Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with unknown trojan/worm/backdoor... refered from Malware forum


  • This topic is locked This topic is locked
5 replies to this topic

#1 lilking420

lilking420

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Minnesota
  • Local time:11:39 AM

Posted 26 March 2012 - 11:14 PM

Referred by Nasdaq

http://www.bleepingcomputer.com/forums/topic444767.html

I have had to reimage (again) since the last post on the above thread. This problem started with DDoS attack and access control problems and access denied messages. I am seeing strange programs and file names. Also, i am on a stand alone, windows 7 home premium machine yet I am seeing group policy is installed among other things. I am unable to start windows firewall at the moment which prompted me to start here. I fear a trojan/rootkit hiding itself in valid windows programs. I cannot find a Antivirus or anti malware program that identifies anything as problematic, but I am quite sure something has infected my machine.

Please advise... Thanks

Edited by Orange Blossom, 27 March 2012 - 12:02 AM.
Moved to Windows 7 forum and fixed link. ~ OB


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,414 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:11:39 AM

Posted 27 March 2012 - 09:12 AM

All suspicions aside...exactly what is wrong with the system today, right now?

What are the exact indications that trigger your ideas that something is amiss?

Louis

#3 lilking420

lilking420
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Minnesota
  • Local time:11:39 AM

Posted 27 March 2012 - 05:41 PM

Windows Firewall will not start. "Error code 0x80070424. The system cannot change some of your settings" I am unable to attach a screen shot due to size limits... Nothing is reported to event viewer regarding the firewall error. Webroot free shows some infections example immediately below, also finds infections with svchost.exe, wisptis.exe, dllhost.exe... but when scanned with other programs, including those Nasdaq had me use, find nothing... Sorry for the messiness, just frustrated... Please advise

Fri 2012-03-23 14:04:21.0627 Monitoring process C:\Windows\SysWow64\NOTEPAD.EXE [D378BFFB70923139D6A4F546864AA61C]. Type: 0 (3636)
Fri 2012-03-23 14:04:22.0485 Monitoring process C:\Windows\System32\dwm.exe [F162D5F5E845B9DC352DD1BAD8CEF1BC]. Type: 0 (328)
Fri 2012-03-23 14:04:23.0047 Monitoring process C:\Windows\System32\lsm.exe [9662EE182644511439F1C53745DC1C88]. Type: 0 (428)
Fri 2012-03-23 14:04:23.0905 Infection detected: c:\windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_d18028273214fa77\searchfilterhost.exe [MD5: 52D56D1013D4F1B99102679314CC5325] [17/00010460] [(null)]
Fri 2012-03-23 14:07:01.0228 >>> Service started [v8.0.1.154]
Fri 2012-03-23 14:07:01.0384 Terminated abruptly in the last session
Fri 2012-03-23 14:07:38.0971 User process connected successfully from PID 920, Session 1
Fri 2012-03-23 14:07:43.0386 Connecting to 14 - 14
Fri 2012-03-23 14:07:43.0870 Monitoring process C:\Program Files\AVAST Software\Avast\setup\avast.setup [03CF68DDE2311640AB2723B3AAFE16D9]. Type: 3 (3641)
Fri 2012-03-23 14:07:43.0870 Monitoring process C:\Program Files\AVAST Software\Avast\setup\avast.setup [03CF68DDE2311640AB2723B3AAFE16D9]. Type: 4 (3641)
Fri 2012-03-23 14:07:43.0870 Monitoring process C:\Program Files\AVAST Software\Avast\setup\avast.setup [03CF68DDE2311640AB2723B3AAFE16D9]. Type: 5 (3641)
Fri 2012-03-23 14:07:43.0870 Monitoring process C:\Program Files\AVAST Software\Avast\setup\avast.setup [03CF68DDE2311640AB2723B3AAFE16D9]. Type: 7 (3641)
Fri 2012-03-23 14:07:43.0901 Monitoring process C:\Program Files\AVAST Software\Avast\setup\avast.setup [03CF68DDE2311640AB2723B3AAFE16D9]. Type: 8 (3641)
Fri 2012-03-23 14:07:48.0815 Monitoring process C:\Windows\system32\runonce.exe [025E7DBDB98866ED3CB2D4DDA70B364D]. Type: 3 (3644)
Fri 2012-03-23 14:07:48.0815 Monitoring process C:\Windows\system32\runonce.exe [025E7DBDB98866ED3CB2D4DDA70B364D]. Type: 4 (3644)
Fri 2012-03-23 14:07:48.0815 Monitoring process C:\Windows\system32\runonce.exe [025E7DBDB98866ED3CB2D4DDA70B364D]. Type: 5 (3644)
Fri 2012-03-23 14:07:48.0815 Monitoring process C:\Windows\system32\runonce.exe [025E7DBDB98866ED3CB2D4DDA70B364D]. Type: 7 (3644)
Fri 2012-03-23 14:07:48.0815 Monitoring process C:\Windows\system32\runonce.exe [025E7DBDB98866ED3CB2D4DDA70B364D]. Type: 8 (3644)
Fri 2012-03-23 14:08:56.0972 Saved updated configuration
Fri 2012-03-23 14:08:59.0310 Determination flags modified: MD5: 49A3AD5CE578CD77F445F3D244AEAB2D, Size: 113664 bytes, Flags: 00000040
Fri 2012-03-23 14:09:01.0759 Saved updated configuration
Fri 2012-03-23 14:09:03.0370 Determination flags modified: MD5: D9E21CBF9E6A87847AFFD39EA3FA28EE, Size: 249856 bytes, Flags: 00000040
Fri 2012-03-23 14:09:09.0986 Saved updated configuration
Fri 2012-03-23 14:09:09.0986 Determination flags modified: MD5: BFDB58616FF5EA540A5F58301D50641E, Size: 483688 bytes, Flags: 00000100
Fri 2012-03-23 14:10:15.0070 Scan Started: [ID: 2 - Flags: 551/16]
Fri 2012-03-23 14:10:50.0747 Infection detected: c:\windows\system32\searchfilterhost.exe [MD5: 49A3AD5CE578CD77F445F3D244AEAB2D] [17/40090470] [(null)]
Fri 2012-03-23 14:10:50.0997 Infection detected: c:\windows\system32\searchprotocolhost.exe [MD5: D9E21CBF9E6A87847AFFD39EA3FA28EE] [17/40090470] [(null)]

Determination flags modified: MD5: 02E20372D9D6D28E37BA9704EDC90B67, Size: 405504 bytes, Flags: 00000020
Fri 2012-03-23 13:19:12.0663 Determination flags modified: MD5: 02E20372D9D6D28E37BA9704EDC90B67, Size: 405504 bytes, Flags: 00000020
Fri 2012-03-23 13:19:33.0283 Performing cleanup entry: 2
Fri 2012-03-23 13:19:53.0713 Performing cleanup entry: 4
Fri 2012-03-23 13:20:14.0075 Performing cleanup entry: 3
Fri 2012-03-23 13:20:25.0222 Saved updated configuration
Fri 2012-03-23 13:20:33.0416 Performing cleanup entry: 6
Fri 2012-03-23 13:20:54.0442 Performing cleanup entry: 5
Fri 2012-03-23 13:21:00.0610 Monitoring process C:\Windows\system32\DllHost.exe [A8EDB86FC2A4D6D1285E4C70384AC35A]. Type: 0 (169)
Fri 2012-03-23 13:21:14.0604 Monitoring process C:\Windows\system32\DllHost.exe [A8EDB86FC2A4D6D1285E4C70384AC35A]. Type: 0 (169)
Fri 2012-03-23 13:21:35.0644 Rule Overridden: MD5: 02E20372D9D6D28E37BA9704EDC90B67, Size: 405504 bytes, ID: 20000007, Result: 5
Fri 2012-03-23 13:21:35.0644 Saved updated configuration
Fri 2012-03-23 13:21:39.0624 Monitoring process C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [11A52CF7B265631DEEB24C6149309EFF]. Type: 0 (955)
Fri 2012-03-23 13:21:39.0624 Rule Overridden: MD5: 11A52CF7B265631DEEB24C6149309EFF, Size: 64952 bytes, ID: 20000007, Result: 5
Fri 2012-03-23 13:21:39.0624 Saved updated configuration
Fri 2012-03-23 13:21:43.0682 Monitoring process C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [056B19651BD7B7CE5F89A3AC46DBDC08]. Type: 0 (1354)
Fri 2012-03-23 13:21:45.0092 Monitoring process C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [BFDB58616FF5EA540A5F58301D50641E]. Type: 0 (3431)
Fri 2012-03-23 13:21:46.0002 Monitoring process C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [B94C3C4DCA2093243C76CA218EDE2A97]. Type: 0 (3244)
Fri 2012-03-23 13:21:46.0242 Rule Overridden: MD5: 49A3AD5CE578CD77F445F3D244AEAB2D, Size: 113664 bytes, ID: 20000007, Result: 5
Fri 2012-03-23 13:21:46.0242 Saved updated configuration
Fri 2012-03-23 13:21:50.0654 Monitoring process C:\Program Files (x86)\Mozilla Firefox\firefox.exe [637F2BDC0E53704D121DDD27A1F62090]. Type: 0 (1250)
Fri 2012-03-23 13:21:57.0954 Rule Overridden: MD5: D9E21CBF9E6A87847AFFD39EA3FA28EE, Size: 249856 bytes, ID: 20000007, Result: 5
Fri 2012-03-23 13:21:57.0954 Saved updated configuration
Fri 2012-03-23 13:24:11.0473 Infection detected: c:\windows\winsxs\amd64_microsoft-windows-t..platform-input-core_31bf3856ad364e35_6.1.7601.17514_none_2f3651e7f36d703f\wisptis.exe [MD5: 02E20372D9D6D28E37BA9704EDC90B67] [17/C0090470] [(null)]
Fri 2012-03-23 13:24:11.0473 Determination flags modified: MD5: 02E20372D9D6D28E37BA9704EDC90B67, Size: 405504 bytes, Flags: 00000040




Here are some examples of event viewer entries... if that helps...

Application Log:
Error 3/27/2012 3:05:16 AM Microsoft-Windows-Search 3100 Gatherer "Unable to initialize the filter host process. Terminating.

Details:
The system cannot find the file specified. (HRESULT : 0x80070002) (0x80070002)
"
Error 3/27/2012 3:05:05 AM Microsoft-Windows-Search 3100 Gatherer "Unable to initialize the filter host process. Terminating.

Details:
The system cannot find the file specified. (HRESULT : 0x80070002) (0x80070002)
"
Warning 3/27/2012 3:05:05 AM Microsoft-Windows-Search 1015 Search service Event ID 3100 for the Windows Search Service has been suppressed 328 time(s) since 2:04:57 AM. This event is used to suppress Windows Search Service events that have occurred frequently within a short period of time. See Event ID 3100 for further details on this event.
Information 3/27/2012 2:54:10 AM VSS 8224 None The VSS service is shutting down due to idle timeout.
Warning 3/27/2012 2:51:10 AM VSS 12348 None Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{f24c9160-74a4-11e1-b90d-180373101bfe}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again.

Operation:
Removing auto-release shadow copies
Loading provider

Context:
Execution Context: System Provider
Error 3/27/2012 2:44:52 AM SideBySide 80 None "Activation context generation failed for ""c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe"".Error in manifest or policy file """" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest."
Error 3/27/2012 2:44:40 AM SideBySide 72 None "Activation context generation failed for ""c:\program files\microsoft security client\MSESysprep.dll"".Error in manifest or policy file ""c:\program files\microsoft security client\MSESysprep.dll"" on line 10. The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows."





System log:
Information 3/27/2012 12:13:32 PM Service Control Manager 7036 None
Information 3/27/2012 12:00:29 PM EventLog 6013 None
Information 3/27/2012 11:30:07 AM Service Control Manager 7036 None
Information 3/27/2012 11:21:14 AM Service Control Manager 7036 None
Information 3/27/2012 11:13:37 AM Service Control Manager 7036 None
Information 3/27/2012 11:11:14 AM Service Control Manager 7036 None
Information 3/27/2012 10:29:46 AM Service Control Manager 7036 None
Information 3/27/2012 10:15:37 AM Service Control Manager 7036 None
Information 3/27/2012 10:13:16 AM Service Control Manager 7036 None
Information 3/27/2012 10:06:46 AM Service Control Manager 7036 None
Information 3/27/2012 10:01:43 AM Service Control Manager 7036 None
Information 3/27/2012 9:58:10 AM Service Control Manager 7036 None
Information 3/27/2012 9:27:13 AM Service Control Manager 7036 None
Information 3/27/2012 9:24:12 AM Service Control Manager 7036 None
Information 3/27/2012 9:14:12 AM Service Control Manager 7036 None
Information 3/27/2012 9:10:43 AM Service Control Manager 7036 None
Information 3/27/2012 8:24:46 AM Service Control Manager 7036 None
Information 3/27/2012 8:16:52 AM Service Control Manager 7036 None
Information 3/27/2012 8:14:46 AM Service Control Manager 7036 None
Information 3/27/2012 8:00:22 AM Service Control Manager 7036 None
Information 3/27/2012 7:15:32 AM Service Control Manager 7036 None
Information 3/27/2012 7:11:30 AM Service Control Manager 7036 None
Information 3/27/2012 7:01:30 AM Service Control Manager 7036 None
Information 3/27/2012 6:50:02 AM Service Control Manager 7036 None
Information 3/27/2012 6:20:34 AM Service Control Manager 7036 None
Information 3/27/2012 6:15:14 AM Service Control Manager 7036 None
Information 3/27/2012 6:10:34 AM Service Control Manager 7036 None
Information 3/27/2012 5:49:44 AM Service Control Manager 7036 None
Information 3/27/2012 5:24:42 AM Service Control Manager 7036 None
Information 3/27/2012 5:14:42 AM Service Control Manager 7036 None
Information 3/27/2012 5:05:56 AM Service Control Manager 7036 None
Information 3/27/2012 4:49:26 AM Service Control Manager 7036 None
Information 3/27/2012 4:10:30 AM Service Control Manager 7036 None
Information 3/27/2012 4:04:37 AM Service Control Manager 7036 None
Information 3/27/2012 4:00:30 AM Service Control Manager 7036 None
Information 3/27/2012 3:39:07 AM Service Control Manager 7036 None
Information 3/27/2012 3:12:42 AM Service Control Manager 7036 None
Information 3/27/2012 3:00:02 AM Service Control Manager 7036 None
Information 3/27/2012 2:57:11 AM Service Control Manager 7036 None
Information 3/27/2012 2:54:33 AM Service Control Manager 7036 None
Information 3/27/2012 2:54:11 AM Service Control Manager 7036 None
Information 3/27/2012 2:51:10 AM Service Control Manager 7036 None
Information 3/27/2012 2:51:10 AM Service Control Manager 7036 None
Information 3/27/2012 2:51:10 AM Service Control Manager 7036 None
Information 3/27/2012 2:41:10 AM Service Control Manager 7036 None
Information 3/27/2012 2:39:37 AM Service Control Manager 7036 None
Information 3/27/2012 2:38:31 AM Service Control Manager 7036 None
Information 3/27/2012 2:35:42 AM Service Control Manager 7036 None
Information 3/27/2012 2:34:34 AM Service Control Manager 7036 None
Information 3/27/2012 2:31:34 AM Service Control Manager 7036 None
Information 3/27/2012 2:28:52 AM Service Control Manager 7036 None
Information 3/27/2012 2:26:52 AM Service Control Manager 7036 None
Information 3/27/2012 2:25:52 AM Service Control Manager 7045 None
Information 3/27/2012 2:25:50 AM Service Control Manager 7036 None
Information 3/27/2012 2:25:28 AM Service Control Manager 7036 None
Information 3/27/2012 2:25:12 AM Service Control Manager 7036 None
Information 3/27/2012 2:24:44 AM Service Control Manager 7036 None
Information 3/27/2012 2:18:54 AM Service Control Manager 7045 None
Information 3/27/2012 2:18:04 AM Service Control Manager 7036 None
Information 3/27/2012 2:17:50 AM Service Control Manager 7036 None
Information 3/27/2012 2:12:27 AM Service Control Manager 7036 None
Information 3/27/2012 2:12:19 AM Service Control Manager 7036 None
Information 3/27/2012 2:12:15 AM Application-Experience 206 None
Information 3/27/2012 2:12:12 AM Service Control Manager 7036 None
Information 3/27/2012 2:12:11 AM Service Control Manager 7036 None
Information 3/27/2012 2:12:10 AM Winlogon 7001 (1101)
Information 3/27/2012 2:12:08 AM Service Control Manager 7036 None
Information 3/27/2012 2:10:57 AM Service Control Manager 7036 None
Information 3/27/2012 2:06:07 AM Service Control Manager 7036 None
Information 3/27/2012 2:02:57 AM Service Control Manager 7036 None
Information 3/27/2012 2:01:09 AM Service Control Manager 7036 None
Information 3/27/2012 2:01:08 AM Service Control Manager 7036 None
Information 3/27/2012 2:01:05 AM Service Control Manager 7036 None
Information 3/27/2012 2:01:05 AM Service Control Manager 7036 None
Information 3/27/2012 2:01:04 AM Service Control Manager 7036 None
Information 3/27/2012 2:01:03 AM Service Control Manager 7036 None
Information 3/27/2012 2:01:03 AM FilterManager 6 None
Information 3/27/2012 2:01:03 AM Service Control Manager 7036 None
Information 3/27/2012 2:01:02 AM Service Control Manager 7036 None
Information 3/27/2012 2:01:02 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:57 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:57 AM Service Control Manager 7036 None
Error 3/27/2012 1:59:24 AM Microsoft Antimalware 3002 None
Information 3/27/2012 1:59:14 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:06 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:04 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:04 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:04 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:04 AM Service Control Manager 7042 None
Information 3/27/2012 1:59:03 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:03 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:03 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:03 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:03 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:02 AM Service Control Manager 7036 None
Information 3/27/2012 1:59:02 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:58 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:58 AM FilterManager 6 None
Information 3/27/2012 1:58:58 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:57 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:56 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:56 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:56 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:56 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:56 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:56 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:56 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:54 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:44 AM Application-Experience 201 None
Error 3/27/2012 1:58:43 AM Service Control Manager 7003 None
Information 3/27/2012 1:58:31 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:31 AM Service Control Manager 7036 None
Error 3/27/2012 1:58:30 AM Service Control Manager 7003 None
Error 3/27/2012 1:58:30 AM Service Control Manager 7000 None
Error 3/27/2012 1:58:30 AM Service Control Manager 7009 None
Error 3/27/2012 1:58:04 AM Service Control Manager 7023 None
Information 3/27/2012 1:58:04 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:00 AM Service Control Manager 7036 None
Information 3/27/2012 1:58:00 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:59 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:59 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:58 AM Service Control Manager 7036 None
Error 3/27/2012 1:57:57 AM Service Control Manager 7000 None
Information 3/27/2012 1:57:57 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:56 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:56 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:56 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:54 AM WLAN-AutoConfig 4000 None
Information 3/27/2012 1:57:54 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:53 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:53 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:53 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:53 AM DHCPv6-Client 51046 Service State Event
Information 3/27/2012 1:57:53 AM Dhcp-Client 50036 Service State Event
Information 3/27/2012 1:57:53 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:53 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:53 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:52 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:52 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:52 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:52 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:52 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:52 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:52 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:52 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:52 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:51 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:51 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:50 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:49 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:48 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:47 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:47 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:47 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:47 AM FilterManager 6 None
Information 3/27/2012 1:57:47 AM FilterManager 6 None
Information 3/27/2012 1:57:47 AM FilterManager 6 None
Information 3/27/2012 1:57:47 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:57:45 AM UserPnp 20010 (7010)
Information 3/27/2012 1:57:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:36:16 AM FilterManager 6 None
Information 3/27/2012 1:36:15 AM Kernel-Processor-Power 26 (4)
Information 3/27/2012 1:36:15 AM Kernel-Processor-Power 26 (4)
Warning 3/27/2012 1:36:15 AM RTL8167 1 None
Information 3/27/2012 1:36:13 AM FilterManager 6 None
Information 3/27/2012 1:36:13 AM FilterManager 6 None
Information 3/27/2012 1:36:10 AM FilterManager 6 None
Information 3/27/2012 1:36:10 AM FilterManager 6 None
Information 3/27/2012 1:36:10 AM Kernel-General 12 None
Information 3/27/2012 1:35:53 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:52 AM Kernel-General 13 None
Information 3/27/2012 1:35:50 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:50 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:49 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:49 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:48 AM Kernel-Power 109 (103)
Information 3/27/2012 1:57:49 AM EventLog 6013 None
Information 3/27/2012 1:57:49 AM EventLog 6005 None
Information 3/27/2012 1:57:49 AM EventLog 6009 None
Information 3/27/2012 1:35:48 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:48 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:47 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:47 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:46 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:46 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:46 AM Service Control Manager 7036 None
Warning 3/27/2012 1:35:46 AM WLAN-AutoConfig 4001 None
Information 3/27/2012 1:35:46 AM EventLog 6006 None
Information 3/27/2012 1:35:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:45 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM UserPnp 20010 (7010)
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Dhcp-Client 50037 Service State Event
Information 3/27/2012 1:35:44 AM DHCPv6-Client 51047 Service State Event
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:44 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:43 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:42 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:42 AM WindowsUpdateClient 27 Windows Update Agent
Information 3/27/2012 1:35:42 AM Service Control Manager 7036 None
Information 3/27/2012 1:35:41 AM Winlogon 7002 (1102)
Information 3/27/2012 1:35:41 AM USER32 1074 None
Information 3/27/2012 1:33:52 AM Service Control Manager 7036 None

EDIT 7:40PM: Just ran an avast quick scan and got an error... winstart.bat file is offline - it is currently not available. (42006)

EDIT 8:02PM: Seeing this from Process Hacker 2... Disk tab


Unknown Process (4640), C:\Users\P\AppData\Local\Temp\904D57F61A9D7FE5185C01B47D54C2FB, , 101.11 kB/s, 101.11 kB/s, Normal, 4
System (4), C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTPhEtRundownLogger.etl, , 95.97 kB/s, 95.97 kB/s, Normal, 2
System (4), C:\Windows\Prefetch\SVCHOST.EXE-93CEEE07.pf, , 44.95 kB/s, 44.95 kB/s, Normal, 2
System (4), C:\$Mft, , 23.33 kB/s, 23.33 kB/s, Normal, 0
System (4), C:\$LogFile, , 10.12 kB/s, 10.12 kB/s, Normal, 0
System (4), C:\Windows\System32\config\SOFTWARE.LOG1, , 3.25 kB/s, 3.25 kB/s, Normal, 0
System (4), C:\Users\P\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VR8H35QV, , 2 kB/s, 2 kB/s, Normal, 1
System (4), C:\Windows\System32\config\SOFTWARE, , 1.63 kB/s, 1.63 kB/s, Normal, 0
System (4), C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-AFAD3EF9.pf, , 1 kB/s, 1 kB/s, Normal, 0
System (4), C:\Users\P\ntuser.dat.LOG1, , 873 B/s, 873 B/s, Normal, 0
System (4), C:\Users\P\NTUSER.DAT, , 783 B/s, 783 B/s, Normal, 0
System (4), C:\$Extend\$UsnJrnl:$J, , 739 B/s, 739 B/s, Normal, 0
Unknown Process (4640), C:\Users\P\AppData\Local\Temp\8B57FEA3A174D628D7F49EA8FD939D31, , 455 B/s, 455 B/s, Normal, 0
System (4), C:\ProgramData\AVAST Software\Avast\report\FileSystemShield.txt, , 455 B/s, 455 B/s, Normal, 0
System (4), C:\Windows\System32\wbem\Repository, , 372 B/s, 372 B/s, Normal, 0
System (4), C:\ProgramData\AVAST Software\Avast\log\usntr.log, , 325 B/s, 325 B/s, Normal, 0
System (4), C:\ProgramData\Lavasoft\Ad-Aware\Logs\Debug.log, , 256 B/s, 256 B/s, Normal, 0
System (4), C:\ProgramData\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.12.gthr, , 170 B/s, 170 B/s, Normal, 1
svchost.exe (484), C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat, , 30 B/s, 30 B/s, Normal, 0
svchost.exe (800), C:\Windows\System32\tcpipcfg.dll, 3.53 kB/s, , 3.53 kB/s, Normal, 4
svchost.exe (800), C:\Windows\System32\rascfg.dll, 3.42 kB/s, , 3.42 kB/s, Normal, 4
svchost.exe (800), C:\Windows\System32\en-US\tcpipcfg.dll.mui, 1.75 kB/s, , 1.75 kB/s, Normal, 3
svchost.exe (800), C:\Windows\System32\en-US\rascfg.dll.mui, 170 B/s, , 170 B/s, Normal, 2
svchost.exe (800), C:\Windows\System32\en-US\FirewallAPI.dll.mui, 1.78 kB/s, , 1.78 kB/s, Normal, 10
svchost.exe (800), C:\Windows\System32\en-US\clfs.sys.mui, 113 B/s, , 113 B/s, Normal, 5
svchost.exe (800), C:\Windows\System32\drivers\volmgrx.sys, 3.5 kB/s, , 3.5 kB/s, Normal, 8
svchost.exe (800), C:\Windows\System32\drivers\RDPREFMP.sys, 455 B/s, , 455 B/s, Normal, 10
svchost.exe (800), C:\Windows\System32\drivers\RDPENCDD.sys, 426 B/s, , 426 B/s, Normal, 10
svchost.exe (800), C:\Windows\System32\drivers\RDPCDD.sys, 426 B/s, , 426 B/s, Normal, 8
svchost.exe (800), C:\Windows\System32\drivers\nsiproxy.sys, 1.33 kB/s, , 1.33 kB/s, Normal, 0
svchost.exe (800), C:\Windows\System32\drivers\netbt.sys, 3.53 kB/s, , 3.53 kB/s, Normal, 0
svchost.exe (800), C:\Windows\System32\drivers\mountmgr.sys, 3.36 kB/s, , 3.36 kB/s, Normal, 7
svchost.exe (800), C:\Windows\System32\drivers\hwpolicy.sys, 824 B/s, , 824 B/s, Normal, 0
svchost.exe (800), C:\Windows\System32\drivers\en-US\volmgrx.sys.mui, 142 B/s, , 142 B/s, Normal, 5
svchost.exe (800), C:\Windows\System32\drivers\en-US\pacer.sys.mui, 853 B/s, , 853 B/s, Normal, 0
svchost.exe (800), C:\Windows\System32\drivers\en-US\mountmgr.sys.mui, 142 B/s, , 142 B/s, Normal, 8
svchost.exe (800), C:\Windows\System32\drivers\en-US\afd.sys.mui, 824 B/s, , 824 B/s, Normal, 1
svchost.exe (800), C:\Windows\System32\drivers\discache.sys, 2.19 kB/s, , 2.19 kB/s, Normal, 0
svchost.exe (800), C:\Windows\System32\DriverStore\en-US, 2.67 kB/s, , 2.67 kB/s, Normal, 0
ProcessHacker.exe (4928), C:\Windows\System32\advapi32.dll, 240 B/s, , 240 B/s, Normal, 12
svchost.exe (3640), C:\Windows\Prefetch\SVCHOST.EXE-93CEEE07.pf, 27.36 kB/s, , 27.36 kB/s, Normal, 9
svchost.exe (800), C:\Windows\inf\volume.PNF, 227 B/s, , 227 B/s, Normal, 7
System (4), C:\Windows\inf\volume.PNF, 142 B/s, , 142 B/s, Normal, 0



EDIT 10:50PM - is this normal?
searchprotocolhost.exe, 6672, < 0.01, , 2.05 MB, NT AUTHORITY\SYSTEM, Microsoft Windows Search Protocol Host, "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe36_ Global\UsGthrCtrlFltPipeMssGthrPipe36 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" , Microsoft Corporation, , N/A, C:\Windows\System32\searchprotocolhost.exe, , System, 00:00:00.031, , , 4, 29.45 MB, , ,

This as well? SYNC isn't even spelled correctly...?
unsecapp.exe, 1612, , , 2.13 MB, NT AUTHORITY\SYSTEM, Sink to receive asynchronous callbacks for WMI client application, C:\Windows\system32\wbem\unsecapp.exe -Embedding, Microsoft Corporation, , N/A, C:\Windows\System32\wbem\unsecapp.exe, , System, 00:00:00.015, Windows 7, , 3, 30.32 MB, , ,


Also seeing this from UnHackMe RegReanimator...

[Shell Services DelayLoad] :HKLM WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[App Paths] :HKLM 7zFM.exe=C:\Program Files\7-Zip\7zFM.exe
[App Paths] :HKLM AcroRd32.exe=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
[App Paths] :HKLM AvastUI.exe=C:\Program Files\AVAST Software\Avast\AvastUI.exe
[App Paths] :HKLM Backup_Central10.exe=C:\Program Files (x86)\Roxio\BackOnTrack\Main\Backup_Central10.exe
[App Paths] :HKLM ccleaner.exe=C:\Program Files\CCleaner\CCleaner64.exe
[App Paths] :HKLM Creator12OEM.exe=C:\Program Files (x86)\Roxio\OEM\Creator Classic 12\Creator12OEM.exe
[App Paths] :HKLM CTIEMain.exe=C:\Program Files (x86)\Dell Webcam\Live! Cam Avatar Creator\CT Program\CTIEMain.exe
[App Paths] :HKLM DiscImageLoader12OEM.exe=C:\Program Files (x86)\Roxio\OEM\Virtual Drive 12\DiscImageLoader12OEM.exe
[App Paths] :HKLM DVDMusicAssistant12OEM.exe=C:\Program Files (x86)\Roxio\OEM\AudioCore\DVDMusicAssistant12OEM.exe
[App Paths] :HKLM firefox.exe=C:\Program Files (x86)\Mozilla Firefox\firefox.exe
[App Paths] :HKLM IEDIAGCMD.EXE=C:\Program Files (x86)\Internet Explorer\IEDIAGCMD.EXE
[App Paths] :HKLM IEXPLORE.EXE=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
[App Paths] :HKLM InstSrvc.exe=C:\Program Files (x86)\Roxio\OEM\Virtual Drive 12\InstSrvc.exe
[App Paths] :HKLM javaws.exe=C:\Program Files (x86)\Java\jre6\bin\javaws.exe
[App Paths] :HKLM Launch_Retrieve.exe=C:\Program Files (x86)\Roxio\OEM\Retrieve 12\Launch_Retrieve.exe
[App Paths] :HKLM mbam.exe=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
[App Paths] :HKLM pbrush.exe=%SystemRoot%\System32\mspaint.exe
[App Paths] :HKLM PhotoShow Express.exe=C:\Program Files (x86)\Roxio\OEM\PhotoShowExpress\PhotoShow Express.exe
[App Paths] :HKLM PowerDVD9=C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.exe
[App Paths] :HKLM PowerShell.exe=%SystemRoot%\system32\WindowsPowerShell\v1.0\PowerShell.exe
[App Paths] :HKLM Retrieve12OEM.exe=C:\Program Files (x86)\Roxio\OEM\Retrieve 12\Retrieve12OEM.exe
[App Paths] :HKLM Roxio Burn.exe=C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe
[App Paths] :HKLM RoxioCentralFx.exe=C:\Program Files (x86)\Roxio\OEM\Roxio Central 5\RoxioCentralFx.exe
[App Paths] :HKLM RoxMediaDB12OEM.exe=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
[App Paths] :HKLM RoxWatch12OEM.exe=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
[App Paths] :HKLM RoxWatchTray12OEM.exe=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
[App Paths] :HKLM RoxWizardLauncher12OEM.exe=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCom\RoxWizardLauncher12OEM.exe
[App Paths] :HKLM ShareLauncher12OEM.exe=C:\Program Files (x86)\Common Files\Roxio Shared\OEM\RoxioSharedAPI\ShareLauncher12OEM.exe
[App Paths] :HKLM sidebar.exe="%ProgramFiles%\Windows Sidebar\sidebar.exe"
[App Paths] :HKLM SnippingTool.exe=%SystemRoot%\system32\SnippingTool.exe
[App Paths] :HKLM Speccy.exe=C:\Program Files\Speccy\Speccy64.exe
[App Paths] :HKLM stax.exe=C:\Program Files (x86)\Roxio\OEM\stax.exe
[App Paths] :HKLM VCGProxyFileManager12OEM.exe=C:\Program Files (x86)\Roxio\OEM\VideoCore 12\VCGProxyFileManager12OEM.exe
[App Paths] :HKLM VideoStage=C:\Program Files (x86)\Dell\VideoStage\VideoStage.exe
[App Paths] :HKLM wab.exe=%ProgramFiles%\Windows Mail\wab.exe
[App Paths] :HKLM wabmig.exe=%ProgramFiles%\Windows Mail\wabmig.exe
[App Paths] :HKLM WebcamDell2.exe=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
[App Paths] :HKLM WORDPAD.EXE=C:\PROGRAM FILES (X86)\WINDOWS NT\ACCESSORIES\WORDPAD.EXE
[App Paths] :HKLM WRITE.EXE="%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"
[App Paths] :HKLM YouPaint=C:\Program Files (x86)\Dell\YouPaint\YouPaint.exe
[Prevents Display in Control Panel from running.] :HKCU NoDispCpl=0
[Disable Registry Tools] :HKCU DisableRegistryTools =0
[Kernel Auto Boot]
[Svchost DLLs] :HKLM AeLookupSvc=C:\WINDOWS\SYSTEM32\AELUPSVC.DLL
[Svchost DLLs] :HKLM CertPropSvc=C:\WINDOWS\SYSTEM32\CERTPROP.DLL
[Svchost DLLs] :HKLM SCPolicySvc=C:\WINDOWS\SYSTEM32\CERTPROP.DLL
[Svchost DLLs] :HKLM lanmanserver=C:\WINDOWS\SYSTEM32\SRVSVC.DLL
[Svchost DLLs] :HKLM gpsvc=C:\WINDOWS\SYSTEM32\GPSVC.DLL ****Group Policy, on home premium?****
[Svchost DLLs] :HKLM AudioSrv=C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL
[Svchost DLLs] :HKLM FastUserSwitchingCompatibility
[Svchost DLLs] :HKLM Ias
[Svchost DLLs] :HKLM Irmon
[Svchost DLLs] :HKLM Nla
[Svchost DLLs] :HKLM Ntmssvc
[Svchost DLLs] :HKLM NWCWorkstation
[Svchost DLLs] :HKLM Nwsapagent
[Svchost DLLs] :HKLM Rasauto=C:\WINDOWS\SYSTEM32\RASAUTO.DLL
[Svchost DLLs] :HKLM Rasman=C:\WINDOWS\SYSTEM32\RASMANS.DLL
[Svchost DLLs] :HKLM Remoteaccess=C:\WINDOWS\SYSTEM32\MPRDIM.DLL ***Should be NO remote access as I have the services disabled***
[Svchost DLLs] :HKLM SENS=C:\WINDOWS\SYSTEM32\SENS.DLL
[Svchost DLLs] :HKLM Sharedaccess=C:\WINDOWS\SYSTEM32\IPNATHLP.DLL
[Svchost DLLs] :HKLM SRService
[Svchost DLLs] :HKLM Tapisrv=C:\WINDOWS\SYSTEM32\TAPISRV.DLL
[Svchost DLLs] :HKLM Wmi
[Svchost DLLs] :HKLM WmdmPmSp
[Svchost DLLs] :HKLM TermService=C:\WINDOWS\SYSTEM32\TERMSRV.DLL
[Svchost DLLs] :HKLM wuauserv=C:\WINDOWS\SYSTEM32\WUAUENG.DLL
[Svchost DLLs] :HKLM BITS=C:\WINDOWS\SYSTEM32\QMGR.DLL
[Svchost DLLs] :HKLM ShellHWDetection=C:\WINDOWS\SYSTEM32\SHSVCS.DLL
[Svchost DLLs] :HKLM LogonHours
[Svchost DLLs] :HKLM PCAudit
[Svchost DLLs] :HKLM helpsvc
[Svchost DLLs] :HKLM uploadmgr
[Svchost DLLs] :HKLM iphlpsvc
[Svchost DLLs] :HKLM msiscsi=C:\WINDOWS\SYSTEM32\ISCSIEXE.DLL
[Svchost DLLs] :HKLM schedule=C:\WINDOWS\SYSTEM32\SCHEDSVC.DLL
[Svchost DLLs] :HKLM SessionEnv=C:\WINDOWS\SYSTEM32\SESSENV.DLL
[Svchost DLLs] :HKLM winmgmt=C:\WINDOWS\SYSTEM32\WBEM\WMISVC.DLL
[Svchost DLLs] :HKLM RemoteRegistry=C:\WINDOWS\SYSTEM32\REGSVC.DLL
[Svchost DLLs] :HKLM WinHttpAutoProxySvc=C:\Windows\SysWOW64\WINHTTP.DLL
[Svchost DLLs] :HKLM sppuinotify=C:\WINDOWS\SYSTEM32\SPPUINOTIFY.DLL
[Svchost DLLs] :HKLM netprofm=C:\WINDOWS\SYSTEM32\NETPROFM.DLL
[Svchost DLLs] :HKLM WebClient=C:\WINDOWS\SYSTEM32\WEBCLNT.DLL
[Svchost DLLs] :HKLM Netman=C:\WINDOWS\SYSTEM32\NETMAN.DLL
[Svchost DLLs] :HKLM AudioEndpointBuilder=C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL
[Svchost DLLs] :HKLM dot3svc=C:\WINDOWS\SYSTEM32\DOT3SVC.DLL
[Svchost DLLs] :HKLM WPDBusEnum=C:\WINDOWS\SYSTEM32\WPDBUSENUM.DLL
[Svchost DLLs] :HKLM wlansvc=C:\WINDOWS\SYSTEM32\WLANSVC.DLL
[Svchost DLLs] :HKLM PLA=C:\WINDOWS\SYSTEM32\PLA.DLL
[Svchost DLLs] :HKLM RpcSs=C:\WINDOWS\SYSTEM32\RPCSS.DLL
[Svchost DLLs] :HKLM BthHFSrv
[Svchost DLLs] :HKLM LmHosts=C:\WINDOWS\SYSTEM32\LMHSVC.DLL
[Svchost DLLs] :HKLM wscsvc=C:\WINDOWS\SYSTEM32\WSCSVC.DLL
[Svchost DLLs] :HKLM WPCSvc=C:\WINDOWS\SYSTEM32\WPCSVC.DLL
[Svchost DLLs] :HKLM SSDPSRV=C:\WINDOWS\SYSTEM32\SSDPSRV.DLL
[Svchost DLLs] :HKLM upnphost=C:\WINDOWS\SYSTEM32\UPNPHOST.DLL
[Svchost DLLs] :HKLM SCardSvr=C:\WINDOWS\SYSTEM32\SCARDSVR.DLL
[Svchost DLLs] :HKLM TBS=C:\WINDOWS\SYSTEM32\TBSSVC.DLL
[Svchost DLLs] :HKLM QWAVE=C:\WINDOWS\SYSTEM32\QWAVE.DLL
[Svchost DLLs] :HKLM wcncsvc=C:\WINDOWS\SYSTEM32\WCNCSVC.DLL
[Svchost DLLs] :HKLM Power=C:\WINDOWS\SYSTEM32\UMPO.DLL
[Svchost DLLs] :HKLM PlugPlay=C:\WINDOWS\SYSTEM32\UMPNPMGR.DLL
[Svchost DLLs] :HKLM DcomLaunch=C:\WINDOWS\SYSTEM32\RPCSS.DLL
[Svchost DLLs] :HKLM CryptSvc=C:\WINDOWS\SYSTEM32\CRYPTSVC.DLL
[Svchost DLLs] :HKLM DHCP=C:\WINDOWS\SYSTEM32\DHCPCORE.DLL
[Svchost DLLs] :HKLM DNSCache=C:\WINDOWS\SYSTEM32\DNSRSLVR.DLL
[Svchost DLLs] :HKLM NapAgent=C:\WINDOWS\SYSTEM32\QAGENTRT.DLL
[Svchost DLLs] :HKLM nlasvc=C:\WINDOWS\SYSTEM32\NLASVC.DLL
[Svchost DLLs] :HKLM WinRM=C:\WINDOWS\SYSTEM32\WSMSVC.DLL
[Svchost DLLs] :HKLM WECSVC=C:\WINDOWS\SYSTEM32\WECSVC.DLL
[Svchost DLLs] :HKLM StiSvc=C:\WINDOWS\SYSTEM32\WIASERVC.DLL
[Svchost DLLs] :HKLM WcsPlugInService=C:\WINDOWS\SYSTEM32\WCSPLUGINSERVICE.DLL
[Svchost DLLs] :HKLM AppIDSvc=C:\WINDOWS\SYSTEM32\APPIDSVC.DLL
[Svchost DLLs] :HKLM Appinfo=C:\WINDOWS\SYSTEM32\APPINFO.DLL
[Svchost DLLs] :HKLM AxInstSV=C:\WINDOWS\SYSTEM32\AXINSTSV.DLL
[Svchost DLLs] :HKLM BDESVC=C:\WINDOWS\SYSTEM32\BDESVC.DLL
[Svchost DLLs] :HKLM Browser=C:\WINDOWS\SYSTEM32\BROWSER.DLL
[Svchost DLLs] :HKLM bthserv=C:\WINDOWS\SYSTEM32\BTHSERV.DLL
[Svchost DLLs] :HKLM defragsvc=C:\WINDOWS\SYSTEM32\DEFRAGSVC.DLL
[Svchost DLLs] :HKLM DPS=C:\WINDOWS\SYSTEM32\DPS.DLL
[Svchost DLLs] :HKLM EapHost=C:\WINDOWS\SYSTEM32\EAPSVC.DLL
[Svchost DLLs] :HKLM EventSystem=C:\WINDOWS\SYSTEM32\ES.DLL
[Svchost DLLs] :HKLM fdPHost=C:\WINDOWS\SYSTEM32\FDPHOST.DLL
[Svchost DLLs] :HKLM FDResPub=C:\WINDOWS\SYSTEM32\FDRESPUB.DLL
[Svchost DLLs] :HKLM FontCache=C:\WINDOWS\SYSTEM32\FNTCACHE.DLL
[Svchost DLLs] :HKLM hidserv=C:\WINDOWS\SYSTEM32\HIDSERV.DLL
[Svchost DLLs] :HKLM hkmsvc=C:\WINDOWS\SYSTEM32\KMSVC.DLL
[Svchost DLLs] :HKLM HomeGroupListener=C:\WINDOWS\SYSTEM32\LISTSVC.DLL
[Svchost DLLs] :HKLM HomeGroupProvider=C:\WINDOWS\SYSTEM32\PROVSVC.DLL
[Svchost DLLs] :HKLM IKEEXT=C:\WINDOWS\SYSTEM32\IKEEXT.DLL
[Svchost DLLs] :HKLM IPBusEnum=C:\WINDOWS\SYSTEM32\IPBUSENUM.DLL
[Svchost DLLs] :HKLM KtmRm=C:\WINDOWS\SYSTEM32\MSDTCKRM.DLL
[Svchost DLLs] :HKLM LanmanWorkstation=C:\WINDOWS\SYSTEM32\WKSSVC.DLL
[Svchost DLLs] :HKLM lltdsvc=C:\WINDOWS\SYSTEM32\LLTDSVC.DLL
[Svchost DLLs] :HKLM MMCSS=C:\WINDOWS\SYSTEM32\MMCSS.DLL
[Svchost DLLs] :HKLM nsi=C:\WINDOWS\SYSTEM32\NSISVC.DLL
[Svchost DLLs] :HKLM p2pimsvc=C:\WINDOWS\SYSTEM32\PNRPSVC.DLL
[Svchost DLLs] :HKLM p2psvc=C:\WINDOWS\SYSTEM32\P2PSVC.DLL
[Svchost DLLs] :HKLM PcaSvc=C:\WINDOWS\SYSTEM32\PCASVC.DLL
[Svchost DLLs] :HKLM PolicyAgent=C:\WINDOWS\SYSTEM32\IPSECSVC.DLL
[Svchost DLLs] :HKLM ProfSvc=C:\WINDOWS\SYSTEM32\PROFSVC.DLL
[Svchost DLLs] :HKLM RpcEptMapper=C:\WINDOWS\SYSTEM32\RPCEPMAP.DLL
[Svchost DLLs] :HKLM SDRSVC=C:\WINDOWS\SYSTEM32\SDRSVC.DLL
[Svchost DLLs] :HKLM seclogon=C:\WINDOWS\SYSTEM32\SECLOGON.DLL
[Svchost DLLs] :HKLM SensrSvc=C:\WINDOWS\SYSTEM32\SENSRSVC.DLL
[Svchost DLLs] :HKLM SstpSvc=C:\WINDOWS\SYSTEM32\SSTPSVC.DLL
[Svchost DLLs] :HKLM swprv=C:\WINDOWS\SYSTEM32\SWPRV.DLL
[Svchost DLLs] :HKLM SysMain=C:\WINDOWS\SYSTEM32\SYSMAIN.DLL
[Svchost DLLs] :HKLM TabletInputService=C:\WINDOWS\SYSTEM32\TABSVC.DLL
[Svchost DLLs] :HKLM Themes=C:\WINDOWS\SYSTEM32\THEMESERVICE.DLL
[Svchost DLLs] :HKLM THREADORDER=C:\WINDOWS\SYSTEM32\MMCSS.DLL
[Svchost DLLs] :HKLM TrkWks=C:\WINDOWS\SYSTEM32\TRKWKS.DLL
[Svchost DLLs] :HKLM UxSms=C:\WINDOWS\SYSTEM32\UXSMS.DLL
[Svchost DLLs] :HKLM W32Time=C:\WINDOWS\SYSTEM32\W32TIME.DLL
[Svchost DLLs] :HKLM WbioSrvc=C:\WINDOWS\SYSTEM32\WBIOSRVC.DLL
[Svchost DLLs] :HKLM WdiServiceHost=C:\WINDOWS\SYSTEM32\WDI.DLL
[Svchost DLLs] :HKLM WdiSystemHost=C:\WINDOWS\SYSTEM32\WDI.DLL
[Svchost DLLs] :HKLM wercplsupport=C:\WINDOWS\SYSTEM32\WERCPLSUPPORT.DLL
[Svchost DLLs] :HKLM WerSvc=C:\WINDOWS\SYSTEM32\WERSVC.DLL
[Svchost DLLs] :HKLM wudfsvc=C:\WINDOWS\SYSTEM32\WUDFSVC.DLL
[Svchost DLLs] :HKLM WwanSvc=C:\WINDOWS\SYSTEM32\WWANSVC.DLL

Last edit... I'll try to collect info and add a reply if I need... Thank You very much!
Also from UnHackMe RegReanimator

[Bootexecute] :HKLM BootExecute=autocheck autochk *
lsdelete
Partizan
[Winlogon System] :HKLM system=""
[Winlogon System] :HKLM taskman=""
[Winlogon System] :HKLM UIHost=""
[Winlogon Autostart] :HKLM VmApplet=SystemPropertiesPerformance.exe /pagefile
[Winlogon Autostart] :HKLM AppSetup=""
[Environment - Path] :HKLM Path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
[List of Injected DLLs] :HKLM AppInit_DLLs=""
[LSA Notification Packages] :HKLM scecli=C:\Windows\SysWOW64\SCECLI.DLL
[LSA Security Packages] :HKLM kerberos=C:\Windows\SysWOW64\KERBEROS.DLL
[LSA Security Packages] :HKLM msv1_0=C:\Windows\SysWOW64\MSV1_0.DLL
[LSA Security Packages] :HKLM schannel=C:\Windows\SysWOW64\SCHANNEL.DLL
[LSA Security Packages] :HKLM wdigest=C:\Windows\SysWOW64\WDIGEST.DLL
[LSA Security Packages] :HKLM tspkg=C:\Windows\SysWOW64\TSPKG.DLL
[LSA Security Packages] :HKLM pku2u=C:\Windows\SysWOW64\PKU2U.DLL
[Auto Start Apps]
[Registry Run] :HKCU HijackThis startup scan=C:\PROGRAM FILES (X86)\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
[Registry Run] :HKCU SRS Audio Sandbox=C:\PROGRAM FILES\SRS LABS\AUDIO SANDBOX\SRSSSC.EXE
[Registry Run] :HKLM "Default Value"=""
[Registry Run] :HKLM Trend Micro RUBotted V2.0 Beta=C:\PROGRAM FILES (X86)\TREND MICRO\RUBOTTED\RUBOTTEDGUI.EXE
[Registry Run] :HKLM avast=C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTUI.EXE
[Registry Run] :HKLM SDTray=C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDTRAY.EXE
[Registry Run] :HKLM HotSync="C:\Program Files (x86)\Palm\Hotsync.exe" -AllUsers
[Registry Run] :HKLM WRSVC=C:\PROGRAM FILES\WEBROOT\WRSA.EXE
[Registry Run] :HKLM Ad-Aware Browsing Protection=C:\PROGRAMDATA\AD-AWARE BROWSING PROTECTION\ADAWAREBP.EXE
[Registry RunOnceEx] :HKLM @UnHackMe=C:\PROGRA~2\UnHackMe\UnHackMe.exe /p Partizan
[Win.ini] load=""
[Win.ini] run=""
[Startup Folder] HotSync Manager.lnk=C:\Program Files (x86)\Palm\Hotsync.exe
[MD5]
[ -2][0 -1 ]C:\GENCOTST\PCDSRVC_X64.PKMS
[E0ECC6F112A2DE096656AC2568876BCD][1 8539448 DCE63CF8C3C63FF317CDCAF93D5752AD815BCCF3 ]C:\PROGRA~2\UNHACKME\REANIMATOR.EXE
[8C4AC22616E77925135C221C46DC6307][1 63912 ]C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPERSHIM.DLL
[11A52CF7B265631DEEB24C6149309EFF][1 64952 ]C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ARM\1.0\ARMSVC.EXE
[1CF03C69B49ACB70C722DF92755C0C8C][2 69632 ]C:\PROGRAM FILES (X86)\COMMON FILES\INSTALLSHIELD\DRIVER\11\INTEL 32\IDRIVERT.EXE
[9D10F99A6712E28F8ACD5641E3A7EA6B][1 149352 ]C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\SOURCE ENGINE\OSE.EXE
[72794D112CBAFF3BC0C29BF7350D4741][1 822624 D6728D51844E5A5059ED7C82732B5125CE2331FC ]C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\VIRTUALIZATION HANDLER\CVHSVC.EXE
[3C957189B31C34D3AD21967B12B6AED7][1 1116656 ]C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\12.0\SHAREDCOM\ROXMEDIADB12OEM.EXE
[2B73088CC2CA757A172B425C9398E5BC][1 219632 ]C:\PROGRAM FILES (X86)\COMMON FILES\ROXIO SHARED\OEM\12.0\SHAREDCOM\ROXWATCH12OEM.EXE
[7731F46EC0D687A931CBA063E8F90EF0][1 74392 ]C:\PROGRAM FILES (X86)\COMMON FILES\SURETHING SHARED\STLLSSVR.EXE
[904E13BA41AF2E353A32CF351CA53639][1 748336 ]C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE
[A9770771B622A871643EA2A4A3983E95][1 42272 928658AA39B1434738ED0ACB5A30CBA55F446C24 ]C:\PROGRAM FILES (X86)\JAVA\JRE6\BIN\JP2SSV.DLL
[8E6C86726B67D3FAA3144849B9AAC06C][1 325408 4097E8649CD96D7F031CC1C28A257C8E15BEA558 ]C:\PROGRAM FILES (X86)\JAVA\JRE6\BIN\SSV.DLL
[EA38136981C61C571D52C380DAAD46EF][1 2152152 ]C:\PROGRAM FILES (X86)\LAVASOFT\AD-AWARE\AAWSERVICE.EXE
[0830E6BA8463BEF96CF69C1993F74A4B][1 1187072 ]C:\PROGRAM FILES (X86)\LAVASOFT\AD-AWARE\AAWTRAY.EXE
[9A7FA6371F68335FD3C3D6488BC5A9F8][1 17152 ]C:\PROGRAM FILES (X86)\LAVASOFT\AD-AWARE\KERNEXPLORER64.SYS
[056B19651BD7B7CE5F89A3AC46DBDC08][1 652360 3C8E026644C6C74578DBBF12649E91A0D54F4882 ]C:\PROGRAM FILES (X86)\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE
[13693B6354DD6E72DC5131DA7D764B90][1 508776 DCF216D318A6E5474B7CA859CBD4E08D2FBADF27 ]C:\PROGRAM FILES (X86)\MICROSOFT APPLICATION VIRTUALIZATION CLIENT\SFTLIST.EXE
[C3CDDD18F43D44AB713CF8C4916F7696][1 219496 6EE5C6FFD48063409B8AE8C4ABF5D18AB1E0B43D ]C:\PROGRAM FILES (X86)\MICROSOFT APPLICATION VIRTUALIZATION CLIENT\SFTVSA.EXE
[6204C26DCB34B2EED90D5596940D143B][1 97208 F157B8A4FF31264AA3397B5E3D8CEBB2277BB8B3 ]C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS\BROWSERCOMPS.DLL
[E6B5510711FED5CE17FF2D0BF8882C11][1 24376 2CD19CE940C09E73DFB0AE8D6C899C1D2CE29127 ]C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\COMPONENTS\SCRIPTFF.DLL
[637F2BDC0E53704D121DDD27A1F62090][1 924600 EC99D1A5984142AE06FDCF0A781D744F0615B1D1 ]C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE
[ -2][0 -1 ]C:\PROGRAM FILES (X86)\PALM\HOTSYNC.EXE
[8DCD2C2AA1DEBE7EDAAC90E398765976][1 1181104 99C5B1ED6C9B632DB6D400CF1523621284610A0B ]C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDFSSVC.EXE
[849D7CB972C3809E4CDC22C44D7A5A9F][1 2866120 57A8B4F3836059DF2EFA24B69E910E509F199B3B ]C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDHELPER.DLL
[981D739EF92AA67DD790DF5F59E3B6D4][1 3865504 B5D10027DF9164BD4BA60C7E6E2E2484535A5354 ]C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDTRAY.EXE
[5DE1BE0423C8CC00E8C47DBF4F987DD4][1 1185704 51CC689503A1CF8A43CEAEF4A64FB54E71C96859 ]C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDUPDSVC.EXE
[92C58389ECAB46B7A47C7FB6A8CF5526][1 166528 8796B89ACE8E8C5E4F08008711219347155FB17A ]C:\PROGRAM FILES (X86)\SPYBOT - SEARCH & DESTROY 2\SDWSCSVC.EXE
[29C81875332F7084321C3A82A9A7BF9F][2 388096 ]C:\PROGRAM FILES (X86)\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
[A0EEA6F631349D0E0B7A6CAA7E099CB0][1 439632 ]C:\PROGRAM FILES (X86)\TREND MICRO\RUBOTTED\RUBOTSRV.EXE
[04B69C2E8E1CE7A83082DFDFA61AD541][1 1103184 ]C:\PROGRAM FILES (X86)\TREND MICRO\RUBOTTED\RUBOTTEDGUI.EXE
[ -2][0 -1 ]C:\PROGRAM FILES (X86)\ULTRAISO\DRIVERS\ISODRV64.SYS
[1FA3AF55637E99CFCCF0B175EF57BAEF][1 594192 B375A53FE9E0D99A855955AF8E8FAB8E8652D36A ]C:\PROGRAM FILES (X86)\UNHACKME\HACKMON.EXE
[B3DD214F23037E3D3C27D6C9447B40B5][1 4247040 ]C:\PROGRAM FILES (X86)\WINDOWS NT\ACCESSORIES\WORDPAD.EXE
[A780D3EAA74582EA1DEB6BD9C7A3D9C9][1 117264 ]C:\PROGRAM FILES (X86)\WINPCAP\RPCAPD.EXE
[1D55D89C711CDDC0DDFF4665656E13F8][1 1003704 28617E80E6F57260DA87D785BAFDF11AC16CCA07 ]C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\ASWWEBREPIE.DLL
[4041D31508A2A084DFB42C595854090F][1 44768 915C3204D984F02C38A6E48C0607C146F3A6963B ]C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTSVC.EXE
[782FEF655DBF8653C9F2722BEBF7A8A6][1 4241512 8D9AE9ADD1C75C22DCC0226D79B5DC126346B97F ]C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\AVASTUI.EXE
[61BFFB5F57AD12F83AB64B7181829B34][1 4925184 ]C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICESOFTWAREPROTECTIONPLATFORM\OSPPSVC.EXE
[5CB5FD5D4F9E160052A593749507CEF7][2 7168 9A8890D84C6B8F0CEF85E44FE401E1A57F16ADD8 ]C:\PROGRAM FILES\DELL\OSD\DELLOSDSERVICE.EXE
[F1424C1B9B1813BF825E45DF3790BC8A][1 754480 ]C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
[157E9E498206A3366BAA7E4697BDD947][1 12784 ]C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\ANTIMALWARE\MSMPENG.EXE
[566DDD5D82520DA01D75F81428AC4C38][1 288272 ]C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\ANTIMALWARE\NISSRV.EXE
[B2E7A54C6414149265F5333C6131117E][1 3676952 9D4C1218D4824B38B72E77338317DEA8D045548F ]C:\PROGRAM FILES\SRS LABS\AUDIO SANDBOX\SRSSSC.EXE
[0E06F3AC1BC4D219C9E41F6B5C4A08DB][1 658968 69413D65E78368D9DECAB7D13E00E2710C8E3DE0 ]C:\PROGRAM FILES\WEBROOT\WRSA.EXE
[BC07F6686556A3A0F867BC30A5DB2E22][1 198032 E8C743A7FC08CCB61C7B976325AB1E485DFB4853 ]C:\PROGRAMDATA\AD-AWARE BROWSING PROTECTION\ADAWAREBP.EXE
[D88040F816FDA31C3B466F0FA0918F29][1 66384 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\MSCORSVW.EXE
[D1CEEA2B47CB998321C579651CE3E4F8][1 89920 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V2.0.50727\MSCORSVW.EXE
[5988FC40F8DB5B0739CD1E3A5D0D78BD][1 856400 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V3.0\WINDOWS COMMUNICATION FOUNDATION\INFOCARD.EXE
[3E5A36127E201DDF663176B66828FAFE][1 116560 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V3.0\WINDOWS COMMUNICATION FOUNDATION\SMSVCHOST.EXE
[A8B7F3818AB65695E3A0BB3279F6DCE6][1 42856 ]C:\WINDOWS\MICROSOFT.NET\FRAMEWORK64\V3.0\WPF\PRESENTATIONFONTCACHE.EXE
[773212B2AAA24C1E31F10246B15B276C][1 194048 ]C:\WINDOWS\SERVICING\TRUSTEDINSTALLER.EXE
[CA9550CE8992B8D8C958AACD78D54289][1 4096 ]C:\WINDOWS\SYSNATIVE\API-MS-WIN-CORE-LOCALREGISTRY-L1-1-0.DLL
[CE82F811884EADB575DD730C8725E42C][1 4608 ]C:\WINDOWS\SYSNATIVE\API-MS-WIN-CORE-PROCESSTHREADS-L1-1-0.DLL
[3337FAE36587D7172D0B1F7B0FBE7C5A][1 6144 ]C:\WINDOWS\SYSNATIVE\API-MS-WIN-SECURITY-BASE-L1-1-0.DLL
[1A47D52E303B7543E4E6026595B95422][1 1297408 ]C:\WINDOWS\SYSNATIVE\COMRES.DLL
[3044D07ABDF4BBEA27E2EE7B1E0C0C65][1 12288 ]C:\WINDOWS\SYSNATIVE\D3D8THK.DLL
[A6C09924C6730DE8DEED9890A12AA691][1 569344 ]C:\WINDOWS\SYSNATIVE\DDRAW.DLL
[9110FFAD124283F37D38771BB60556AF][1 540672 ]C:\WINDOWS\SYSNATIVE\DSOUND.DLL
[1084AA52CCC324EA54C7121FA24C2221][1 403968 ]C:\WINDOWS\SYSNATIVE\GDI32.DLL
[3B367397320C26DBA890B260F80D1B1B][1 424448 ]C:\WINDOWS\SYSNATIVE\HNETCFG.DLL
[AA2C08CE85653B1A0D2E4AB407FA176C][1 167424 ]C:\WINDOWS\SYSNATIVE\IMM32.DLL
[B9B42A302325537D7B9DC52D47F33A73][1 1162752 ]C:\WINDOWS\SYSNATIVE\KERNEL32.DLL
[8560FFFC8EB3A806DCD4F82252CFC8C6][1 5120 ]C:\WINDOWS\SYSNATIVE\KSUSER.DLL
[D202223587518B13D72D68937B7E3F70][1 41984 ]C:\WINDOWS\SYSNATIVE\LPK.DLL
[CA2A0750ED830678997695FF61B04C30][1 20480 ]C:\WINDOWS\SYSNATIVE\MIDIMAP.DLL
[C391FC68282A000CDF953F8B6B55D2EF][1 634880 964EE2D28DC71210982F72E567DF89F9F527B67B ]C:\WINDOWS\SYSNATIVE\MSVCRT.DLL
[CF95B85FF8D128385ABD411C8CA74DED][1 1731920 2C64101048761D497681F0200574B4F30FC5B208 ]C:\WINDOWS\SYSNATIVE\NTDLL.DLL
[88351B29B622B30962D2FEB6CA8D860B][1 16384 ]C:\WINDOWS\SYSNATIVE\RASADHLP.DLL
[5C627D1B1138676C0A7AB2C2C190D123][1 512000 ]C:\WINDOWS\SYSNATIVE\RPCSS.DLL
[ED78427259134C63ED69804D2132B86C][1 232960 ]C:\WINDOWS\SYSNATIVE\SCECLI.DLL
[09F7401D56F2393C6CA534FF0241A590][1 257024 ]C:\WINDOWS\SYSNATIVE\TASKMGR.EXE
[FE70103391A64039A921DBFFF9C7AB1B][1 1008128 ]C:\WINDOWS\SYSNATIVE\USER32.DLL
[D29E998E8277666982B4F0303BF4E7AF][1 332288 ]C:\WINDOWS\SYSNATIVE\UXTHEME.DLL
[1151B1BAA6F350B1DB6598E0FEA7C457][6 390656 ]C:\WINDOWS\SYSNATIVE\WINLOGON.EXE
[8396C6C26AADDFE4590CCEF0F419B6B7][1 4608 ]C:\WINDOWS\SYSNATIVE\WS2HELP.DLL
[4B78B431F225FD8624C5655CB1DE7B61][1 72192 ]C:\WINDOWS\SYSTEM32\AELUPSVC.DLL
[3290D6946B5E30E70414990574883DDB][1 79360 ]C:\WINDOWS\SYSTEM32\ALG.EXE
[316663537A203220F15B9D426D5B44F8][1 6656 ]C:\WINDOWS\SYSTEM32\APISETSCHEMA.DLL
[0BC381A15355A3982216F7172F545DE1][1 32256 ]C:\WINDOWS\SYSTEM32\APPIDSVC.DLL
[3977D4A871CA0D4F2ED1E7DB46829731][1 70656 ]C:\WINDOWS\SYSTEM32\APPINFO.DLL
[91DA5A257B800C21CC3B6674E579CF90][1 203264 8A07F67E542605F2DD8FD952C1B971BDDC97C4E5 ]C:\WINDOWS\SYSTEM32\ATIESRXX.EXE
[4AC74A462F3A0506B929F599B5E1B1FB][1 367616 ]C:\WINDOWS\SYSTEM32\ATMFD.DLL
[F23FEF6D569FCE88671949894A8BECF1][1 679424 ]C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL
[A6BF31A71B409DFA8CAC83159E1E2AFF][1 114688 ]C:\WINDOWS\SYSTEM32\AXINSTSV.DLL
[FDE360167101B4E45A96F939F388AEB0][1 100864 ]C:\WINDOWS\SYSTEM32\BDESVC.DLL
[8EF0D5C41EC907751B8429162B1239ED][1 136192 ]C:\WINDOWS\SYSTEM32\BROWSER.DLL
[95F9C2976059462CBBF227F7AAB10DE9][1 83968 ]C:\WINDOWS\SYSTEM32\BTHSERV.DLL
[05569A79BF4693670B709144382D02D4][1 144384 ]C:\WINDOWS\SYSTEM32\CDD.DLL
[F17D1D393BBC69C5322FBFAFACA28C7F][1 80384 ]C:\WINDOWS\SYSTEM32\CERTPROP.DLL
[11338E0557B07BC32CDB980B6EDB35AA][1 780008 ]C:\WINDOWS\SYSTEM32\CI.DLL
[FE1EC06F2253F691FE36217C592A0206][1 367696 ]C:\WINDOWS\SYSTEM32\CLFS.SYS
[15597883FBE9B056F276ADA3AD87D9AF][1 177152 ]C:\WINDOWS\SYSTEM32\CRYPTSVC.DLL
[3CEC7631A84943677AA8FA8EE5B6B43D][1 291328 ]C:\WINDOWS\SYSTEM32\DEFRAGSVC.DLL
[43D808F5D9E1A18E5EEB5EBC83969E4E][1 317952 ]C:\WINDOWS\SYSTEM32\DHCPCORE.DLL
[A8EDB86FC2A4D6D1285E4C70384AC35A][1 9728 ]C:\WINDOWS\SYSTEM32\DLLHOST.EXE
[16835866AAA693C7D7FCEBA8FFF706E4][1 183296 ]C:\WINDOWS\SYSTEM32\DNSRSLVR.DLL
[B1FB3DDCA0FDF408750D5843591AFBC6][1 252416 ]C:\WINDOWS\SYSTEM32\DOT3SVC.DLL
[B26F4F737E8F9DF4F31AF6CF31D05820][1 162816 ]C:\WINDOWS\SYSTEM32\DPS.DLL
[A87D604AEA360176311474C87A63BB88][1 229888 ]C:\WINDOWS\SYSTEM32\DRIVERS\1394OHCI.SYS
[E656FE10D6D27794AFA08136685A69E8][1 460888 5BE343FFA8CAED65570CEB6A318AA1251E148DC6 ]C:\WINDOWS\SYSTEM32\DRIVERS\51972817.SYS
[D81D9E70B8A6DD14D42D7B4EFA65D5F2][1 334208 ]C:\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS
[99F8E788246D495CE3794D7E7821D2CA][1 12800 ]C:\WINDOWS\SYSTEM32\DRIVERS\ACPIPMI.SYS
[2F6B34B83843F0C5118B63AC634F5BF4][1 491088 ]C:\WINDOWS\SYSTEM32\DRIVERS\ADP94XX.SYS
[597F78224EE9224EA1A13D6350CED962][1 339536 ]C:\WINDOWS\SYSTEM32\DRIVERS\ADPAHCI.SYS
[E109549C90F62FB570B9540C4B148E54][1 182864 ]C:\WINDOWS\SYSTEM32\DRIVERS\ADPU320.SYS
[1C7857B62DE5994A75B054A9FD4C3825][1 498688 0B20533B8DD6B01737B4C87ACE6B4BFC197D5865 ]C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
[7ECFF9B22276B73F43A99A15A6094E90][1 60416 ]C:\WINDOWS\SYSTEM32\DRIVERS\AGILEVPN.SYS
[608C14DBA7299D8CB6ED035A68A15799][1 61008 ]C:\WINDOWS\SYSTEM32\DRIVERS\AGP440.SYS
[5812713A477A3AD7363C7438CA2EE038][1 15440 ]C:\WINDOWS\SYSTEM32\DRIVERS\ALIIDE.SYS
[1FF8B4431C353CE385C875F194924C0C][1 15440 ]C:\WINDOWS\SYSTEM32\DRIVERS\AMDIDE.SYS
[7024F087CFF1833A806193EF9D22CDA9][1 64512 ]C:\WINDOWS\SYSTEM32\DRIVERS\AMDK8.SYS
[1E56388B3FE0D031C44144EB8C4D6217][1 60928 ]C:\WINDOWS\SYSTEM32\DRIVERS\AMDPPM.SYS
[CC3021D064EB6D3C2F949530E2B0BA47][1 73784 9B5B3903C0EEA05F273106E0DCA8DDD8D84045A2 ]C:\WINDOWS\SYSTEM32\DRIVERS\AMDSATA.SYS
[F67F933E79241ED32FF46A4F29B5120B][1 194128 ]C:\WINDOWS\SYSTEM32\DRIVERS\AMDSBS.SYS
[FFC5A0F6263574EF0D5467496B721F77][1 28728 708132BF5322E1B40815FFCDE467A86FDF6EBE78 ]C:\WINDOWS\SYSTEM32\DRIVERS\AMDXATA.SYS
[89A69C3F2F319B43379399547526D952][1 61440 ]C:\WINDOWS\SYSTEM32\DRIVERS\APPID.SYS
[C484F8CEB1717C540242531DB7845C4E][1 87632 ]C:\WINDOWS\SYSTEM32\DRIVERS\ARC.SYS
[019AF6924AEFE7839F61C830227FE79C][1 97856 ]C:\WINDOWS\SYSTEM32\DRIVERS\ARCSAS.SYS
[B9DA213B5271DB5FCE962D827E6D620D][1 24408 1C3A6BB32E5A707088FADE6D8D41E397ADB76B76 ]C:\WINDOWS\SYSTEM32\DRIVERS\ASWFSBLK.SYS
[21C9835D0E5AD2FF0F16134BCB32CC71][1 69976 F6CBF2E8F31F931EFEA32585471F0BB298DFCD0E ]C:\WINDOWS\SYSTEM32\DRIVERS\ASWMONFLT.SYS
[1B96A5867ABD4FA6135D8298FCCCF9C6][1 53080 128769767F423AB08C17272F8E7541282BFF3C4A ]C:\WINDOWS\SYSTEM32\DRIVERS\ASWRDR2.SYS
[6E98BB288696777A3A8A07A52B0EAEE9][1 819032 B08ABC590952B03D7E8A2FCB01477AAF8C40155C ]C:\WINDOWS\SYSTEM32\DRIVERS\ASWSNX.SYS
[D9FB49F16E4EB02EFECAE8CBFE4BCB4C][1 337240 60236043832941842325EFDBD7DFF6AF7C85E8F4 ]C:\WINDOWS\SYSTEM32\DRIVERS\ASWSP.SYS
[7352BB9A564B94BBD7C9CBF165F55006][1 59224 355B4F2FA8CC931D9BB816C96FAA4148B91A04BA ]C:\WINDOWS\SYSTEM32\DRIVERS\ASWTDI.SYS
[769765CE2CC62867468CEA93969B2242][1 23040 ]C:\WINDOWS\SYSTEM32\DRIVERS\ASYNCMAC.SYS
[02062C0B390B7729EDC9E69C680A6F3C][1 24128 ]C:\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS
[B64724CA6C9F3D8325F0F1A02C6ADFAF][1 7883264 25117577C3C8ABB141532A0F9D4D389F42206A07 ]C:\WINDOWS\SYSTEM32\DRIVERS\ATIKMDAG.SYS
[18F03BE6118BA9D8A9DC0B98997DC98E][1 285696 AAE3CAF847D0ED307B0D4062509E58F43CE9F751 ]C:\WINDOWS\SYSTEM32\DRIVERS\ATIKMPAG.SYS
[E82E61F46D1336447F4DEFF8C074F13E][1 16440 ]C:\WINDOWS\SYSTEM32\DRIVERS\ATIPCIE64.SYS
[B5ACE6968304A3900EEB1EBFD9622DF2][1 270848 ]C:\WINDOWS\SYSTEM32\DRIVERS\B57ND60A.SYS
[8B5D16D20774FC3727F44E161BE2C0AC][1 3058168 ]C:\WINDOWS\SYSTEM32\DRIVERS\BCMWL664.SYS
[16A47CE2DECC9B099349A5F840654746][1 6656 ]C:\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS
[61583EE3C3A17003C4ACD0475646B4D3][1 45056 ]C:\WINDOWS\SYSTEM32\DRIVERS\BLBDRIVE.SYS
[6C02A83164F5CC0A262F4199F0871CF5][1 90624 ]C:\WINDOWS\SYSTEM32\DRIVERS\BOWSER.SYS
[F09EEE9EDC320B5E1501F749FDE686C8][1 18432 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRFILTLO.SYS
[B114D3098E9BDB8BEA8B053685831BE6][1 8704 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRFILTUP.SYS
[43BEA8D483BF1870F018E2D02E06A5BD][1 286720 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRSERID.SYS
[A6ECA2151B08A09CACECA35C07F05B42][1 47104 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRSERWDM.SYS
[B79968002C277E869CF38BD22CD61524][1 14976 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRUSBMDM.SYS
[A87528880231C54E75EA7A44943B38BF][1 14720 ]C:\WINDOWS\SYSTEM32\DRIVERS\BRUSBSER.SYS
[9DA669F11D1F894AB4EB69BF546A42E8][1 72192 ]C:\WINDOWS\SYSTEM32\DRIVERS\BTHMODEM.SYS
[3E5B191307609F7514148C6832BB0842][1 468480 ]C:\WINDOWS\SYSTEM32\DRIVERS\BXVBDA.SYS
[B8BD2BB284668C84865658C77574381A][1 92160 ]C:\WINDOWS\SYSTEM32\DRIVERS\CDFS.SYS
[F036CE71586E93D94DAB220D7BDF4416][1 147456 ]C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
[D7CD5C4E1B71FA62050515314CFB52CF][1 45568 ]C:\WINDOWS\SYSTEM32\DRIVERS\CIRCLASS.SYS
[ACFAD0B512226C7A83C7CB09FD55A9AD][1 179072 ]C:\WINDOWS\SYSTEM32\DRIVERS\CLASSPNP.SYS
[0840155D0BDDF1190F84A663C284BD33][1 17664 ]C:\WINDOWS\SYSTEM32\DRIVERS\CMBATT.SYS
[E19D3F095812725D88F9001985B94EDD][1 17488 ]C:\WINDOWS\SYSTEM32\DRIVERS\CMDIDE.SYS
[C4943B6C962E4B82197542447AD599F4][1 459232 361A9044BB444CF75B36412AA7AE0F0A2EF103B4 ]C:\WINDOWS\SYSTEM32\DRIVERS\CNG.SYS
[102DE219C3F61415F964C88E9085AD14][1 21584 ]C:\WINDOWS\SYSTEM32\DRIVERS\COMPBATT.SYS
[03EDB043586CCEBA243D689BDDA370A8][1 38912 ]C:\WINDOWS\SYSTEM32\DRIVERS\COMPOSITEBUS.SYS
[3E588B60EC061686BA05D33574A344C6][1 39504 ]C:\WINDOWS\SYSTEM32\DRIVERS\CRASHDMP.SYS
[1C827878A998C18847245FE1F34EE597][1 24144 ]C:\WINDOWS\SYSTEM32\DRIVERS\CRCDISK.SYS
[ED5CF92396A62F4C15110DCDB5E854D9][1 172704 ]C:\WINDOWS\SYSTEM32\DRIVERS\CTCLSFLT.SYS
[9BB2EF44EAA163B29C4A4587887A0FE4][1 102400 ]C:\WINDOWS\SYSTEM32\DRIVERS\DFSC.SYS
[13096B05847EC78F0977F2C0F79E9AB3][1 40448 ]C:\WINDOWS\SYSTEM32\DRIVERS\DISCACHE.SYS
[9819EEE8B5EA3784EC4AF3B137A5244C][1 73280 ]C:\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS
[21D26064AEDB4988F785BB4A3A2C051E][1 116224 ]C:\WINDOWS\SYSTEM32\DRIVERS\DRMK.SYS
[9B19F34400D24DF84C858A421C205754][1 5632 ]C:\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS
[BF24D6F2ED97FE830BFD52B246F98E67][1 16896 ]C:\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS
[F5BEE30450E18E6B83A5012C100616FD][1 982912 ]C:\WINDOWS\SYSTEM32\DRIVERS\DXGKRNL.SYS
[9CD68BDDF322535C02ADC8331013D13D][1 258048 ]C:\WINDOWS\SYSTEM32\DRIVERS\DXGMMS1.SYS
[0E5DA5369A0FCAEA12456DD852545184][1 530496 ]C:\WINDOWS\SYSTEM32\DRIVERS\ELXSTOR.SYS
[34A3C54752046E79A126E15C51DB409B][1 9728 ]C:\WINDOWS\SYSTEM32\DRIVERS\ERRDEV.SYS
[DC5D737F51BE844D8C82C695EB17372F][1 3286016 ]C:\WINDOWS\SYSTEM32\DRIVERS\EVBDA.SYS
[D765D19CD8EF61F650C384F62FAC00AB][1 29696 ]C:\WINDOWS\SYSTEM32\DRIVERS\FDC.SYS
[655661BE46B5F5F3FD454E2C3095B930][1 70224 ]C:\WINDOWS\SYSTEM32\DRIVERS\FILEINFO.SYS
[5F671AB5BC87EEA04EC38A6CD5962A47][1 34304 ]C:\WINDOWS\SYSTEM32\DRIVERS\FILETRACE.SYS
[C172A0F53008EAEB8EA33FE10E177AF5][1 24576 ]C:\WINDOWS\SYSTEM32\DRIVERS\FLPYDISK.SYS
[DA6B67270FD9DB3697B20FCE94950741][1 289664 ]C:\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS
[E95EF8547DE20CF0603557C0CF7A9462][1 23104 ]C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS
[D43703496149971890703B4B1B723EAC][1 55376 ]C:\WINDOWS\SYSTEM32\DRIVERS\FSDEPENDS.SYS
[1F7B25B858FA27015169FE95E54108ED][1 223248 ]C:\WINDOWS\SYSTEM32\DRIVERS\FVEVOL.SYS
[63B5129D7127E7757FCC9EA9D3763963][1 288640 ]C:\WINDOWS\SYSTEM32\DRIVERS\FWPKCLNT.SYS
[8C778D335C9D272CFD3298AB02ABE3B6][1 65088 ]C:\WINDOWS\SYSTEM32\DRIVERS\GAGP30KX.SYS
[F2523EF6460FC42405B12248338AB2F0][1 31232 ]C:\WINDOWS\SYSTEM32\DRIVERS\HCW85CIR.SYS
[97BFED39B6B79EB12CDDBFEED51F56BB][1 122368 ]C:\WINDOWS\SYSTEM32\DRIVERS\HDAUDBUS.SYS
[78E86380454A7B10A5EB255DC44A355F][1 26624 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDBATT.SYS
[7FD2A313F7AFE5C4DAB14798C48DD104][1 100864 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDBTH.SYS
[8B0E40E7E8BBF5ACF390465609D89FF1][1 76800 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDCLASS.SYS
[0A77D29F311B88CFAE3B13F9C1A73825][1 46592 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDIR.SYS
[49EE2E52E6CD03947DAD72F65367BE06][1 32896 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDPARSE.SYS
[9592090A7E2B61CD582B612B6DF70536][1 30208 ]C:\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS
[39D2ABCD392F3D8A6DCE7B60AE7B8EFC][1 78720 ]C:\WINDOWS\SYSTEM32\DRIVERS\HPSAMD.SYS
[0EA7DE1ACB728DD5A369FD742D6EEE28][1 753664 ]C:\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS
[A5462BD6884960C9DC85ED49D34FF392][1 14720 ]C:\WINDOWS\SYSTEM32\DRIVERS\HWPOLICY.SYS
[FA55C73D4AFFA7EE23AC4BE53B4592D3][1 105472 ]C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
[AAAF44DB3BD0B9D1FB6969B23ECC8366][1 410496 ]C:\WINDOWS\SYSTEM32\DRIVERS\IASTORV.SYS
[5C18831C61933628F5BB0EA2675B9D21][1 44112 ]C:\WINDOWS\SYSTEM32\DRIVERS\IIRSP.SYS
[F00F20E70C6EC3AA366910083A0518AA][1 16960 ]C:\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS
[ADA036632C664CAA754079041CF1F8C1][1 62464 ]C:\WINDOWS\SYSTEM32\DRIVERS\INTELPPM.SYS
[C9F0E1BD74365A8771590E9008D22AB6][1 82944 ]C:\WINDOWS\SYSTEM32\DRIVERS\IPFLTDRV.SYS
[0FC1AEA580957AA8817B8F305D18CA3A][1 78848 ]C:\WINDOWS\SYSTEM32\DRIVERS\IPMIDRV.SYS
[AF9B39A7E7B6CAA203B3862582E9F2D0][1 116224 ]C:\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS
[3ABF5E7213EB28966D55D58B515D5CE9][1 17920 ]C:\WINDOWS\SYSTEM32\DRIVERS\IRENUM.SYS
[2F7B28DC3E1183E5EB418DF55C204F38][1 20544 ]C:\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS
[BC02336F1CBA7DCC7D1213BB588A68A5][1 50768 ]C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
[0705EFF5B42A9DB58548EEC3B26BB484][1 33280 ]C:\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS
[24FBF5CC5C04150073C315A7C83521EE][1 243712 ]C:\WINDOWS\SYSTEM32\DRIVERS\KS.SYS
[DA1E991A61CFDD755A589E206B97644B][1 95600 6054D4BF40C1A55060939BD7130B5A921B915A4F ]C:\WINDOWS\SYSTEM32\DRIVERS\KSECDD.SYS
[7E33198D956943A4F11A5474C1E9106F][1 152432 5C14D4C223EF80C70FECB0E6D627EE4D362D3328 ]C:\WINDOWS\SYSTEM32\DRIVERS\KSECPKG.SYS
[6869281E78CB31A43E969F06B57347C4][1 20992 ]C:\WINDOWS\SYSTEM32\DRIVERS\KSTHUNK.SYS
[C8B3131857931AE76798A741CC52B021][1 69376 ]C:\WINDOWS\SYSTEM32\DRIVERS\LBD.SYS
[1538831CF8AD2979A04C423779465827][1 60928 ]C:\WINDOWS\SYSTEM32\DRIVERS\LLTDIO.SYS
[1A93E54EB0ECE102495A51266DCDB6A6][1 114752 ]C:\WINDOWS\SYSTEM32\DRIVERS\LSI_FC.SYS
[1047184A9FDC8BDBFF857175875EE810][1 106560 ]C:\WINDOWS\SYSTEM32\DRIVERS\LSI_SAS.SYS
[30F5C0DE1EE8B5BC9306C1F0E4A75F93][1 65600 ]C:\WINDOWS\SYSTEM32\DRIVERS\LSI_SAS2.SYS
[0504EACAFF0D3C8AED161C4B0D369D4A][1 115776 ]C:\WINDOWS\SYSTEM32\DRIVERS\LSI_SCSI.SYS
[43D0F98E1D56CCDDB0D5254CFF7B356E][1 113152 ]C:\WINDOWS\SYSTEM32\DRIVERS\LUAFV.SYS
[79DA94B35371B9E7104460C7693DCB2C][1 23152 35310816DCACAE698A39DDAEFAD711236CFD2FC1 ]C:\WINDOWS\SYSTEM32\DRIVERS\MBAM.SYS
[79D51E7F5926E8CE1B3EBECEBAE28CFF][1 255552 ]C:\WINDOWS\SYSTEM32\DRIVERS\MCDBUS.SYS
[A55805F747C6EDB6A9080D7C633BD0F4][1 35392 ]C:\WINDOWS\SYSTEM32\DRIVERS\MEGASAS.SYS
[BAF74CE0072480C3B6B7C13B2A94D6B3][1 284736 ]C:\WINDOWS\SYSTEM32\DRIVERS\MEGASR.SYS
[800BA92F7010378B09F9ED9270F07137][1 40448 ]C:\WINDOWS\SYSTEM32\DRIVERS\MODEM.SYS
[B03D591DC7DA45ECE20B3B467E6AADAA][1 30208 ]C:\WINDOWS\SYSTEM32\DRIVERS\MONITOR.SYS
[7D27EA49F3C1F687D357E77A470AEA99][1 49216 ]C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
[D3BF052C40B0C4166D9FD86A4288C1E6][1 31232 ]C:\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS
[32E7A3D591D671A6DF2DB515A5CBE0FA][1 94592 ]C:\WINDOWS\SYSTEM32\DRIVERS\MOUNTMGR.SYS
[C177A7EBF5E8A0B596F618870516CAB8][1 189440 ]C:\WINDOWS\SYSTEM32\DRIVERS\MPFILTER.SYS
[A44B420D30BD56E145D6A2BC8768EC58][1 155008 ]C:\WINDOWS\SYSTEM32\DRIVERS\MPIO.SYS
[8FBF6B31FE8AF1833D93C5913D5B4D55][1 40832 ]C:\WINDOWS\SYSTEM32\DRIVERS\MPNWMON.SYS
[6C38C9E45AE0EA2FA5E551F2ED5E978F][1 77312 ]C:\WINDOWS\SYSTEM32\DRIVERS\MPSDRV.SYS
[DC722758B8261E1ABAFD31A3C0A66380][1 140800 ]C:\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS
[A5D9106A73DC88564C825D317CAC68AC][1 158208 ]C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
[D711B3C1D5F42C0C2415687BE09FC163][1 288768 ]C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB10.SYS
[9423E9D355C8D303E76B8CFBD8A5C30C][1 128000 ]C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB20.SYS
[C25F0BAFA182CBCA2DD3C851C2E75796][1 31104 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSAHCI.SYS
[DB801A638D011B9633829EB6F663C900][1 140672 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSDSM.SYS
[AA3FB40E17CE1388FA1BEDAB50EA8F96][1 26112 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS
[F9D215A46A8B9753F61767FA72A20326][1 8192 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSHIDKMDF.SYS
[D916874BBD4F8B07BFB7FA9B3CCAE29D][1 15424 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSISADRV.SYS
[D931D7309DEB2317035B07C9F9E6B0BD][1 273792 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSISCSI.SYS
[49CCF2C4FEA34FFAD8B1B59D49439366][1 11136 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSKSSRV.SYS
[BDD71ACE35A232104DDD349EE70E1AB3][1 7168 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSPCLOCK.SYS
[4ED981241DB27C3383D72092B618A1D0][1 6784 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSPQM.SYS
[759A9EEB0FA9ED79DA1FB7D4EF78866D][1 366976 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSRPC.SYS
[0EED230E37515A0EAEE3C2E1BC97B288][1 32320 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS
[2E66F9ECB30B4221A318C92AC2250779][1 8064 ]C:\WINDOWS\SYSTEM32\DRIVERS\MSTEE.SYS
[7EA404308934E675BFFDE8EDF0757BCD][1 15360 ]C:\WINDOWS\SYSTEM32\DRIVERS\MTCONFIG.SYS
[F9A18612FD3526FE473C1BDA678D61C8][1 60496 ]C:\WINDOWS\SYSTEM32\DRIVERS\MUP.SYS
[79B47FD40D9A817E932F9D26FAC0A81C][1 951680 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDIS.SYS
[9F9A1F53AAD7DA4D6FEF5BB73AB811AC][1 35328 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDISCAP.SYS
[30639C932D9FEF22B31268FE25A1B6E5][1 24064 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS
[136185F9FB2CC61E573E676AA5402356][1 56832 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS
[53F7305169863F0A2BDDC49E116C2E11][1 164352 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS
[015C0D8E0E0421B4CFD48CFFE2825879][1 57856 ]C:\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS
[86743D9F5D2B1048062B14B1D84501C4][1 44544 ]C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
[09594D1089C523423B32A4229263F068][1 261632 ]C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
[C8E033EA95337FDCE489D1D0348B9A23][1 376192 ]C:\WINDOWS\SYSTEM32\DRIVERS\NETIO.SYS
[77889813BE4D166CDAB78DDBA990DA92][1 51264 ]C:\WINDOWS\SYSTEM32\DRIVERS\NFRD960.SYS
[5F7D72CBCDD025AF1F38FDEEE5646968][1 84864 ]C:\WINDOWS\SYSTEM32\DRIVERS\NISDRVWFP.SYS
[C31FA031335EFF434B2D94278E74BCCE][1 47632 ]C:\WINDOWS\SYSTEM32\DRIVERS\NPF.SYS
[1E4C4AB5C9B8DD13179BBDC75A2A01F7][1 44032 ]C:\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS
[E7F5AE18AF4168178A642A9247C63001][1 24576 ]C:\WINDOWS\SYSTEM32\DRIVERS\NSIPROXY.SYS
[A2F74975097F52A00745F9637451FDD8][1 1659776 ]C:\WINDOWS\SYSTEM32\DRIVERS\NTFS.SYS
[9899284589F75FA8724FF3D16AED75C1][1 6144 ]C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS
[786DB821BFD57C0551DBBE4F75384A7D][1 80384 2042314794A516490136197EC3272D74848F5CF0 ]C:\WINDOWS\SYSTEM32\DRIVERS\NUSB3HUB.SYS
[DAA8005CAF745042BB427A1ED7433354][1 180736 9C9F1F0D1FFB202D347E4BD0D37C08C619ACEF0E ]C:\WINDOWS\SYSTEM32\DRIVERS\NUSB3XHC.SYS
[BE29AA3CBA78480AB8591873197CB56A][1 33792 B09B02C63391C6C4D5902545B27C13F28C5008BA ]C:\WINDOWS\SYSTEM32\DRIVERS\NUVIOCIR_WIN7_X64.SYS
[270D7CD42D6E3979F6DD0146650F0E05][1 122960 ]C:\WINDOWS\SYSTEM32\DRIVERS\NV_AGP.SYS
[0A92CB65770442ED0DC44834632F66AD][1 148352 ]C:\WINDOWS\SYSTEM32\DRIVERS\NVRAID.SYS
[DAB0E87525C10052BF65F06152F37E4A][1 166272 ]C:\WINDOWS\SYSTEM32\DRIVERS\NVSTOR.SYS
[1EA3749C4114DB3E3161156FFFFA6B33][1 318976 ]C:\WINDOWS\SYSTEM32\DRIVERS\NWIFI.SYS
[3589478E4B22CE21B41FA1BFC0B8B8A0][1 72832 ]C:\WINDOWS\SYSTEM32\DRIVERS\OHCI1394.SYS
[0557CF5A2556BD58E26384169D72438D][1 131584 ]C:\WINDOWS\SYSTEM32\DRIVERS\PACER.SYS
[0086431C29C35BE1DBC43F52CC273887][1 97280 ]C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
[ -2][0 -1 ]C:\WINDOWS\SYSTEM32\DRIVERS\Partizan.sys
[871EADAC56B0A4C6512BBE32753CCF79][1 75136 ]C:\WINDOWS\SYSTEM32\DRIVERS\PARTMGR.SYS
[94575C0571D1462A0F70BDE6BD6EE6B3][1 184704 ]C:\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS
[B5B8B5EF2E5CB34DF8DCF8831E3534FA][1 12352 ]C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS
[B2E81D4E87CE48589F98CB8C05B01F2F][1 220752 ]C:\WINDOWS\SYSTEM32\DRIVERS\PCMCIA.SYS
[D6B9C2E1A11A3A4B26A182FFEF18F603][1 50768 ]C:\WINDOWS\SYSTEM32\DRIVERS\PCW.SYS
[68769C3356B3BE5D1C732C97B9A80D6E][1 651264 ]C:\WINDOWS\SYSTEM32\DRIVERS\PEAUTH.SYS
[32E11315B5126921FFD9074840EF13D3][1 230400 ]C:\WINDOWS\SYSTEM32\DRIVERS\PORTCLS.SYS
[0D922E23C041EFB1C3FAC2A6F943C9BF][1 60416 ]C:\WINDOWS\SYSTEM32\DRIVERS\PROCESSR.SYS
[87B04878A6D59D6C79251DC960C674C1][1 55856 ]C:\WINDOWS\SYSTEM32\DRIVERS\PXHLPA64.SYS
[A53A15A11EBFD21077463EE2C7AFEEF0][1 1524816 ]C:\WINDOWS\SYSTEM32\DRIVERS\QL2300.SYS
[4F6D12B51DE1AAEFF7DC58C4D75423C8][1 128592 ]C:\WINDOWS\SYSTEM32\DRIVERS\QL40XX.SYS
[76707BB36430888D9CE9D705398ADB6C][1 46592 ]C:\WINDOWS\SYSTEM32\DRIVERS\QWAVEDRV.SYS
[5A0DA8AD5762FA2D91678A8A01311704][1 14848 ]C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
[471815800AE33E6F1C32FB1B97C490CA][1 129536 ]C:\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS
[855C9B1CD4756C5E9A2AA58A15F58C25][1 92672 ]C:\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS
[F92A2C41117A11A00BE01CA01A7FCDE9][1 111104 ]C:\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS
[E8B1E447B008D07FF47D016C2B0EEECB][1 83968 ]C:\WINDOWS\SYSTEM32\DRIVERS\RASSSTP.SYS
[77F665941019A1594D887A74F301FA2F][1 309248 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
[302DA2A0539F2CF54D7C6CC30C1F2D8D][1 24064 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDPBUS.SYS
[CEA6CC257FC9B7715F1C2B4849286D24][1 7680 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
[BB5971A4F00659529A5C44831AF22365][1 7680 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDPENCDD.SYS
[216F3FA57533D98E1F74DED70113177A][1 8192 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDPREFMP.SYS
[34ED295FA0121C241BFEF24764FC4520][1 213888 ]C:\WINDOWS\SYSTEM32\DRIVERS\RDYBOOST.SYS
[EE082E06A82FF630351D1E0EBBD3D8D0][1 539240 ]C:\WINDOWS\SYSTEM32\DRIVERS\RT64WIN7.SYS
[235362D403D9D677514649D88DB31914][1 2399848 F395C0C781A36F68DDE89D9A17FDFF3991D17987 ]C:\WINDOWS\SYSTEM32\DRIVERS\RTKVHD64.SYS
[AC03AF3329579FFFB455AA2DAABBE22B][1 103808 ]C:\WINDOWS\SYSTEM32\DRIVERS\SBP2PORT.SYS
[253F38D0D7074C02FF8DEB9836C97D2B][1 29696 ]C:\WINDOWS\SYSTEM32\DRIVERS\SCFILTER.SYS
[1B1E264203D4EF9D3DA1987AD70355AB][1 171392 ]C:\WINDOWS\SYSTEM32\DRIVERS\SCSIPORT.SYS
[3EA8A16169C26AFBEB544E0E48421186][1 23040 ]C:\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS
[CB624C0035412AF0DEBEC78C41F5CA1B][1 23552 ]C:\WINDOWS\SYSTEM32\DRIVERS\SERENUM.SYS
[C1D8E28B2C2ADFAEC4BA89E9FDA69BD6][1 94208 ]C:\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS
[1C545A7D0691CC4A027396535691C3E3][1 26624 ]C:\WINDOWS\SYSTEM32\DRIVERS\SERMOUSE.SYS
[A554811BCD09279536440C964AE35BBF][1 14336 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFFDISK.SYS
[FF414F0BAEFEBA59BC6C04B3DB0B87BF][1 13824 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFFP_MMC.SYS
[DD85B78243A19B59F0637DCF284DA63C][1 14336 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFFP_SD.SYS
[A9D601643A1647211A1EE2EC4E433FF4][1 16896 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFLOPPY.SYS
[C6CC9297BD53E5229653303E556AA539][1 764264 FC72914B19862D52E445ED6F2E0770E9E3A859C8 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFTFSLH.SYS
[390AA7BC52CEE43F6790CDEA1E776703][1 268648 2C51296C71742482069A039164521D2E6775167B ]C:\WINDOWS\SYSTEM32\DRIVERS\SFTPLAYLH.SYS
[617E29A0B0A2807466560D4C4E338D3E][1 25960 2C0401F71110FD2ED0BAFC0C562212D797764325 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFTREDIRLH.SYS
[8F571F016FA1976F445147E9E6C8AE9B][1 22376 D6EB87B498824CCE7FB5072DE955CAB9F497E972 ]C:\WINDOWS\SYSTEM32\DRIVERS\SFTVOLLH.SYS
[843CAF1E5FDE1FFD5FF768F23A51E2E1][1 43584 ]C:\WINDOWS\SYSTEM32\DRIVERS\SISRAID2.SYS
[6A6C106D42E9FFFF8B9FCB4F754F6DA4][1 80464 ]C:\WINDOWS\SYSTEM32\DRIVERS\SISRAID4.SYS
[548260A7B8654E024DC30BF8A7C5BAA4][1 93184 ]C:\WINDOWS\SYSTEM32\DRIVERS\SMB.SYS
[B9E31E5CACDFE584F34F730A677803F9][1 19008 ]C:\WINDOWS\SYSTEM32\DRIVERS\SPLDR.SYS
[83BE26217FD07B3613D151D24AAA9BEB][1 346992 2720122F1241B667E94D86D984F0F3BB1BBB7F96 ]C:\WINDOWS\SYSTEM32\DRIVERS\SRS_SSCFILTER_AMD64.SYS
[441FBA48BFF01FDB9D5969EBC1838F0B][1 467456 ]C:\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS
[B4ADEBBF5E3677CCE9651E0F01F7CC28][1 410112 ]C:\WINDOWS\SYSTEM32\DRIVERS\SRV2.SYS
[27E461F0BE5BFF5FC737328F749538C3][1 168448 ]C:\WINDOWS\SYSTEM32\DRIVERS\SRVNET.SYS
[F3817967ED533D08327DC73BC4D5542A][1 24656 ]C:\WINDOWS\SYSTEM32\DRIVERS\STEXSTOR.SYS
[19CB37AC38B802BE9C441D094521A29A][1 189824 ]C:\WINDOWS\SYSTEM32\DRIVERS\STORPORT.SYS
[D01EC09B6711A5F8E7E6564A4D0FBC90][1 12496 ]C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
[FC62769E7BFF2896035AEED399108162][1 1923952 ]C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
[DF687E3D8836BFB04FCC0615BF15A519][1 45056 ]C:\WINDOWS\SYSTEM32\DRIVERS\TCPIPREG.SYS
[6F020A220388ECA0AB6062DC27BD16B6][1 26624 ]C:\WINDOWS\SYSTEM32\DRIVERS\TDI.SYS
[3371D21011695B16333A3934340C4E7C][1 15872 ]C:\WINDOWS\SYSTEM32\DRIVERS\TDPIPE.SYS
[51C5ECEB1CDEE2468A1748BE550CFBC8][1 23552 C67CB79407F478B2B0816E3D09BBCE30DE5B1CD1 ]C:\WINDOWS\SYSTEM32\DRIVERS\TDTCP.SYS
[DDAD5A7AB24D8B65F8D724F5C20FD806][1 119296 ]C:\WINDOWS\SYSTEM32\DRIVERS\TDX.SYS
[561E7E1F06895D78DE991E01DD0FB6E5][1 63360 ]C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
[CE18B2CDFC837C99E5FAE9CA6CBA5D30][1 39424 ]C:\WINDOWS\SYSTEM32\DRIVERS\TSSECSRV.SYS
[D11C783E3EF9A3C52C0EBE83CC5000E9][1 59392 ]C:\WINDOWS\SYSTEM32\DRIVERS\TSUSBFLT.SYS
[9CC2CCAE8A84820EAECB886D477CBCB8][1 31232 ]C:\WINDOWS\SYSTEM32\DRIVERS\TSUSBGD.SYS
[3566A8DAAFA27AF944F5D705EAA64894][1 125440 ]C:\WINDOWS\SYSTEM32\DRIVERS\TUNNEL.SYS
[B4DD609BD7E282BFC683CEC7EAAAAD67][1 64080 ]C:\WINDOWS\SYSTEM32\DRIVERS\UAGP35.SYS
[FF4232A1A64012BAA1FD97C7B67DF593][1 328192 ]C:\WINDOWS\SYSTEM32\DRIVERS\UDFS.SYS
[4BFE1BC28391222894CBF1E7D0E42320][1 64592 ]C:\WINDOWS\SYSTEM32\DRIVERS\ULIAGPKX.SYS
[DC54A574663A895C8763AF0FA1FF7561][1 48640 ]C:\WINDOWS\SYSTEM32\DRIVERS\UMBUS.SYS
[B2E8E8CB557B156DA5493BBDDCC1474D][1 9728 ]C:\WINDOWS\SYSTEM32\DRIVERS\UMPASS.SYS
[ -2][0 -1 ]C:\WINDOWS\SYSTEM32\DRIVERS\UnHackMeDrv.sys
[6F1A3157A1C89435352CEB543CDB359C][1 98816 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBCCGP.SYS
[AF0892A803FDDA7492F595368E3B68E7][1 100352 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBCIR.SYS
[CCA2AB1752A61F29C3C941CD79D78CEA][1 7936 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS
[C025055FE7B87701EB042095DF1A2D7B][1 52736 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
[287C6C9410B111B68B52CA298F7B8C24][1 343040 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
[9840FC418B4CBD632D3D0A667A725C31][1 25600 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBOHCI.SYS
[AE259C75F9A0B057B6BF9E9695632B09][1 325120 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBPORT.SYS
[73188F58FB384E75C4063D29413CEE3D][1 25088 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBPRINT.SYS
[FED648B01349A3C8395A5169DB5FB7D6][1 91648 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS
[62069A34518BCF9C1FD9E74B3F6DB7CD][1 30720 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS
[454800C2BC7F3927CE030141EE4F4C50][1 184960 ]C:\WINDOWS\SYSTEM32\DRIVERS\USBVIDEO.SYS
[C5C876CCFC083FF3B128F933823E87BD][1 36432 ]C:\WINDOWS\SYSTEM32\DRIVERS\VDRVROOT.SYS
[53E92A310193CB3C03BEA963DE7D9CFC][1 29184 ]C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
[DA4DA3F5E02943C2DC8C6ED875DE68DD][1 29184 ]C:\WINDOWS\SYSTEM32\DRIVERS\VGAPNP.SYS
[2CE2DF28C83AEAF30084E1B1EB253CBB][1 215936 ]C:\WINDOWS\SYSTEM32\DRIVERS\VHDMP.SYS
[E5689D93FFE4E5D66C0178761240DD54][1 17488 ]C:\WINDOWS\SYSTEM32\DRIVERS\VIAIDE.SYS
[E7353D59C9842BC7299FAEB7E7E09340][1 129024 ]C:\WINDOWS\SYSTEM32\DRIVERS\VIDEOPRT.SYS
[D2AAFD421940F640B407AEFAAEBD91B0][1 71552 ]C:\WINDOWS\SYSTEM32\DRIVERS\VOLMGR.SYS
[A255814907C89BE58B79EF2F189B843B][1 363392 ]C:\WINDOWS\SYSTEM32\DRIVERS\VOLMGRX.SYS
[0D08D2F3B3FF84E433346669B5E0F639][1 295808 ]C:\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS
[5E2016EA6EBACA03C04FEAC5F330D997][1 161872 ]C:\WINDOWS\SYSTEM32\DRIVERS\VSMRAID.SYS
[36D4720B72B5C5D9CB2B9C29E9DF67A1][1 24576 ]C:\WINDOWS\SYSTEM32\DRIVERS\VWIFIBUS.SYS
[6A3D66263414FF0D6FA754C646612F3F][1 59904 ]C:\WINDOWS\SYSTEM32\DRIVERS\VWIFIFLT.SYS
[4E9440F4F152A7B944CB1663D3935A3E][1 27776 ]C:\WINDOWS\SYSTEM32\DRIVERS\WACOMPEN.SYS
[356AFD78A6ED4457169241AC3965230C][1 88576 ]C:\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS
[FC438D1430B28618E2D0C7C332A710AD][1 42496 ]C:\WINDOWS\SYSTEM32\DRIVERS\WATCHDOG.SYS
[72889E16FF12BA0F235467D6091B17DC][1 21056 ]C:\WINDOWS\SYSTEM32\DRIVERS\WD.SYS
[441BD2D7B4F98134C3A4F9FA570FD250][1 654928 ]C:\WINDOWS\SYSTEM32\DRIVERS\WDF01000.SYS
[1B409454D7A00110FDB06F7E0F155A88][1 42064 ]C:\WINDOWS\SYSTEM32\DRIVERS\WDFLDR.SYS
[611B23304BF067451A9FDEE01FBDD725][1 12800 ]C:\WINDOWS\SYSTEM32\DRIVERS\WFPLWF.SYS
[05ECAEC3E4529A7153B3136CEB49F0EC][1 22096 ]C:\WINDOWS\SYSTEM32\DRIVERS\wimmount.sys
[F6FF8944478594D0E414D3F048F0D778][1 14336 ]C:\WINDOWS\SYSTEM32\DRIVERS\WMIACPI.SYS
[FC146F46872D4C5B529B89A5131FD1E6][1 16464 ]C:\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS
[743C5ED3A1ECEF8D6B986FEBA3BF6035][1 111592 B5841E35FFF2B967A77A597B23E3329A1E5A1DC6 ]C:\WINDOWS\SYSTEM32\DRIVERS\WRKRN.SYS
[6BCC1D7D2FD2453957C5479A32364E52][1 21504 ]C:\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS
[D3381DC54C34D79B22CEE0D65BA91B7C][1 112128 ]C:\WINDOWS\SYSTEM32\DRIVERS\WUDFPF.SYS
[CF8D590BE3373029D57AF80914190682][1 172544 ]C:\WINDOWS\SYSTEM32\DRIVERS\WUDFRD.SYS
[E2DDA8726DA9CB5B2C4000C9018A9633][1 111104 ]C:\WINDOWS\SYSTEM32\EAPSVC.DLL
[4166F82BE4D24938977DD1746BE9B8A0][1 402944 ]C:\WINDOWS\SYSTEM32\ES.DLL
[0438CAB2E03F4FB61455A7956026FE86][1 16384 ]C:\WINDOWS\SYSTEM32\FDPHOST.DLL
[802496CB59A30349F9A6DD22D6947644][1 34816 ]C:\WINDOWS\SYSTEM32\FDRESPUB.DLL
[5C4CB4086FB83115B153E47ADD961A0C][1 1139200 ]C:\WINDOWS\SYSTEM32\FNTCACHE.DLL
[277BBC7E1AA1EE957F573A10ECA7EF3A][1 777728 ]C:\WINDOWS\SYSTEM32\GPSVC.DLL
[CFB8C673F9188F99466E76C6972191E0][1 263040 ]C:\WINDOWS\SYSTEM32\HAL.DLL
[BD9EB3958F213F96B97B1D897DEE006D][1 38912 ]C:\WINDOWS\SYSTEM32\HIDSERV.DLL
[FCD84C381E0140AF901E58D48882D26B][1 853504 ]C:\WINDOWS\SYSTEM32\IKEEXT.DLL
[098A91C54546A3B878DAD6A7E90A455B][1 101888 ]C:\WINDOWS\SYSTEM32\IPBUSENUM.DLL
[B95F6501A2F8B2E78C697FEC401970CE][1 359424 ]C:\WINDOWS\SYSTEM32\IPNATHLP.DLL
[4F15D75ADF6156BF56ECED6D4A55C389][1 501248 ]C:\WINDOWS\SYSTEM32\IPSECSVC.DLL
[808E98FF49B155C522E6400953177B08][1 156672 ]C:\WINDOWS\SYSTEM32\ISCSIEXE.DLL
[CDD0C92A653CAC881D780003E0C4E813][1 17792 ]C:\WINDOWS\SYSTEM32\KDCOM.DLL
[387E72E739E15E3D37907A86D9FF98E2][1 90624 ]C:\WINDOWS\SYSTEM32\KMSVC.DLL
[ -2][0 -1 ]C:\WINDOWS\SYSTEM32\LEGITCHECKCONTROL.DLL
[EFDFB3DD38A4376F93E7985173813ABD][1 232448 ]C:\WINDOWS\SYSTEM32\LISTSVC.DLL
[C1185803384AB3FEED115F79F109427F][1 300032 ]C:\WINDOWS\SYSTEM32\LLTDSVC.DLL
[F993A32249B66C9D622EA5592A8B76B8][1 23552 ]C:\WINDOWS\SYSTEM32\LMHSVC.DLL
[D5BA242D4CF8E384DB90E6A8ED850B8C][1 10240 ]C:\WINDOWS\SYSTEM32\LOCATOR.EXE
[C118A82CD78818C29AB228366EBF81C3][1 31232 A61609FE669D05D7FAC08104D767C66E8CD6AA01 ]C:\WINDOWS\SYSTEM32\LSASS.EXE
[9CF996E013DFA79C69C8ABC67AA3FEB7][1 32832 ]C:\WINDOWS\SYSTEM32\MCUPDATE_AUTHENTICAMD.DLL
[E40E80D0304A73E8D269F7141D77250B][1 67584 ]C:\WINDOWS\SYSTEM32\MMCSS.DLL
[254FB7A22D74E5511C73A3F6D802F192][1 97792 ]C:\WINDOWS\SYSTEM32\MPRDIM.DLL
[DE0ECE52236CFA3ED2DBFC03F28253A8][1 141824 ]C:\WINDOWS\SYSTEM32\MSDTC.EXE
[6AB66E16AA859232F64DEB66887A8C9C][1 368640 ]C:\WINDOWS\SYSTEM32\MSDTCKRM.DLL
[A190DA6546501CB4146BBCC0B6A3F48B][1 128000 ]C:\WINDOWS\SYSTEM32\MSIEXEC.EXE
[1D5185A4C7E6695431AE4B55C3D7D333][1 326144 ]C:\WINDOWS\SYSTEM32\MSWSOCK.DLL
[58A0CDABEA255616827B1C22C9994466][1 68096 ]C:\WINDOWS\SYSTEM32\NAPINSP.DLL
[847D3AE376C0817161A14A82C8922A9E][1 360448 ]C:\WINDOWS\SYSTEM32\NETMAN.DLL
[5F28111C648F1E24F7DBC87CDEB091B8][1 459776 ]C:\WINDOWS\SYSTEM32\NETPROFM.DLL
[2DF36F15B2BC1571A6A542A3C2107920][1 70656 ]C:\WINDOWS\SYSTEM32\NLAAPI.DLL
[1EE99A89CC788ADA662441D1E9830529][1 303616 ]C:\WINDOWS\SYSTEM32\NLASVC.DLL
[D54BFDF3E0C953F823B3D0BFE4732528][1 25600 ]C:\WINDOWS\SYSTEM32\NSISVC.DLL
[CF95B85FF8D128385ABD411C8CA74DED][1 1731920 2C64101048761D497681F0200574B4F30FC5B208 ]C:\WINDOWS\SYSTEM32\NTDLL.DLL
[1AFFF8D5352AECEF2ECD47FFA02D7F7D][1 5559152 8B115B84EFDB3A1B87F750D35822B2609E665BEF ]C:\WINDOWS\SYSTEM32\NTOSKRNL.EXE
[927463ECB02179F88E4B9A17568C63C3][1 438784 ]C:\WINDOWS\SYSTEM32\P2PSVC.DLL
[3AEAA8B561E63452C655DC0584922257][1 186368 ]C:\WINDOWS\SYSTEM32\PCASVC.DLL
[C7CF6A6E137463219E1259E3F0F0DD6C][1 1389056 ]C:\WINDOWS\SYSTEM32\PLA.DLL
[613C8CE10A5FDE582BA5FA64C4D56AAA][1 86016 ]C:\WINDOWS\SYSTEM32\PNRPNSP.DLL
[3EAC4455472CC2C97107B5291E0DCAFE][1 327168 ]C:\WINDOWS\SYSTEM32\PNRPSVC.DLL
[5C78838B4D166D1A27DB3A8A820C799A][1 209920 ]C:\WINDOWS\SYSTEM32\PROFSVC.DLL
[908ACB1F594274965A53926B10C81E89][1 187904 ]C:\WINDOWS\SYSTEM32\PROVSVC.DLL
[A3DB3C17EE6CAE65D53602B4E80BCCBC][1 57424 ]C:\WINDOWS\SYSTEM32\PSHED.DLL
[582AC6D9873E31DFA28A4547270862DD][1 476160 ]C:\WINDOWS\SYSTEM32\QAGENTRT.DLL
[1EA7969E3271CBC59E1730697DC74682][1 849920 ]C:\WINDOWS\SYSTEM32\QMGR.DLL
[906191634E99AEA92C4816150BDA3732][1 242688 ]C:\WINDOWS\SYSTEM32\QWAVE.DLL
[8F26510C5383B8DBE976DE1CD00FC8C7][1 99328 ]C:\WINDOWS\SYSTEM32\RASAUTO.DLL
[EE867A0870FC9E4972BA9EAAD35651E2][1 344064 ]C:\WINDOWS\SYSTEM32\RASMANS.DLL
[E4D94F24081440B5FC5AA556C7C62702][1 159232 ]C:\WINDOWS\SYSTEM32\REGSVC.DLL
[E4DC58CF7B3EA515AE917FF0D402A7BB][1 67072 ]C:\WINDOWS\SYSTEM32\RPCEPMAP.DLL
[5C627D1B1138676C0A7AB2C2C190D123][1 512000 ]C:\WINDOWS\SYSTEM32\RPCSS.DLL
[9B7395789E3791A3B6D000FE6F8B131E][1 190976 ]C:\WINDOWS\SYSTEM32\SCARDSVR.DLL
[262F6592C3299C005FD6BEC90FC4463A][1 1110016 ]C:\WINDOWS\SYSTEM32\SCHEDSVC.DLL
[6EA4234DC55346E0709560FE7C2C1972][1 170496 ]C:\WINDOWS\SYSTEM32\SDRSVC.DLL
[E0B340996A41C9A75DFA3B99BBA9C500][1 591872 ]C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
[BC617A4E1B4FA8DF523A061739A0BD87][1 30720 ]C:\WINDOWS\SYSTEM32\SECLOGON.DLL
[C32AB8FA018EF34C0F113BD501436D21][1 64512 ]C:\WINDOWS\SYSTEM32\SENS.DLL
[0336CFFAFAAB87A11541F1CF1594B2B2][1 29184 ]C:\WINDOWS\SYSTEM32\SENSRSVC.DLL
[0B6231BF38174A1628C4AC812CC75804][1 121856 ]C:\WINDOWS\SYSTEM32\SESSENV.DLL
[AAF932B4011D14052955D4B212A4DA8D][1 370688 ]C:\WINDOWS\SYSTEM32\SHSVCS.DLL
[1911A3356FA3F77CCC825CCBAC038C2A][1 112640 ]C:\WINDOWS\SYSTEM32\SMSS.EXE
[6313F223E817CC09AA41811DAA7F541D][1 14336 ]C:\WINDOWS\SYSTEM32\SNMPTRAP.EXE
[ -2][0 -1 ]C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
[E17E0188BB90FAE42D83E98707EFA59C][1 3524608 ]C:\WINDOWS\SYSTEM32\SPPSVC.EXE
[93D7D61317F3D4BC4F4E9F8A96A7DE45][1 65536 ]C:\WINDOWS\SYSTEM32\SPPUINOTIFY.DLL
[D9F42719019740BAA6D1C6D536CBDAA6][1 236032 ]C:\WINDOWS\SYSTEM32\SRVSVC.DLL
[51B52FBD583CDE8AA9BA62B8B4298F33][1 193024 ]C:\WINDOWS\SYSTEM32\SSDPSRV.DLL
[AB7AEBF58DAD8DAAB7A6C45E6A8885CB][1 75264 ]C:\WINDOWS\SYSTEM32\SSTPSVC.DLL
[C78655BC80301D76ED4FEF1C1EA40A7D][1 27136 ]C:\WINDOWS\SYSTEM32\SVCHOST.EXE
[E08E46FDD841B7184194011CA1955A0B][1 524288 ]C:\WINDOWS\SYSTEM32\SWPRV.DLL
[BF9CCC0BF39B418C8D0AE8B05CF95B7D][1 1743360 ]C:\WINDOWS\SYSTEM32\SYSMAIN.DLL
[E3C61FD7B7C2557E1F1B0B4CEC713585][1 92672 ]C:\WINDOWS\SYSTEM32\TABSVC.DLL
[40F0849F65D13EE87B9A9AE3C1DD6823][1 316928 ]C:\WINDOWS\SYSTEM32\TAPISRV.DLL
[1BE03AC720F4D302EA01D40F588162F6][1 65536 ]C:\WINDOWS\SYSTEM32\TBSSVC.DLL
[2E648163254233755035B46DD7B89123][1 680960 ]C:\WINDOWS\SYSTEM32\TERMSRV.DLL
[F0344071948D1A1FA732231785A0664C][1 44544 ]C:\WINDOWS\SYSTEM32\THEMESERVICE.DLL
[7E7AFD841694F6AC397E99D75CEAD49D][1 119808 ]C:\WINDOWS\SYSTEM32\TRKWKS.DLL
[F29FE765E1448EF371CFE05BFAC74ADB][1 17408 ]C:\WINDOWS\SYSTEM32\TSDDD.DLL
[3CBDEC8D06B9968ABA702EBA076364A1][1 40960 ]C:\WINDOWS\SYSTEM32\UI0DETECT.EXE
[25FBDEF06C4D92815B353F6E792C8129][1 404480 ]C:\WINDOWS\SYSTEM32\UMPNPMGR.DLL
[6BA9D927DDED70BD1A9CADED45F8B184][1 163840 ]C:\WINDOWS\SYSTEM32\UMPO.DLL
[D47EC6A8E81633DD18D2436B19BAF6DE][1 353792 ]C:\WINDOWS\SYSTEM32\UPNPHOST.DLL
[BAFE84E637BF7388C96EF48D4D3FDD53][1 30720 ]C:\WINDOWS\SYSTEM32\USERINIT.EXE
[EDBB23CBCF2CDF727D64FF9B51A6070E][1 38912 ]C:\WINDOWS\SYSTEM32\UXSMS.DLL
[8D6B481601D01A456E75C3210F1830BE][1 533504 ]C:\WINDOWS\SYSTEM32\VDS.EXE
[B60BA0BC31B0CB414593E169F6F21CC2][1 1600512 ]C:\WINDOWS\SYSTEM32\VSSVC.EXE
[1C9D80CC3849B3788048078C26486E1A][1 381952 ]C:\WINDOWS\SYSTEM32\W32TIME.DLL
[3CEC96DE223E49EAAE3651FCF8FAEA6C][1 1255736 ]C:\WINDOWS\SYSTEM32\WAT\WATADMINSVC.EXE
[38B84C94C5A8AF291ADFEA478AE54F93][1 203264 ]C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
[19B07E7E8915D701225DA41CB3877306][1 242688 ]C:\WINDOWS\SYSTEM32\WBEM\WMISVC.DLL
[78F4E7F5C56CB9716238EB57DA4B6A75][1 1504256 ]C:\WINDOWS\SYSTEM32\WBENGINE.EXE
[3AA101E8EDAB2DB4131333F4325C76A3][1 202240 ]C:\WINDOWS\SYSTEM32\WBIOSRVC.DLL
[7368A2AFD46E5A4481D1DE9D14848EDD][1 367104 ]C:\WINDOWS\SYSTEM32\WCNCSVC.DLL
[20F7441334B18CEE52027661DF4A6129][1 40960 ]C:\WINDOWS\SYSTEM32\WCSPLUGINSERVICE.DLL
[BF1FC3F79B863C914687A737C2F3D681][1 90624 ]C:\WINDOWS\SYSTEM32\WDI.DLL
[3DB6D04E1C64272F8B14EB8BC4616280][1 258560 ]C:\WINDOWS\SYSTEM32\WEBCLNT.DLL
[C749025A679C5103E575E3B48E092C43][1 237568 ]C:\WINDOWS\SYSTEM32\WECSVC.DLL
[7E591867422DC788B9E5BD337A669A08][1 84480 ]C:\WINDOWS\SYSTEM32\WERCPLSUPPORT.DLL
[6D137963730144698CBD10F202E9F251][1 76800 ]C:\WINDOWS\SYSTEM32\WERSVC.DLL
[8DD52E8E6128F4B2DA92CE27402871C1][1 580096 ]C:\WINDOWS\SYSTEM32\WIASERVC.DLL
[A3A7E9D10745A7CAC5F346370B81D08B][1 3145728 C7285081B6EE977BFC70242251EA5EC52D6BAAD0 ]C:\WINDOWS\SYSTEM32\WIN32K.SYS
[2E2072EB48238FCA8FBB7A9F5FABAC45][1 28672 ]C:\WINDOWS\SYSTEM32\WINRNR.DLL
[851A1382EED3E3A7476DB004F4EE3E1A][1 118784 ]C:\WINDOWS\SYSTEM32\WKSSVC.DLL
[4FADA86E62F18A1B2F42BA18AE24E6AA][1 886784 ]C:\WINDOWS\SYSTEM32\WLANSVC.DLL
[96C6E7100D724C69FCF9E7BF590D1DCA][1 12288 ]C:\WINDOWS\SYSTEM32\WPCSVC.DLL
[93221146D4EBBF314C29B23CD6CC391D][1 117248 ]C:\WINDOWS\SYSTEM32\WPDBUSENUM.DLL
[8886E0697B0A93C521F99099EF643450][1 168960 ]C:\WINDOWS\SYSTEM32\WSCRIPT.EXE
[E8B1FE6669397D1772D8196DF0E57A9E][1 97280 ]C:\WINDOWS\SYSTEM32\WSCSVC.DLL
[BCB1310604AA415C4508708975B3931E][1 2018304 ]C:\WINDOWS\SYSTEM32\WSMSVC.DLL
[9DF12EDBC698B0BC353B3EF84861E430][1 2420736 ]C:\WINDOWS\SYSTEM32\WUAUENG.DLL
[7A95C95B6C4CF292D689106BCAE49543][1 78848 ]C:\WINDOWS\SYSTEM32\WUDFSVC.DLL
[9A3452B3C2A46C073166C5CF49FAD1AE][1 229888 ]C:\WINDOWS\SYSTEM32\WWANSVC.DLL
[241A1900C52DCBA38B20A4F3671444E0][1 1036800 ]C:\WINDOWS\SYSWOW64\D3D8.DLL
[8B88EBBB05A0E56B7DCC708498C02B3E][1 2616320 ]C:\WINDOWS\SYSWOW64\EXPLORER.EXE
[1DE21EC4A2232FF4F5298ADCAE7B3690][1 82944 ]C:\WINDOWS\SYSWOW64\ICCVID.DLL
[490FC0D07F7C0468E232AB8E8E956719][1 9705472 D2925A77EC3D4BAA76795B848D8E0A1B53B13FDF ]C:\WINDOWS\SYSWOW64\IEFRAME.DLL
[C2A12B061F591E093E3FD99D75811398][1 17920 ]C:\WINDOWS\SYSWOW64\IMAADP32.ACM
[55663BED58AEDDE8ADE37A582CD8380C][1 50176 ]C:\WINDOWS\SYSWOW64\IYUV_32.DLL
[2F4348DC0D06A0EBA5F5C4CB435790C1][1 542208 ]C:\WINDOWS\SYSWOW64\KERBEROS.DLL
[1C7F1C3EA5894995E6C563E9AE9F029F][1 64000 ]C:\WINDOWS\SYSWOW64\L3CODECA.ACM
[5A12C364AD1D4FCC0AD0E56DBBC34462][1 16896 ]C:\WINDOWS\SYSWOW64\MIDIMAP.DLL
[6AAF3BECE2C3D17091BCEF37C5A82AC0][1 1401344 ]C:\WINDOWS\SYSWOW64\MMC.EXE
[07393A09C46083588E751B63B03C8301][1 20992 ]C:\WINDOWS\SYSWOW64\MSACM32.DRV
[8EE566982477BC5886FE622CEBEE9C86][1 18432 ]C:\WINDOWS\SYSWOW64\MSADP32.ACM
[BF3D6F7D929E018703BE2D4556DD679A][1 12288 ]C:\WINDOWS\SYSWOW64\MSG711.ACM
[AE796D3FD1C69CE62BB6AFACDFB950AA][1 23552 ]C:\WINDOWS\SYSWOW64\MSGSM32.ACM
[04FAE971A77E76B3F4EF44053AEE0905][1 13312 ]C:\WINDOWS\SYSWOW64\MSRLE32.DLL
[4C1E16B9A53102C8D6FBA587CBCB95DE][1 257024 ]C:\WINDOWS\SYSWOW64\MSV1_0.DLL
[45DC6C69CE5759666EC758BAD657B040][1 31744 ]C:\WINDOWS\SYSWOW64\MSVIDC32.DLL
[D30117DB43F48C4DBA9B41C08156A339][1 22528 ]C:\WINDOWS\SYSWOW64\MSYUV.DLL
[D378BFFB70923139D6A4F546864AA61C][1 179712 ]C:\WINDOWS\SYSWOW64\NOTEPAD.EXE
[703FFD301AB900B047337C5D40FD6F96][1 90112 ]C:\WINDOWS\SYSWOW64\OLEPRO32.DLL
[E495E408C93141E8FC72DC0C6046DDFA][1 20992 ]C:\WINDOWS\SYSWOW64\PERFHOST.EXE
[37CC990D4E2CDFAE12AC47F6B620FC13][1 186880 ]C:\WINDOWS\SYSWOW64\PKU2U.DLL
[8124944EC89D6A1815E4E53F5B96AAF4][1 175616 ]C:\WINDOWS\SYSWOW64\SCECLI.DLL
[1AFFB765AF1FDCC0C185C38E9DDDDAEE][1 224768 ]C:\WINDOWS\SYSWOW64\SCHANNEL.DLL
[1969A81CA0CFAF3DC732C89B38854997][1 81920 ]C:\WINDOWS\SYSWOW64\SYSTEMPROPERTIESPERFORMANCE.EXE
[665AAD05AEE9E37A7A9BAEDCAC775989][1 12288 ]C:\WINDOWS\SYSWOW64\TSBYUV.DLL
[D29E45078CF4020CE0AAC82EC652D1EA][1 65024 ]C:\WINDOWS\SYSWOW64\TSPKG.DLL
[0450CF487ECD8A67B56F59F9A96D024D][1 171520 ]C:\WINDOWS\SYSWOW64\WDIGEST.DLL
[D205C24A9D069049FE2DF2A1B38726A7][1 172032 ]C:\WINDOWS\SYSWOW64\WDMAUD.DRV
[CA9F7888B524D8100B977C81F44C3234][1 351232 ]C:\WINDOWS\SYSWOW64\WINHTTP.DLL
[ -2][0 -1 ]SDWINLOGON.DLL
I hope my edits do not cause any trouble... I'm just posting things as I find them. Please advise. Thanks Again!

Edited by lilking420, 27 March 2012 - 11:18 PM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,414 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:11:39 AM

Posted 28 March 2012 - 11:38 AM

I don't know anything about Webroot or infections...but if you have evidence of malware, I would say that you need to reopen contact via PM with Nasdaq and see what he has to say.

I may be mistaken but it appears to me that you have two AV programs installed/running at the same time...Webroot and Avast. If that's true, then I suggest that you completely uninstall one of them and then run a new scan. The possibility of conflict between two AV programs...is the major reason that such is not recommended.

Louis

#5 lilking420

lilking420
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Minnesota
  • Local time:11:39 AM

Posted 30 March 2012 - 02:11 AM

Nasdaq has reopened the malware thread My linkhttp://www.bleepingcomputer.com/forums/topic444767.html

hamluis said:
Posted 28 March 2012 - 11:38 AM
...but if you have evidence of malware, I would say that you need to reopen contact via PM with Nasdaq and see what he has to say.

The whole reason I have come to Bleeping is due to lack of "evidence". At least as far as almost EVERY anti-malware/anti-rootkit are concerned. I have no name to identify this thing makes it nearly impossible. We may need a technical Win 7 opinion on this as Nasdaq mentioned it wasnt his fortay... I ask if possible you to kinda keep an eye on our troubleshooting this time around? I'd appreciate it... cuz sfc /scannow continues to fail, I pasted a portion of the cbs.log file in the above thread... the whole file is almost 3MB. Is that normal? Do the entries i have bolded toward the bottom indicate anything to you? They dont seem normal to me but I'm stuck... working on this over a month now.

Oh and btw this issue persists THROUGH formatting, partioning and clean install of windows 7 from the reinstallation disc I recvd with this machine. Please let me know if you have any thouughts. Thanks again!

#6 hamluis

hamluis

    Moderator


  • Moderator
  • 55,414 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:11:39 AM

Posted 30 March 2012 - 10:27 AM

Reference: http://www.bleepingcomputer.com/forums/topic444767.html/page__st__15

Now that the above malware topic is reopened, you should pursue that topic to resolution.

To avoid confusion, this topic is now closed. If you desire it to be reopened post resolution of your malware thread, just send me a PM.

Louis




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users