Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Multiple instances of iexplore.exe using up CPU


  • This topic is locked This topic is locked
18 replies to this topic

#1 vzyfl1

vzyfl1

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 24 June 2014 - 05:24 PM

My WIndows 7 laptop is running several instances of iexplore.exe and is tying up the CPU. 

 

I've run malware and Microsoft Esstential scans cleaning off several viruses, but the problem still persists.

 

What would you suggest that I do to resolve this issue?

 

Thanks,

Scott



BC AdBot (Login to Remove)

 


m

#2 hamluis

hamluis

    Moderator


  • Moderator
  • 54,865 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:42 AM

Posted 24 June 2014 - 05:27 PM

It's an issue only if you have no browser windows open in IE.  One instance of IE runs all the time...every time a new window is opened and remains open, an additional instance is reflected in Task Manager.  If you have 3 IE windows open...Task Manager should reflect 4 instances of iexplore running.

 

Louis



#3 scotty_ncc1701

scotty_ncc1701

  • Members
  • 520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 PM

Posted 24 June 2014 - 06:24 PM

It's an issue only if you have no browser windows open in IE.  One instance of IE runs all the time...every time a new window is opened and remains open, an additional instance is reflected in Task Manager.  If you have 3 IE windows open...Task Manager should reflect 4 instances of iexplore running.
 
Louis

Louis:

I have to respectfully disagree with your comment of "If you have 3 IE windows open...Task Manager should reflect 4 instances of iexplore running", and "One instance of IE runs all the time...".

I reset my desktop to XP (it's isolated from the Internet -- cable is pulled); looked at the laptop my wife uses (Windows 7); and my laptop (Windows 8), and on none of them have IE running (we use firefox). I even ran XP, WIN7 in a virtual machine, the results where the same. Now WINDOWS EXPLORER, NOT INTERNET EXPLORER does run all the time, but they are two differnt things.

If you can point to an article on microsoft.com, I'm more than willing to read it. However, at this point, all indications are it is WINDOWS EXPLORER, NOT INTERNET EXPLORER that runs all the time.

Have a great day.

#4 vzyfl1

vzyfl1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 24 June 2014 - 06:55 PM

My real issue is the CPU is at 100% due to multiple issues of Explore.exe running. 

 

What virus or system problem is causing them to run simultaneously to lock up the CPU, and what can be done to prevent them from being a CPU hog?

 

Any advice would be appreciated.

 

Scott



#5 scotty_ncc1701

scotty_ncc1701

  • Members
  • 520 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:42 PM

Posted 24 June 2014 - 07:03 PM

Check this out: http://answers.microsoft.com/en-us/windows/forum/windows_7-performance/there-are-multiple-instances-of-explorerexe/d4f28787-6208-4756-aa9d-96f7a6d34b7e

Best of luck.

Edited by scotty_ncc1701, 24 June 2014 - 07:03 PM.


#6 Willy22

Willy22

  • Members
  • 942 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Planet Earth
  • Local time:05:42 PM

Posted 24 June 2014 - 08:34 PM

Did you install a new program recently ? Any plug-in for the browser ? The combination of that program with IE could have pushed CPU through the roof. (Or do you mean Windows Explorer ? Doesn't matter, the same story applies.)



#7 vzyfl1

vzyfl1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 24 June 2014 - 09:02 PM

Thanks for the replies. 

 

The problem is with Internet Explorer.

 

The laptop was one of my kid's and when I got it back there was a virus causing multiple IE windows to open with different websites.  I believe when the malware and antivirus scanned and cleaned one or both caught the virus(es) and deleted/cleaned then off, but left rememnants causing the CPU issue with IEXplore.exe to be kicked off multiple times.  IE doesn't even have to be opened for task manager to show that it's running multiple times.  I can boot up the machine then a few minutes later check task manager and there are multiple iexplore.exe copies running causing the CPU to go to 100% pretty quick. 

 

Where are places I can check to turn off these copies of IExplore.exe from being run in task mgr?



#8 Willy22

Willy22

  • Members
  • 942 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Planet Earth
  • Local time:05:42 PM

Posted 25 June 2014 - 01:11 AM

Did you run:

- JRT (Junkware removal tool)

- AdwCleaner

- ESET online scanner ?

- Perhaps IE is run from Task Scheduler. Then Ccleaner can be helpful. (Tools, start up).

These free programs do an excellent job of removing malware. Assuming you don't have a more serious virus infection.

 

I hope you run a (free) Antivirus program and/or a (free) anti spyware program ?



#9 hamluis

hamluis

    Moderator


  • Moderator
  • 54,865 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:42 AM

Posted 25 June 2014 - 10:03 AM

Moved to Am I Infected forum.

 

Louis



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:42 AM

Posted 25 June 2014 - 11:34 AM

Here's how to run those...


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 vzyfl1

vzyfl1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 25 June 2014 - 08:56 PM

.boopme,

Thanks for getting back to me with the detailed instructions.  I followed them and will paste the results below.  Great news so far...I do believe the problem has been resolved, but will test out the laptop over the next few days.

After reviewing the results below let me know if there are any other scans recommended or changes needed:

Thanks again!

Scott

PS The last scan using ESET looks like it will run most of the night so will send results separately tomorrow night.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Minitoolbox Results:

MiniToolBox by Farbar  Version: 25-06-2014
Ran by Scott (administrator) on 25-06-2014 at 18:30:00
Running from "C:\Users\Scott\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® WiFi Link 1000 BGN = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Rachel-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : nc.rr.com

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : nc.rr.com
   Description . . . . . . . . . . . : Intel® WiFi Link 1000 BGN
   Physical Address. . . . . . . . . : 00-26-C7-1D-56-46
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c8d:d6cd:d4f3:159f%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.143(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, June 25, 2014 6:22:53 PM
   Lease Expires . . . . . . . . . . : Thursday, June 26, 2014 6:22:52 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 318777031
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-25-57-7A-C8-0A-A9-4D-0B-8D
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.nc.rr.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 24:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : nc.rr.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 22:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #12
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 15:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 16:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #7
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #8
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 19:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #10
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 23:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2cb5:1e0:3f57:fe70(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2cb5:1e0:3f57:fe70%27(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    google.com
Addresses:  2607:f8b0:4004:803::1005
      74.125.228.97
      74.125.228.98
      74.125.228.99
      74.125.228.100
      74.125.228.101
      74.125.228.102
      74.125.228.103
      74.125.228.104
      74.125.228.105
      74.125.228.110
      74.125.228.96


Pinging google.com [74.125.228.232] with 32 bytes of data:
Reply from 74.125.228.232: bytes=32 time=30ms TTL=54
Reply from 74.125.228.232: bytes=32 time=27ms TTL=54

Ping statistics for 74.125.228.232:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 30ms, Average = 28ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=64ms TTL=48
Reply from 98.138.253.109: bytes=32 time=64ms TTL=48

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 64ms, Maximum = 64ms, Average = 64ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...00 26 c7 1d 56 46 ......Intel® WiFi Link 1000 BGN
  1...........................Software Loopback Interface 1
 30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 25...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #12
 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
 18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #5
 19...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #6
 17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
 20...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #7
 21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #8
 23...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #10
 27...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.143     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.143    281
    192.168.1.143  255.255.255.255         On-link     192.168.1.143    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.143    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.143    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.143    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 27     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 27     58 2001::/32                On-link
 27    306 2001:0:5ef5:79fb:2cb5:1e0:3f57:fe70/128
                                    On-link
 12    281 fe80::/64                On-link
 27    306 fe80::/64                On-link
 12    281 fe80::c8d:d6cd:d4f3:159f/128
                                    On-link
 27    306 fe80::2cb5:1e0:3f57:fe70/128
                                    On-link
  1    306 ff00::/8                 On-link
 27    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/23/2014 09:29:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc000070a
Fault offset: 0x000000000005cf99
Faulting process id: 0xa18
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3

Error: (06/23/2014 08:32:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.16518, time stamp: 0x52f34819
Faulting module name: Flash64_14_0_0_125.ocx, version: 14.0.0.125, time stamp: 0x53862cfa
Exception code: 0xc0000005
Fault offset: 0x00000000002f7f14
Faulting process id: 0x458
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/23/2014 08:30:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: mmc.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc808
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0x00000000
Fault offset: 0x000000000000940d
Faulting process id: 0x17c4
Faulting application start time: 0xmmc.exe0
Faulting application path: mmc.exe1
Faulting module path: mmc.exe2
Report Id: mmc.exe3

Error: (06/22/2014 02:03:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.16518, time stamp: 0x52f34819
Faulting module name: Flash64_14_0_0_125.ocx, version: 14.0.0.125, time stamp: 0x53862cfa
Exception code: 0xc0000005
Fault offset: 0x00000000002e91a6
Faulting process id: 0x108c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/22/2014 11:51:07 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.16518, time stamp: 0x52f34819
Faulting module name: Flash64_14_0_0_125.ocx, version: 14.0.0.125, time stamp: 0x53862cfa
Exception code: 0xc0000005
Fault offset: 0x00000000002f7f14
Faulting process id: 0x1910
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/22/2014 11:47:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.16518, time stamp: 0x52f34819
Faulting module name: Flash64_14_0_0_125.ocx, version: 14.0.0.125, time stamp: 0x53862cfa
Exception code: 0xc0000005
Fault offset: 0x00000000002f7f17
Faulting process id: 0x1414
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/22/2014 11:27:59 AM) (Source: Application Error) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.16518, time stamp: 0x52f34819
Faulting module name: Flash64_14_0_0_125.ocx, version: 14.0.0.125, time stamp: 0x53862cfa
Exception code: 0xc0000005
Fault offset: 0x00000000002e91a6
Faulting process id: 0x1810
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3

Error: (06/20/2014 01:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 118171

Error: (06/20/2014 01:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 118171

Error: (06/20/2014 01:09:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/25/2014 06:22:55 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error:
%%4203

Error: (06/25/2014 06:22:40 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:24:20 PM on ‎6/‎24/‎2014 was unexpected.

Error: (06/24/2014 06:06:45 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error:
%%4203

Error: (06/24/2014 06:06:31 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:59:58 PM on ‎6/‎23/‎2014 was unexpected.

Error: (06/23/2014 09:48:16 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error:
%%4203

Error: (06/23/2014 09:20:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SysMain service.

Error: (06/23/2014 09:20:05 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error:
%%4203

Error: (06/23/2014 09:19:52 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 9:18:31 PM on ‎6/‎23/‎2014 was unexpected.

Error: (06/23/2014 09:05:26 PM) (Source: Service Control Manager) (User: )
Description: The Power service terminated with the following error:
%%4203

Error: (06/23/2014 09:03:59 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================
Error: (06/23/2014 09:29:50 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000070a000000000005cf99a1801cf8f4a70063552C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll082c12a3-fb3f-11e3-9fd5-e37c8952bba2

Error: (06/23/2014 08:32:00 PM) (Source: Application Error)(User: )
Description: iexplore.exe11.0.9600.1651852f34819Flash64_14_0_0_125.ocx14.0.0.12553862cfac000000500000000002f7f1445801cf8f4345c0daf1C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\Flash64_14_0_0_125.ocxf4085b41-fb36-11e3-bcf9-ab97d1a284af

Error: (06/23/2014 08:30:09 PM) (Source: Application Error)(User: )
Description: mmc.exe6.1.7600.163854a5bc808KERNELBASE.dll6.1.7601.1822951fb167700000000000000000000940d17c401cf8f416782e935C:\Windows\system32\mmc.exeC:\Windows\system32\KERNELBASE.dllb156a19a-fb36-11e3-bcf9-ab97d1a284af

Error: (06/22/2014 02:03:17 PM) (Source: Application Error)(User: )
Description: iexplore.exe11.0.9600.1651852f34819Flash64_14_0_0_125.ocx14.0.0.12553862cfac000000500000000002e91a6108c01cf8e428d6f65c1C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\Flash64_14_0_0_125.ocx79826771-fa37-11e3-ac49-ff65bd0378d1

Error: (06/22/2014 11:51:07 AM) (Source: Application Error)(User: )
Description: iexplore.exe11.0.9600.1651852f34819Flash64_14_0_0_125.ocx14.0.0.12553862cfac000000500000000002f7f14191001cf8e3166ffc433C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\Flash64_14_0_0_125.ocx05a5b123-fa25-11e3-ac49-ff65bd0378d1

Error: (06/22/2014 11:47:49 AM) (Source: Application Error)(User: )
Description: iexplore.exe11.0.9600.1651852f34819Flash64_14_0_0_125.ocx14.0.0.12553862cfac000000500000000002f7f17141401cf8e30eec00639C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\Flash64_14_0_0_125.ocx8f8ed1e7-fa24-11e3-ac49-ff65bd0378d1

Error: (06/22/2014 11:27:59 AM) (Source: Application Error)(User: )
Description: iexplore.exe11.0.9600.1651852f34819Flash64_14_0_0_125.ocx14.0.0.12553862cfac000000500000000002e91a6181001cf8e2ccc245ef1C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\Flash64_14_0_0_125.ocxc88b4381-fa21-11e3-ac49-ff65bd0378d1

Error: (06/20/2014 01:09:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 118171

Error: (06/20/2014 01:09:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 118171

Error: (06/20/2014 01:09:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-06-25 18:27:05.876
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Rachel\Desktop\HitmanPro.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-23 21:54:05.176
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\HitmanPro.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-23 21:54:03.304
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\HitmanPro.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-23 21:54:01.522
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\HitmanPro.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-23 21:53:59.227
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\HitmanPro.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-23 21:53:57.680
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\HitmanPro.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-23 21:53:55.387
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\HitmanPro.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-23 21:53:53.108
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\HitmanPro.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-23 21:53:00.305
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\HitmanPro.exe because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-23 21:52:58.523
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\HitmanPro.exe because the set of per-page image hashes could not be found on the system.



=========================== Installed Programs ============================
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.2146.41621 - ABBYY Software House)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activate Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.1.20.0 - Symantec)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.2.8870 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.02 - Adobe Systems Incorporated)
Adobe Photoshop.com Inspiration Browser (x32 Version: 3.02 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{16D0F2D2-242C-4885-BEF1-4B1655C141AE}) (Version: 7.0.822.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.4.11299.0 - Cisco Consumer Products LLC)
Citrix Authentication Manager (x32 Version: 5.1.0.62606 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 4.1.0.56471 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 4.1.0.56461 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell PC Fax (HKLM\...\Dell PC Fax) (Version:  - )
Dell Photo AIO Printer 926 (HKLM\...\Dell Photo AIO Printer 926) (Version:  - Dell, Inc.)
Dell Toolbar (HKLM-x32\...\{09B71986-2AC5-482d-B6CB-42EA34F4F85B}) (Version: 1.8.12.0 - )
Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version:  - Dell, Inc.)
ENE CIR Receiver Driver (HKLM\...\FFE7D41DF3C645075BB149E21988B63996C34187) (Version: 2.7.4.0 - ENE)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FrostWire 4.21.8 (HKLM-x32\...\FrostWire) (Version: 4.21.8.0 - FrostWire Team)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Homepage Protection (HKLM-x32\...\Homepage Protection) (Version:  - AOL Products)
HP 3D DriveGuard (HKLM\...\{85A42FF0-F0D0-44A3-B226-C124D6E8B1D5}) (Version: 4.0.3.1 - Hewlett-Packard)
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.9652.3188 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 3.0.3123 - Hewlett-Packard) Hidden
HP MediaSmart Internet TV (HKLM-x32\...\InstallShield_{E553760D-D7F7-48BF-BD8B-C7E23BA04CB5}) (Version: 3.0.1916 - Hewlett-Packard)
HP MediaSmart Internet TV (x32 Version: 3.0.1916 - Hewlett-Packard) Hidden
HP MediaSmart Live TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 3.0.1924 - Hewlett-Packard)
HP MediaSmart Live TV (x32 Version: 3.0.1924 - Hewlett-Packard) Hidden
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Movie Themes (x32 Version: 3.0.3102 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 3.0.3123 - Hewlett-Packard) Hidden
HP MediaSmart SlingPlayer (HKLM-x32\...\{90F6051D-A69F-4159-9203-7E20430E1056}) (Version: 2.1.1.60 - Sling Media, Inc.)
HP MediaSmart SmartMenu (HKLM\...\{88E60521-1E4E-4785-B9F1-1798A4BD0C30}) (Version: 3.0.30.1 - Hewlett-Packard)
HP MediaSmart Software Notebook Demo (HKLM-x32\...\{82A213BD-B6AA-4281-A2D3-59D51893CC56}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.1913 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 3.0.1913 - Hewlett-Packard) Hidden
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.12.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Smart Web Printing (HKLM-x32\...\HP Smart Web Printing) (Version: 131.1.35898 - Hewlett-Packard)
HP Smart Web Printing (x32 Version: 131.1.35898 - Hewlett-Packard) Hidden
HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company) Hidden
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0154 (HKLM-x32\...\{B51605BF-6326-4553-AE96-6D7F1813D5F5}) (Version: 1.01.0001 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6230.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1883 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 14 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Java™ 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1913 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.1913 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{7EACD74C-147F-478C-9389-F9F52EE3C88A}) (Version: 1.18.10.2 - LightScribe)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.1.94 - LSI Corporation)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version:  - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetAssistant (x32 Version: 3.8.3 - Freeze.com) Hidden
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerDirector (x32 Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30094 - Realtek Semiconductor Corp.)
Self-service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7280 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SlingBoxWatchYourTVAnyWhere (HKLM-x32\...\{4313E16C-811B-469F-8815-6EB98085F8B2}) (Version: 2.1.1.58 - Sling Media)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.0.3 - Synaptics Incorporated)
TuneUp Companion 2.0.10 (HKLM-x32\...\TuneUpMedia) (Version: 2.0.10 - TuneUp Media, Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 3999.19 MB
Available physical RAM: 2861.81 MB
Total Pagefile: 7998.38 MB
Available Pagefile: 6121.32 MB
Total Virtual: 4095.88 MB
Available Virtual: 3985.82 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:452.8 GB) (Free:358.75 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:12.76 GB) (Free:2.13 GB) NTFS

========================= Users: ========================================

User accounts for \\RACHEL-PC

Administrator            Guest                    Rachel                   
Scott                    


**** End of log ****

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

TDSSKiller results:

18:42:58.0635 0x19b0  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
18:43:04.0594 0x19b0  ============================================================
18:43:04.0594 0x19b0  Current date / time: 2014/06/25 18:43:04.0594
18:43:04.0594 0x19b0  SystemInfo:
18:43:04.0594 0x19b0  
18:43:04.0594 0x19b0  OS Version: 6.1.7601 ServicePack: 1.0
18:43:04.0594 0x19b0  Product type: Workstation
18:43:04.0594 0x19b0  ComputerName: RACHEL-PC
18:43:04.0595 0x19b0  UserName: Scott
18:43:04.0595 0x19b0  Windows directory: C:\Windows
18:43:04.0595 0x19b0  System windows directory: C:\Windows
18:43:04.0595 0x19b0  Running under WOW64
18:43:04.0595 0x19b0  Processor architecture: Intel x64
18:43:04.0595 0x19b0  Number of processors: 2
18:43:04.0595 0x19b0  Page size: 0x1000
18:43:04.0595 0x19b0  Boot type: Normal boot
18:43:04.0595 0x19b0  ============================================================
18:43:06.0064 0x19b0  KLMD registered as C:\Windows\system32\drivers\96139779.sys
18:43:07.0680 0x19b0  System UUID: {A68CA5DA-2F86-800D-FBDC-61AF6ED55732}
18:43:15.0646 0x19b0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:43:15.0665 0x19b0  ============================================================
18:43:15.0665 0x19b0  \Device\Harddisk0\DR0:
18:43:15.0665 0x19b0  MBR partitions:
18:43:15.0665 0x19b0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:43:15.0665 0x19b0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3899B000
18:43:15.0665 0x19b0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x389FF000, BlocksNum 0x1986800
18:43:15.0665 0x19b0  ============================================================
18:43:15.0685 0x19b0  C: <-> \Device\Harddisk0\DR0\Partition2
18:43:15.0862 0x19b0  D: <-> \Device\Harddisk0\DR0\Partition3
18:43:15.0863 0x19b0  ============================================================
18:43:15.0863 0x19b0  Initialize success
18:43:15.0863 0x19b0  ============================================================
18:43:19.0178 0x1f8c  ============================================================
18:43:19.0178 0x1f8c  Scan started
18:43:19.0178 0x1f8c  Mode: Manual;
18:43:19.0178 0x1f8c  ============================================================
18:43:19.0178 0x1f8c  KSN ping started
18:43:23.0664 0x1f8c  KSN ping finished: true
18:43:31.0030 0x1f8c  ================ Scan system memory ========================
18:43:31.0030 0x1f8c  System memory - ok
18:43:31.0033 0x1f8c  ================ Scan services =============================
18:43:31.0310 0x1f8c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:43:31.0319 0x1f8c  1394ohci - ok
18:43:31.0363 0x1f8c  [ 1CFFE9C06E66A57DAE1452E449A58240, F337852EEF9DCF33FB1B85EEF61FA8D28A780B13488B144DFAD2234FC24CB430 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
18:43:31.0374 0x1f8c  Accelerometer - ok
18:43:31.0418 0x1f8c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:43:31.0436 0x1f8c  ACPI - ok
18:43:31.0475 0x1f8c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:43:31.0583 0x1f8c  AcpiPmi - ok
18:43:31.0752 0x1f8c  [ 4451CC2275B04043EC2BCC757AF97291, A07781C5C9AD344BF2B5F8E7ED0ACD804113B6BC02D082717E493768E6ABC393 ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
18:43:31.0760 0x1f8c  AdobeActiveFileMonitor8.0 - ok
18:43:32.0204 0x1f8c  [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:43:32.0262 0x1f8c  AdobeFlashPlayerUpdateSvc - ok
18:43:32.0333 0x1f8c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:43:32.0399 0x1f8c  adp94xx - ok
18:43:32.0485 0x1f8c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:43:32.0704 0x1f8c  adpahci - ok
18:43:32.0736 0x1f8c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:43:32.0835 0x1f8c  adpu320 - ok
18:43:32.0874 0x1f8c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:43:32.0877 0x1f8c  AeLookupSvc - ok
18:43:33.0056 0x1f8c  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
18:43:33.0124 0x1f8c  AESTFilters - ok
18:43:33.0294 0x1f8c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
18:43:33.0488 0x1f8c  AFD - ok
18:43:35.0293 0x1f8c  [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
18:43:35.0343 0x1f8c  AgereModemAudio - ok
18:43:35.0439 0x1f8c  [ AF4748EF93416159459769A24A0053AF, AE1C4E67E7555066436112C5A090DC5B49B264E3BA3ECF4CE2F1E9B799089B7D ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
18:43:35.0505 0x1f8c  AgereSoftModem - ok
18:43:35.0612 0x1f8c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:43:35.0652 0x1f8c  agp440 - ok
18:43:35.0681 0x1f8c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:43:35.0731 0x1f8c  ALG - ok
18:43:35.0866 0x1f8c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:43:35.0874 0x1f8c  aliide - ok
18:43:35.0912 0x1f8c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:43:36.0054 0x1f8c  amdide - ok
18:43:36.0094 0x1f8c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:43:36.0135 0x1f8c  AmdK8 - ok
18:43:36.0189 0x1f8c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:43:36.0206 0x1f8c  AmdPPM - ok
18:43:36.0237 0x1f8c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:43:36.0247 0x1f8c  amdsata - ok
18:43:36.0304 0x1f8c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:43:36.0333 0x1f8c  amdsbs - ok
18:43:36.0445 0x1f8c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:43:36.0571 0x1f8c  amdxata - ok
18:43:36.0605 0x1f8c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
18:43:36.0611 0x1f8c  AppID - ok
18:43:36.0644 0x1f8c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:43:36.0744 0x1f8c  AppIDSvc - ok
18:43:36.0776 0x1f8c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:43:36.0783 0x1f8c  Appinfo - ok
18:43:36.0946 0x1f8c  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:43:36.0983 0x1f8c  Apple Mobile Device - ok
18:43:37.0053 0x1f8c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:43:37.0117 0x1f8c  arc - ok
18:43:37.0126 0x1f8c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:43:37.0132 0x1f8c  arcsas - ok
18:43:37.0310 0x1f8c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:43:37.0360 0x1f8c  aspnet_state - ok
18:43:37.0463 0x1f8c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:43:37.0487 0x1f8c  AsyncMac - ok
18:43:37.0557 0x1f8c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:43:37.0640 0x1f8c  atapi - ok
18:43:38.0005 0x1f8c  [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys
18:43:38.0354 0x1f8c  atikmdag - ok
18:43:38.0697 0x1f8c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:43:38.0827 0x1f8c  AudioEndpointBuilder - ok
18:43:38.0864 0x1f8c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:43:38.0883 0x1f8c  AudioSrv - ok
18:43:38.0928 0x1f8c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:43:38.0936 0x1f8c  AxInstSV - ok
18:43:39.0048 0x1f8c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:43:39.0098 0x1f8c  b06bdrv - ok
18:43:39.0183 0x1f8c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:43:39.0253 0x1f8c  b57nd60a - ok
18:43:39.0355 0x1f8c  [ 2ED050291BC1D7F9E322E328DB3AAECF, 906DB2E9A8020EDB33C9732C7BA2474D6600C9B14537AAD4EBFE924A7801794B ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:43:39.0371 0x1f8c  BBSvc - ok
18:43:39.0404 0x1f8c  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:43:39.0414 0x1f8c  BBUpdate - ok
18:43:39.0478 0x1f8c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:43:39.0543 0x1f8c  BDESVC - ok
18:43:39.0739 0x1f8c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:43:39.0766 0x1f8c  Beep - ok
18:43:39.0822 0x1f8c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:43:39.0991 0x1f8c  BFE - ok
18:43:40.0035 0x1f8c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:43:40.0193 0x1f8c  BITS - ok
18:43:40.0231 0x1f8c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:43:40.0275 0x1f8c  blbdrive - ok
18:43:40.0354 0x1f8c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:43:40.0398 0x1f8c  Bonjour Service - ok
18:43:40.0463 0x1f8c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:43:40.0547 0x1f8c  bowser - ok
18:43:40.0575 0x1f8c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:43:40.0581 0x1f8c  BrFiltLo - ok
18:43:40.0611 0x1f8c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:43:40.0629 0x1f8c  BrFiltUp - ok
18:43:40.0665 0x1f8c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:43:40.0676 0x1f8c  Browser - ok
18:43:40.0701 0x1f8c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:43:40.0767 0x1f8c  Brserid - ok
18:43:40.0790 0x1f8c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:43:40.0797 0x1f8c  BrSerWdm - ok
18:43:40.0816 0x1f8c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:43:40.0903 0x1f8c  BrUsbMdm - ok
18:43:40.0923 0x1f8c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:43:41.0080 0x1f8c  BrUsbSer - ok
18:43:41.0107 0x1f8c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:43:41.0195 0x1f8c  BTHMODEM - ok
18:43:41.0230 0x1f8c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:43:41.0264 0x1f8c  bthserv - ok
18:43:41.0323 0x1f8c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:43:41.0350 0x1f8c  cdfs - ok
18:43:41.0411 0x1f8c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:43:41.0469 0x1f8c  cdrom - ok
18:43:41.0506 0x1f8c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:43:41.0569 0x1f8c  CertPropSvc - ok
18:43:41.0625 0x1f8c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:43:41.0666 0x1f8c  circlass - ok
18:43:41.0725 0x1f8c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:43:41.0742 0x1f8c  CLFS - ok
18:43:41.0784 0x1f8c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:43:41.0791 0x1f8c  clr_optimization_v2.0.50727_32 - ok
18:43:41.0830 0x1f8c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:43:41.0976 0x1f8c  clr_optimization_v2.0.50727_64 - ok
18:43:42.0057 0x1f8c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:43:42.0241 0x1f8c  clr_optimization_v4.0.30319_32 - ok
18:43:42.0250 0x1f8c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:43:42.0340 0x1f8c  clr_optimization_v4.0.30319_64 - ok
18:43:42.0372 0x1f8c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:43:42.0380 0x1f8c  CmBatt - ok
18:43:42.0409 0x1f8c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:43:42.0444 0x1f8c  cmdide - ok
18:43:42.0621 0x1f8c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
18:43:42.0673 0x1f8c  CNG - ok
18:43:42.0798 0x1f8c  [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
18:43:42.0815 0x1f8c  Com4QLBEx - ok
18:43:42.0839 0x1f8c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:43:42.0844 0x1f8c  Compbatt - ok
18:43:42.0882 0x1f8c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:43:42.0898 0x1f8c  CompositeBus - ok
18:43:42.0903 0x1f8c  COMSysApp - ok
18:43:42.0935 0x1f8c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:43:42.0939 0x1f8c  crcdisk - ok
18:43:42.0982 0x1f8c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:43:42.0998 0x1f8c  CryptSvc - ok
18:43:43.0083 0x1f8c  [ A193FAE9BF40D981C3094252B17DE601, 585E9F48676DA26DBD30398E4D0E33378D25CB726EFA973E48B69F31C96A6E4E ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
18:43:43.0087 0x1f8c  ctxusbm - ok
18:43:43.0186 0x1f8c  [ 68DEC7EE9423080ACC23DC17BFF51D14, CF52F8BDD2B73D7C76D2DFF313A15ADFBD74D30E430D2CD0A5B0F9D1C8BD4C36 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:43:43.0227 0x1f8c  DcomLaunch - detected Trojan.Win64.Patched.bj ( 0 )
18:43:46.0522 0x1f8c  DcomLaunch ( Trojan.Win64.Patched.bj ) - infected
18:43:46.0522 0x1f8c  Force sending object to P2P due to detect: DcomLaunch
18:43:49.0298 0x1f8c  Object send P2P result: true
18:43:51.0898 0x1f8c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:43:51.0909 0x1f8c  defragsvc - ok
18:43:51.0939 0x1f8c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:43:51.0949 0x1f8c  DfsC - ok
18:43:51.0989 0x1f8c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:43:52.0009 0x1f8c  Dhcp - ok
18:43:52.0029 0x1f8c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:43:52.0029 0x1f8c  discache - ok
18:43:52.0059 0x1f8c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:43:52.0059 0x1f8c  Disk - ok
18:43:52.0079 0x1f8c  dlcx_device - ok
18:43:52.0149 0x1f8c  [ E0D525515537E60ABA8F3E29209F02E8, A543BE206721CDDAB9D45FF0D91AFFE849584A035B09174DCF3223FB03644497 ] dleaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
18:43:52.0177 0x1f8c  dleaCATSCustConnectService - ok
18:43:52.0183 0x1f8c  dlea_device - ok
18:43:52.0211 0x1f8c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:43:52.0221 0x1f8c  Dnscache - ok
18:43:52.0251 0x1f8c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:43:52.0261 0x1f8c  dot3svc - ok
18:43:52.0301 0x1f8c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:43:52.0331 0x1f8c  DPS - ok
18:43:52.0601 0x1f8c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:43:52.0601 0x1f8c  drmkaud - ok
18:43:52.0673 0x1f8c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:43:52.0743 0x1f8c  DXGKrnl - ok
18:43:52.0855 0x1f8c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:43:52.0855 0x1f8c  EapHost - ok
18:43:52.0985 0x1f8c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:43:53.0138 0x1f8c  ebdrv - ok
18:43:53.0196 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
18:43:53.0204 0x1f8c  EFS - ok
18:43:53.0271 0x1f8c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:43:53.0301 0x1f8c  ehRecvr - ok
18:43:53.0363 0x1f8c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:43:53.0373 0x1f8c  ehSched - ok
18:43:53.0413 0x1f8c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:43:53.0441 0x1f8c  elxstor - ok
18:43:53.0467 0x1f8c  [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
18:43:53.0492 0x1f8c  enecir - ok
18:43:53.0515 0x1f8c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:43:53.0535 0x1f8c  ErrDev - ok
18:43:53.0588 0x1f8c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:43:53.0611 0x1f8c  EventSystem - ok
18:43:53.0637 0x1f8c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:43:53.0643 0x1f8c  exfat - ok
18:43:53.0674 0x1f8c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:43:53.0683 0x1f8c  fastfat - ok
18:43:53.0737 0x1f8c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:43:53.0782 0x1f8c  Fax - ok
18:43:53.0829 0x1f8c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:43:53.0829 0x1f8c  fdc - ok
18:43:53.0839 0x1f8c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:43:53.0839 0x1f8c  fdPHost - ok
18:43:53.0849 0x1f8c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:43:53.0859 0x1f8c  FDResPub - ok
18:43:53.0879 0x1f8c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:43:53.0947 0x1f8c  FileInfo - ok
18:43:53.0963 0x1f8c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:43:53.0966 0x1f8c  Filetrace - ok
18:43:54.0011 0x1f8c  [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:43:54.0051 0x1f8c  FLEXnet Licensing Service - ok
18:43:54.0123 0x1f8c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:43:54.0133 0x1f8c  flpydisk - ok
18:43:54.0153 0x1f8c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:43:54.0163 0x1f8c  FltMgr - ok
18:43:54.0238 0x1f8c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
18:43:54.0315 0x1f8c  FontCache - ok
18:43:54.0383 0x1f8c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:43:54.0391 0x1f8c  FontCache3.0.0.0 - ok
18:43:54.0417 0x1f8c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:43:54.0417 0x1f8c  FsDepends - ok
18:43:54.0437 0x1f8c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:43:54.0437 0x1f8c  Fs_Rec - ok
18:43:54.0472 0x1f8c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:43:54.0480 0x1f8c  fvevol - ok
18:43:54.0500 0x1f8c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:43:54.0506 0x1f8c  gagp30kx - ok
18:43:54.0570 0x1f8c  [ C44D560E441F091EA3B72F778EC60DE2, 1F90BA0E98C436B98BF6B0BC93146B52C081DF374424E2DCA270316D508A59B2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
18:43:54.0580 0x1f8c  GameConsoleService - ok
18:43:54.0611 0x1f8c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:43:54.0614 0x1f8c  GEARAspiWDM - ok
18:43:54.0666 0x1f8c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:43:54.0719 0x1f8c  gpsvc - ok
18:43:54.0820 0x1f8c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:43:54.0826 0x1f8c  gupdate - ok
18:43:54.0860 0x1f8c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:43:54.0860 0x1f8c  gupdatem - ok
18:43:54.0890 0x1f8c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:43:54.0963 0x1f8c  gusvc - ok
18:43:55.0010 0x1f8c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:43:55.0015 0x1f8c  hcw85cir - ok
18:43:55.0084 0x1f8c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:43:55.0101 0x1f8c  HdAudAddService - ok
18:43:55.0120 0x1f8c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:43:55.0125 0x1f8c  HDAudBus - ok
18:43:55.0141 0x1f8c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:43:55.0144 0x1f8c  HidBatt - ok
18:43:55.0167 0x1f8c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:43:55.0172 0x1f8c  HidBth - ok
18:43:55.0233 0x1f8c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:43:55.0236 0x1f8c  HidIr - ok
18:43:55.0255 0x1f8c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:43:55.0259 0x1f8c  hidserv - ok
18:43:55.0296 0x1f8c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:43:55.0315 0x1f8c  HidUsb - ok
18:43:55.0345 0x1f8c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:43:55.0349 0x1f8c  hkmsvc - ok
18:43:55.0394 0x1f8c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:43:55.0402 0x1f8c  HomeGroupListener - ok
18:43:55.0439 0x1f8c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:43:55.0448 0x1f8c  HomeGroupProvider - ok
18:43:55.0520 0x1f8c  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:43:55.0528 0x1f8c  HP Support Assistant Service - ok
18:43:55.0554 0x1f8c  [ 05712FDDBD45A5864EB326FAABC6A4E3, 8BACA990971A331E6EC7F896EF2404F09E381DAA3519FC6E3027C0DBD991BA7F ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
18:43:55.0557 0x1f8c  hpdskflt - ok
18:43:55.0572 0x1f8c  [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:43:55.0575 0x1f8c  HpqKbFiltr - ok
18:43:55.0661 0x1f8c  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:43:55.0713 0x1f8c  hpqwmiex - ok
18:43:55.0761 0x1f8c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:43:55.0810 0x1f8c  HpSAMD - ok
18:43:55.0824 0x1f8c  [ AA036CC5F5221D9B915F4D4DCE74BA9A, B90B9F7753B45387AD56A7CE1365BEBC9EB67011B6D2F8C785717942133775AA ] hpsrv           C:\Windows\system32\Hpservice.exe
18:43:55.0882 0x1f8c  hpsrv - ok
18:43:55.0972 0x1f8c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:43:56.0012 0x1f8c  HTTP - ok
18:43:56.0053 0x1f8c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:43:56.0055 0x1f8c  hwpolicy - ok
18:43:56.0074 0x1f8c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:43:56.0084 0x1f8c  i8042prt - ok
18:43:56.0154 0x1f8c  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:43:56.0184 0x1f8c  IAANTMON - ok
18:43:56.0266 0x1f8c  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:43:56.0276 0x1f8c  iaStor - ok
18:43:56.0328 0x1f8c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:43:56.0348 0x1f8c  iaStorV - ok
18:43:56.0430 0x1f8c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:43:56.0480 0x1f8c  idsvc - ok
18:43:56.0530 0x1f8c  IEEtwCollectorService - ok
18:43:57.0171 0x1f8c  [ 3C3F27002ABC69C5AFE29CBE6CF7ADDF, 1543345ED76F0FEF907A32E0838F8B01F0FB361565B13ADD34F552FF48D38DD6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:43:57.0419 0x1f8c  igfx - ok
18:43:57.0556 0x1f8c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:43:57.0566 0x1f8c  iirsp - ok
18:43:57.0626 0x1f8c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:43:57.0676 0x1f8c  IKEEXT - ok
18:43:57.0748 0x1f8c  [ 88A20FA54C73DED4E8DAC764E9130AE9, BBD9C8D12063F0A464FE0C48C6913A772EF5A5DCB8A00EBD37E494DCB752A5FF ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
18:43:57.0758 0x1f8c  IntcHdmiAddService - ok
18:43:57.0788 0x1f8c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:43:57.0798 0x1f8c  intelide - ok
18:43:57.0818 0x1f8c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:43:57.0818 0x1f8c  intelppm - ok
18:43:57.0838 0x1f8c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:43:57.0848 0x1f8c  IPBusEnum - ok
18:43:57.0888 0x1f8c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:43:57.0888 0x1f8c  IpFilterDriver - ok
18:43:57.0928 0x1f8c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:43:57.0958 0x1f8c  iphlpsvc - ok
18:43:57.0999 0x1f8c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:43:58.0002 0x1f8c  IPMIDRV - ok
18:43:58.0040 0x1f8c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:43:58.0040 0x1f8c  IPNAT - ok
18:43:58.0100 0x1f8c  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:43:58.0130 0x1f8c  iPod Service - ok
18:43:58.0147 0x1f8c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:43:58.0150 0x1f8c  IRENUM - ok
18:43:58.0165 0x1f8c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:43:58.0167 0x1f8c  isapnp - ok
18:43:58.0192 0x1f8c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:43:58.0212 0x1f8c  iScsiPrt - ok
18:43:58.0232 0x1f8c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:43:58.0242 0x1f8c  kbdclass - ok
18:43:58.0284 0x1f8c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:43:58.0294 0x1f8c  kbdhid - ok
18:43:58.0304 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
18:43:58.0304 0x1f8c  KeyIso - ok
18:43:58.0334 0x1f8c  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:43:58.0344 0x1f8c  KSecDD - ok
18:43:58.0354 0x1f8c  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:43:58.0364 0x1f8c  KSecPkg - ok
18:43:58.0384 0x1f8c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:43:58.0384 0x1f8c  ksthunk - ok
18:43:58.0414 0x1f8c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:43:58.0434 0x1f8c  KtmRm - ok
18:43:58.0484 0x1f8c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:43:58.0494 0x1f8c  LanmanServer - ok
18:43:58.0524 0x1f8c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:43:58.0534 0x1f8c  LanmanWorkstation - ok
18:43:58.0614 0x1f8c  [ C2E324014D54DAA2B5A4DE47CB696FD8, 10D4A6ACBC194ABDFAD8C94DC4742DEA056177A2B8706494A13EBF7C23C87D21 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
18:43:58.0706 0x1f8c  LightScribeService - ok
18:43:58.0726 0x1f8c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:43:58.0726 0x1f8c  lltdio - ok
18:43:58.0756 0x1f8c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:43:58.0766 0x1f8c  lltdsvc - ok
18:43:58.0786 0x1f8c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:43:58.0786 0x1f8c  lmhosts - ok
18:43:58.0816 0x1f8c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:43:58.0826 0x1f8c  LSI_FC - ok
18:43:58.0836 0x1f8c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:43:58.0836 0x1f8c  LSI_SAS - ok
18:43:58.0856 0x1f8c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:43:58.0856 0x1f8c  LSI_SAS2 - ok
18:43:58.0866 0x1f8c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:43:58.0866 0x1f8c  LSI_SCSI - ok
18:43:58.0896 0x1f8c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:43:58.0896 0x1f8c  luafv - ok
18:43:58.0926 0x1f8c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:43:58.0926 0x1f8c  Mcx2Svc - ok
18:43:58.0946 0x1f8c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:43:58.0966 0x1f8c  megasas - ok
18:43:58.0987 0x1f8c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:43:58.0997 0x1f8c  MegaSR - ok
18:43:58.0998 0x1f8c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:43:59.0018 0x1f8c  MMCSS - ok
18:43:59.0028 0x1f8c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:43:59.0028 0x1f8c  Modem - ok
18:43:59.0038 0x1f8c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:43:59.0048 0x1f8c  monitor - ok
18:43:59.0078 0x1f8c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:43:59.0078 0x1f8c  mouclass - ok
18:43:59.0098 0x1f8c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:43:59.0108 0x1f8c  mouhid - ok
18:43:59.0168 0x1f8c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:43:59.0178 0x1f8c  mountmgr - ok
18:43:59.0228 0x1f8c  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:43:59.0288 0x1f8c  MozillaMaintenance - ok
18:43:59.0358 0x1f8c  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
18:43:59.0368 0x1f8c  MpFilter - ok
18:43:59.0398 0x1f8c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:43:59.0408 0x1f8c  mpio - ok
18:43:59.0428 0x1f8c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:43:59.0438 0x1f8c  mpsdrv - ok
18:43:59.0498 0x1f8c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:43:59.0558 0x1f8c  MpsSvc - ok
18:43:59.0620 0x1f8c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:43:59.0630 0x1f8c  MRxDAV - ok
18:43:59.0660 0x1f8c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:43:59.0670 0x1f8c  mrxsmb - ok
18:43:59.0740 0x1f8c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:43:59.0750 0x1f8c  mrxsmb10 - ok
18:43:59.0783 0x1f8c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:43:59.0788 0x1f8c  mrxsmb20 - ok
18:43:59.0822 0x1f8c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:43:59.0822 0x1f8c  msahci - ok
18:43:59.0842 0x1f8c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:43:59.0852 0x1f8c  msdsm - ok
18:43:59.0872 0x1f8c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:43:59.0882 0x1f8c  MSDTC - ok
18:43:59.0912 0x1f8c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:43:59.0912 0x1f8c  Msfs - ok
18:43:59.0932 0x1f8c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:43:59.0932 0x1f8c  mshidkmdf - ok
18:43:59.0972 0x1f8c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:43:59.0972 0x1f8c  msisadrv - ok
18:44:00.0002 0x1f8c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:44:00.0002 0x1f8c  MSiSCSI - ok
18:44:00.0022 0x1f8c  msiserver - ok
18:44:00.0042 0x1f8c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:44:00.0053 0x1f8c  MSKSSRV - ok
18:44:00.0164 0x1f8c  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:44:00.0164 0x1f8c  MsMpSvc - ok
18:44:00.0184 0x1f8c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:44:00.0194 0x1f8c  MSPCLOCK - ok
18:44:00.0194 0x1f8c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:44:00.0194 0x1f8c  MSPQM - ok
18:44:00.0286 0x1f8c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:44:00.0326 0x1f8c  MsRPC - ok
18:44:00.0418 0x1f8c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:44:00.0418 0x1f8c  mssmbios - ok
18:44:00.0448 0x1f8c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:44:00.0458 0x1f8c  MSTEE - ok
18:44:00.0478 0x1f8c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:44:00.0488 0x1f8c  MTConfig - ok
18:44:00.0538 0x1f8c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:44:00.0548 0x1f8c  Mup - ok
18:44:00.0708 0x1f8c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:44:00.0748 0x1f8c  napagent - ok
18:44:00.0810 0x1f8c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:44:00.0820 0x1f8c  NativeWifiP - ok
18:44:01.0010 0x1f8c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:44:01.0070 0x1f8c  NDIS - ok
18:44:01.0104 0x1f8c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:44:01.0106 0x1f8c  NdisCap - ok
18:44:01.0132 0x1f8c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:44:01.0132 0x1f8c  NdisTapi - ok
18:44:01.0172 0x1f8c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:44:01.0172 0x1f8c  Ndisuio - ok
18:44:01.0232 0x1f8c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:44:01.0232 0x1f8c  NdisWan - ok
18:44:01.0262 0x1f8c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:44:01.0262 0x1f8c  NDProxy - ok
18:44:01.0292 0x1f8c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:44:01.0294 0x1f8c  NetBIOS - ok
18:44:01.0339 0x1f8c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:44:01.0346 0x1f8c  NetBT - ok
18:44:01.0365 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
18:44:01.0367 0x1f8c  Netlogon - ok
18:44:01.0454 0x1f8c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:44:01.0484 0x1f8c  Netman - ok
18:44:01.0564 0x1f8c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:01.0584 0x1f8c  NetMsmqActivator - ok
18:44:01.0604 0x1f8c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:01.0604 0x1f8c  NetPipeActivator - ok
18:44:01.0666 0x1f8c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:44:01.0696 0x1f8c  netprofm - ok
18:44:01.0726 0x1f8c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:01.0726 0x1f8c  NetTcpActivator - ok
18:44:01.0736 0x1f8c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:01.0746 0x1f8c  NetTcpPortSharing - ok
18:44:02.0037 0x1f8c  [ E72F4522801FFB8F0456924FB0017BFF, 7260C6D0725D3B3E0083AF06D901073AE8753E6CD97400B2A1D7F6D62A727CC5 ] NETw1v64        C:\Windows\system32\DRIVERS\NETw1v64.sys
18:44:02.0316 0x1f8c  NETw1v64 - ok
18:44:03.0262 0x1f8c  [ 39EDE676D17F37AF4573C2B33EC28ACA, 6C897C8B72D7AC1385302E58509688790CC5F428E967485F92C3CD646907EF59 ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
18:44:03.0505 0x1f8c  NETw5s64 - ok
18:44:04.0249 0x1f8c  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
18:44:04.0477 0x1f8c  netw5v64 - ok
18:44:04.0519 0x1f8c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:44:04.0522 0x1f8c  nfrd960 - ok
18:44:04.0728 0x1f8c  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:44:04.0738 0x1f8c  NisDrv - ok
18:44:04.0888 0x1f8c  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
18:44:04.0928 0x1f8c  NisSrv - ok
18:44:05.0048 0x1f8c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:44:05.0088 0x1f8c  NlaSvc - ok
18:44:05.0108 0x1f8c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:44:05.0108 0x1f8c  Npfs - ok
18:44:05.0178 0x1f8c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:44:05.0188 0x1f8c  nsi - ok
18:44:05.0218 0x1f8c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:44:05.0218 0x1f8c  nsiproxy - ok
18:44:05.0488 0x1f8c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:44:05.0560 0x1f8c  Ntfs - ok
18:44:05.0586 0x1f8c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:44:05.0590 0x1f8c  Null - ok
18:44:05.0652 0x1f8c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:44:05.0662 0x1f8c  nvraid - ok
18:44:05.0702 0x1f8c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:44:05.0702 0x1f8c  nvstor - ok
18:44:05.0772 0x1f8c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:44:05.0772 0x1f8c  nv_agp - ok
18:44:05.0802 0x1f8c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:44:05.0802 0x1f8c  ohci1394 - ok
18:44:05.0882 0x1f8c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:44:05.0922 0x1f8c  p2pimsvc - ok
18:44:06.0022 0x1f8c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:44:06.0072 0x1f8c  p2psvc - ok
18:44:06.0132 0x1f8c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:44:06.0132 0x1f8c  Parport - ok
18:44:06.0202 0x1f8c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:44:06.0202 0x1f8c  partmgr - ok
18:44:06.0232 0x1f8c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:44:06.0242 0x1f8c  PcaSvc - ok
18:44:06.0272 0x1f8c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:44:06.0282 0x1f8c  pci - ok
18:44:06.0342 0x1f8c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:44:06.0352 0x1f8c  pciide - ok
18:44:06.0392 0x1f8c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:44:06.0402 0x1f8c  pcmcia - ok
18:44:06.0422 0x1f8c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:44:06.0432 0x1f8c  pcw - ok
18:44:06.0572 0x1f8c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:44:06.0612 0x1f8c  PEAUTH - ok
18:44:07.0244 0x1f8c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:44:07.0254 0x1f8c  PerfHost - ok
18:44:07.0416 0x1f8c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:44:07.0468 0x1f8c  pla - ok
18:44:07.0620 0x1f8c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:44:07.0660 0x1f8c  PlugPlay - ok
18:44:07.0700 0x1f8c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:44:07.0700 0x1f8c  PNRPAutoReg - ok
18:44:07.0790 0x1f8c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:44:07.0800 0x1f8c  PNRPsvc - ok
18:44:07.0922 0x1f8c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:44:07.0932 0x1f8c  PolicyAgent - ok
18:44:07.0984 0x1f8c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:44:07.0991 0x1f8c  Power - ok
18:44:08.0054 0x1f8c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:44:08.0054 0x1f8c  PptpMiniport - ok
18:44:08.0094 0x1f8c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:44:08.0094 0x1f8c  Processor - ok
18:44:08.0204 0x1f8c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:44:08.0254 0x1f8c  ProfSvc - ok
18:44:08.0294 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:44:08.0294 0x1f8c  ProtectedStorage - ok
18:44:08.0344 0x1f8c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:44:08.0354 0x1f8c  Psched - ok
18:44:08.0414 0x1f8c  [ FBF4DB6D53585437E41A113300002A2B, A0145CE87A95DA3775B28A00E741660C26ADE34BBCC7FC502ED809931482C8F2 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
18:44:08.0434 0x1f8c  PxHlpa64 - ok
18:44:08.0514 0x1f8c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:44:08.0596 0x1f8c  ql2300 - ok
18:44:08.0609 0x1f8c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:44:08.0621 0x1f8c  ql40xx - ok
18:44:08.0668 0x1f8c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:44:08.0678 0x1f8c  QWAVE - ok
18:44:08.0738 0x1f8c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:44:08.0748 0x1f8c  QWAVEdrv - ok
18:44:08.0778 0x1f8c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:44:08.0778 0x1f8c  RasAcd - ok
18:44:08.0828 0x1f8c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:44:08.0828 0x1f8c  RasAgileVpn - ok
18:44:08.0868 0x1f8c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:44:08.0878 0x1f8c  RasAuto - ok
18:44:08.0918 0x1f8c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:44:08.0918 0x1f8c  Rasl2tp - ok
18:44:09.0038 0x1f8c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:44:09.0098 0x1f8c  RasMan - ok
18:44:09.0138 0x1f8c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:44:09.0138 0x1f8c  RasPppoe - ok
18:44:09.0178 0x1f8c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:44:09.0178 0x1f8c  RasSstp - ok
18:44:09.0258 0x1f8c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:44:09.0303 0x1f8c  rdbss - ok
18:44:09.0348 0x1f8c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:44:09.0351 0x1f8c  rdpbus - ok
18:44:09.0381 0x1f8c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:44:09.0390 0x1f8c  RDPCDD - ok
18:44:09.0423 0x1f8c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:44:09.0425 0x1f8c  RDPENCDD - ok
18:44:09.0450 0x1f8c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:44:09.0460 0x1f8c  RDPREFMP - ok
18:44:09.0530 0x1f8c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:44:09.0530 0x1f8c  RDPWD - ok
18:44:09.0590 0x1f8c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:44:09.0600 0x1f8c  rdyboost - ok
18:44:09.0690 0x1f8c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:44:09.0690 0x1f8c  RemoteAccess - ok
18:44:09.0740 0x1f8c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:44:09.0750 0x1f8c  RemoteRegistry - ok
18:44:09.0920 0x1f8c  [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:44:09.0960 0x1f8c  RichVideo - ok
18:44:09.0990 0x1f8c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:44:09.0990 0x1f8c  RpcEptMapper - ok
18:44:10.0020 0x1f8c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:44:10.0030 0x1f8c  RpcLocator - ok
18:44:10.0191 0x1f8c  [ 68DEC7EE9423080ACC23DC17BFF51D14, CF52F8BDD2B73D7C76D2DFF313A15ADFBD74D30E430D2CD0A5B0F9D1C8BD4C36 ] RpcSs           C:\Windows\system32\rpcss.dll
18:44:10.0201 0x1f8c  RpcSs - detected Trojan.Win64.Patched.bj ( 0 )
18:44:10.0201 0x1f8c  RpcSs ( Trojan.Win64.Patched.bj ) - infected
18:44:10.0201 0x1f8c  Force sending object to P2P due to detect: RpcSs
18:44:12.0966 0x1f8c  Object send P2P result: true
18:44:15.0536 0x1f8c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:44:15.0536 0x1f8c  rspndr - ok
18:44:15.0556 0x1f8c  RSUSBSTOR - ok
18:44:15.0606 0x1f8c  [ 91296F0B2653281B2F11E0FCE56AA427, 242B6049480F62673D79E822EC7AD83DBFA1D203F2519E765DD36ECF156A962A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:44:15.0616 0x1f8c  RTL8167 - ok
18:44:15.0616 0x1f8c  RtsUIR - ok
18:44:15.0646 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
18:44:15.0658 0x1f8c  SamSs - ok
18:44:15.0708 0x1f8c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:44:15.0718 0x1f8c  sbp2port - ok
18:44:15.0738 0x1f8c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:44:15.0748 0x1f8c  SCardSvr - ok
18:44:15.0788 0x1f8c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:44:15.0788 0x1f8c  scfilter - ok
18:44:15.0958 0x1f8c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:44:16.0019 0x1f8c  Schedule - ok
18:44:16.0070 0x1f8c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:44:16.0080 0x1f8c  SCPolicySvc - ok
18:44:16.0130 0x1f8c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
18:44:16.0130 0x1f8c  sdbus - ok
18:44:16.0180 0x1f8c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:44:16.0180 0x1f8c  SDRSVC - ok
18:44:16.0210 0x1f8c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:44:16.0210 0x1f8c  secdrv - ok
18:44:16.0240 0x1f8c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:44:16.0250 0x1f8c  seclogon - ok
18:44:16.0280 0x1f8c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:44:16.0286 0x1f8c  SENS - ok
18:44:16.0297 0x1f8c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:44:16.0302 0x1f8c  SensrSvc - ok
18:44:16.0312 0x1f8c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:44:16.0322 0x1f8c  Serenum - ok
18:44:16.0332 0x1f8c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:44:16.0332 0x1f8c  Serial - ok
18:44:16.0352 0x1f8c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:44:16.0362 0x1f8c  sermouse - ok
18:44:16.0402 0x1f8c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:44:16.0410 0x1f8c  SessionEnv - ok
18:44:16.0454 0x1f8c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:44:16.0454 0x1f8c  sffdisk - ok
18:44:16.0494 0x1f8c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:44:16.0494 0x1f8c  sffp_mmc - ok
18:44:16.0504 0x1f8c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:44:16.0514 0x1f8c  sffp_sd - ok
18:44:16.0524 0x1f8c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:44:16.0524 0x1f8c  sfloppy - ok
18:44:16.0564 0x1f8c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:44:16.0594 0x1f8c  SharedAccess - ok
18:44:16.0654 0x1f8c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:44:16.0674 0x1f8c  ShellHWDetection - ok
18:44:16.0704 0x1f8c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:44:16.0704 0x1f8c  SiSRaid2 - ok
18:44:16.0714 0x1f8c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:44:16.0724 0x1f8c  SiSRaid4 - ok
18:44:16.0804 0x1f8c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:44:16.0804 0x1f8c  SkypeUpdate - ok
18:44:16.0842 0x1f8c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:44:16.0846 0x1f8c  Smb - ok
18:44:16.0875 0x1f8c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:44:16.0887 0x1f8c  SNMPTRAP - ok
18:44:16.0936 0x1f8c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:44:16.0936 0x1f8c  spldr - ok
18:44:17.0006 0x1f8c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:44:17.0026 0x1f8c  Spooler - ok
18:44:17.0183 0x1f8c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:44:17.0325 0x1f8c  sppsvc - ok
18:44:17.0366 0x1f8c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:44:17.0370 0x1f8c  sppuinotify - ok
18:44:17.0430 0x1f8c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:44:17.0490 0x1f8c  srv - ok
18:44:17.0520 0x1f8c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:44:17.0540 0x1f8c  srv2 - ok
18:44:17.0570 0x1f8c  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:44:17.0580 0x1f8c  SrvHsfHDA - ok
18:44:17.0862 0x1f8c  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:44:17.0934 0x1f8c  SrvHsfV92 - ok
18:44:18.0066 0x1f8c  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:44:18.0128 0x1f8c  SrvHsfWinac - ok
18:44:18.0158 0x1f8c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:44:18.0158 0x1f8c  srvnet - ok
18:44:18.0198 0x1f8c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:44:18.0208 0x1f8c  SSDPSRV - ok
18:44:18.0228 0x1f8c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:44:18.0238 0x1f8c  SstpSvc - ok
18:44:18.0418 0x1f8c  [ 2185595C6663660FDC90F5A2A79E2155, DFE82CD9A8DCDA99E4B3462B15456B827D9D0BD759A5395074F146D0EE088CBE ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
18:44:18.0428 0x1f8c  STacSV - ok
18:44:18.0468 0x1f8c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:44:18.0468 0x1f8c  stexstor - ok
18:44:18.0518 0x1f8c  [ 8D1CE4322A35F840711B87927CB57C05, BE13256340AFB0B1F6FEF692CF2FEE058315BC3718E31EDA034F626458141179 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
18:44:18.0558 0x1f8c  STHDA - ok
18:44:18.0758 0x1f8c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:44:18.0778 0x1f8c  stisvc - ok
18:44:18.0831 0x1f8c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:44:18.0833 0x1f8c  swenum - ok
18:44:18.0880 0x1f8c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:44:18.0900 0x1f8c  swprv - ok
18:44:18.0951 0x1f8c  [ 924D711941956F7420A4925592BE8253, D621114FC94D9B257EC5B684B90E54B63D4078D5FC19550C2E396AE4EDD2C552 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:44:18.0952 0x1f8c  SynTP - ok
18:44:19.0054 0x1f8c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:44:19.0126 0x1f8c  SysMain - ok
18:44:19.0178 0x1f8c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:44:19.0178 0x1f8c  TabletInputService - ok
18:44:19.0218 0x1f8c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:44:19.0228 0x1f8c  TapiSrv - ok
18:44:19.0258 0x1f8c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:44:19.0258 0x1f8c  TBS - ok
18:44:19.0358 0x1f8c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:44:19.0440 0x1f8c  Tcpip - ok
18:44:19.0582 0x1f8c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:44:19.0625 0x1f8c  TCPIP6 - ok
18:44:19.0653 0x1f8c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:44:19.0659 0x1f8c  tcpipreg - ok
18:44:19.0688 0x1f8c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:44:19.0691 0x1f8c  TDPIPE - ok
18:44:19.0724 0x1f8c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:44:19.0724 0x1f8c  TDTCP - ok
18:44:19.0764 0x1f8c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:44:19.0764 0x1f8c  tdx - ok
18:44:19.0814 0x1f8c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:44:19.0824 0x1f8c  TermDD - ok
18:44:19.0854 0x1f8c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
18:44:19.0894 0x1f8c  TermService - ok
18:44:19.0914 0x1f8c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:44:19.0924 0x1f8c  Themes - ok
18:44:19.0954 0x1f8c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:44:19.0954 0x1f8c  THREADORDER - ok
18:44:19.0974 0x1f8c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:44:19.0984 0x1f8c  TrkWks - ok
18:44:20.0034 0x1f8c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:44:20.0044 0x1f8c  TrustedInstaller - ok
18:44:20.0094 0x1f8c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:44:20.0104 0x1f8c  tssecsrv - ok
18:44:20.0155 0x1f8c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:44:20.0155 0x1f8c  TsUsbFlt - ok
18:44:20.0195 0x1f8c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:44:20.0195 0x1f8c  tunnel - ok
18:44:20.0225 0x1f8c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:44:20.0225 0x1f8c  uagp35 - ok
18:44:20.0265 0x1f8c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:44:20.0285 0x1f8c  udfs - ok
18:44:20.0335 0x1f8c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:44:20.0345 0x1f8c  UI0Detect - ok
18:44:20.0375 0x1f8c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:44:20.0385 0x1f8c  uliagpkx - ok
18:44:20.0415 0x1f8c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
18:44:20.0425 0x1f8c  umbus - ok
18:44:20.0435 0x1f8c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:44:20.0435 0x1f8c  UmPass - ok
18:44:20.0475 0x1f8c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:44:20.0495 0x1f8c  upnphost - ok
18:44:20.0535 0x1f8c  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:44:20.0535 0x1f8c  USBAAPL64 - ok
18:44:20.0575 0x1f8c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:44:20.0595 0x1f8c  usbccgp - ok
18:44:20.0595 0x1f8c  USBCCID - ok
18:44:20.0635 0x1f8c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:44:20.0635 0x1f8c  usbcir - ok
18:44:20.0675 0x1f8c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:44:20.0675 0x1f8c  usbehci - ok
18:44:20.0705 0x1f8c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:44:20.0735 0x1f8c  usbhub - ok
18:44:20.0775 0x1f8c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:44:20.0775 0x1f8c  usbohci - ok
18:44:20.0805 0x1f8c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:44:20.0805 0x1f8c  usbprint - ok
18:44:20.0835 0x1f8c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
18:44:20.0835 0x1f8c  usbscan - ok
18:44:20.0885 0x1f8c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:44:20.0895 0x1f8c  USBSTOR - ok
18:44:20.0935 0x1f8c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:44:20.0935 0x1f8c  usbuhci - ok
18:44:20.0965 0x1f8c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:44:20.0975 0x1f8c  usbvideo - ok
18:44:21.0005 0x1f8c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:44:21.0015 0x1f8c  UxSms - ok
18:44:21.0035 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
18:44:21.0035 0x1f8c  VaultSvc - ok
18:44:21.0055 0x1f8c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:44:21.0055 0x1f8c  vdrvroot - ok
18:44:21.0105 0x1f8c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:44:21.0135 0x1f8c  vds - ok
18:44:21.0165 0x1f8c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:44:21.0176 0x1f8c  vga - ok
18:44:21.0198 0x1f8c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:44:21.0200 0x1f8c  VgaSave - ok
18:44:21.0237 0x1f8c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:44:21.0257 0x1f8c  vhdmp - ok
18:44:21.0287 0x1f8c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:44:21.0297 0x1f8c  viaide - ok
18:44:21.0337 0x1f8c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:44:21.0337 0x1f8c  volmgr - ok
18:44:21.0387 0x1f8c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:44:21.0397 0x1f8c  volmgrx - ok
18:44:21.0438 0x1f8c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:44:21.0454 0x1f8c  volsnap - ok
18:44:21.0479 0x1f8c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:44:21.0479 0x1f8c  vsmraid - ok
18:44:21.0579 0x1f8c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:44:21.0661 0x1f8c  VSS - ok
18:44:21.0693 0x1f8c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:44:21.0693 0x1f8c  vwifibus - ok
18:44:21.0713 0x1f8c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:44:21.0713 0x1f8c  vwififlt - ok
18:44:21.0783 0x1f8c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:44:21.0813 0x1f8c  W32Time - ok
18:44:21.0823 0x1f8c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:44:21.0823 0x1f8c  WacomPen - ok
18:44:21.0843 0x1f8c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:44:21.0843 0x1f8c  WANARP - ok
18:44:21.0853 0x1f8c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:44:21.0853 0x1f8c  Wanarpv6 - ok
18:44:22.0013 0x1f8c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:44:22.0068 0x1f8c  WatAdminSvc - ok
18:44:22.0246 0x1f8c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:44:22.0338 0x1f8c  wbengine - ok
18:44:22.0373 0x1f8c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:44:22.0380 0x1f8c  WbioSrvc - ok
18:44:22.0420 0x1f8c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:44:22.0480 0x1f8c  wcncsvc - ok
18:44:22.0500 0x1f8c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:44:22.0510 0x1f8c  WcsPlugInService - ok
18:44:22.0540 0x1f8c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:44:22.0540 0x1f8c  Wd - ok
18:44:22.0600 0x1f8c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:44:22.0640 0x1f8c  Wdf01000 - ok
18:44:22.0712 0x1f8c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:44:22.0712 0x1f8c  WdiServiceHost - ok
18:44:22.0722 0x1f8c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:44:22.0722 0x1f8c  WdiSystemHost - ok
18:44:22.0752 0x1f8c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:44:22.0772 0x1f8c  WebClient - ok
18:44:22.0782 0x1f8c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:44:22.0792 0x1f8c  Wecsvc - ok
18:44:22.0815 0x1f8c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:44:22.0821 0x1f8c  wercplsupport - ok
18:44:22.0834 0x1f8c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:44:22.0834 0x1f8c  WerSvc - ok
18:44:22.0854 0x1f8c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:44:22.0854 0x1f8c  WfpLwf - ok
18:44:22.0874 0x1f8c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:44:22.0874 0x1f8c  WIMMount - ok
18:44:22.0894 0x1f8c  WinDefend - ok
18:44:22.0924 0x1f8c  WinHttpAutoProxySvc - ok
18:44:22.0996 0x1f8c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:44:23.0006 0x1f8c  Winmgmt - ok
18:44:23.0096 0x1f8c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:44:23.0188 0x1f8c  WinRM - ok
18:44:23.0227 0x1f8c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:44:23.0230 0x1f8c  WinUsb - ok
18:44:23.0270 0x1f8c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:44:23.0322 0x1f8c  Wlansvc - ok
18:44:23.0524 0x1f8c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:44:23.0628 0x1f8c  wlidsvc - ok
18:44:23.0668 0x1f8c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:44:23.0668 0x1f8c  WmiAcpi - ok
18:44:23.0728 0x1f8c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:44:23.0728 0x1f8c  wmiApSrv - ok
18:44:23.0788 0x1f8c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:44:23.0798 0x1f8c  WPCSvc - ok
18:44:23.0828 0x1f8c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:44:23.0838 0x1f8c  WPDBusEnum - ok
18:44:23.0868 0x1f8c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:44:23.0868 0x1f8c  ws2ifsl - ok
18:44:23.0888 0x1f8c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:44:23.0888 0x1f8c  wscsvc - ok
18:44:23.0898 0x1f8c  WSearch - ok
18:44:24.0337 0x1f8c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:44:24.0433 0x1f8c  wuauserv - ok
18:44:24.0505 0x1f8c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:44:24.0505 0x1f8c  WudfPf - ok
18:44:24.0545 0x1f8c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:44:24.0555 0x1f8c  WUDFRd - ok
18:44:24.0605 0x1f8c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:44:24.0605 0x1f8c  wudfsvc - ok
18:44:24.0655 0x1f8c  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:44:24.0665 0x1f8c  WwanSvc - ok
18:44:24.0745 0x1f8c  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
18:44:24.0755 0x1f8c  yukonw7 - ok
18:44:24.0765 0x1f8c  ================ Scan global ===============================
18:44:24.0835 0x1f8c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:44:24.0875 0x1f8c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:44:24.0895 0x1f8c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:44:24.0947 0x1f8c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:44:24.0977 0x1f8c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:44:24.0997 0x1f8c  [ Global ] - ok
18:44:24.0997 0x1f8c  ================ Scan MBR ==================================
18:44:25.0017 0x1f8c  [ 775BA290D665A2E7E22923D1AF9171FA ] \Device\Harddisk0\DR0
18:44:27.0762 0x1f8c  \Device\Harddisk0\DR0 - ok
18:44:27.0762 0x1f8c  ================ Scan VBR ==================================
18:44:27.0772 0x1f8c  [ 89F05D60B0F49EE888BA15605C413302 ] \Device\Harddisk0\DR0\Partition1
18:44:27.0782 0x1f8c  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
18:44:27.0782 0x1f8c  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
18:44:30.0495 0x1f8c  [ 48D19DA73CE8384FBFDB605E19329507 ] \Device\Harddisk0\DR0\Partition2
18:44:30.0495 0x1f8c  \Device\Harddisk0\DR0\Partition2 - ok
18:44:30.0545 0x1f8c  [ 39FAB054193AA4910999E182017679D7 ] \Device\Harddisk0\DR0\Partition3
18:44:30.0555 0x1f8c  \Device\Harddisk0\DR0\Partition3 - ok
18:44:30.0555 0x1f8c  ================ Scan generic autorun ======================
18:44:30.0555 0x1f8c  SynTPEnh - ok
18:44:30.0685 0x1f8c  [ 4C590463E5B60310DBE660686C6CCF7B, 01CF341CEF85799ADDBA7BE256A07C9689A0E53E7151794688153E5BD48EF721 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
18:44:30.0718 0x1f8c  SmartMenu - ok
18:44:30.0929 0x1f8c  [ A0DD3037E2DC702A7BED6C3CC2DB8FA6, 709BB80726403C2F1807BE6D766AAD8F7F7F86939804D88A60ED91DFCD76A608 ] C:\Program Files\Java\jre6\bin\jusched.exe
18:44:30.0939 0x1f8c  SunJavaUpdateSched - ok
18:44:31.0089 0x1f8c  [ 6BC64CE19C27496F06A18F87D543E01E, 272EF491FC32DA65775071750CB51955BD697686ABE17A712A864CD518EA2ED8 ] C:\Program Files\IDT\WDM\sttray64.exe
18:44:31.0161 0x1f8c  SysTrayApp - ok
18:44:31.0181 0x1f8c  [ 2EE7EAFCBA41850EA3F00EF5E7C4A549, 4A5D15892E16697695ECDD5074BACE330719E107BADE80236E7B2E9A6BC81814 ] C:\Windows\system32\igfxtray.exe
18:44:31.0191 0x1f8c  IgfxTray - ok
18:44:31.0241 0x1f8c  [ 53F7D5AD43AC7328B68EF44B3E7C728A, 19EE335166CE71051EE6FF2C9463D549B919CFF9CDE967249A7A9F78FD6A5A69 ] C:\Windows\system32\hkcmd.exe
18:44:31.0281 0x1f8c  HotKeysCmds - ok
18:44:31.0301 0x1f8c  [ 76995B82E6DDD83E7DCA85289DE5B5F0, A4AB0AC1677C44241DF201B025E6EB697E31438D97DEC8D34A3DABA7FC1DE647 ] C:\Windows\system32\igfxpers.exe
18:44:31.0311 0x1f8c  Persistence - ok
18:44:31.0361 0x1f8c  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
18:44:31.0371 0x1f8c  IAAnotif - ok
18:44:31.0601 0x1f8c  [ C29DAF54DEC7253221C88787E64075E7, 9B5C95CAB7166AE1C9466C67AC28214BEEC31F23E27473ADD1EC65E99747F11A ] C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
18:44:31.0651 0x1f8c  dleamon.exe - ok
18:44:31.0671 0x1f8c  [ 939EB7ECC20709F129495E73D3A7FBE0, 1BB868EC4A970B2A809A3BC7281064B7B5B824D4A19FA3D5D10033482B6C7622 ] C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
18:44:31.0671 0x1f8c  EzPrint - ok
18:44:31.0723 0x1f8c  [ A29FB20F296785AE53AC3B75E14580A7, 0E4280CE4243801B7014DD676791FD6785A973CF75CDD4D98DE02D1DD6776DF5 ] C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe
18:44:31.0733 0x1f8c  dlcxmon.exe - ok
18:44:31.0753 0x1f8c  [ FDFCEB274F8B4F56F7BAD7D93A141BF5, 01B8ED517CBC8120C6807F2FE35187967081AA8BD1B4EB292912CA07E02E0ACE ] C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe
18:44:31.0765 0x1f8c  MemoryCardManager - ok
18:44:31.0771 0x1f8c  DLCXCATS - ok
18:44:31.0985 0x1f8c  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] c:\Program Files\Microsoft Security Client\msseces.exe
18:44:32.0033 0x1f8c  MSC - ok
18:44:32.0117 0x1f8c  [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
18:44:32.0127 0x1f8c  HPCam_Menu - ok
18:44:32.0177 0x1f8c  [ 8F89E6CB82E6DB45BC993D423CD0FDBD, 254DD6E7EBCD1BAEE8DB5AD34451B66241DCCE6496D440400DA092C9C867F165 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
18:44:32.0187 0x1f8c  QlbCtrl.exe - ok
18:44:32.0247 0x1f8c  [ E8F915D5140A75ABFF036BBF9D0941AD, CACAF7542A1616C43929435BC71797636A2829595967B255F856A146B63A1B2C ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
18:44:32.0267 0x1f8c  NortonOnlineBackupReminder - ok
18:44:32.0547 0x1f8c  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe
18:44:32.0557 0x1f8c  UpdatePRCShortCut - ok
18:44:32.0627 0x1f8c  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
18:44:32.0637 0x1f8c  HP Software Update - ok
18:44:32.0727 0x1f8c  [ DA4ED31DD43ABB0AF99888E236FFDB91, EFB8639A4854A8CB1516639DD032ADFD5AE58082880078115EE1AFB71C9696AF ] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
18:44:32.0737 0x1f8c  WirelessAssistant - ok
18:44:32.0857 0x1f8c  [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:44:32.0857 0x1f8c  APSDaemon - ok
18:44:32.0997 0x1f8c  [ 03F97E186684BE24F7CC9D1CC107502D, EF041F0EC252D31FEFA26235E1EC33C011CFB3FD1B56A71649D3DF12AD7CC7D9 ] C:\Program Files (x86)\Dell PC Fax\fm3032.exe
18:44:33.0027 0x1f8c  FaxCenterServer - ok
18:44:33.0117 0x1f8c  [ 916A2C4EB028604783FD5EA169236C1D, C97DAA1BE5C912DDCEDBA7619631BB98F4A9B32B1E40C5374A64E25305E0A1C4 ] C:\Program Files (x86)\QuickTime\QTTask.exe
18:44:33.0127 0x1f8c  QuickTime Task - ok
18:44:33.0187 0x1f8c  [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:44:33.0197 0x1f8c  iTunesHelper - ok
18:44:33.0247 0x1f8c  CitrixReceiver - ok
18:44:33.0397 0x1f8c  [ 2EBE05FD8ECBA5F230FC26E534E91A11, B8E85D51BD4E6C0D4D447DFA327EAA0AE4A33F04F42063A58122153933C1770E ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
18:44:33.0417 0x1f8c  ConnectionCenter - ok
18:44:33.0447 0x1f8c  [ 17D9622BFE68386E8C647C4C7F8FEA3E, 50F943F2E47512DCE61A9EBB188361CB71CACC74D9397FA1367AB7112F2C7A09 ] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
18:44:33.0457 0x1f8c  Redirector - ok
18:44:33.0597 0x1f8c  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:44:33.0637 0x1f8c  Adobe ARM - ok
18:44:33.0697 0x1f8c  [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
18:44:33.0697 0x1f8c  Adobe Reader Speed Launcher - ok
18:44:33.0847 0x1f8c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:44:33.0919 0x1f8c  Sidebar - ok
18:44:33.0957 0x1f8c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:44:33.0962 0x1f8c  mctadmin - ok
18:44:34.0001 0x1f8c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:44:34.0032 0x1f8c  Sidebar - ok
18:44:34.0042 0x1f8c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:44:34.0045 0x1f8c  mctadmin - ok
18:44:34.0253 0x1f8c  [ F6491E5B1CB23E76F01B3417FC5D32D0, 4166FFAB11F132C825A4FBC32F4C684DD5D359451451E652EC459C6DA9528727 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
18:44:34.0315 0x1f8c  HPADVISOR - ok
18:44:34.0631 0x1f8c  [ 5B5CED2419E0167FA5B4BE42125BC7AC, 1631D8B1D0EC21E76506772EC141321B63C8BE628EEA4F0C78DB747AD432472E ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
18:44:34.0733 0x1f8c  LightScribe Control Panel - ok
18:44:34.0741 0x1f8c  Waiting for KSN requests completion. In queue: 32
18:44:35.0741 0x1f8c  Waiting for KSN requests completion. In queue: 32
18:44:36.0741 0x1f8c  Waiting for KSN requests completion. In queue: 32
18:44:37.0763 0x1f8c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
18:44:37.0835 0x1f8c  Win FW state via NFP2: enabled
18:44:40.0342 0x1f8c  ============================================================
18:44:40.0342 0x1f8c  Scan finished
18:44:40.0342 0x1f8c  ============================================================
18:44:40.0355 0x1a24  Detected object count: 3
18:44:40.0355 0x1a24  Actual detected object count: 3
18:44:58.0449 0x1a24  C:\Windows\system32\rpcss.dll - copied to quarantine
18:47:51.0654 0x1a24  Backup copy found through SCO, using it..
18:47:51.0936 0x1a24  C:\Windows\system32\rpcss.dll - will be cured on reboot
18:47:51.0939 0x1a24  DcomLaunch ( Trojan.Win64.Patched.bj ) - User select action: Cure
18:47:52.0022 0x1a24  C:\Windows\system32\rpcss.dll - copied to quarantine
18:48:00.0354 0x1a24  Backup copy found through SCO, using it..
18:48:00.0424 0x1a24  C:\Windows\system32\rpcss.dll - will be cured on reboot
18:48:00.0424 0x1a24  RpcSs ( Trojan.Win64.Patched.bj ) - User select action: Cure
18:48:00.0464 0x1a24  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
18:48:01.0124 0x1a24  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
18:48:01.0154 0x1a24  \Device\Harddisk0\DR0\Partition1 - ok
18:48:01.0154 0x1a24  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
18:48:01.0324 0x1a24  KLMD registered as C:\Windows\system32\drivers\59916151.sys
18:48:09.0900 0x0d0c  Deinitialize success

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



#12 vzyfl1

vzyfl1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 25 June 2014 - 08:58 PM

Scans Continued.....

 

TDSSKiller results after reboot:

18:42:58.0635 0x19b0  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
18:43:04.0594 0x19b0  ============================================================
18:43:04.0594 0x19b0  Current date / time: 2014/06/25 18:43:04.0594
18:43:04.0594 0x19b0  SystemInfo:
18:43:04.0594 0x19b0  
18:43:04.0594 0x19b0  OS Version: 6.1.7601 ServicePack: 1.0
18:43:04.0594 0x19b0  Product type: Workstation
18:43:04.0594 0x19b0  ComputerName: RACHEL-PC
18:43:04.0595 0x19b0  UserName: Scott
18:43:04.0595 0x19b0  Windows directory: C:\Windows
18:43:04.0595 0x19b0  System windows directory: C:\Windows
18:43:04.0595 0x19b0  Running under WOW64
18:43:04.0595 0x19b0  Processor architecture: Intel x64
18:43:04.0595 0x19b0  Number of processors: 2
18:43:04.0595 0x19b0  Page size: 0x1000
18:43:04.0595 0x19b0  Boot type: Normal boot
18:43:04.0595 0x19b0  ============================================================
18:43:06.0064 0x19b0  KLMD registered as C:\Windows\system32\drivers\96139779.sys
18:43:07.0680 0x19b0  System UUID: {A68CA5DA-2F86-800D-FBDC-61AF6ED55732}
18:43:15.0646 0x19b0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:43:15.0665 0x19b0  ============================================================
18:43:15.0665 0x19b0  \Device\Harddisk0\DR0:
18:43:15.0665 0x19b0  MBR partitions:
18:43:15.0665 0x19b0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
18:43:15.0665 0x19b0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x3899B000
18:43:15.0665 0x19b0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x389FF000, BlocksNum 0x1986800
18:43:15.0665 0x19b0  ============================================================
18:43:15.0685 0x19b0  C: <-> \Device\Harddisk0\DR0\Partition2
18:43:15.0862 0x19b0  D: <-> \Device\Harddisk0\DR0\Partition3
18:43:15.0863 0x19b0  ============================================================
18:43:15.0863 0x19b0  Initialize success
18:43:15.0863 0x19b0  ============================================================
18:43:19.0178 0x1f8c  ============================================================
18:43:19.0178 0x1f8c  Scan started
18:43:19.0178 0x1f8c  Mode: Manual;
18:43:19.0178 0x1f8c  ============================================================
18:43:19.0178 0x1f8c  KSN ping started
18:43:23.0664 0x1f8c  KSN ping finished: true
18:43:31.0030 0x1f8c  ================ Scan system memory ========================
18:43:31.0030 0x1f8c  System memory - ok
18:43:31.0033 0x1f8c  ================ Scan services =============================
18:43:31.0310 0x1f8c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:43:31.0319 0x1f8c  1394ohci - ok
18:43:31.0363 0x1f8c  [ 1CFFE9C06E66A57DAE1452E449A58240, F337852EEF9DCF33FB1B85EEF61FA8D28A780B13488B144DFAD2234FC24CB430 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
18:43:31.0374 0x1f8c  Accelerometer - ok
18:43:31.0418 0x1f8c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:43:31.0436 0x1f8c  ACPI - ok
18:43:31.0475 0x1f8c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:43:31.0583 0x1f8c  AcpiPmi - ok
18:43:31.0752 0x1f8c  [ 4451CC2275B04043EC2BCC757AF97291, A07781C5C9AD344BF2B5F8E7ED0ACD804113B6BC02D082717E493768E6ABC393 ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
18:43:31.0760 0x1f8c  AdobeActiveFileMonitor8.0 - ok
18:43:32.0204 0x1f8c  [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:43:32.0262 0x1f8c  AdobeFlashPlayerUpdateSvc - ok
18:43:32.0333 0x1f8c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:43:32.0399 0x1f8c  adp94xx - ok
18:43:32.0485 0x1f8c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:43:32.0704 0x1f8c  adpahci - ok
18:43:32.0736 0x1f8c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:43:32.0835 0x1f8c  adpu320 - ok
18:43:32.0874 0x1f8c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:43:32.0877 0x1f8c  AeLookupSvc - ok
18:43:33.0056 0x1f8c  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\AESTSr64.exe
18:43:33.0124 0x1f8c  AESTFilters - ok
18:43:33.0294 0x1f8c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
18:43:33.0488 0x1f8c  AFD - ok
18:43:35.0293 0x1f8c  [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
18:43:35.0343 0x1f8c  AgereModemAudio - ok
18:43:35.0439 0x1f8c  [ AF4748EF93416159459769A24A0053AF, AE1C4E67E7555066436112C5A090DC5B49B264E3BA3ECF4CE2F1E9B799089B7D ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
18:43:35.0505 0x1f8c  AgereSoftModem - ok
18:43:35.0612 0x1f8c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:43:35.0652 0x1f8c  agp440 - ok
18:43:35.0681 0x1f8c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:43:35.0731 0x1f8c  ALG - ok
18:43:35.0866 0x1f8c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:43:35.0874 0x1f8c  aliide - ok
18:43:35.0912 0x1f8c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:43:36.0054 0x1f8c  amdide - ok
18:43:36.0094 0x1f8c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:43:36.0135 0x1f8c  AmdK8 - ok
18:43:36.0189 0x1f8c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:43:36.0206 0x1f8c  AmdPPM - ok
18:43:36.0237 0x1f8c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:43:36.0247 0x1f8c  amdsata - ok
18:43:36.0304 0x1f8c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:43:36.0333 0x1f8c  amdsbs - ok
18:43:36.0445 0x1f8c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:43:36.0571 0x1f8c  amdxata - ok
18:43:36.0605 0x1f8c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
18:43:36.0611 0x1f8c  AppID - ok
18:43:36.0644 0x1f8c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:43:36.0744 0x1f8c  AppIDSvc - ok
18:43:36.0776 0x1f8c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:43:36.0783 0x1f8c  Appinfo - ok
18:43:36.0946 0x1f8c  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:43:36.0983 0x1f8c  Apple Mobile Device - ok
18:43:37.0053 0x1f8c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:43:37.0117 0x1f8c  arc - ok
18:43:37.0126 0x1f8c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:43:37.0132 0x1f8c  arcsas - ok
18:43:37.0310 0x1f8c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:43:37.0360 0x1f8c  aspnet_state - ok
18:43:37.0463 0x1f8c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:43:37.0487 0x1f8c  AsyncMac - ok
18:43:37.0557 0x1f8c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:43:37.0640 0x1f8c  atapi - ok
18:43:38.0005 0x1f8c  [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys
18:43:38.0354 0x1f8c  atikmdag - ok
18:43:38.0697 0x1f8c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:43:38.0827 0x1f8c  AudioEndpointBuilder - ok
18:43:38.0864 0x1f8c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:43:38.0883 0x1f8c  AudioSrv - ok
18:43:38.0928 0x1f8c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:43:38.0936 0x1f8c  AxInstSV - ok
18:43:39.0048 0x1f8c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:43:39.0098 0x1f8c  b06bdrv - ok
18:43:39.0183 0x1f8c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:43:39.0253 0x1f8c  b57nd60a - ok
18:43:39.0355 0x1f8c  [ 2ED050291BC1D7F9E322E328DB3AAECF, 906DB2E9A8020EDB33C9732C7BA2474D6600C9B14537AAD4EBFE924A7801794B ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:43:39.0371 0x1f8c  BBSvc - ok
18:43:39.0404 0x1f8c  [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:43:39.0414 0x1f8c  BBUpdate - ok
18:43:39.0478 0x1f8c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:43:39.0543 0x1f8c  BDESVC - ok
18:43:39.0739 0x1f8c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:43:39.0766 0x1f8c  Beep - ok
18:43:39.0822 0x1f8c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:43:39.0991 0x1f8c  BFE - ok
18:43:40.0035 0x1f8c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:43:40.0193 0x1f8c  BITS - ok
18:43:40.0231 0x1f8c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:43:40.0275 0x1f8c  blbdrive - ok
18:43:40.0354 0x1f8c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:43:40.0398 0x1f8c  Bonjour Service - ok
18:43:40.0463 0x1f8c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:43:40.0547 0x1f8c  bowser - ok
18:43:40.0575 0x1f8c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:43:40.0581 0x1f8c  BrFiltLo - ok
18:43:40.0611 0x1f8c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:43:40.0629 0x1f8c  BrFiltUp - ok
18:43:40.0665 0x1f8c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:43:40.0676 0x1f8c  Browser - ok
18:43:40.0701 0x1f8c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:43:40.0767 0x1f8c  Brserid - ok
18:43:40.0790 0x1f8c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:43:40.0797 0x1f8c  BrSerWdm - ok
18:43:40.0816 0x1f8c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:43:40.0903 0x1f8c  BrUsbMdm - ok
18:43:40.0923 0x1f8c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:43:41.0080 0x1f8c  BrUsbSer - ok
18:43:41.0107 0x1f8c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:43:41.0195 0x1f8c  BTHMODEM - ok
18:43:41.0230 0x1f8c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:43:41.0264 0x1f8c  bthserv - ok
18:43:41.0323 0x1f8c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:43:41.0350 0x1f8c  cdfs - ok
18:43:41.0411 0x1f8c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
18:43:41.0469 0x1f8c  cdrom - ok
18:43:41.0506 0x1f8c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:43:41.0569 0x1f8c  CertPropSvc - ok
18:43:41.0625 0x1f8c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:43:41.0666 0x1f8c  circlass - ok
18:43:41.0725 0x1f8c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:43:41.0742 0x1f8c  CLFS - ok
18:43:41.0784 0x1f8c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:43:41.0791 0x1f8c  clr_optimization_v2.0.50727_32 - ok
18:43:41.0830 0x1f8c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:43:41.0976 0x1f8c  clr_optimization_v2.0.50727_64 - ok
18:43:42.0057 0x1f8c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:43:42.0241 0x1f8c  clr_optimization_v4.0.30319_32 - ok
18:43:42.0250 0x1f8c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:43:42.0340 0x1f8c  clr_optimization_v4.0.30319_64 - ok
18:43:42.0372 0x1f8c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:43:42.0380 0x1f8c  CmBatt - ok
18:43:42.0409 0x1f8c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:43:42.0444 0x1f8c  cmdide - ok
18:43:42.0621 0x1f8c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
18:43:42.0673 0x1f8c  CNG - ok
18:43:42.0798 0x1f8c  [ F9A79C5B27037821112C50A9C8FB367A, D9990AE1A0CA767E54C9D3FD2C6EA2A068DFD5A270102E915F71648A0C59097B ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
18:43:42.0815 0x1f8c  Com4QLBEx - ok
18:43:42.0839 0x1f8c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:43:42.0844 0x1f8c  Compbatt - ok
18:43:42.0882 0x1f8c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:43:42.0898 0x1f8c  CompositeBus - ok
18:43:42.0903 0x1f8c  COMSysApp - ok
18:43:42.0935 0x1f8c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:43:42.0939 0x1f8c  crcdisk - ok
18:43:42.0982 0x1f8c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:43:42.0998 0x1f8c  CryptSvc - ok
18:43:43.0083 0x1f8c  [ A193FAE9BF40D981C3094252B17DE601, 585E9F48676DA26DBD30398E4D0E33378D25CB726EFA973E48B69F31C96A6E4E ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
18:43:43.0087 0x1f8c  ctxusbm - ok
18:43:43.0186 0x1f8c  [ 68DEC7EE9423080ACC23DC17BFF51D14, CF52F8BDD2B73D7C76D2DFF313A15ADFBD74D30E430D2CD0A5B0F9D1C8BD4C36 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:43:43.0227 0x1f8c  DcomLaunch - detected Trojan.Win64.Patched.bj ( 0 )
18:43:46.0522 0x1f8c  DcomLaunch ( Trojan.Win64.Patched.bj ) - infected
18:43:46.0522 0x1f8c  Force sending object to P2P due to detect: DcomLaunch
18:43:49.0298 0x1f8c  Object send P2P result: true
18:43:51.0898 0x1f8c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:43:51.0909 0x1f8c  defragsvc - ok
18:43:51.0939 0x1f8c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:43:51.0949 0x1f8c  DfsC - ok
18:43:51.0989 0x1f8c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:43:52.0009 0x1f8c  Dhcp - ok
18:43:52.0029 0x1f8c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:43:52.0029 0x1f8c  discache - ok
18:43:52.0059 0x1f8c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:43:52.0059 0x1f8c  Disk - ok
18:43:52.0079 0x1f8c  dlcx_device - ok
18:43:52.0149 0x1f8c  [ E0D525515537E60ABA8F3E29209F02E8, A543BE206721CDDAB9D45FF0D91AFFE849584A035B09174DCF3223FB03644497 ] dleaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe
18:43:52.0177 0x1f8c  dleaCATSCustConnectService - ok
18:43:52.0183 0x1f8c  dlea_device - ok
18:43:52.0211 0x1f8c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:43:52.0221 0x1f8c  Dnscache - ok
18:43:52.0251 0x1f8c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:43:52.0261 0x1f8c  dot3svc - ok
18:43:52.0301 0x1f8c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:43:52.0331 0x1f8c  DPS - ok
18:43:52.0601 0x1f8c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:43:52.0601 0x1f8c  drmkaud - ok
18:43:52.0673 0x1f8c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:43:52.0743 0x1f8c  DXGKrnl - ok
18:43:52.0855 0x1f8c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:43:52.0855 0x1f8c  EapHost - ok
18:43:52.0985 0x1f8c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:43:53.0138 0x1f8c  ebdrv - ok
18:43:53.0196 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
18:43:53.0204 0x1f8c  EFS - ok
18:43:53.0271 0x1f8c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:43:53.0301 0x1f8c  ehRecvr - ok
18:43:53.0363 0x1f8c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:43:53.0373 0x1f8c  ehSched - ok
18:43:53.0413 0x1f8c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:43:53.0441 0x1f8c  elxstor - ok
18:43:53.0467 0x1f8c  [ 524C79054636D2E5751169005006460B, 1EBA5972E13C5BB07BBD94D6647B86469B4910F60A3C8BDDC6BB5736EF99C9C3 ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
18:43:53.0492 0x1f8c  enecir - ok
18:43:53.0515 0x1f8c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:43:53.0535 0x1f8c  ErrDev - ok
18:43:53.0588 0x1f8c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:43:53.0611 0x1f8c  EventSystem - ok
18:43:53.0637 0x1f8c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:43:53.0643 0x1f8c  exfat - ok
18:43:53.0674 0x1f8c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:43:53.0683 0x1f8c  fastfat - ok
18:43:53.0737 0x1f8c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:43:53.0782 0x1f8c  Fax - ok
18:43:53.0829 0x1f8c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:43:53.0829 0x1f8c  fdc - ok
18:43:53.0839 0x1f8c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:43:53.0839 0x1f8c  fdPHost - ok
18:43:53.0849 0x1f8c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:43:53.0859 0x1f8c  FDResPub - ok
18:43:53.0879 0x1f8c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:43:53.0947 0x1f8c  FileInfo - ok
18:43:53.0963 0x1f8c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:43:53.0966 0x1f8c  Filetrace - ok
18:43:54.0011 0x1f8c  [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:43:54.0051 0x1f8c  FLEXnet Licensing Service - ok
18:43:54.0123 0x1f8c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:43:54.0133 0x1f8c  flpydisk - ok
18:43:54.0153 0x1f8c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:43:54.0163 0x1f8c  FltMgr - ok
18:43:54.0238 0x1f8c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
18:43:54.0315 0x1f8c  FontCache - ok
18:43:54.0383 0x1f8c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:43:54.0391 0x1f8c  FontCache3.0.0.0 - ok
18:43:54.0417 0x1f8c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:43:54.0417 0x1f8c  FsDepends - ok
18:43:54.0437 0x1f8c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:43:54.0437 0x1f8c  Fs_Rec - ok
18:43:54.0472 0x1f8c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:43:54.0480 0x1f8c  fvevol - ok
18:43:54.0500 0x1f8c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:43:54.0506 0x1f8c  gagp30kx - ok
18:43:54.0570 0x1f8c  [ C44D560E441F091EA3B72F778EC60DE2, 1F90BA0E98C436B98BF6B0BC93146B52C081DF374424E2DCA270316D508A59B2 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
18:43:54.0580 0x1f8c  GameConsoleService - ok
18:43:54.0611 0x1f8c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:43:54.0614 0x1f8c  GEARAspiWDM - ok
18:43:54.0666 0x1f8c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:43:54.0719 0x1f8c  gpsvc - ok
18:43:54.0820 0x1f8c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:43:54.0826 0x1f8c  gupdate - ok
18:43:54.0860 0x1f8c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:43:54.0860 0x1f8c  gupdatem - ok
18:43:54.0890 0x1f8c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:43:54.0963 0x1f8c  gusvc - ok
18:43:55.0010 0x1f8c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:43:55.0015 0x1f8c  hcw85cir - ok
18:43:55.0084 0x1f8c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:43:55.0101 0x1f8c  HdAudAddService - ok
18:43:55.0120 0x1f8c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:43:55.0125 0x1f8c  HDAudBus - ok
18:43:55.0141 0x1f8c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:43:55.0144 0x1f8c  HidBatt - ok
18:43:55.0167 0x1f8c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:43:55.0172 0x1f8c  HidBth - ok
18:43:55.0233 0x1f8c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:43:55.0236 0x1f8c  HidIr - ok
18:43:55.0255 0x1f8c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:43:55.0259 0x1f8c  hidserv - ok
18:43:55.0296 0x1f8c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:43:55.0315 0x1f8c  HidUsb - ok
18:43:55.0345 0x1f8c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:43:55.0349 0x1f8c  hkmsvc - ok
18:43:55.0394 0x1f8c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:43:55.0402 0x1f8c  HomeGroupListener - ok
18:43:55.0439 0x1f8c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:43:55.0448 0x1f8c  HomeGroupProvider - ok
18:43:55.0520 0x1f8c  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
18:43:55.0528 0x1f8c  HP Support Assistant Service - ok
18:43:55.0554 0x1f8c  [ 05712FDDBD45A5864EB326FAABC6A4E3, 8BACA990971A331E6EC7F896EF2404F09E381DAA3519FC6E3027C0DBD991BA7F ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
18:43:55.0557 0x1f8c  hpdskflt - ok
18:43:55.0572 0x1f8c  [ 9AF482D058BE59CC28BCE52E7C4B747C, 2D150CD0C82B575CDE2E1B3941FD72EFCB254850D6FF1D7C40D3B29643018EFF ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
18:43:55.0575 0x1f8c  HpqKbFiltr - ok
18:43:55.0661 0x1f8c  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
18:43:55.0713 0x1f8c  hpqwmiex - ok
18:43:55.0761 0x1f8c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:43:55.0810 0x1f8c  HpSAMD - ok
18:43:55.0824 0x1f8c  [ AA036CC5F5221D9B915F4D4DCE74BA9A, B90B9F7753B45387AD56A7CE1365BEBC9EB67011B6D2F8C785717942133775AA ] hpsrv           C:\Windows\system32\Hpservice.exe
18:43:55.0882 0x1f8c  hpsrv - ok
18:43:55.0972 0x1f8c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:43:56.0012 0x1f8c  HTTP - ok
18:43:56.0053 0x1f8c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:43:56.0055 0x1f8c  hwpolicy - ok
18:43:56.0074 0x1f8c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:43:56.0084 0x1f8c  i8042prt - ok
18:43:56.0154 0x1f8c  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:43:56.0184 0x1f8c  IAANTMON - ok
18:43:56.0266 0x1f8c  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:43:56.0276 0x1f8c  iaStor - ok
18:43:56.0328 0x1f8c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:43:56.0348 0x1f8c  iaStorV - ok
18:43:56.0430 0x1f8c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:43:56.0480 0x1f8c  idsvc - ok
18:43:56.0530 0x1f8c  IEEtwCollectorService - ok
18:43:57.0171 0x1f8c  [ 3C3F27002ABC69C5AFE29CBE6CF7ADDF, 1543345ED76F0FEF907A32E0838F8B01F0FB361565B13ADD34F552FF48D38DD6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:43:57.0419 0x1f8c  igfx - ok
18:43:57.0556 0x1f8c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:43:57.0566 0x1f8c  iirsp - ok
18:43:57.0626 0x1f8c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:43:57.0676 0x1f8c  IKEEXT - ok
18:43:57.0748 0x1f8c  [ 88A20FA54C73DED4E8DAC764E9130AE9, BBD9C8D12063F0A464FE0C48C6913A772EF5A5DCB8A00EBD37E494DCB752A5FF ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
18:43:57.0758 0x1f8c  IntcHdmiAddService - ok
18:43:57.0788 0x1f8c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:43:57.0798 0x1f8c  intelide - ok
18:43:57.0818 0x1f8c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:43:57.0818 0x1f8c  intelppm - ok
18:43:57.0838 0x1f8c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:43:57.0848 0x1f8c  IPBusEnum - ok
18:43:57.0888 0x1f8c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:43:57.0888 0x1f8c  IpFilterDriver - ok
18:43:57.0928 0x1f8c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:43:57.0958 0x1f8c  iphlpsvc - ok
18:43:57.0999 0x1f8c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:43:58.0002 0x1f8c  IPMIDRV - ok
18:43:58.0040 0x1f8c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:43:58.0040 0x1f8c  IPNAT - ok
18:43:58.0100 0x1f8c  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:43:58.0130 0x1f8c  iPod Service - ok
18:43:58.0147 0x1f8c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:43:58.0150 0x1f8c  IRENUM - ok
18:43:58.0165 0x1f8c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:43:58.0167 0x1f8c  isapnp - ok
18:43:58.0192 0x1f8c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:43:58.0212 0x1f8c  iScsiPrt - ok
18:43:58.0232 0x1f8c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
18:43:58.0242 0x1f8c  kbdclass - ok
18:43:58.0284 0x1f8c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
18:43:58.0294 0x1f8c  kbdhid - ok
18:43:58.0304 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
18:43:58.0304 0x1f8c  KeyIso - ok
18:43:58.0334 0x1f8c  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:43:58.0344 0x1f8c  KSecDD - ok
18:43:58.0354 0x1f8c  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:43:58.0364 0x1f8c  KSecPkg - ok
18:43:58.0384 0x1f8c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:43:58.0384 0x1f8c  ksthunk - ok
18:43:58.0414 0x1f8c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:43:58.0434 0x1f8c  KtmRm - ok
18:43:58.0484 0x1f8c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:43:58.0494 0x1f8c  LanmanServer - ok
18:43:58.0524 0x1f8c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:43:58.0534 0x1f8c  LanmanWorkstation - ok
18:43:58.0614 0x1f8c  [ C2E324014D54DAA2B5A4DE47CB696FD8, 10D4A6ACBC194ABDFAD8C94DC4742DEA056177A2B8706494A13EBF7C23C87D21 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
18:43:58.0706 0x1f8c  LightScribeService - ok
18:43:58.0726 0x1f8c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:43:58.0726 0x1f8c  lltdio - ok
18:43:58.0756 0x1f8c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:43:58.0766 0x1f8c  lltdsvc - ok
18:43:58.0786 0x1f8c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:43:58.0786 0x1f8c  lmhosts - ok
18:43:58.0816 0x1f8c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:43:58.0826 0x1f8c  LSI_FC - ok
18:43:58.0836 0x1f8c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:43:58.0836 0x1f8c  LSI_SAS - ok
18:43:58.0856 0x1f8c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:43:58.0856 0x1f8c  LSI_SAS2 - ok
18:43:58.0866 0x1f8c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:43:58.0866 0x1f8c  LSI_SCSI - ok
18:43:58.0896 0x1f8c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:43:58.0896 0x1f8c  luafv - ok
18:43:58.0926 0x1f8c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:43:58.0926 0x1f8c  Mcx2Svc - ok
18:43:58.0946 0x1f8c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:43:58.0966 0x1f8c  megasas - ok
18:43:58.0987 0x1f8c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:43:58.0997 0x1f8c  MegaSR - ok
18:43:58.0998 0x1f8c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:43:59.0018 0x1f8c  MMCSS - ok
18:43:59.0028 0x1f8c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:43:59.0028 0x1f8c  Modem - ok
18:43:59.0038 0x1f8c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:43:59.0048 0x1f8c  monitor - ok
18:43:59.0078 0x1f8c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:43:59.0078 0x1f8c  mouclass - ok
18:43:59.0098 0x1f8c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:43:59.0108 0x1f8c  mouhid - ok
18:43:59.0168 0x1f8c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:43:59.0178 0x1f8c  mountmgr - ok
18:43:59.0228 0x1f8c  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:43:59.0288 0x1f8c  MozillaMaintenance - ok
18:43:59.0358 0x1f8c  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
18:43:59.0368 0x1f8c  MpFilter - ok
18:43:59.0398 0x1f8c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:43:59.0408 0x1f8c  mpio - ok
18:43:59.0428 0x1f8c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:43:59.0438 0x1f8c  mpsdrv - ok
18:43:59.0498 0x1f8c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:43:59.0558 0x1f8c  MpsSvc - ok
18:43:59.0620 0x1f8c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:43:59.0630 0x1f8c  MRxDAV - ok
18:43:59.0660 0x1f8c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:43:59.0670 0x1f8c  mrxsmb - ok
18:43:59.0740 0x1f8c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:43:59.0750 0x1f8c  mrxsmb10 - ok
18:43:59.0783 0x1f8c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:43:59.0788 0x1f8c  mrxsmb20 - ok
18:43:59.0822 0x1f8c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:43:59.0822 0x1f8c  msahci - ok
18:43:59.0842 0x1f8c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:43:59.0852 0x1f8c  msdsm - ok
18:43:59.0872 0x1f8c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:43:59.0882 0x1f8c  MSDTC - ok
18:43:59.0912 0x1f8c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:43:59.0912 0x1f8c  Msfs - ok
18:43:59.0932 0x1f8c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:43:59.0932 0x1f8c  mshidkmdf - ok
18:43:59.0972 0x1f8c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:43:59.0972 0x1f8c  msisadrv - ok
18:44:00.0002 0x1f8c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:44:00.0002 0x1f8c  MSiSCSI - ok
18:44:00.0022 0x1f8c  msiserver - ok
18:44:00.0042 0x1f8c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:44:00.0053 0x1f8c  MSKSSRV - ok
18:44:00.0164 0x1f8c  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:44:00.0164 0x1f8c  MsMpSvc - ok
18:44:00.0184 0x1f8c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:44:00.0194 0x1f8c  MSPCLOCK - ok
18:44:00.0194 0x1f8c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:44:00.0194 0x1f8c  MSPQM - ok
18:44:00.0286 0x1f8c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:44:00.0326 0x1f8c  MsRPC - ok
18:44:00.0418 0x1f8c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:44:00.0418 0x1f8c  mssmbios - ok
18:44:00.0448 0x1f8c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:44:00.0458 0x1f8c  MSTEE - ok
18:44:00.0478 0x1f8c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:44:00.0488 0x1f8c  MTConfig - ok
18:44:00.0538 0x1f8c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:44:00.0548 0x1f8c  Mup - ok
18:44:00.0708 0x1f8c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:44:00.0748 0x1f8c  napagent - ok
18:44:00.0810 0x1f8c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:44:00.0820 0x1f8c  NativeWifiP - ok
18:44:01.0010 0x1f8c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:44:01.0070 0x1f8c  NDIS - ok
18:44:01.0104 0x1f8c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:44:01.0106 0x1f8c  NdisCap - ok
18:44:01.0132 0x1f8c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:44:01.0132 0x1f8c  NdisTapi - ok
18:44:01.0172 0x1f8c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:44:01.0172 0x1f8c  Ndisuio - ok
18:44:01.0232 0x1f8c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:44:01.0232 0x1f8c  NdisWan - ok
18:44:01.0262 0x1f8c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:44:01.0262 0x1f8c  NDProxy - ok
18:44:01.0292 0x1f8c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:44:01.0294 0x1f8c  NetBIOS - ok
18:44:01.0339 0x1f8c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:44:01.0346 0x1f8c  NetBT - ok
18:44:01.0365 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
18:44:01.0367 0x1f8c  Netlogon - ok
18:44:01.0454 0x1f8c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:44:01.0484 0x1f8c  Netman - ok
18:44:01.0564 0x1f8c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:01.0584 0x1f8c  NetMsmqActivator - ok
18:44:01.0604 0x1f8c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:01.0604 0x1f8c  NetPipeActivator - ok
18:44:01.0666 0x1f8c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:44:01.0696 0x1f8c  netprofm - ok
18:44:01.0726 0x1f8c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:01.0726 0x1f8c  NetTcpActivator - ok
18:44:01.0736 0x1f8c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:01.0746 0x1f8c  NetTcpPortSharing - ok
18:44:02.0037 0x1f8c  [ E72F4522801FFB8F0456924FB0017BFF, 7260C6D0725D3B3E0083AF06D901073AE8753E6CD97400B2A1D7F6D62A727CC5 ] NETw1v64        C:\Windows\system32\DRIVERS\NETw1v64.sys
18:44:02.0316 0x1f8c  NETw1v64 - ok
18:44:03.0262 0x1f8c  [ 39EDE676D17F37AF4573C2B33EC28ACA, 6C897C8B72D7AC1385302E58509688790CC5F428E967485F92C3CD646907EF59 ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
18:44:03.0505 0x1f8c  NETw5s64 - ok
18:44:04.0249 0x1f8c  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
18:44:04.0477 0x1f8c  netw5v64 - ok
18:44:04.0519 0x1f8c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:44:04.0522 0x1f8c  nfrd960 - ok
18:44:04.0728 0x1f8c  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:44:04.0738 0x1f8c  NisDrv - ok
18:44:04.0888 0x1f8c  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
18:44:04.0928 0x1f8c  NisSrv - ok
18:44:05.0048 0x1f8c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:44:05.0088 0x1f8c  NlaSvc - ok
18:44:05.0108 0x1f8c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:44:05.0108 0x1f8c  Npfs - ok
18:44:05.0178 0x1f8c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:44:05.0188 0x1f8c  nsi - ok
18:44:05.0218 0x1f8c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:44:05.0218 0x1f8c  nsiproxy - ok
18:44:05.0488 0x1f8c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:44:05.0560 0x1f8c  Ntfs - ok
18:44:05.0586 0x1f8c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:44:05.0590 0x1f8c  Null - ok
18:44:05.0652 0x1f8c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:44:05.0662 0x1f8c  nvraid - ok
18:44:05.0702 0x1f8c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:44:05.0702 0x1f8c  nvstor - ok
18:44:05.0772 0x1f8c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:44:05.0772 0x1f8c  nv_agp - ok
18:44:05.0802 0x1f8c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:44:05.0802 0x1f8c  ohci1394 - ok
18:44:05.0882 0x1f8c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:44:05.0922 0x1f8c  p2pimsvc - ok
18:44:06.0022 0x1f8c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:44:06.0072 0x1f8c  p2psvc - ok
18:44:06.0132 0x1f8c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:44:06.0132 0x1f8c  Parport - ok
18:44:06.0202 0x1f8c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:44:06.0202 0x1f8c  partmgr - ok
18:44:06.0232 0x1f8c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:44:06.0242 0x1f8c  PcaSvc - ok
18:44:06.0272 0x1f8c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:44:06.0282 0x1f8c  pci - ok
18:44:06.0342 0x1f8c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:44:06.0352 0x1f8c  pciide - ok
18:44:06.0392 0x1f8c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:44:06.0402 0x1f8c  pcmcia - ok
18:44:06.0422 0x1f8c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:44:06.0432 0x1f8c  pcw - ok
18:44:06.0572 0x1f8c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:44:06.0612 0x1f8c  PEAUTH - ok
18:44:07.0244 0x1f8c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:44:07.0254 0x1f8c  PerfHost - ok
18:44:07.0416 0x1f8c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:44:07.0468 0x1f8c  pla - ok
18:44:07.0620 0x1f8c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:44:07.0660 0x1f8c  PlugPlay - ok
18:44:07.0700 0x1f8c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:44:07.0700 0x1f8c  PNRPAutoReg - ok
18:44:07.0790 0x1f8c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:44:07.0800 0x1f8c  PNRPsvc - ok
18:44:07.0922 0x1f8c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:44:07.0932 0x1f8c  PolicyAgent - ok
18:44:07.0984 0x1f8c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:44:07.0991 0x1f8c  Power - ok
18:44:08.0054 0x1f8c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:44:08.0054 0x1f8c  PptpMiniport - ok
18:44:08.0094 0x1f8c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:44:08.0094 0x1f8c  Processor - ok
18:44:08.0204 0x1f8c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:44:08.0254 0x1f8c  ProfSvc - ok
18:44:08.0294 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:44:08.0294 0x1f8c  ProtectedStorage - ok
18:44:08.0344 0x1f8c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:44:08.0354 0x1f8c  Psched - ok
18:44:08.0414 0x1f8c  [ FBF4DB6D53585437E41A113300002A2B, A0145CE87A95DA3775B28A00E741660C26ADE34BBCC7FC502ED809931482C8F2 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
18:44:08.0434 0x1f8c  PxHlpa64 - ok
18:44:08.0514 0x1f8c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:44:08.0596 0x1f8c  ql2300 - ok
18:44:08.0609 0x1f8c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:44:08.0621 0x1f8c  ql40xx - ok
18:44:08.0668 0x1f8c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:44:08.0678 0x1f8c  QWAVE - ok
18:44:08.0738 0x1f8c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:44:08.0748 0x1f8c  QWAVEdrv - ok
18:44:08.0778 0x1f8c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:44:08.0778 0x1f8c  RasAcd - ok
18:44:08.0828 0x1f8c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:44:08.0828 0x1f8c  RasAgileVpn - ok
18:44:08.0868 0x1f8c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:44:08.0878 0x1f8c  RasAuto - ok
18:44:08.0918 0x1f8c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:44:08.0918 0x1f8c  Rasl2tp - ok
18:44:09.0038 0x1f8c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:44:09.0098 0x1f8c  RasMan - ok
18:44:09.0138 0x1f8c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:44:09.0138 0x1f8c  RasPppoe - ok
18:44:09.0178 0x1f8c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:44:09.0178 0x1f8c  RasSstp - ok
18:44:09.0258 0x1f8c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:44:09.0303 0x1f8c  rdbss - ok
18:44:09.0348 0x1f8c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:44:09.0351 0x1f8c  rdpbus - ok
18:44:09.0381 0x1f8c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:44:09.0390 0x1f8c  RDPCDD - ok
18:44:09.0423 0x1f8c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:44:09.0425 0x1f8c  RDPENCDD - ok
18:44:09.0450 0x1f8c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:44:09.0460 0x1f8c  RDPREFMP - ok
18:44:09.0530 0x1f8c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:44:09.0530 0x1f8c  RDPWD - ok
18:44:09.0590 0x1f8c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:44:09.0600 0x1f8c  rdyboost - ok
18:44:09.0690 0x1f8c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:44:09.0690 0x1f8c  RemoteAccess - ok
18:44:09.0740 0x1f8c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:44:09.0750 0x1f8c  RemoteRegistry - ok
18:44:09.0920 0x1f8c  [ 498EB62A160674E793FA40FD65390625, F7EFD480E6C95F5B6202EEB87F519A8A8187F7F26281FB3E302EDD1AD5771025 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:44:09.0960 0x1f8c  RichVideo - ok
18:44:09.0990 0x1f8c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:44:09.0990 0x1f8c  RpcEptMapper - ok
18:44:10.0020 0x1f8c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:44:10.0030 0x1f8c  RpcLocator - ok
18:44:10.0191 0x1f8c  [ 68DEC7EE9423080ACC23DC17BFF51D14, CF52F8BDD2B73D7C76D2DFF313A15ADFBD74D30E430D2CD0A5B0F9D1C8BD4C36 ] RpcSs           C:\Windows\system32\rpcss.dll
18:44:10.0201 0x1f8c  RpcSs - detected Trojan.Win64.Patched.bj ( 0 )
18:44:10.0201 0x1f8c  RpcSs ( Trojan.Win64.Patched.bj ) - infected
18:44:10.0201 0x1f8c  Force sending object to P2P due to detect: RpcSs
18:44:12.0966 0x1f8c  Object send P2P result: true
18:44:15.0536 0x1f8c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:44:15.0536 0x1f8c  rspndr - ok
18:44:15.0556 0x1f8c  RSUSBSTOR - ok
18:44:15.0606 0x1f8c  [ 91296F0B2653281B2F11E0FCE56AA427, 242B6049480F62673D79E822EC7AD83DBFA1D203F2519E765DD36ECF156A962A ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:44:15.0616 0x1f8c  RTL8167 - ok
18:44:15.0616 0x1f8c  RtsUIR - ok
18:44:15.0646 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
18:44:15.0658 0x1f8c  SamSs - ok
18:44:15.0708 0x1f8c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:44:15.0718 0x1f8c  sbp2port - ok
18:44:15.0738 0x1f8c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:44:15.0748 0x1f8c  SCardSvr - ok
18:44:15.0788 0x1f8c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:44:15.0788 0x1f8c  scfilter - ok
18:44:15.0958 0x1f8c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:44:16.0019 0x1f8c  Schedule - ok
18:44:16.0070 0x1f8c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:44:16.0080 0x1f8c  SCPolicySvc - ok
18:44:16.0130 0x1f8c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
18:44:16.0130 0x1f8c  sdbus - ok
18:44:16.0180 0x1f8c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:44:16.0180 0x1f8c  SDRSVC - ok
18:44:16.0210 0x1f8c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:44:16.0210 0x1f8c  secdrv - ok
18:44:16.0240 0x1f8c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:44:16.0250 0x1f8c  seclogon - ok
18:44:16.0280 0x1f8c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:44:16.0286 0x1f8c  SENS - ok
18:44:16.0297 0x1f8c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:44:16.0302 0x1f8c  SensrSvc - ok
18:44:16.0312 0x1f8c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:44:16.0322 0x1f8c  Serenum - ok
18:44:16.0332 0x1f8c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:44:16.0332 0x1f8c  Serial - ok
18:44:16.0352 0x1f8c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:44:16.0362 0x1f8c  sermouse - ok
18:44:16.0402 0x1f8c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:44:16.0410 0x1f8c  SessionEnv - ok
18:44:16.0454 0x1f8c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:44:16.0454 0x1f8c  sffdisk - ok
18:44:16.0494 0x1f8c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:44:16.0494 0x1f8c  sffp_mmc - ok
18:44:16.0504 0x1f8c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:44:16.0514 0x1f8c  sffp_sd - ok
18:44:16.0524 0x1f8c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:44:16.0524 0x1f8c  sfloppy - ok
18:44:16.0564 0x1f8c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:44:16.0594 0x1f8c  SharedAccess - ok
18:44:16.0654 0x1f8c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:44:16.0674 0x1f8c  ShellHWDetection - ok
18:44:16.0704 0x1f8c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:44:16.0704 0x1f8c  SiSRaid2 - ok
18:44:16.0714 0x1f8c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:44:16.0724 0x1f8c  SiSRaid4 - ok
18:44:16.0804 0x1f8c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:44:16.0804 0x1f8c  SkypeUpdate - ok
18:44:16.0842 0x1f8c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:44:16.0846 0x1f8c  Smb - ok
18:44:16.0875 0x1f8c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:44:16.0887 0x1f8c  SNMPTRAP - ok
18:44:16.0936 0x1f8c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:44:16.0936 0x1f8c  spldr - ok
18:44:17.0006 0x1f8c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:44:17.0026 0x1f8c  Spooler - ok
18:44:17.0183 0x1f8c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:44:17.0325 0x1f8c  sppsvc - ok
18:44:17.0366 0x1f8c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:44:17.0370 0x1f8c  sppuinotify - ok
18:44:17.0430 0x1f8c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:44:17.0490 0x1f8c  srv - ok
18:44:17.0520 0x1f8c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:44:17.0540 0x1f8c  srv2 - ok
18:44:17.0570 0x1f8c  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
18:44:17.0580 0x1f8c  SrvHsfHDA - ok
18:44:17.0862 0x1f8c  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
18:44:17.0934 0x1f8c  SrvHsfV92 - ok
18:44:18.0066 0x1f8c  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
18:44:18.0128 0x1f8c  SrvHsfWinac - ok
18:44:18.0158 0x1f8c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:44:18.0158 0x1f8c  srvnet - ok
18:44:18.0198 0x1f8c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:44:18.0208 0x1f8c  SSDPSRV - ok
18:44:18.0228 0x1f8c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:44:18.0238 0x1f8c  SstpSvc - ok
18:44:18.0418 0x1f8c  [ 2185595C6663660FDC90F5A2A79E2155, DFE82CD9A8DCDA99E4B3462B15456B827D9D0BD759A5395074F146D0EE088CBE ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
18:44:18.0428 0x1f8c  STacSV - ok
18:44:18.0468 0x1f8c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:44:18.0468 0x1f8c  stexstor - ok
18:44:18.0518 0x1f8c  [ 8D1CE4322A35F840711B87927CB57C05, BE13256340AFB0B1F6FEF692CF2FEE058315BC3718E31EDA034F626458141179 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
18:44:18.0558 0x1f8c  STHDA - ok
18:44:18.0758 0x1f8c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:44:18.0778 0x1f8c  stisvc - ok
18:44:18.0831 0x1f8c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:44:18.0833 0x1f8c  swenum - ok
18:44:18.0880 0x1f8c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:44:18.0900 0x1f8c  swprv - ok
18:44:18.0951 0x1f8c  [ 924D711941956F7420A4925592BE8253, D621114FC94D9B257EC5B684B90E54B63D4078D5FC19550C2E396AE4EDD2C552 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:44:18.0952 0x1f8c  SynTP - ok
18:44:19.0054 0x1f8c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:44:19.0126 0x1f8c  SysMain - ok
18:44:19.0178 0x1f8c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:44:19.0178 0x1f8c  TabletInputService - ok
18:44:19.0218 0x1f8c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:44:19.0228 0x1f8c  TapiSrv - ok
18:44:19.0258 0x1f8c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:44:19.0258 0x1f8c  TBS - ok
18:44:19.0358 0x1f8c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:44:19.0440 0x1f8c  Tcpip - ok
18:44:19.0582 0x1f8c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:44:19.0625 0x1f8c  TCPIP6 - ok
18:44:19.0653 0x1f8c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:44:19.0659 0x1f8c  tcpipreg - ok
18:44:19.0688 0x1f8c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:44:19.0691 0x1f8c  TDPIPE - ok
18:44:19.0724 0x1f8c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:44:19.0724 0x1f8c  TDTCP - ok
18:44:19.0764 0x1f8c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:44:19.0764 0x1f8c  tdx - ok
18:44:19.0814 0x1f8c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:44:19.0824 0x1f8c  TermDD - ok
18:44:19.0854 0x1f8c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
18:44:19.0894 0x1f8c  TermService - ok
18:44:19.0914 0x1f8c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:44:19.0924 0x1f8c  Themes - ok
18:44:19.0954 0x1f8c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:44:19.0954 0x1f8c  THREADORDER - ok
18:44:19.0974 0x1f8c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:44:19.0984 0x1f8c  TrkWks - ok
18:44:20.0034 0x1f8c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:44:20.0044 0x1f8c  TrustedInstaller - ok
18:44:20.0094 0x1f8c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:44:20.0104 0x1f8c  tssecsrv - ok
18:44:20.0155 0x1f8c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:44:20.0155 0x1f8c  TsUsbFlt - ok
18:44:20.0195 0x1f8c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:44:20.0195 0x1f8c  tunnel - ok
18:44:20.0225 0x1f8c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:44:20.0225 0x1f8c  uagp35 - ok
18:44:20.0265 0x1f8c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:44:20.0285 0x1f8c  udfs - ok
18:44:20.0335 0x1f8c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:44:20.0345 0x1f8c  UI0Detect - ok
18:44:20.0375 0x1f8c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:44:20.0385 0x1f8c  uliagpkx - ok
18:44:20.0415 0x1f8c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
18:44:20.0425 0x1f8c  umbus - ok
18:44:20.0435 0x1f8c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:44:20.0435 0x1f8c  UmPass - ok
18:44:20.0475 0x1f8c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:44:20.0495 0x1f8c  upnphost - ok
18:44:20.0535 0x1f8c  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:44:20.0535 0x1f8c  USBAAPL64 - ok
18:44:20.0575 0x1f8c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:44:20.0595 0x1f8c  usbccgp - ok
18:44:20.0595 0x1f8c  USBCCID - ok
18:44:20.0635 0x1f8c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:44:20.0635 0x1f8c  usbcir - ok
18:44:20.0675 0x1f8c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:44:20.0675 0x1f8c  usbehci - ok
18:44:20.0705 0x1f8c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:44:20.0735 0x1f8c  usbhub - ok
18:44:20.0775 0x1f8c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:44:20.0775 0x1f8c  usbohci - ok
18:44:20.0805 0x1f8c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:44:20.0805 0x1f8c  usbprint - ok
18:44:20.0835 0x1f8c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
18:44:20.0835 0x1f8c  usbscan - ok
18:44:20.0885 0x1f8c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:44:20.0895 0x1f8c  USBSTOR - ok
18:44:20.0935 0x1f8c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:44:20.0935 0x1f8c  usbuhci - ok
18:44:20.0965 0x1f8c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:44:20.0975 0x1f8c  usbvideo - ok
18:44:21.0005 0x1f8c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:44:21.0015 0x1f8c  UxSms - ok
18:44:21.0035 0x1f8c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
18:44:21.0035 0x1f8c  VaultSvc - ok
18:44:21.0055 0x1f8c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:44:21.0055 0x1f8c  vdrvroot - ok
18:44:21.0105 0x1f8c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:44:21.0135 0x1f8c  vds - ok
18:44:21.0165 0x1f8c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:44:21.0176 0x1f8c  vga - ok
18:44:21.0198 0x1f8c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:44:21.0200 0x1f8c  VgaSave - ok
18:44:21.0237 0x1f8c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:44:21.0257 0x1f8c  vhdmp - ok
18:44:21.0287 0x1f8c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:44:21.0297 0x1f8c  viaide - ok
18:44:21.0337 0x1f8c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:44:21.0337 0x1f8c  volmgr - ok
18:44:21.0387 0x1f8c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:44:21.0397 0x1f8c  volmgrx - ok
18:44:21.0438 0x1f8c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:44:21.0454 0x1f8c  volsnap - ok
18:44:21.0479 0x1f8c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:44:21.0479 0x1f8c  vsmraid - ok
18:44:21.0579 0x1f8c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:44:21.0661 0x1f8c  VSS - ok
18:44:21.0693 0x1f8c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:44:21.0693 0x1f8c  vwifibus - ok
18:44:21.0713 0x1f8c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:44:21.0713 0x1f8c  vwififlt - ok
18:44:21.0783 0x1f8c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:44:21.0813 0x1f8c  W32Time - ok
18:44:21.0823 0x1f8c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:44:21.0823 0x1f8c  WacomPen - ok
18:44:21.0843 0x1f8c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:44:21.0843 0x1f8c  WANARP - ok
18:44:21.0853 0x1f8c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:44:21.0853 0x1f8c  Wanarpv6 - ok
18:44:22.0013 0x1f8c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:44:22.0068 0x1f8c  WatAdminSvc - ok
18:44:22.0246 0x1f8c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:44:22.0338 0x1f8c  wbengine - ok
18:44:22.0373 0x1f8c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:44:22.0380 0x1f8c  WbioSrvc - ok
18:44:22.0420 0x1f8c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:44:22.0480 0x1f8c  wcncsvc - ok
18:44:22.0500 0x1f8c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:44:22.0510 0x1f8c  WcsPlugInService - ok
18:44:22.0540 0x1f8c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:44:22.0540 0x1f8c  Wd - ok
18:44:22.0600 0x1f8c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:44:22.0640 0x1f8c  Wdf01000 - ok
18:44:22.0712 0x1f8c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:44:22.0712 0x1f8c  WdiServiceHost - ok
18:44:22.0722 0x1f8c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:44:22.0722 0x1f8c  WdiSystemHost - ok
18:44:22.0752 0x1f8c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:44:22.0772 0x1f8c  WebClient - ok
18:44:22.0782 0x1f8c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:44:22.0792 0x1f8c  Wecsvc - ok
18:44:22.0815 0x1f8c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:44:22.0821 0x1f8c  wercplsupport - ok
18:44:22.0834 0x1f8c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:44:22.0834 0x1f8c  WerSvc - ok
18:44:22.0854 0x1f8c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:44:22.0854 0x1f8c  WfpLwf - ok
18:44:22.0874 0x1f8c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:44:22.0874 0x1f8c  WIMMount - ok
18:44:22.0894 0x1f8c  WinDefend - ok
18:44:22.0924 0x1f8c  WinHttpAutoProxySvc - ok
18:44:22.0996 0x1f8c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:44:23.0006 0x1f8c  Winmgmt - ok
18:44:23.0096 0x1f8c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:44:23.0188 0x1f8c  WinRM - ok
18:44:23.0227 0x1f8c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:44:23.0230 0x1f8c  WinUsb - ok
18:44:23.0270 0x1f8c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:44:23.0322 0x1f8c  Wlansvc - ok
18:44:23.0524 0x1f8c  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:44:23.0628 0x1f8c  wlidsvc - ok
18:44:23.0668 0x1f8c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:44:23.0668 0x1f8c  WmiAcpi - ok
18:44:23.0728 0x1f8c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:44:23.0728 0x1f8c  wmiApSrv - ok
18:44:23.0788 0x1f8c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:44:23.0798 0x1f8c  WPCSvc - ok
18:44:23.0828 0x1f8c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:44:23.0838 0x1f8c  WPDBusEnum - ok
18:44:23.0868 0x1f8c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:44:23.0868 0x1f8c  ws2ifsl - ok
18:44:23.0888 0x1f8c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:44:23.0888 0x1f8c  wscsvc - ok
18:44:23.0898 0x1f8c  WSearch - ok
18:44:24.0337 0x1f8c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:44:24.0433 0x1f8c  wuauserv - ok
18:44:24.0505 0x1f8c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:44:24.0505 0x1f8c  WudfPf - ok
18:44:24.0545 0x1f8c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:44:24.0555 0x1f8c  WUDFRd - ok
18:44:24.0605 0x1f8c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:44:24.0605 0x1f8c  wudfsvc - ok
18:44:24.0655 0x1f8c  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:44:24.0665 0x1f8c  WwanSvc - ok
18:44:24.0745 0x1f8c  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
18:44:24.0755 0x1f8c  yukonw7 - ok
18:44:24.0765 0x1f8c  ================ Scan global ===============================
18:44:24.0835 0x1f8c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:44:24.0875 0x1f8c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:44:24.0895 0x1f8c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:44:24.0947 0x1f8c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:44:24.0977 0x1f8c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:44:24.0997 0x1f8c  [ Global ] - ok
18:44:24.0997 0x1f8c  ================ Scan MBR ==================================
18:44:25.0017 0x1f8c  [ 775BA290D665A2E7E22923D1AF9171FA ] \Device\Harddisk0\DR0
18:44:27.0762 0x1f8c  \Device\Harddisk0\DR0 - ok
18:44:27.0762 0x1f8c  ================ Scan VBR ==================================
18:44:27.0772 0x1f8c  [ 89F05D60B0F49EE888BA15605C413302 ] \Device\Harddisk0\DR0\Partition1
18:44:27.0782 0x1f8c  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
18:44:27.0782 0x1f8c  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
18:44:30.0495 0x1f8c  [ 48D19DA73CE8384FBFDB605E19329507 ] \Device\Harddisk0\DR0\Partition2
18:44:30.0495 0x1f8c  \Device\Harddisk0\DR0\Partition2 - ok
18:44:30.0545 0x1f8c  [ 39FAB054193AA4910999E182017679D7 ] \Device\Harddisk0\DR0\Partition3
18:44:30.0555 0x1f8c  \Device\Harddisk0\DR0\Partition3 - ok
18:44:30.0555 0x1f8c  ================ Scan generic autorun ======================
18:44:30.0555 0x1f8c  SynTPEnh - ok
18:44:30.0685 0x1f8c  [ 4C590463E5B60310DBE660686C6CCF7B, 01CF341CEF85799ADDBA7BE256A07C9689A0E53E7151794688153E5BD48EF721 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
18:44:30.0718 0x1f8c  SmartMenu - ok
18:44:30.0929 0x1f8c  [ A0DD3037E2DC702A7BED6C3CC2DB8FA6, 709BB80726403C2F1807BE6D766AAD8F7F7F86939804D88A60ED91DFCD76A608 ] C:\Program Files\Java\jre6\bin\jusched.exe
18:44:30.0939 0x1f8c  SunJavaUpdateSched - ok
18:44:31.0089 0x1f8c  [ 6BC64CE19C27496F06A18F87D543E01E, 272EF491FC32DA65775071750CB51955BD697686ABE17A712A864CD518EA2ED8 ] C:\Program Files\IDT\WDM\sttray64.exe
18:44:31.0161 0x1f8c  SysTrayApp - ok
18:44:31.0181 0x1f8c  [ 2EE7EAFCBA41850EA3F00EF5E7C4A549, 4A5D15892E16697695ECDD5074BACE330719E107BADE80236E7B2E9A6BC81814 ] C:\Windows\system32\igfxtray.exe
18:44:31.0191 0x1f8c  IgfxTray - ok
18:44:31.0241 0x1f8c  [ 53F7D5AD43AC7328B68EF44B3E7C728A, 19EE335166CE71051EE6FF2C9463D549B919CFF9CDE967249A7A9F78FD6A5A69 ] C:\Windows\system32\hkcmd.exe
18:44:31.0281 0x1f8c  HotKeysCmds - ok
18:44:31.0301 0x1f8c  [ 76995B82E6DDD83E7DCA85289DE5B5F0, A4AB0AC1677C44241DF201B025E6EB697E31438D97DEC8D34A3DABA7FC1DE647 ] C:\Windows\system32\igfxpers.exe
18:44:31.0311 0x1f8c  Persistence - ok
18:44:31.0361 0x1f8c  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
18:44:31.0371 0x1f8c  IAAnotif - ok
18:44:31.0601 0x1f8c  [ C29DAF54DEC7253221C88787E64075E7, 9B5C95CAB7166AE1C9466C67AC28214BEEC31F23E27473ADD1EC65E99747F11A ] C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe
18:44:31.0651 0x1f8c  dleamon.exe - ok
18:44:31.0671 0x1f8c  [ 939EB7ECC20709F129495E73D3A7FBE0, 1BB868EC4A970B2A809A3BC7281064B7B5B824D4A19FA3D5D10033482B6C7622 ] C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe
18:44:31.0671 0x1f8c  EzPrint - ok
18:44:31.0723 0x1f8c  [ A29FB20F296785AE53AC3B75E14580A7, 0E4280CE4243801B7014DD676791FD6785A973CF75CDD4D98DE02D1DD6776DF5 ] C:\Program Files (x86)\Dell Photo AIO Printer 926\dlcxmon.exe
18:44:31.0733 0x1f8c  dlcxmon.exe - ok
18:44:31.0753 0x1f8c  [ FDFCEB274F8B4F56F7BAD7D93A141BF5, 01B8ED517CBC8120C6807F2FE35187967081AA8BD1B4EB292912CA07E02E0ACE ] C:\Program Files (x86)\Dell Photo AIO Printer 926\memcard.exe
18:44:31.0765 0x1f8c  MemoryCardManager - ok
18:44:31.0771 0x1f8c  DLCXCATS - ok
18:44:31.0985 0x1f8c  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] c:\Program Files\Microsoft Security Client\msseces.exe
18:44:32.0033 0x1f8c  MSC - ok
18:44:32.0117 0x1f8c  [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
18:44:32.0127 0x1f8c  HPCam_Menu - ok
18:44:32.0177 0x1f8c  [ 8F89E6CB82E6DB45BC993D423CD0FDBD, 254DD6E7EBCD1BAEE8DB5AD34451B66241DCCE6496D440400DA092C9C867F165 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
18:44:32.0187 0x1f8c  QlbCtrl.exe - ok
18:44:32.0247 0x1f8c  [ E8F915D5140A75ABFF036BBF9D0941AD, CACAF7542A1616C43929435BC71797636A2829595967B255F856A146B63A1B2C ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
18:44:32.0267 0x1f8c  NortonOnlineBackupReminder - ok
18:44:32.0547 0x1f8c  [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe
18:44:32.0557 0x1f8c  UpdatePRCShortCut - ok
18:44:32.0627 0x1f8c  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
18:44:32.0637 0x1f8c  HP Software Update - ok
18:44:32.0727 0x1f8c  [ DA4ED31DD43ABB0AF99888E236FFDB91, EFB8639A4854A8CB1516639DD032ADFD5AE58082880078115EE1AFB71C9696AF ] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
18:44:32.0737 0x1f8c  WirelessAssistant - ok
18:44:32.0857 0x1f8c  [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:44:32.0857 0x1f8c  APSDaemon - ok
18:44:32.0997 0x1f8c  [ 03F97E186684BE24F7CC9D1CC107502D, EF041F0EC252D31FEFA26235E1EC33C011CFB3FD1B56A71649D3DF12AD7CC7D9 ] C:\Program Files (x86)\Dell PC Fax\fm3032.exe
18:44:33.0027 0x1f8c  FaxCenterServer - ok
18:44:33.0117 0x1f8c  [ 916A2C4EB028604783FD5EA169236C1D, C97DAA1BE5C912DDCEDBA7619631BB98F4A9B32B1E40C5374A64E25305E0A1C4 ] C:\Program Files (x86)\QuickTime\QTTask.exe
18:44:33.0127 0x1f8c  QuickTime Task - ok
18:44:33.0187 0x1f8c  [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:44:33.0197 0x1f8c  iTunesHelper - ok
18:44:33.0247 0x1f8c  CitrixReceiver - ok
18:44:33.0397 0x1f8c  [ 2EBE05FD8ECBA5F230FC26E534E91A11, B8E85D51BD4E6C0D4D447DFA327EAA0AE4A33F04F42063A58122153933C1770E ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
18:44:33.0417 0x1f8c  ConnectionCenter - ok
18:44:33.0447 0x1f8c  [ 17D9622BFE68386E8C647C4C7F8FEA3E, 50F943F2E47512DCE61A9EBB188361CB71CACC74D9397FA1367AB7112F2C7A09 ] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
18:44:33.0457 0x1f8c  Redirector - ok
18:44:33.0597 0x1f8c  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:44:33.0637 0x1f8c  Adobe ARM - ok
18:44:33.0697 0x1f8c  [ F4F7C86191A981C804326E2EF6F3604F, 1ECE05E643AFFB27A148A8B86615F6C167875EF29D6FF7E2FD15B8DCBE6B8A16 ] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
18:44:33.0697 0x1f8c  Adobe Reader Speed Launcher - ok
18:44:33.0847 0x1f8c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:44:33.0919 0x1f8c  Sidebar - ok
18:44:33.0957 0x1f8c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:44:33.0962 0x1f8c  mctadmin - ok
18:44:34.0001 0x1f8c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:44:34.0032 0x1f8c  Sidebar - ok
18:44:34.0042 0x1f8c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:44:34.0045 0x1f8c  mctadmin - ok
18:44:34.0253 0x1f8c  [ F6491E5B1CB23E76F01B3417FC5D32D0, 4166FFAB11F132C825A4FBC32F4C684DD5D359451451E652EC459C6DA9528727 ] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
18:44:34.0315 0x1f8c  HPADVISOR - ok
18:44:34.0631 0x1f8c  [ 5B5CED2419E0167FA5B4BE42125BC7AC, 1631D8B1D0EC21E76506772EC141321B63C8BE628EEA4F0C78DB747AD432472E ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
18:44:34.0733 0x1f8c  LightScribe Control Panel - ok
18:44:34.0741 0x1f8c  Waiting for KSN requests completion. In queue: 32
18:44:35.0741 0x1f8c  Waiting for KSN requests completion. In queue: 32
18:44:36.0741 0x1f8c  Waiting for KSN requests completion. In queue: 32
18:44:37.0763 0x1f8c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
18:44:37.0835 0x1f8c  Win FW state via NFP2: enabled
18:44:40.0342 0x1f8c  ============================================================
18:44:40.0342 0x1f8c  Scan finished
18:44:40.0342 0x1f8c  ============================================================
18:44:40.0355 0x1a24  Detected object count: 3
18:44:40.0355 0x1a24  Actual detected object count: 3
18:44:58.0449 0x1a24  C:\Windows\system32\rpcss.dll - copied to quarantine
18:47:51.0654 0x1a24  Backup copy found through SCO, using it..
18:47:51.0936 0x1a24  C:\Windows\system32\rpcss.dll - will be cured on reboot
18:47:51.0939 0x1a24  DcomLaunch ( Trojan.Win64.Patched.bj ) - User select action: Cure
18:47:52.0022 0x1a24  C:\Windows\system32\rpcss.dll - copied to quarantine
18:48:00.0354 0x1a24  Backup copy found through SCO, using it..
18:48:00.0424 0x1a24  C:\Windows\system32\rpcss.dll - will be cured on reboot
18:48:00.0424 0x1a24  RpcSs ( Trojan.Win64.Patched.bj ) - User select action: Cure
18:48:00.0464 0x1a24  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
18:48:01.0124 0x1a24  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
18:48:01.0154 0x1a24  \Device\Harddisk0\DR0\Partition1 - ok
18:48:01.0154 0x1a24  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
18:48:01.0324 0x1a24  KLMD registered as C:\Windows\system32\drivers\59916151.sys
18:48:09.0900 0x0d0c  Deinitialize success

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

ADWCleaner results:

# AdwCleaner v3.213 - Report created 25/06/2014 at 19:09:36
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Scott - RACHEL-PC
# Running from : C:\Users\Scott\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Freeze.com
Folder Deleted : C:\Users\Rachel\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Rachel\AppData\Local\StartNow
Folder Deleted : C:\Users\Rachel\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com
File Deleted : C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\plugin@yontoo.com.xpi
File Deleted : C:\Uninstall.exe
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C792A75A-2A1F-4991-9B85-291745478A79}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.enabledItems", "{8545daff-ad1e-493f-a37e-eed1ac79682b}:1.0,smartwebprinting@hp.com:4.51,{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}:3.7.2,{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1,[...]
Line Deleted : user_pref("extentions.y2layers.installId", "8f4d27c0-fc92-4eed-8652-ba39134c2ac1");
Line Deleted : user_pref("extentions.y2layers.lastDnsTest", 371880);
Line Deleted : user_pref("searchreset.backup.browser.newtab.url", "hxxp://search.startnow.com/?src=newtab&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_i[...]
Line Deleted : user_pref("searchreset.backup.keyword.URL", "hxxp://search.startnow.com/s/?q={searchTerms}&src=addrbar&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channe[...]

[ File : C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\rc32t9ht.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [4874 octets] - [25/06/2014 18:54:13]
AdwCleaner[S0].txt - [4881 octets] - [25/06/2014 19:09:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4941 octets] ##########

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Junkware Results:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Scott on Wed 06/25/2014 at 19:54:50.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3769619868-125727690-3658102325-1003\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-0B38_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-0B38_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-0B38_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-0B38_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\homepage protection"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 06/25/2014 at 20:01:41.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

ESET Results:  Will  be posted 6/26/14 evening.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,240 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:42 AM

Posted 25 June 2014 - 09:11 PM

Be sure to restart the machine to complete he TDSS removal. I'll look back tomorrow.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 vzyfl1

vzyfl1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 26 June 2014 - 04:41 PM

Yes, the laptop was rebooted after the TDSS Removal software was run.

 

Copied below are results from final scan using ESET.

 

Let me know if there are any other scans or changes I should perform.

 

Thanks for your help.

.

Part 1 of 2 of Eset scan results:

 

C:\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\$Recycle.Bin\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\Binder Information\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\Binder Information\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\Binder Information\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\Completed Minutes\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\Completed Minutes\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\Completed Minutes\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\Notes\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\Notes\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\$Recycle.Bin\S-1-5-21-3769619868-125727690-3658102325-1000\$R3OTLR4\Notes\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\plugin@yontoo.com.xpi.vir    Win32/Adware.Yontoo application    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\DECRYPT_INSTRUCTION.HTML.vir    Win32/Filecoder.CR trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\DECRYPT_INSTRUCTION.TXT.vir    Win32/Filecoder.CR trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\DECRYPT_INSTRUCTION.URL.vir    Win32/Filecoder.CR.Gen trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\chrome\DECRYPT_INSTRUCTION.HTML.vir    Win32/Filecoder.CR trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\chrome\DECRYPT_INSTRUCTION.TXT.vir    Win32/Filecoder.CR trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\chrome\DECRYPT_INSTRUCTION.URL.vir    Win32/Filecoder.CR.Gen trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\chrome\content\DECRYPT_INSTRUCTION.HTML.vir    Win32/Filecoder.CR trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\chrome\content\DECRYPT_INSTRUCTION.TXT.vir    Win32/Filecoder.CR trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\chrome\content\DECRYPT_INSTRUCTION.URL.vir    Win32/Filecoder.CR.Gen trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\locale\DECRYPT_INSTRUCTION.HTML.vir    Win32/Filecoder.CR trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\locale\DECRYPT_INSTRUCTION.TXT.vir    Win32/Filecoder.CR trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\locale\DECRYPT_INSTRUCTION.URL.vir    Win32/Filecoder.CR.Gen trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\locale\en-US\DECRYPT_INSTRUCTION.HTML.vir    Win32/Filecoder.CR trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\locale\en-US\DECRYPT_INSTRUCTION.TXT.vir    Win32/Filecoder.CR trojan    
C:\AdwCleaner\Quarantine\C\Users\Rachel\AppData\Roaming\Mozilla\Firefox\Profiles\4v7trpgo.default\Extensions\crossriderapp2258@crossrider.com\locale\en-US\DECRYPT_INSTRUCTION.URL.vir    Win32/Filecoder.CR.Gen trojan    
C:\HP\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\logs\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\logs\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\logs\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\msoffice\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\msoffice\elements\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\elements\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\elements\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\msoffice\lang\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\msoffice\lang\es\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\es\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\es\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\msoffice\lang\es\SpecialPage\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\es\SpecialPage\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\es\SpecialPage\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\msoffice\lang\es\SpecialPage\elements\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\es\SpecialPage\elements\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\es\SpecialPage\elements\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\msoffice\lang\fr\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\fr\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\fr\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\msoffice\lang\fr\SpecialPage\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\fr\SpecialPage\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\fr\SpecialPage\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\msoffice\lang\fr\SpecialPage\elements\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\fr\SpecialPage\elements\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\lang\fr\SpecialPage\elements\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\BIN\msoffice\Updates\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\Updates\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\BIN\msoffice\Updates\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\DockFiles\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBNB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBNB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBNB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBNB\xx_xx\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBNB\xx_xx\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBNB\xx_xx\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBNB\xx_xx\Resources\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBNB\xx_xx\Resources\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBNB\xx_xx\Resources\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBPC\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBPC\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBPC\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBPC\xx_xx\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBPC\xx_xx\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBPC\xx_xx\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBPC\xx_xx\Resources\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBPC\xx_xx\Resources\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\DockFiles\PCSecurityBPC\xx_xx\Resources\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\DA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\DA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\DA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\DA\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\DA\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\DA\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\DE\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\DE\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\DE\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\DE\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\DE\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\DE\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\EN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\EN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\EN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\EN\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\EN\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\EN\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\es\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\es\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\es\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\es\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\es\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\es\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\FI\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\FI\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\FI\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\FI\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\FI\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\FI\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\fr\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\fr\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\fr\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\fr\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\fr\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\fr\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\FR_CA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\FR_CA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\FR_CA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\FR_CA\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\FR_CA\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\FR_CA\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\HU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\HU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\HU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\HU\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\HU\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\HU\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\IT\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\IT\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\IT\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\IT\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\IT\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\IT\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\ja\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ja\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ja\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\ja\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ja\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ja\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\KO\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\KO\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\KO\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\KO\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\KO\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\KO\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\NL\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\NL\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\NL\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\NL\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\NL\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\NL\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\PL\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\PL\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\PL\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\PL\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\PL\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\PL\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\pt\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\pt\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\pt\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\pt\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\pt\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\pt\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\PT_BR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\PT_BR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\PT_BR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\PT_BR\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\PT_BR\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\PT_BR\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\RU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\RU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\RU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\RU\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\RU\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\RU\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\TR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\TR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\TR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\TR\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\TR\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\TR\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\zh\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\zh\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\zh\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\zh\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\zh\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\zh\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\ZH-CN_CN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ZH-CN_CN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ZH-CN_CN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\ZH-CN_CN\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ZH-CN_CN\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ZH-CN_CN\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\ZH-TW_TW\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ZH-TW_TW\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ZH-TW_TW\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\HP\HPQWare\wc\ZH-TW_TW\HP_Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ZH-TW_TW\HP_Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\HP\HPQWare\wc\ZH-TW_TW\HP_Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Program Files (x86)\FoxTabFLVPlayer\Uninstall\Uninstall.exe    a variant of Win32/InstallCore.D potentially unwanted application    
C:\ProgramData\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Application SWFs\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Application SWFs\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Application SWFs\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\CAHeadless\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\CAHeadless\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\CAHeadless\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Flash Galleries\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Flash Galleries\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Flash Galleries\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\template\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\template\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\template\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Music\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Music\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Music\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\35mmslides\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\35mmslides\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\35mmslides\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\4x5transparency\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\4x5transparency\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\4x5transparency\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\baby\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\baby\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\baby\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\classic\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\classic\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\classic\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\comicbook\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\comicbook\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\comicbook\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlgardening\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlgardening\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlgardening\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlmemories\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlmemories\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlmemories\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlnotebook\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlnotebook\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlnotebook\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlsliders\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlsliders\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlsliders\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\homedecor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\homedecor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\homedecor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\kidsbirthday\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\kidsbirthday\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\kidsbirthday\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\moving\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\moving\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\moving\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\newsreel\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\newsreel\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\newsreel\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\oldmap\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\oldmap\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\oldmap\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\performancestar\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\performancestar\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\performancestar\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\photobook\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\photobook\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\photobook\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\reflection\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\reflection\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\reflection\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\roadtrip\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\roadtrip\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\roadtrip\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\scrapbook\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\scrapbook\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\scrapbook\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\sliding\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\sliding\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\sliding\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-16\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-16\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-16\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-9\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-9\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-9\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\snow\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\snow\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\snow\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\travel\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\travel\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\travel\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\wedding\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\wedding\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\wedding\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\winter\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\winter\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\winter\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\worldtravel\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\worldtravel\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\worldtravel\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\background\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\background\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\background\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\headergraphic\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\headergraphic\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\headergraphic\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Non-EMS Pods\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Non-EMS Pods\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Non-EMS Pods\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Pods\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Pods\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Pods\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\modules\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\modules\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\modules\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\adjustment layers\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\adjustment layers\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\adjustment layers\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\backgrounds\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\backgrounds\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\backgrounds\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\filters\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\filters\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\filters\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\frames\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\frames\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\frames\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\graphics\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\graphics\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\graphics\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\photo effects\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\photo effects\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\photo effects\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\photo layouts\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\photo layouts\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\photo layouts\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals2.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals2.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals2.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\arrows.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\arrows.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\arrows.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\banners and awards.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\banners and awards.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\banners and awards.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\characters.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\characters.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\characters.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\crop shapes.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\crop shapes.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\crop shapes.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\dressup.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\dressup.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\dressup.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\face.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\face.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\face.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\flowers.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\flowers.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\flowers.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\food.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\food.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\food.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\frames.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\frames.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\frames.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\fruit.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\fruit.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\fruit.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\music.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\music.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\music.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\nature.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\nature.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\nature.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\ornaments.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\ornaments.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\ornaments.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\outlined shapes.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\outlined shapes.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\outlined shapes.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\shapes.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\shapes.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\shapes.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\symbols.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\symbols.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\symbols.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\talk bubbles.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\talk bubbles.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\talk bubbles.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\tiles.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\tiles.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\tiles.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\text\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\text\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\text\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\themes\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\themes\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Adobe\Photoshop Elements\8.0\Photo Creations\themes\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Citrix\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Citrix\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Citrix\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Citrix\Citrix Receiver\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Citrix\Citrix Receiver\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Citrix\Citrix Receiver\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\CyberLink\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\CyberLink\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\CyberLink\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\CyberLink\PowerCinema\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\CyberLink\PowerCinema\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\CyberLink\PowerCinema\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\DellFaxCtr\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\DellFaxCtr\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\DellFaxCtr\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\DellFaxCtr\Coverpgs\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\DellFaxCtr\Coverpgs\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\DellFaxCtr\Coverpgs\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Easybits GO\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Easybits GO\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Easybits GO\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Easybits GO\HTML\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Easybits GO\HTML\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Easybits GO\HTML\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Easybits GO\HTML\startup\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Easybits GO\HTML\startup\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Easybits GO\HTML\startup\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Easybits GO\Local Cache\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Easybits GO\Local Cache\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Easybits GO\Local Cache\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Easybits GO\News\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Easybits GO\News\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Easybits GO\News\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\aol\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\aol\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\aol\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\attach\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\attach\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\attach\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\symantec\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\symantec\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\symantec\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\vongo\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\vongo\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\vongo\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Support Framework\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Support Framework\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Support Framework\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HP Support Framework\Config\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Support Framework\Config\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HP Support Framework\Config\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Hewlett-Packard\HPSAUpgrade2\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HPSAUpgrade2\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Hewlett-Packard\HPSAUpgrade2\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Norton\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Norton\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Norton\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Norton\00000082\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Norton\00000082\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Norton\00000082\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Norton\00000082\000000fb\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Norton\00000082\000000fb\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Norton\00000082\000000fb\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\NortonInstaller\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\NortonInstaller\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\NortonInstaller\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\NortonInstaller\Logs\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\NortonInstaller\Logs\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\NortonInstaller\Logs\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Recovery\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Recovery\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Recovery\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype\Apps\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Apps\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Apps\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype\Apps\login\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Apps\login\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Apps\login\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype\Apps\login\images\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Apps\login\images\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Apps\login\images\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype\Plugins\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Plugins\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Plugins\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype\Plugins\Local Cache\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Plugins\Local Cache\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Plugins\Local Cache\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype\Plugins\Plugins\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Plugins\Plugins\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Plugins\Plugins\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype Extras\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype Extras\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype Extras\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype Extras\Local Cache\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype Extras\Local Cache\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype Extras\Local Cache\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype Extras\Plugins\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype Extras\Plugins\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype Extras\Plugins\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\TuneUpMedia\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\TuneUpMedia\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\TuneUpMedia\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\clientSWF\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\clientSWF\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\clientSWF\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\flash\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\flash\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\flash\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\img\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\img\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\img\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\product\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\product\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\product\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\product\bejeweled2deluxe\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\product\bejeweled2deluxe\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\Common\product\bejeweled2deluxe\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\de\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\img\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\img\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\img\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\img\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\img\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\img\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\es-es\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\fr\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\it\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\UIConfig2\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\UIConfig2\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\UIConfig2\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\UIConfig2\Common\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\UIConfig2\Common\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\WildTangent\My HP Game Console\UI\UIConfig2\Common\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\x64\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\CardReader\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\CardReader\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\CardReader\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ARA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ARA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ARA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ARB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ARB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ARB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\CHS\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\CHS\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\CHS\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\CHT\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\CHT\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\CHT\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\CSY\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\CSY\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\CSY\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\DAN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\DAN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\DAN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\DEU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\DEU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\DEU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ELL\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ELL\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ELL\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ENG\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ENG\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ENG\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ENU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ENU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ENU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ESP\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ESP\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ESP\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\FIN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\FIN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\FIN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\FRA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\FRA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\FRA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\FRC\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\FRC\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\FRC\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\HEB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\HEB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\HEB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\HUN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\HUN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\HUN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ITA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ITA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\ITA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\JPN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\JPN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\JPN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\KOR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\KOR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\KOR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\NLD\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\NLD\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\NLD\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\NOR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\NOR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\NOR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\PLK\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\PLK\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\PLK\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\PTB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\PTB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\PTB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\PTG\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\PTG\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\PTG\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\RUS\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\RUS\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\RUS\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\SVE\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\SVE\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\SVE\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\THA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\THA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\THA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\TRK\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\TRK\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Chipset\Lang\CHIP\TRK\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\FAQ\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\FAQ\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\FAQ\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\QUICK_INSTALL_GUIDE\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\QUICK_INSTALL_GUIDE\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\QUICK_INSTALL_GUIDE\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Arabic\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Arabic\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Arabic\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\English\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\English\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\English\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\French\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\French\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\French\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\German\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\German\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\German\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Hebrew\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Hebrew\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Hebrew\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Hungarian\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Hungarian\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Hungarian\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Italian\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Italian\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Italian\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Japanese\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Japanese\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Japanese\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Korean\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Korean\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Korean\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Portuguese\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Portuguese\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Portuguese\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Simplified_Chinese\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Simplified_Chinese\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Simplified_Chinese\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Spanish\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Spanish\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Spanish\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Traditional_Chinese\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Traditional_Chinese\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Traditional_Chinese\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\README\Turkish\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Turkish\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\README\Turkish\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\UTILIZE_DUAL_MAC_GUIDE\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\UTILIZE_DUAL_MAC_GUIDE\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\UTILIZE_DUAL_MAC_GUIDE\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\WIN7\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\WIN7\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\WIN7\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\WIN7\32\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\WIN7\32\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\WIN7\32\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Network\WIN7\64\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\WIN7\64\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Network\WIN7\64\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Touchpad\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Touchpad\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Touchpad\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Touchpad\WinWDF\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Touchpad\WinWDF\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Touchpad\WinWDF\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Touchpad\WinWDF\x64\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Touchpad\WinWDF\x64\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Touchpad\WinWDF\x64\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Touchpad\WinWDF\x86\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Touchpad\WinWDF\x86\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Touchpad\WinWDF\x86\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ARA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ARA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ARA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\CHS\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\CHS\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\CHS\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\CHT\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\CHT\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\CHT\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\CSY\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\CSY\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\CSY\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\DAN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\DAN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\DAN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\DEU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\DEU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\DEU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ELL\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ELL\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ELL\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ENU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ENU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ENU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ESP\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ESP\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ESP\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\FIN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\FIN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\FIN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\FRA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\FRA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\FRA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\HEB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\HEB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\HEB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\HUN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\HUN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\HUN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ITA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ITA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\ITA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\JPN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\JPN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\JPN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\KOR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\KOR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\KOR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\NLD\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\NLD\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\NLD\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\NOR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\NOR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\NOR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\PLK\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\PLK\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\PLK\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\PTB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\PTB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\PTB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\PTG\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\PTG\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\PTG\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\RUS\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\RUS\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\RUS\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\SKY\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\SKY\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\SKY\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\SLV\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\SLV\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\SLV\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\SVE\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\SVE\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\SVE\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\THA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\THA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\THA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\TRK\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\TRK\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Graphics\LANG\HDMI\TRK\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ARA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ARA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ARA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\CHS\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\CHS\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\CHS\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\CHT\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\CHT\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\CHT\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\CSY\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\CSY\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\CSY\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\DAN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\DAN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\DAN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\DEU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\DEU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\DEU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ELL\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ELL\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ELL\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ENU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ENU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ENU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ESP\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ESP\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ESP\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\FIN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\FIN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\FIN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\FRA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\FRA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\FRA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\HEB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\HEB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\HEB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\HUN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\HUN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\HUN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ITA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ITA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\ITA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\JPN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\JPN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\JPN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\KOR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\KOR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\KOR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\NLD\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\NLD\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\NLD\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\NOR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\NOR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\NOR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\PLK\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\PLK\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\PLK\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\PTB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\PTB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\PTB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\PTG\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\PTG\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\PTG\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\RUS\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\RUS\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\RUS\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\SKY\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\SKY\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\SKY\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\SLV\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\SLV\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\SLV\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\SVE\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\SVE\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\SVE\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\THA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\THA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\THA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\TRK\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\TRK\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\Drivers\Video\Lang\HDMI\TRK\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\MSWorks\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\MSWorks\PFiles\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\1033\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\1033\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\1033\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\Sound\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\Sound\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\Sound\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\Standard\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\Standard\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\Standard\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\Suite\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\Suite\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\MSWorks\PFiles\MSWorks\Suite\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45121\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45121\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45121\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ARA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ARA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ARA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\CHS\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\CHS\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\CHS\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\CHT\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\CHT\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\CHT\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\CSY\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\CSY\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\CSY\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\DAN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\DAN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\DAN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\DEU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\DEU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\DEU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ELL\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ELL\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ELL\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ENU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ENU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ENU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ESP\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ESP\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ESP\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\FIN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\FIN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\FIN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\FRA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\FRA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\FRA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\HEB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\HEB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\HEB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\HUN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\HUN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\HUN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ITA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ITA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\ITA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\JPN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\JPN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\JPN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\KOR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\KOR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\KOR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\NLD\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\NLD\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\NLD\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\NOR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\NOR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\NOR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\PLK\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\PLK\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\PLK\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\PTB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\PTB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\PTB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\PTG\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\PTG\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\PTG\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\RUS\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\RUS\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\RUS\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan



#15 vzyfl1

vzyfl1
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:42 PM

Posted 26 June 2014 - 04:44 PM

Part 2 of 3 of Eset scan results:

 

C:\SwSetup\sp45708\Graphics\LANG\HDMI\SKY\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\SKY\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\SKY\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\SLV\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\SLV\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\SLV\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\SVE\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\SVE\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\SVE\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\THA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\THA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\THA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\TRK\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\TRK\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Graphics\LANG\HDMI\TRK\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\ARA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\ARA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\ARA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\CHS\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\CHS\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\CHS\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\CHT\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\CHT\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\CHT\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\CSY\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\CSY\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\CSY\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\DAN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\DAN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\DAN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\DEU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\DEU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\DEU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\ELL\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\ELL\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\ELL\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\ENU\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\ENU\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\ENU\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\ESP\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\ESP\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\ESP\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\FIN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\FIN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\FIN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\FRA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\FRA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\FRA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\HEB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\HEB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\HEB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\HUN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\HUN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\HUN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\ITA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\ITA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\ITA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\JPN\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\JPN\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\JPN\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\KOR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\KOR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\KOR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\NLD\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\NLD\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\NLD\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\NOR\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\NOR\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\NOR\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\PLK\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\PLK\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\PLK\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\PTB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\PTB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\PTB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\PTG\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\PTG\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\PTG\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\RUS\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\RUS\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\RUS\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\SKY\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\SKY\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\SKY\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\SLV\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\SLV\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\SLV\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\SVE\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\SVE\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\SVE\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\THA\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\THA\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\THA\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45708\Lang\HDMI\TRK\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\TRK\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45708\Lang\HDMI\TRK\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45974\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45974\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45974\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45975\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45975\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45975\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45975\WinWDF\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45975\WinWDF\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45975\WinWDF\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45975\WinWDF\x64\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45975\WinWDF\x64\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45975\WinWDF\x64\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp45975\WinWDF\x86\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45975\WinWDF\x86\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp45975\WinWDF\x86\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp46561\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp46561\DockFiles\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBNB\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBNB\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBNB\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBNB\xx_xx\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBNB\xx_xx\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBNB\xx_xx\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBNB\xx_xx\Resources\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBNB\xx_xx\Resources\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBNB\xx_xx\Resources\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBPC\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBPC\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBPC\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBPC\xx_xx\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBPC\xx_xx\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBPC\xx_xx\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBPC\xx_xx\Resources\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBPC\xx_xx\Resources\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\DockFiles\PCSecurityBPC\xx_xx\Resources\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp46561\src\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\src\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\src\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp46561\src\Bits\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\src\Bits\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp46561\src\Bits\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\sp47423\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\sp47423\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\sp47423\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\SP54373\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\SP54373\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\SP54373\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\SP54620\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\SP54620\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\SP54620\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SwSetup\SP58915\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SwSetup\SP58915\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SwSetup\SP58915\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SYSTEM.SAV\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SYSTEM.SAV\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SYSTEM.SAV\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SYSTEM.SAV\Logs\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SYSTEM.SAV\Logs\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SYSTEM.SAV\Logs\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SYSTEM.SAV\Util\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SYSTEM.SAV\Util\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SYSTEM.SAV\Util\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\SYSTEM.SAV\Util\postpin\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\SYSTEM.SAV\Util\postpin\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\SYSTEM.SAV\Util\postpin\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\TDSSKiller_Quarantine\25.06.2014_18.43.04\rtkt0000\svc0000\tsk0000.dta    Win64/Patched.H trojan    
C:\TDSSKiller_Quarantine\25.06.2014_18.43.04\rtkt0001\svc0000\tsk0000.dta    Win64/Patched.H trojan    
C:\Users\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Application SWFs\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Application SWFs\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Application SWFs\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\CAHeadless\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\CAHeadless\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\CAHeadless\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Flash Galleries\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Flash Galleries\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Flash Galleries\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\template\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\template\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Flash Galleries\Dynamic\template\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Music\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Music\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Music\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\35mmslides\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\35mmslides\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\35mmslides\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\4x5transparency\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\4x5transparency\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\4x5transparency\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\baby\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\baby\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\baby\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\classic\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\classic\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\classic\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\comicbook\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\comicbook\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\comicbook\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlgardening\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlgardening\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlgardening\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlmemories\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlmemories\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlmemories\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlnotebook\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlnotebook\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlnotebook\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlsliders\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlsliders\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\gtlsliders\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\homedecor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\homedecor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\homedecor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\kidsbirthday\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\kidsbirthday\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\kidsbirthday\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\moving\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\moving\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\moving\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\newsreel\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\newsreel\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\newsreel\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\oldmap\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\oldmap\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\oldmap\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\performancestar\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\performancestar\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\performancestar\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\photobook\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\photobook\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\photobook\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\reflection\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\reflection\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\reflection\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\roadtrip\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\roadtrip\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\roadtrip\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\scrapbook\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\scrapbook\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\scrapbook\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\sliding\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\sliding\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\sliding\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-16\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-16\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-16\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-9\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-9\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\slidingphotos-9\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\snow\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\snow\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\snow\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\travel\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\travel\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\travel\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\wedding\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\wedding\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\wedding\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\winter\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\winter\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\winter\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\worldtravel\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\worldtravel\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\worldtravel\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\background\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\background\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\background\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\headergraphic\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\headergraphic\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Elements Organizer\8.0\Slideshow Templates\yahoomap\resources\media\headergraphic\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Non-EMS Pods\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Non-EMS Pods\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Non-EMS Pods\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Pods\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Pods\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Welcome Screen Pods\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\modules\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\modules\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Locale\en_us\Workflow Panels\modules\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\adjustment layers\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\adjustment layers\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\adjustment layers\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\backgrounds\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\backgrounds\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\backgrounds\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\filters\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\filters\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\filters\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\frames\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\frames\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\frames\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\graphics\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\graphics\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\graphics\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\photo effects\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\photo effects\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\photo effects\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\photo layouts\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\photo layouts\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\photo layouts\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals2.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals2.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\animals2.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\arrows.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\arrows.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\arrows.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\banners and awards.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\banners and awards.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\banners and awards.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\characters.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\characters.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\characters.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\crop shapes.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\crop shapes.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\crop shapes.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\dressup.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\dressup.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\dressup.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\face.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\face.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\face.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\flowers.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\flowers.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\flowers.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\food.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\food.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\food.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\frames.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\frames.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\frames.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\fruit.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\fruit.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\fruit.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\music.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\music.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\music.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\nature.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\nature.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\nature.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\ornaments.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\ornaments.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\ornaments.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\outlined shapes.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\outlined shapes.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\outlined shapes.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\shapes.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\shapes.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\shapes.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\symbols.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\symbols.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\symbols.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\talk bubbles.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\talk bubbles.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\talk bubbles.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\tiles.thumbnails\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\tiles.thumbnails\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\shapes\tiles.thumbnails\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\text\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\text\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\text\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\themes\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\themes\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Adobe\Photoshop Elements\8.0\Photo Creations\themes\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Citrix\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Citrix\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Citrix\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Citrix\Citrix Receiver\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Citrix\Citrix Receiver\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Citrix\Citrix Receiver\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\CyberLink\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\CyberLink\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\CyberLink\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\CyberLink\PowerCinema\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\CyberLink\PowerCinema\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\CyberLink\PowerCinema\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\DellFaxCtr\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\DellFaxCtr\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\DellFaxCtr\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\DellFaxCtr\Coverpgs\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\DellFaxCtr\Coverpgs\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\DellFaxCtr\Coverpgs\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Easybits GO\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Easybits GO\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Easybits GO\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Easybits GO\HTML\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Easybits GO\HTML\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Easybits GO\HTML\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Easybits GO\HTML\startup\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Easybits GO\HTML\startup\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Easybits GO\HTML\startup\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Easybits GO\Local Cache\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Easybits GO\Local Cache\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Easybits GO\Local Cache\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Easybits GO\News\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Easybits GO\News\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Easybits GO\News\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\aol\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\aol\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\aol\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\attach\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\attach\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\attach\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\symantec\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\symantec\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\symantec\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\vongo\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\vongo\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Advisor\basefeeds\hq\94\ec-base\attach\media\vongo\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Support Framework\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Support Framework\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Support Framework\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HP Support Framework\Config\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Support Framework\Config\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HP Support Framework\Config\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Hewlett-Packard\HPSAUpgrade2\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HPSAUpgrade2\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Hewlett-Packard\HPSAUpgrade2\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Norton\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Norton\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Norton\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Norton\00000082\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Norton\00000082\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Norton\00000082\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Norton\00000082\000000fb\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Norton\00000082\000000fb\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Norton\00000082\000000fb\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\NortonInstaller\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\NortonInstaller\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\NortonInstaller\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\NortonInstaller\Logs\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\NortonInstaller\Logs\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\NortonInstaller\Logs\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Recovery\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Recovery\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Recovery\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype\Apps\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Apps\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Apps\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype\Apps\login\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Apps\login\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Apps\login\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype\Apps\login\images\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Apps\login\images\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Apps\login\images\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype\Plugins\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Plugins\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Plugins\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype\Plugins\Local Cache\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Plugins\Local Cache\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Plugins\Local Cache\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype\Plugins\Plugins\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Plugins\Plugins\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Plugins\Plugins\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype\Plugins\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype Extras\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype Extras\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype Extras\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype Extras\Local Cache\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype Extras\Local Cache\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype Extras\Local Cache\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype Extras\Plugins\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype Extras\Plugins\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype Extras\Plugins\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\Skype Extras\Plugins\F57B48ADF2224F088EDD1A2B9BAD84E8\Local Cache\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\TuneUpMedia\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\TuneUpMedia\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\TuneUpMedia\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\clientSWF\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\clientSWF\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\clientSWF\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\flash\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\flash\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\flash\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\img\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\img\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\img\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\product\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\product\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\product\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\product\bejeweled2deluxe\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\product\bejeweled2deluxe\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\Common\product\bejeweled2deluxe\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\de\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\img\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\img\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\img\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\img\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\img\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\img\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\fs_wire\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\en-us\img\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\es-es\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\fr\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\it\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\ko-kr\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\swf\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\swf\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\htdocs2\zh-cn\swf\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\UIConfig2\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\UIConfig2\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\UIConfig2\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\UIConfig2\Common\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\UIConfig2\Common\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan    
C:\Users\All Users\WildTangent\My HP Game Console\UI\UIConfig2\Common\DECRYPT_INSTRUCTION.URL    Win32/Filecoder.CR.Gen trojan    
C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\DECRYPT_INSTRUCTION.HTML    Win32/Filecoder.CR trojan    
C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}\DECRYPT_INSTRUCTION.TXT    Win32/Filecoder.CR trojan  






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users