926 | ---- | C] () -- C:\Users\Public\Desktop\SOL Exodus.lnk
[2012.01.26 19:43:42 | 000,000,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
[2012.01.26 19:41:18 | 000,001,845 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012.01.26 15:51:44 | 000,001,173 | ---- | C] () -- C:\Users\marius\Application Data\Microsoft\Internet Explorer\Quick Launch\Babylon.lnk
[2012.01.14 13:32:21 | 000,000,128 | ---- | C] () -- C:\Users\marius\AppData\Roaming\Earthquakes Meter_Settings.ini
[2012.01.13 15:56:45 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.01.13 15:56:45 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.01.13 15:56:45 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.01.13 15:56:45 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.01.13 15:56:45 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.12.29 00:14:33 | 000,155,136 | ---- | C] () -- C:\Windows\SysWow64\AI_ContextMenu.dll
[2011.12.28 23:44:26 | 000,156,160 | ---- | C] () -- C:\Windows\SysWow64\WS_ContextMenu.dll
[2011.11.28 21:13:09 | 000,000,190 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.11.20 02:10:33 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2011.10.31 11:22:42 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.10.30 15:32:09 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.30 17:10:47 | 000,004,015 | ---- | C] () -- C:\Windows\SONYMAP.INI
[2011.09.30 17:10:47 | 000,000,051 | ---- | C] () -- C:\Windows\WINCMD.INI
[2011.09.28 16:49:39 | 000,204,800 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeW7.dll
[2011.09.28 16:49:39 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeA6.dll
[2011.09.28 16:49:39 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeP6.dll
[2011.09.28 16:49:39 | 000,192,512 | ---- | C] () -- C:\Windows\SysWow64\IVIresizeM6.dll
[2011.09.28 16:49:39 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\IVIresizePX.dll
[2011.09.28 16:49:39 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\IVIresize.dll
[2011.09.28 16:49:23 | 000,122,880 | ---- | C] () -- C:\Windows\SysWow64\cddvdint.dll
[2011.09.20 20:03:42 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2011.09.20 20:03:42 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2011.09.20 20:03:42 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2011.09.16 10:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.09.16 10:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.09.16 10:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.09.16 10:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.09.10 11:11:12 | 000,000,198 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.09.01 18:16:05 | 000,000,228 | ---- | C] () -- C:\Users\marius\AppData\Roaming\burnaware.ini
[2011.08.09 22:46:27 | 000,001,806 | ---- | C] () -- C:\Windows\TSearch.INI
[2011.07.25 21:00:38 | 000,000,032 | ---- | C] () -- C:\Windows\Hacking for beginners - Toolkit.INI
[2011.07.23 11:19:48 | 000,000,000 | ---- | C] () -- C:\Users\marius\AppData\Local\{47F346C4-1A93-4B27-AD89-E66782DFB192}
[2011.07.11 06:47:32 | 000,000,000 | ---- | C] () -- C:\Users\marius\AppData\Local\{9D1694A1-4DEF-41E7-B82F-E339A22DFE96}
[2011.07.11 06:45:34 | 000,000,000 | ---- | C] () -- C:\Users\marius\AppData\Local\{8FB2B54B-AD55-42EA-BB48-F7DCDA80123A}
[2011.07.11 06:39:09 | 000,000,000 | ---- | C] () -- C:\Users\marius\AppData\Local\{5CFBAFDF-DBD7-4CD9-839D-7F17FE2A728D}
[2011.07.07 20:22:14 | 000,000,008 | RHS- | C] () -- C:\ProgramData\7528C42DAE.sys
[2011.07.07 20:22:13 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.05.29 22:16:25 | 000,006,644 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.25 22:55:18 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.04.25 22:55:15 | 000,120,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2011.04.25 22:55:14 | 000,631,808 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.04.25 22:55:14 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.04.25 22:55:14 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.04.25 18:39:32 | 000,000,116 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.04.22 18:33:21 | 000,777,058 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.21 23:04:54 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.04.16 15:53:31 | 000,007,596 | ---- | C] () -- C:\Users\marius\AppData\Local\Resmon.ResmonCfg
[2011.04.09 16:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.04.06 19:36:53 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.04.06 12:13:10 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.04.06 12:11:56 | 000,000,291 | ---- | C] () -- C:\Windows\red_dialer.ini
[2011.04.04 16:33:15 | 000,029,696 | ---- | C] () -- C:\Users\marius\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.04 16:27:00 | 000,831,600 | ---- | C] () -- C:\Windows\SysWow64\Ctaa1.dat
[2011.04.04 16:25:42 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2011.04.04 15:57:45 | 000,111,104 | ---- | C] () -- C:\Windows\SysWow64\Uharc.exe
[2011.04.04 15:57:45 | 000,008,636 | ---- | C] () -- C:\Windows\SysWow64\modifype.exe
[2011.04.03 20:21:12 | 000,166,912 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.04.03 20:21:12 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.04.03 19:29:30 | 000,030,756 | ---- | C] () -- C:\Windows\SysWow64\e10kxwdm.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 156 bytes -> C:\ProgramData\TEMP:42D9E231

< End of report >

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:12 PM

Posted 22 February 2012 - 02:07 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

KillAll::

AtJob::

File::
C:\Windows\SysNative\cpuidlep.dll
C:\Windows\SysNative\dds_trash_log.cmd
C:\ProgramData\WQ867BRMt.dat

NetSvc::
iviVD

Driver::
iviVD

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 vasiica

vasiica
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 22 February 2012 - 02:17 PM

Hello,

i will disable the av program and run combofix with script.

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:12 PM

Posted 22 February 2012 - 02:20 PM

:thumbup2:
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 vasiica

vasiica
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 22 February 2012 - 02:42 PM

i have a problem with posting the result : is too long i will cut it in 2

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:12 PM

Posted 22 February 2012 - 02:45 PM

no problem or you can upload it to mediafire.com and send me the link


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 vasiica

vasiica
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:12 PM

Posted 22 February 2012 - 02:48 PM

this is the link to mediafire :
http://www.mediafire.com/?4nh4k0zj645jif9

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:12 PM

Posted 22 February 2012 - 03:00 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

KillAll::

File::
C:\Windows\system32\consrv.dll
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users