Jump to content

4 Trojans and a Broken Open command.


Recommended Posts

I'm having a look at my girlfriends dad's pc to try and quicken it up a bit for him. This includes possibly doing some hardware upgrades but I thought whilst I was at it I would run a scan with MBAM and there were Trojans found.
I'll post the normal logs and the MBAM log at the bottom, any help appreciated! :)

 

(Please note I have no priory knowledge of the files on this pc but the owner isn't too pc literate so apologises if there is anything that is against site rules! I have backed up all the media files just incase as this is mainly used as a media pc.)

DDS:

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.25.2
Run by Gaitens at 7:04:42 on 2007-12-10
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2047.1214 [GMT 0:00]
.
AV: Lavasoft Ad-Aware *Enabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Lavasoft Ad-Aware *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\btbb_wcm\McciTrayApp.exe
C:\PROGRA~1\Yahoo!\browser\ybrwicon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\PROGRA~1\Yahoo!\browser\ycommon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\M-AudioTaskBarIcon.exe
C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE
C:\Program Files\Spotify\Data\SpotifyWebHelper.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Microsoft\BingBar\7.3.107.0\SeaPort.exe
C:\WINDOWS\system32\osk.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.


uProxyOverride = 127.0.0.1



BHO: Yahoo! Toolbar Helper: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - c:\program files\mcafee security scan\3.8.130\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - c:\program files\microsoft\bingbar\7.3.107.0\BingExt.dll
BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\web assistant\Extension32.dll
BHO: Yahoo! IE Services Button: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: SidebarAutoLaunch Class: {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - c:\program files\yahoo!\browser\YSidebarIEBHO.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - c:\program files\microsoft\bingbar\7.3.107.0\BingExt.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
uRun: [EPSON SX420W Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatigce.exe /fu "c:\windows\temp\E_SFE.tmp" /EF "HKCU"
uRun: [lime pro] "c:\program files\lime pro\LimePro.exe" -h
uRun: [spotify Web Helper] "c:\program files\spotify\data\SpotifyWebHelper.exe"
uRun: [Google Update] "c:\documents and settings\gaitens\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [DeltaIITaskbarApp] c:\windows\system32\DeltaIITray.exe
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [btbb_wcm_McciTrayApp] c:\program files\btbb_wcm\McciTrayApp.exe
mRun: [btbb_McciTrayApp] "c:\program files\bt broadband desktop help\btbb\BTHelpNotifier.exe"
mRun: [YBrowser] c:\progra~1\yahoo!\browser\ybrwicon.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [skyTel] SkyTel.EXE
mRun: [soundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [M-Audio Taskbar Icon] c:\windows\system32\M-AudioTaskBarIcon.exe
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
mRun: [Ad-Aware Browsing Protection] "c:\documents and settings\all users\application data\ad-aware browsing protection\adawarebp.exe"
mRun: [jswtrayutil] "c:\program files\netgear\wna1100\jswtrayutil.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mRunOnce: [installShieldSetup] c:\progra~1\instal~1\{c2425~1\setup.exe -rebootc:\progra~1\instal~1\{c2425~1\reboot.ini -l0x0409
StartupFolder: c:\docume~1\gaitens\startm~1\programs\startup\imvu.lnk - c:\documents and settings\gaitens\application data\imvuclient\IMVUQualityAgent.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\btbroa~1.lnk - c:\program files\bt broadband desktop help\bin\matcli.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~2.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\3.8.130\SSScheduler.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wna1100\WNA1100.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\netgea~2.lnk - c:\program files\netgear\wna3100\WNA3100.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\gaitens\start menu\programs\imvu\Run IMVU.lnk
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab


DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll













TCP: Interfaces\{2F520D49-3007-41B0-A0FF-C4A39BFB6EE1} : DHCPNameServer = 192.168.0.1
Handler: bw+0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw+0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw-0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw-0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw00 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw00s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw10 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw10s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw20 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw20s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw30 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw30s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw40 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw40s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw50 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw50s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw60 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw60s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw70 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw70s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw80 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw80s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw90 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bw90s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwa0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwa0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwb0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwb0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwc0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwc0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwd0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwd0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwe0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwe0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwf0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwf0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: bwg0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwg0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwh0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwh0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwi0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwi0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwj0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwj0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwk0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwk0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwl0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwl0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwm0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwm0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwn0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwn0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwo0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwo0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwp0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwp0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwq0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwq0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwr0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwr0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bws0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bws0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwt0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwt0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwu0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwu0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwv0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwv0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bww0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bww0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwx0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwx0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwy0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwy0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwz0 - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: bwz0s - {461a0983-eca8-4bcd-ae42-7eaa2440940f} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Handler: offline-8876480 - {461A0983-ECA8-4BCD-AE42-7EAA2440940F} - c:\program files\logitech\desktop messenger\8876480\program\BWPlugProtocol-8876480.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2013-9-10 97008]
R1 RapportCerberus_56758;RapportCerberus_56758;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportcerberus\baseline\RapportCerberus32_56758.sys [2013-10-10 330960]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2013-9-10 148688]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2013-9-10 222416]
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2012-8-29 21240]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-7-12 1239952]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-10-28 54752]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-9-21 3712]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-9-15 88576]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2013-9-10 1435928]
R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2011-12-19 3289032]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2012-8-29 77816]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\web assistant\ExtensionUpdaterService.exe [2012-6-16 188760]
R2 WSWNA1100;WSWNA1100;c:\program files\netgear\wna1100\WifiSvc.exe [2012-9-13 266240]
R2 WSWNA3100;WSWNA3100;c:\program files\netgear\wna3100\WifiSvc.exe [2007-12-10 303360]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.3.107.0\SeaPort.EXE [2013-8-30 240288]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [2012-9-13 57440]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.3.107.0\BBSvc.EXE [2013-8-30 193696]
S3 AR9271;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [2012-9-13 1759584]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [2007-12-10 1034240]
S3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\drivers\deltaii.sys --> c:\windows\system32\drivers\deltaII.sys [?]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2012-2-10 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-22 21248]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\netgear\wna1100\jswpsapi.exe [2012-9-13 360529]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\3.8.130\McCHSvc.exe [2013-9-6 235216]
S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2007-12-10 50704]
S3 RDID1061;UA-4FX;c:\windows\system32\drivers\Rdwm1061.sys [2010-8-5 140672]
.
=============== Created Last 30 ================
.
2013-09-10 22:18:28 97008 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2013-07-23 12:23:18 11695248 ----a-w- c:\program files\common files\microsoft shared\office11\MSO.DLL
2013-07-19 00:18:04 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-07-17 17:30:26 17325760 ----a-w- c:\program files\common files\microsoft shared\office12\MSO.DLL
2013-07-10 17:07:22 756888 ----a-w- c:\program files\common files\microsoft shared\office12\MSPTLS.DLL
2013-06-19 18:44:54 1366656 ----a-w- c:\program files\common files\microsoft shared\office11\msxml5.dll
2013-05-09 00:07:00 1618096 ----a-w- c:\program files\common files\microsoft shared\office12\OGL.DLL
2013-05-06 18:18:01 -------- d-----w- c:\program files\common files\Propellerhead Software
2013-05-06 17:53:07 -------- d-----w- C:\Cakewalk Content
2013-01-21 19:11:15 -------- dc-h--w- c:\windows\ie8
2012-11-08 11:29:12 1402312 ----a-w- c:\windows\system32\msxml4.dll
2012-09-13 18:55:51 -------- d--h--r- c:\documents and settings\all users\application data\Atheros
2012-09-13 18:54:34 1759584 ----a-w- c:\windows\system32\drivers\athuw.sys
2012-09-13 18:54:28 73800 ----a-w- c:\windows\system32\athgina.dll
2012-09-13 18:53:50 -------- d-----w- C:\temp
2012-08-29 17:26:55 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\adaware
2012-08-29 17:26:54 -------- d-----w- c:\documents and settings\all users\application data\Ad-Aware Browsing Protection
2012-08-29 17:26:47 77816 ----a-w- c:\windows\system32\drivers\sbapifs.sys
2012-08-29 17:26:47 21240 ----a-w- c:\windows\system32\drivers\sbaphd.sys
2012-08-29 17:26:41 -------- d-----w- c:\windows\system32\drivers\VDD
2012-08-29 17:26:41 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-08-29 17:25:04 -------- d-----w- c:\documents and settings\gaitens\application data\Ad-Aware Antivirus
2012-08-11 08:10:33 8281168 ----a-w- c:\documents and settings\all users\application data\microsoft\bingbar\bbsvc\7.1.391.0oemBingBarSetup-Partner.EXE
2012-06-16 14:04:50 -------- d-----w- c:\program files\Conduit
2012-06-16 14:04:48 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Conduit
2012-06-16 14:04:39 -------- d-----w- c:\program files\Web Assistant
2012-06-14 14:57:14 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2012-05-11 19:43:25 92160 -c--a-w- c:\windows\system32\dllcache\fuusd.dll
2012-05-11 19:43:25 92160 ----a-w- c:\windows\system32\fuusd.dll
2012-05-11 19:43:25 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys
2012-05-11 19:43:25 6784 ----a-w- c:\windows\system32\drivers\serscan.sys
2012-05-11 19:43:23 71680 -c--a-w- c:\windows\system32\dllcache\fnfilter.dll
2012-05-11 19:43:23 71680 ----a-w- c:\windows\system32\fnfilter.dll
2012-05-02 11:17:12 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-05-01 09:41:13 0 ----a-w- c:\windows\ativpsrm.bin
2012-04-30 11:37:58 17152 -c--a-w- c:\windows\system32\dllcache\usbohci.sys
2012-04-30 11:37:58 17152 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-04-30 11:37:42 40960 -c--a-w- c:\windows\system32\dllcache\sisagp.sys
2012-04-30 11:37:42 40960 ----a-w- c:\windows\system32\drivers\SISAGP.SYS
2012-04-11 14:17:10 2594632 ----a-w- c:\program files\common files\microsoft shared\vba\vba6\VBE6.DLL
2012-04-11 14:10:39 -------- d--h--w- c:\windows\PIF
2012-04-04 07:50:59 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Trusteer
2012-04-04 07:50:49 -------- d-----w- c:\program files\Trusteer
2012-04-04 07:50:08 -------- d-----w- c:\documents and settings\all users\application data\Trusteer
2012-03-15 20:42:07 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\MPlayer
2012-03-15 20:41:56 -------- d-----w- c:\documents and settings\gaitens\.3gpplayer
2012-03-15 20:40:03 -------- d-----w- c:\program files\3GPplayer2011
2012-03-15 19:49:11 -------- d-----w- c:\documents and settings\gaitens\application data\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
2012-03-15 19:45:14 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Htc
2012-02-22 19:39:53 -------- d-----w- c:\program files\McAfee Security Scan
2012-02-22 19:39:50 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-02-22 18:50:59 -------- d-----w- c:\documents and settings\gaitens\application data\Outlook
2012-02-17 16:14:57 -------- d-----w- c:\program files\Windows Media Connect 2
2012-02-17 16:13:42 -------- d-----w- c:\windows\system32\LogFiles
2012-02-15 18:42:44 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2012-02-15 16:57:10 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll
2012-02-15 16:57:10 3072 ------w- c:\windows\system32\iacenc.dll
2012-02-10 20:28:32 12928 -c--a-w- c:\windows\system32\dllcache\usb8023x.sys
2012-02-10 20:28:32 12928 ----a-w- c:\windows\system32\drivers\usb8023x.sys
2012-02-10 20:28:31 30592 -c--a-w- c:\windows\system32\dllcache\rndismpx.sys
2012-02-10 20:28:31 30592 ----a-w- c:\windows\system32\drivers\rndismpx.sys
2012-02-10 20:13:11 14640 ------w- c:\windows\system32\spmsgXP_2k3.dll
2012-02-10 20:11:09 -------- d-----w- c:\documents and settings\gaitens\application data\HTC
2012-02-10 20:10:29 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Downloaded Installations
2012-02-10 20:10:15 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys
2012-02-10 20:10:15 1122664 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-02-10 20:10:12 -------- d-----w- c:\program files\Spirent Communications
2012-02-10 20:10:01 -------- d-----w- c:\program files\HTC
2012-02-10 20:08:36 -------- d-----w- c:\program files\MSXML 4.0
2012-01-31 21:33:27 1177600 ----a-w- c:\windows\system32\SYNSOEMU.DLL
2012-01-31 21:33:18 -------- d-----w- c:\program files\common files\VST3
2012-01-31 21:31:58 -------- d-----w- c:\documents and settings\all users\application data\VST3 Presets
2012-01-31 21:29:05 -------- d-----w- c:\program files\common files\Steinberg
2012-01-31 21:27:14 -------- d-----w- c:\documents and settings\all users\application data\Steinberg
2012-01-31 17:45:36 -------- d-----w- c:\documents and settings\gaitens\application data\Steinberg
2012-01-31 17:45:35 -------- d-----w- c:\program files\Steinberg
2012-01-22 20:23:04 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Apple Computer
2012-01-22 20:22:57 26600 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-01-22 20:22:57 107368 ----a-w- c:\windows\system32\GEARAspi.dll
2012-01-22 20:22:01 -------- d-----w- c:\program files\iPod
2012-01-22 20:21:57 -------- d-----w- c:\program files\iTunes
2012-01-22 20:21:57 -------- d-----w- c:\documents and settings\all users\application data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2012-01-22 20:21:34 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Apple
2012-01-22 20:21:22 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-01-22 20:21:22 42496 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2012-01-20 11:30:28 -------- d-----w- c:\documents and settings\gaitens\.frostwire5
2012-01-20 11:29:11 789416 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-20 06:34:21 -------- d-----w- c:\documents and settings\all users\application data\15CB
2012-01-19 20:42:17 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Lime PRO
2012-01-19 20:40:34 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\PackageAware
2012-01-12 00:40:59 221184 ----a-w- c:\windows\system32\wmpns.dll
2012-01-11 21:02:07 293376 ------w- c:\windows\system32\browserchoice.exe
2012-01-10 21:43:30 8192 ----a-w- c:\windows\system32\E_DCINST.DLL
2012-01-10 21:43:27 93696 ----a-w- c:\windows\system32\E_FLBGCE.DLL
2012-01-10 21:43:27 63488 ----a-w- c:\windows\system32\E_FD4BGCE.DLL
2012-01-10 20:52:47 20992 ----a-w- c:\windows\system32\dshowext.ax
2012-01-10 20:52:47 123008 -c--a-w- c:\windows\system32\dllcache\usbvideo.sys
2012-01-10 20:52:47 123008 ----a-w- c:\windows\system32\drivers\usbvideo.sys
2011-12-19 12:21:22 11632 ----a-w- c:\windows\system32\drivers\vdd\apvdd.dll
2011-12-19 12:21:02 42864 ----a-w- c:\windows\system32\sbbd.exe
2011-10-26 13:23:40 101112 ----a-w- c:\windows\system32\drivers\SBREDrv.sys
2011-07-27 05:33:08 1064296 ----a-w- c:\program files\common files\microsoft shared\office12\RICHED20.DLL
2011-05-31 16:26:54 986000 ----a-w- c:\program files\common files\microsoft shared\office12\msoshext.dll
2011-05-17 11:30:52 1103784 ----a-w- c:\program files\common files\microsoft shared\office11\RICHED20.DLL
2011-05-13 21:11:54 641536 ----a-w- c:\program files\common files\microsoft shared\vc\msdia80.dll
2011-04-19 03:47:04 670032 ----a-w- c:\program files\common files\microsoft shared\vc\msdia90.dll
2011-02-19 22:03:12 799568 ----a-w- c:\program files\common files\microsoft shared\vc\msdia100.dll
2011-01-20 12:03:57 -------- d-----w- c:\documents and settings\gaitens\TruePianos Settings
2011-01-19 12:32:12 -------- d-----w- c:\program files\Outsim
2010-08-05 19:42:24 319488 ----a-w- c:\windows\system32\RDDP1061.DAT
2010-08-05 19:42:24 140672 ----a-w- c:\windows\system32\drivers\Rdwm1061.sys
2010-08-05 19:42:23 61440 ----a-w- c:\windows\system32\RDCP1061.CPL
2010-08-05 19:42:23 20480 ----a-w- c:\windows\system32\RdCi1061.dll
2010-08-05 19:42:23 102400 ----a-w- c:\windows\system32\rdas1061.dll
2010-08-05 19:42:23 -------- d-----w- c:\program files\RdDrv001
2010-08-05 19:00:45 -------- d-----w- c:\program files\common files\Native Instruments
2010-08-05 19:00:26 -------- d-----w- c:\program files\Native Instruments
2010-07-22 18:41:29 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\WMTools Downloaded Files
2010-06-22 18:01:52 21248 ----a-w- c:\windows\system32\drivers\htcnprot.sys
2010-05-12 19:46:38 1294336 ----a-w- c:\windows\system32\vorbis.acm
2010-05-12 19:45:32 -------- d-----w- c:\program files\Image-Line
2010-05-12 18:30:21 -------- d-----w- c:\program files\common files\Autodesk Shared
2010-05-12 18:30:21 -------- d-----w- c:\program files\AutoCAD 2009
2010-05-12 18:30:21 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Autodesk
2010-05-12 18:30:21 -------- d-----w- c:\documents and settings\gaitens\application data\Autodesk
2010-05-12 18:15:38 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll
2010-04-18 20:14:09 5632 ----a-w- c:\windows\system32\ptpusb.dll
2010-04-18 20:14:08 159232 ----a-w- c:\windows\system32\ptpusd.dll
2010-04-16 09:49:08 503296 ----a-w- c:\program files\common files\microsoft shared\office11\USP10.DLL
2010-03-31 00:16:34 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-03-31 00:10:40 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-03-30 12:24:40 317440 -c----w- c:\windows\system32\dllcache\mp4sdecd.dll
2010-03-24 18:24:16 -------- d-sh--r- C:\RESTORE
2010-02-22 13:00:36 1430360 ----a-w- c:\program files\common files\system\msmapi\1033\MSMAPI32.DLL
2010-01-13 11:05:00 -------- d-----w- c:\program files\NCH Software
2010-01-13 11:03:58 -------- d-----w- c:\program files\NCH Swift Sound
2010-01-12 11:48:58 -------- d-----w- c:\program files\Audacity
2010-01-06 10:01:30 -------- d-----w- c:\documents and settings\all users\application data\MSScanAppDataDir
2010-01-05 15:35:45 -------- d-----w- c:\program files\AVG
2010-01-05 15:35:44 -------- d-----w- c:\documents and settings\all users\application data\avg8
2010-01-03 11:44:06 -------- d--h--w- c:\windows\msdownld.tmp
2010-01-03 11:39:19 59904 -c--a-w- c:\windows\system32\dllcache\icardie.dll
2010-01-03 11:39:19 445952 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dll
2010-01-03 11:39:19 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2010-01-03 11:39:18 3698584 -c--a-w- c:\windows\system32\dllcache\ieapfltr.dat
2009-12-28 19:20:21 -------- d-----w- c:\program files\DivX
2009-12-28 19:20:21 -------- d-----w- c:\program files\common files\DivX Shared
2009-12-15 22:17:49 24 ----a-w- c:\windows\system32\sysogg.dll
2009-12-15 22:15:34 233472 ----a-w- c:\windows\system32\lame_enc.dll
2009-12-15 22:15:34 1703936 ----a-w- c:\windows\system32\NCTAudioFile.dll
2009-12-15 22:15:34 -------- d-----w- c:\program files\MP3 Converter Simple
2009-11-16 19:21:08 -------- d-----w- c:\documents and settings\all users\application data\McAfee Security Scan
2009-11-16 19:20:58 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Adobe
2009-11-07 01:07:08 49488 ----a-w- c:\windows\system32\netfxperf.dll
2009-11-07 01:07:04 297808 ----a-w- c:\windows\system32\mscoree.dll
2009-11-07 01:06:46 1130824 ----a-w- c:\windows\system32\dfshim.dll
2009-11-03 01:34:00 -------- d-----w- c:\program files\MSECache
2009-11-03 00:54:49 -------- d-----w- c:\program files\common files\Hewlett-Packard
2009-11-03 00:53:12 14976 -c--a-w- c:\windows\system32\dllcache\usbscan.sys
2009-11-03 00:53:12 14976 ----a-w- c:\windows\system32\drivers\usbscan.sys
2009-11-03 00:51:48 61440 ----a-w- c:\windows\system32\HPZinw12.exe
2009-11-03 00:51:47 94208 ----a-w- c:\windows\system32\HPZipt12.dll
2009-11-03 00:51:47 69632 ----a-w- c:\windows\system32\HPZipm12.exe
2009-11-03 00:51:47 57344 ----a-w- c:\windows\system32\HPZisn12.dll
2009-11-03 00:51:47 278584 ----a-w- c:\windows\system32\HPZidr12.dll
2009-11-03 00:51:47 204800 ----a-w- c:\windows\system32\HPZipr12.dll
2009-11-03 00:51:05 306688 ----a-w- c:\windows\IsUninst.exe
2009-11-03 00:49:13 51120 ----a-w- c:\windows\system32\drivers\HPZid412.sys
2009-11-03 00:49:13 21744 ----a-w- c:\windows\system32\drivers\HPZius12.sys
2009-11-03 00:49:13 16496 ----a-w- c:\windows\system32\drivers\HPZipr12.sys
2009-11-03 00:49:00 98304 ----a-w- c:\windows\system32\hpzjsn01.dll
2009-11-03 00:48:59 606208 ----a-w- c:\windows\system32\hpotscl.dll
2009-11-03 00:48:59 274432 ----a-w- c:\windows\system32\HPZc3212.dll
2009-11-03 00:48:59 258122 ----a-w- c:\windows\system32\hpovst08.dll
2009-11-03 00:48:58 278528 ----a-w- c:\windows\system32\hpgwiamd.dll
2009-11-03 00:48:34 180315 ----a-w- c:\windows\system32\hpzsnt12.dll
2009-11-03 00:48:31 393216 ----a-w- c:\windows\system32\hpzcon12.dll
2009-11-03 00:48:31 196608 ----a-w- c:\windows\system32\hpzcoi12.dll
2009-11-03 00:36:04 -------- d-----w- c:\program files\HP
2009-11-03 00:36:01 -------- d-----w- c:\windows\Downloaded Installations
2009-11-03 00:33:23 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2009-11-03 00:33:23 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2009-10-31 10:57:16 -------- d-----w- c:\windows\system32\XPSViewer
2009-10-31 10:56:44 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
2009-10-31 10:56:30 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2009-10-31 10:56:30 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2009-10-31 10:56:30 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2009-10-31 10:56:30 117760 ------w- c:\windows\system32\prntvpt.dll
2009-10-31 10:56:29 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2009-10-31 10:56:29 575488 ------w- c:\windows\system32\xpsshhdr.dll
2009-10-31 10:56:29 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2009-10-31 10:56:29 1676288 ------w- c:\windows\system32\xpssvcs.dll
2009-10-28 23:30:52 -------- d-----w- c:\program files\Microsoft Office Outlook Connector
2009-10-28 23:30:39 54752 ----a-w- c:\windows\system32\drivers\fssfltr_tdi.sys
2009-10-28 23:26:38 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll
2009-10-28 23:26:29 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-10-28 23:24:55 -------- d-----w- c:\program files\Microsoft
2009-10-28 23:24:37 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-10-28 23:23:56 4927864 ----a-w- c:\program files\common files\windows live\.cache\b702ef1c1ca5825\Silverlight.2.0.exe
2009-10-28 23:23:33 23510720 ----a-w- c:\program files\common files\windows live\.cache\aa835b501ca5825\dotnetfx.exe
2009-10-28 23:23:04 74520 ----a-w- c:\program files\common files\windows live\.cache\994d61a01ca5825\DSETUP.dll
2009-10-28 23:23:04 484632 ----a-w- c:\program files\common files\windows live\.cache\994d61a01ca5825\DXSETUP.exe
2009-10-28 23:23:04 1670936 ----a-w- c:\program files\common files\windows live\.cache\994d61a01ca5825\dsetup32.dll
2009-10-28 23:22:59 1013800 ----a-w- c:\program files\common files\windows live\.cache\963f5e501ca5825\WindowsXP-KB954708-x86-ENU.exe
2009-10-28 23:22:15 141394760 ----a-w- c:\program files\common files\windows live\.cache\wlcA1.tmp
2009-10-28 22:19:02 -------- d-----w- c:\windows\SxsCaPendDel
2009-10-27 20:43:34 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-10-22 16:44:54 732488 ----a-w- c:\program files\common files\system\msmapi\1033\MSPST32.DLL
2009-10-20 16:20:16 265728 -c----w- c:\windows\system32\dllcache\http.sys
2009-10-19 23:53:44 3070976 ----a-w- c:\windows\system32\SETD.tmp
2009-10-19 22:59:28 -------- d-----w- c:\windows\system32\appmgmt
2009-10-19 18:33:42 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Spotify
2009-10-19 18:33:42 -------- d-----w- c:\documents and settings\gaitens\application data\Spotify
2009-10-19 18:33:39 -------- d-----w- c:\program files\Spotify
2009-10-01 20:45:06 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Help
2009-09-29 19:31:31 -------- d-----w- C:\Plugins
2009-09-29 19:29:57 -------- d-----w- C:\Bonus file
2009-09-29 19:27:26 -------- d-----w- c:\windows\6000 sound fx
2009-09-29 18:58:34 -------- d-----w- c:\program files\Edirol
2009-09-23 22:28:31 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Identities
2009-09-23 22:22:44 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Temp
2009-09-23 22:17:18 -------- d-----w- c:\documents and settings\gaitens\local settings\application data\Google
2009-09-22 21:21:16 141402440 ----a-w- c:\program files\common files\windows live\.cache\wlc20.tmp
2009-09-22 19:54:25 214256 ----a-w- c:\windows\system32\muweb.dll
2009-09-22 19:54:24 275696 ----a-w- c:\windows\system32\mucltui.dll
2009-09-22 19:54:24 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2009-09-21 23:11:17 -------- d-----w- c:\program files\common files\Windows Live
2009-09-21 22:12:58 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys
2009-09-21 22:12:58 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys
2009-09-21 22:12:13 91136 ----a-w- c:\windows\system32\kswdmcap.ax
2009-09-21 22:12:13 28672 ----a-w- c:\windows\system32\vidcap.ax
2009-09-21 22:12:12 61952 ----a-w- c:\windows\system32\kstvtune.ax
2009-09-21 22:12:12 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll
2009-09-21 22:12:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll
2009-09-21 22:12:11 43008 ----a-w- c:\windows\system32\ksxbar.ax
2009-09-21 21:54:27 86016 ----a-w- c:\windows\system32\YPcservice.exe
2009-09-21 21:54:26 131072 ----a-w- c:\windows\system32\ypclsp.dll
2009-09-21 21:53:03 24576 ----a-w- c:\windows\system32\msxml3a.dll
2009-09-21 21:51:35 65536 ----a-w- c:\windows\system32\YCRWin32.dll
2009-09-21 21:51:28 89088 ----a-w- c:\windows\system32\ATL71.DLL
2009-09-21 21:51:28 84992 ----a-w- c:\windows\system32\ATL70.DLL
2009-09-21 21:50:29 -------- d-----w- c:\program files\Yahoo!
2009-09-21 21:49:58 -------- d-----w- c:\windows\Motive
2009-09-21 21:49:47 -------- d-----w- c:\program files\btbb_wcm
2009-09-21 21:49:33 -------- d-----w- c:\program files\common files\Motive
2009-09-21 21:48:51 -------- d-----w- c:\program files\Motive
2009-09-21 21:48:51 -------- d-----w- c:\program files\BT Broadband Desktop Help
2009-09-21 21:48:34 139536 ----a-w- c:\windows\system32\javaee.dll
2009-09-21 21:46:48 -------- d-----w- c:\program files\BTHomeHub
2009-09-21 20:24:38 28552 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
2009-09-21 20:24:38 28040 ----a-w- c:\windows\system32\mdimon.dll
2009-09-21 20:23:38 -------- d-----w- c:\program files\common files\L&H
2009-09-21 20:22:59 -------- d-----w- c:\program files\Microsoft ActiveSync
2009-09-21 20:21:42 -------- d-----w- c:\windows\SHELLNEW
2009-09-21 15:58:28 118784 ------r- c:\windows\bwUnin-7.2.0.137-8876480SL.exe
2009-09-21 15:58:10 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\ctor.dll
2009-09-21 15:58:10 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\DotNetInstaller.exe
2009-09-21 15:58:10 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iscript.dll
2009-09-21 15:58:10 172032 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iuser.dll
2009-09-21 15:58:09 733184 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iKernel.dll
2009-09-21 15:58:09 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\setup.dll
2009-09-21 15:58:09 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iGdi.dll
2009-09-21 15:57:49 13568 ----a-w- c:\windows\system32\drivers\L8042Kbd.SYS
2009-09-21 15:57:33 71680 ----a-w- c:\windows\system32\drivers\LMouKE.Sys
2009-09-21 15:57:33 56064 ----a-w- c:\windows\system32\drivers\L8042MOU.SYS
2009-09-21 15:57:26 3712 ----a-w- c:\windows\system32\drivers\LBeepKE.sys
2009-09-21 15:57:25 53248 ----a-w- c:\windows\system32\KemXML.dll
2009-09-21 15:57:25 155648 ----a-w- c:\windows\system32\kemutb.dll
2009-09-21 15:57:25 126976 ----a-w- c:\windows\system32\KemUtil.dll
2009-09-21 15:57:25 110592 ----a-w- c:\windows\system32\KemWnd.dll
2009-09-21 15:57:06 27264 ----a-w- c:\windows\system32\drivers\LHidKE.Sys
2009-09-21 15:57:05 94208 ----a-w- c:\windows\KHALMNPR.Exe
2009-09-21 15:57:02 -------- d-----w- c:\program files\common files\Logitech
2009-09-21 15:56:53 753664 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iKernel.dll
2009-09-21 15:56:53 69714 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\ctor.dll
2009-09-21 15:56:53 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\DotNetInstaller.exe
2009-09-21 15:56:53 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iscript.dll
2009-09-21 15:56:53 184320 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iuser.dll
2009-09-21 15:56:52 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\setup.dll
2009-09-21 15:56:52 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\00\intel32\iGdi.dll
2009-09-20 21:30:37 60160 ----a-w- c:\windows\system32\drivers\usbaudio.sys
2009-09-19 12:31:37 -------- d-sh--w- c:\documents and settings\gaitens\IECompatCache
2009-09-19 12:31:21 -------- d-sh--w- c:\documents and settings\gaitens\PrivacIE
2009-09-18 18:55:41 60160 -c--a-w- c:\windows\system32\dllcache\drmk.sys
2009-09-18 18:55:41 60160 ----a-w- c:\windows\system32\drivers\drmk.sys
2009-09-18 18:55:41 4096 -c--a-w- c:\windows\system32\dllcache\ksuser.dll
2009-09-18 18:55:41 4096 ----a-w- c:\windows\system32\ksuser.dll
2009-09-18 18:55:41 146048 -c--a-w- c:\windows\system32\dllcache\portcls.sys
2009-09-18 18:55:41 146048 ----a-w- c:\windows\system32\drivers\portcls.sys
2009-09-18 18:55:41 129536 ----a-w- c:\windows\system32\ksproxy.ax
2009-09-18 18:50:13 26632 ----a-w- c:\windows\system32\DeltaII.cpl
2009-09-18 18:50:13 12296 ----a-w- c:\windows\system32\deltaIICoIn.dll
2009-09-18 18:46:20 -------- d-----w- c:\documents and settings\gaitens\application data\Cakewalk
2009-09-18 18:37:07 -------- d-sh--w- c:\documents and settings\gaitens\IETldCache
2009-09-18 18:32:06 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
2009-09-18 18:31:43 -------- d-----w- c:\windows\ie8updates
2009-09-18 18:31:25 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2009-09-18 18:31:24 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-09-18 18:31:24 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-09-18 18:31:24 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2009-09-18 18:31:24 2006016 -c----w- c:\windows\system32\dllcache\iertutil.dll
2009-09-18 18:31:23 11113472 -c----w- c:\windows\system32\dllcache\ieframe.dll
2009-09-18 18:09:24 118784 ----a-w- c:\windows\dsdxirmv.exe
2009-09-18 18:06:08 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2009-09-18 18:06:05 368640 ----a-w- c:\windows\system32\ReWire.dll
2009-09-18 17:39:33 -------- d-----w- c:\documents and settings\all users\application data\BullGuard
2009-09-18 17:39:32 -------- d-----w- c:\documents and settings\gaitens\application data\BullGuard
2009-09-18 17:36:17 2193536 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2009-09-18 17:36:17 2149888 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2009-09-18 17:36:16 2028544 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2009-09-18 17:36:01 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2009-09-18 17:35:25 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2009-09-18 17:35:25 272128 ------w- c:\windows\system32\drivers\bthport.sys
2009-09-18 17:35:23 6144 ----a-w- c:\windows\system32\xpsp4res.dll
2009-09-18 17:30:54 26144 ----a-w- c:\windows\system32\spupdsvc.exe
2009-09-18 17:30:54 -------- d-----w- c:\windows\system32\PreInstall
2009-09-18 17:30:53 -------- d--h--w- c:\windows\$hf_mig$
2009-09-18 17:29:36 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2009-09-18 17:29:23 -------- d-----w- c:\windows\system32\SoftwareDistribution
2009-09-18 17:29:02 -------- d-sh--w- c:\documents and settings\gaitens\UserData
2009-09-18 17:24:30 520192 ----a-w- c:\windows\RtlExUpd.dll
2009-09-18 17:24:30 315392 ----a-w- c:\windows\HideWin.exe
2009-09-18 17:24:29 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll
2009-09-18 17:24:29 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll
2009-09-18 17:24:29 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe
2009-09-18 17:24:29 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll
2009-09-18 17:24:29 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll
2009-09-18 17:24:29 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll
2009-09-18 17:24:28 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll
2009-09-18 17:24:28 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll
2009-09-18 17:23:23 -------- d-----w- c:\windows\system32\ReinstallBackups
2009-09-18 17:23:00 103296 ----a-w- c:\windows\system32\drivers\Rtenicxp.sys
2009-09-18 17:22:59 -------- d-----w- c:\windows\OPTIONS
2009-09-18 17:22:59 -------- d-----w- c:\program files\Realtek
2009-09-18 17:22:26 172032 ----a-w- c:\windows\system32\igfxres.dll
2009-09-18 12:21:04 26368 -c--a-w- c:\windows\system32\dllcache\usbstor.sys
2009-09-18 11:05:57 3072 ----a-w- c:\windows\system32\drivers\audstub.sys
2009-09-18 11:05:55 -------- d-s---w- c:\windows\system32\Microsoft
2009-09-18 11:05:41 21504 ----a-w- c:\windows\system32\hidserv.dll
2009-09-18 11:05:13 57600 ----a-w- c:\windows\system32\drivers\redbook.sys
2009-09-18 11:04:41 19584 ----a-w- c:\windows\system32\drivers\rasirda.sys
2009-09-18 11:04:39 88192 ----a-w- c:\windows\system32\drivers\irda.sys
2009-09-18 11:04:39 8192 ----a-w- c:\windows\system32\wshirda.dll
2009-09-18 11:04:39 28160 ----a-w- c:\windows\system32\irmon.dll
2009-09-18 11:04:39 151552 ----a-w- c:\windows\system32\irftp.exe
2009-09-18 11:04:35 18688 ----a-w- c:\windows\system32\drivers\irsir.sys
2009-09-18 11:04:16 74240 -c--a-w- c:\windows\system32\dllcache\usbui.dll
2009-09-18 11:04:16 74240 ----a-w- c:\windows\system32\usbui.dll
2009-09-18 11:02:59 19968 -c--a-w- c:\windows\system32\dllcache\agt040e.dll
2009-09-18 11:01:56 -------- d-----w- C:\Documents and Settings
.
==================== Find3M  ====================
.
2013-09-23 18:33:58 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:33:57 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:33:57 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:33:56 18944 ----a-w- c:\windows\system32\corpol.dll
2013-09-23 18:06:48 385024 ------w- c:\windows\system32\html.iec
2013-08-29 01:31:44 1878656 ----a-w- c:\windows\system32\win32k.sys
2013-08-09 01:56:45 386560 ----a-w- c:\windows\system32\themeui.dll
2013-08-09 00:55:08 144128 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-08-09 00:55:07 32384 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-08-09 00:55:06 5376 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-08-05 13:30:32 1289728 ----a-w- c:\windows\system32\ole32.dll
2013-08-03 14:18:38 1543680 ------w- c:\windows\system32\wmvdecod.dll
2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
2013-07-04 03:03:25 2149888 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-04 02:08:30 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-03 02:12:52 25088 ----a-w- c:\windows\system32\drivers\hidparse.sys
2013-06-04 07:23:02 562688 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 00:53:15 290816 ----a-w- c:\windows\system32\atmfd.dll
2013-05-28 01:59:37 590848 ----a-w- c:\windows\system32\rpcrt4.dll
2013-04-04 14:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-08 08:36:22 293376 ----a-w- c:\windows\system32\winsrv.dll
2013-02-27 07:56:51 2067456 ----a-w- c:\windows\system32\mstscax.dll
2013-02-12 00:32:23 12928 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-11-06 02:01:39 1371648 ----a-w- c:\windows\system32\msxml6.dll
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 14:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 14:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 14:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 14:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-01 16:50:06 601088 ----a-w- c:\windows\system32\crypt32.dll
2012-05-14 09:22:41 345600 ----a-w- c:\windows\system32\localspl.dll
2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll
2011-12-12 17:43:00 1034240 ----a-w- c:\windows\system32\drivers\bcmwlhigh5.sys
2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe
2011-11-16 14:21:44 354816 ----a-w- c:\windows\system32\winhttp.dll
2011-11-03 15:28:36 386048 ----a-w- c:\windows\system32\qdvd.dll
2011-10-28 05:31:48 33280 ----a-w- c:\windows\system32\csrsrv.dll
2011-10-18 11:13:22 186880 ----a-w- c:\windows\system32\encdec.dll
2011-10-14 14:47:29 23040 ----a-w- c:\windows\system32\mciseq.dll
2011-10-14 14:47:29 176128 ----a-w- c:\windows\system32\winmm.dll
2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-09-26 11:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll
2011-09-26 11:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll
2011-09-26 11:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll
2011-08-30 13:39:48 457780 ----a-w- c:\windows\system32\ensppui.dll
2011-08-30 13:39:48 457780 ----a-w- c:\windows\system32\enppui.dll
2011-08-30 13:38:40 475496 ----a-w- c:\windows\system32\ensppmon.dll
2011-08-30 13:38:40 475496 ----a-w- c:\windows\system32\enppmon.dll
2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys
2011-08-01 18:24:06 249344 ----a-w- c:\windows\system32\enspres.dll
2011-08-01 18:24:06 249344 ----a-w- c:\windows\system32\enpres.dll
2011-07-15 13:29:31 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-07-08 14:02:00 10496 ----a-w- c:\windows\system32\drivers\ndistapi.sys
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-02-17 13:18:03 357888 ----a-w- c:\windows\system32\drivers\srv.sys
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
2011-01-21 14:44:37 439296 ----a-w- c:\windows\system32\shimgvw.dll
2010-12-22 12:34:28 301568 ----a-w- c:\windows\system32\kerberos.dll
2010-12-20 17:26:00 730112 ----a-w- c:\windows\system32\lsasrv.dll
2010-12-09 15:15:09 718336 ----a-w- c:\windows\system32\ntdll.dll
2010-11-18 18:12:44 81920 ----a-w- c:\windows\system32\isign32.dll
2010-11-09 14:52:35 249856 ----a-w- c:\windows\system32\odbc32.dll
2010-11-02 15:17:02 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2010-08-17 13:17:06 58880 ----a-w- c:\windows\system32\spoolsv.exe
2010-06-17 14:03:00 80384 ----a-w- c:\windows\system32\iccvid.dll
2010-06-15 16:17:24 143422 ----a-w- c:\windows\system32\l3codecx.ax
2010-06-14 14:31:20 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-03-30 12:24:40 317440 ------w- c:\windows\system32\mp4sdecd.dll
2010-03-30 00:52:26 262416 ----a-w- c:\windows\system32\mpg4ds32.ax
2010-03-05 14:37:40 65536 ----a-w- c:\windows\system32\asycfilt.dll
2010-02-12 04:33:11 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02:15 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-03 11:21:58 499712 ----a-w- c:\windows\system32\msvcp71.DLL
2010-02-03 11:21:58 413696 ----a-w- c:\windows\system32\msvc2bd1.rra
2010-02-03 11:21:58 348160 ----a-w- c:\windows\system32\msvcr71.DLL
2010-02-03 11:21:58 1060864 ----a-w- c:\windows\system32\MFC71.DLL
2010-02-03 11:21:56 53299 ----a-w- c:\windows\system32\pthreadVC.dll
2010-02-03 11:21:56 50704 ----a-w- c:\windows\system32\drivers\npf.sys
2010-02-03 11:21:56 281104 ----a-w- c:\windows\system32\wpcap.dll
2010-02-03 11:21:56 100880 ----a-w- c:\windows\system32\Packet.dll
2010-01-29 14:43:39 307260 ----a-w- c:\windows\system32\l3codeca.acm
2010-01-13 14:01:25 86016 ----a-w- c:\windows\system32\cabview.dll
.
============= FINISH:  7:06:19.75 ===============

 

Attach Log:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 18/09/2009 11:59:21
System Uptime: 10/12/2007 00:01:00 (7 hours ago)
.
Motherboard:                        |  | ConRoe1333-D667 
Processor: Intel® Pentium® Dual  CPU  E2160  @ 1.80GHz | CPUSocket | 1795/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 84 GiB total, 3.663 GiB free.
D: is FIXED (NTFS) - 192 GiB total, 93.531 GiB free.
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP593: 02/08/2013 19:44:16 - Software Distribution Service 3.0
RP594: 10/12/2007 01:29:46 - Software Distribution Service 3.0
RP595: 10/12/2007 00:19:40 - System Checkpoint
RP596: 11/12/2007 20:05:07 - System Checkpoint
RP597: 10/12/2007 00:21:14 - System Checkpoint
RP598: 10/10/2013 19:49:25 - Software Distribution Service 3.0
RP599: 10/10/2013 20:30:40 - Installed Rapport
RP600: 11/10/2013 20:44:39 - System Checkpoint
RP601: 09/12/2007 23:27:44 - System Checkpoint
RP602: 10/12/2007 03:00:22 - Software Distribution Service 3.0
RP603: 10/12/2007 00:20:11 - System Checkpoint
RP604: 19/10/2013 19:55:56 - System Checkpoint
RP605: 24/10/2013 20:41:15 - System Checkpoint
RP606: 10/12/2007 00:29:33 - System Checkpoint
RP607: 10/12/2007 00:23:24 - System Checkpoint
RP608: 10/12/2007 03:04:31 - Installed NETGEAR WNA3100 wireless USB 2.0 adapter
RP609: 10/12/2007 03:36:05 - Installed NETGEAR WNA3100 wireless USB 2.0 driver
.
==== Installed Programs ======================
.
3GP Player 2011
Ad-Aware Antivirus
Ad-Aware Browsing Protection
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.1
AiO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Display Driver
Audacity 1.2.4
AutoCAD 2009 - English
Bing Bar
BT Broadband Desktop Help
BT Yahoo! Applications
BTHomeHub
Compatibility Pack for the 2007 Office system
Delta
DivX Plus Web Player
DreamStation DXi2
Edirol HQ Orchestral v1.01
EPSON Scan
EPSON SX420W Series Printer Uninstall
EpsonNet Print
EpsonNet Setup 3.3
FL Studio 6
Google Chrome
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
HP Product Detection
HP PSC & OfficeJet 5.3.B
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
Intel® Graphics Media Accelerator Driver
iTunes
J2SE Runtime Environment 5.0 Update 17
Java 7 Update 25
Java Auto Updater
Junk Mail filter update
KhalSetup
Logitech Desktop Messenger
Logitech SetPoint
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
MP3 Converter Simple
MSVCRT
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6.0 Parser
Native Instruments Guitar Rig 3
NETGEAR WNA1100 N150 Wireless USB Adapter
NETGEAR WNA3100 wireless USB 2.0 adapter
Nomad Factory Blue Tubes Bundle v2.0
NSIS Example2 (remove only)
QFolder
Rapport
REALTEK GbE & FE Ethernet PCI-E NIC Driver
Realtek High Definition Audio Driver
Scan
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Segoe UI
Sky Broadband Browser Branding
SONAR 6 Producer Edition
SONAR 7 Producer Edition
SONAR 8.0 Producer Edition
SONAR X2 Producer Trial
Spotify
Steinberg Cubase 5
Steinberg Drum Loop Expansion 01
Steinberg Groove Agent ONE Content
Steinberg HALionOne
Steinberg HALionOne Additional Content Set 01
Steinberg HALionOne Expression Set
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg LoopMash Content
Steinberg REVerence Content 01
Steinberg Ultravoice v1.02
Switch Sound File Converter
Trusteer Endpoint Protection
UA-4FX Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
VBA (2627.01)
VC80CRTRedist - 8.0.50727.4053
Web Assistant version 2.0.0.612
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player 11
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
27/05/2013 18:00:57, error: W32Time [34]  - The time service has detected that the system time needs to be  changed by -86316 seconds. The time service will not change the system  time by more than -54000 seconds. Verify that your time and time zone  are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.0.13:123->65.55.56.206:123) is working properly.
27/05/2013 18:00:39, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
03/05/2013 18:44:17, error: Dhcp [1002]  - The IP address lease 192.168.0.12 for the Network Card with network address E0469A1B503E has been denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
 

MBAM Log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gaitens :: GAITENS-PC [administrator]

10/12/2007 02:49:19
MBAM-log-2007-12-10 (06-50-28).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 433863
Time elapsed: 2 hour(s), 15 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCR\regfile\shell\open\command| (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Folders Detected: 1
C:\RESTORE\k-1-3542-4232123213-7676767-8888886 (Trojan.Agent) -> No action taken.

Files Detected: 3
C:\Documents and Settings\Gaitens\Application Data\Sun\Java\Deployment\cache\6.0\55\40f266b7-3548d26b (Trojan.FakeAlert.RO) -> No action taken.
C:\Documents and Settings\Gaitens\Local Settings\Temp\D.tmp (Trojan.FakeAlert.RO) -> No action taken.
C:\RESTORE\k-1-3542-4232123213-7676767-8888886\Desktop.ini (Trojan.Agent) -> No action taken.

(end)


 

Link to post
Share on other sites

Hello sean1604! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

I notice that you are using more than one antivirus program.

  • Ad-Aware Antivirus
  • Trusteer Endpoint Protection
  • This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please uninstall one of them.

    Next, please uninstall the following application too: Delta . When you are ready, reboot this system.

    Step 2

    Please download Rkill by Grinler from one of the links below and save it to your desktop.

    Link 1

    Link 2

    • On Windows XP double-click on the Rkill desktop icon to run the tool.
    • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
    • Do not reboot the computer, you will need to run the application again.
    Step 3

    Please download Junkware Removal Tool to your desktop.

    • Shut down your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.
    Step 4

    Please download AdwCleaner by Xplode onto your desktop.

    • Close all open programs and internet browsers.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Clean.
    • Confirm each time with Ok.
    • Your computer will be rebooted automatically. A text file will open after the restart.
    • Please post the content of that logfile with your next answer.
    • You can find the logfile at C:\AdwCleaner[s1].txt as well.
    Step 5
    • Launch Malwarebytes' Anti-Malware
    • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
    • Go to Scanner tab and select Perform Quick Scan, then click Scan.
    • The scan may take some time to finish,so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected.
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.
    Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

    In your next reply, post the following log files:

    • RKill log
    • Junkware Removal Tool log
    • AdwCleaner log
    • Malwarebytes' Anti-Malware log
Link to post
Share on other sites

***PLEASE NOTE***
I had to reboot the pc twice on both restart attempts, unsure if this means anything (the message is "Reboot and select proper boot device or insert boot media in selected boot device and press a key). Also every time the pc starts now it is saying it has found new hardware and is asking to install Multimedia Audio Controller.

This PC has no internet access so I am moving files over on a flash drive (therefore was not able to update malwarebytes, I did attempt this manually but it failed and said the database was corrupt, I downloaded the latest version so this is the best I could do).

Logs requested are below:

 

RKILL:

 

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2007 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/10/2007 08:37:10 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\WINDOWS\system32\acs.exe (PID: 1780) [WD-HEUR]
 * C:\WINDOWS\system32\HPZipm12.exe (PID: 344) [WD-HEUR]
 * C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE (PID: 2536) [WD-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost

Program finished at: 12/10/2007 08:38:41 PM
Execution time: 0 hours(s), 1 minute(s), and 31 seconds(s)

 

Junkware Removal Tool log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Gaitens on 10/12/2007 at 20:40:24.01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

Successfully stopped: [service] web assistant updater
Successfully deleted: [service] web assistant updater

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\extension.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\web assistant
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\extension.extensionhelperobject.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{336d0c35-8a85-403a-b9d2-65c292c39087}_is1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3061355
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Gaitens\Local Settings\Application Data\conduit"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Successfully deleted: [Folder] "C:\Program Files\web assistant"

 

~~~ Chrome

Successfully deleted: [Folder] C:\Documents and Settings\Gaitens\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10/12/2007 at 20:44:20.98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

AdwCleaner log:

# AdwCleaner v3.011 - Report created 10/12/2007 at 20:46:36
# Updated 03/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Gaitens - GAITENS-PC
# Running from : C:\Documents and Settings\Gaitens\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\Gaitens\Local Settings\Application Data\PackageAware

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Key Deleted : HKCU\Software\wscontb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v

[ File : C:\Documents and Settings\Gaitens\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2839 octets] - [10/12/2007 20:45:19]
AdwCleaner[s0].txt - [2802 octets] - [10/12/2007 20:46:36]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2862 octets] ##########

 

Malwarebytes' Anti-Malware log:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.04.07

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gaitens :: GAITENS-PC [administrator]

11/12/2007 02:39:19
mbam-log-2007-12-11 (02-39-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 256144
Time elapsed: 13 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


 

Link to post
Share on other sites

here's the log with the update.exe ran:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.26.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gaitens :: GAITENS-PC [administrator]

12/12/2007 00:30:07
mbam-log-2007-12-12 (00-30-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 266919
Time elapsed: 14 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\Gaitens\Local Settings\Temp\DM\Installer_for_free-youtube-downloader_035233\WStest.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

(end)


 

Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
  • Please copy/paste the contents or attach that log file to your next reply.
  • If needed the file can be located here: C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
Link to post
Share on other sites

Log is below, computer is still failing to boot on restart's, seems to be fine when shutting down and powering on but not restarts.

 

ComboFix 13-11-11.01 - Gaitens 12/11/2013  19:17:33.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.2047.1425 [GMT 0:00]
Running from: c:\documents and settings\Gaitens\Desktop\ComboFix.exe
AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}
FW: Lavasoft Ad-Aware *Disabled* {FF1CD5B7-1553-4625-A258-1775385CED33}
 * Created a new restore point
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\Gaitens\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\Gaitens\Local Settings\Temp\IadHide5.dll
C:\restore
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
(((((((((((((((((((((((((   Files Created from 2013-10-12 to 2013-11-12  )))))))))))))))))))))))))))))))
.
.
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-23 18:33 . 2008-04-14 04:42 920064 ----a-w- c:\windows\system32\wininet.dll
2013-09-23 18:33 . 2008-04-14 04:42 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-09-23 18:33 . 2008-04-14 04:41 43520 ------w- c:\windows\system32\licmgr10.dll
2013-09-23 18:33 . 2008-04-14 04:41 18944 ----a-w- c:\windows\system32\corpol.dll
2013-09-23 18:06 . 2008-04-13 23:07 385024 ------w- c:\windows\system32\html.iec
2013-08-29 01:31 . 2008-04-14 00:00 1878656 ----a-w- c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
2013-08-30 18:26 1423520 ----a-w- c:\program files\Microsoft\BingBar\7.3.107.0\BingExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-09-21 32768]
"Spotify Web Helper"="c:\program files\Spotify\Data\SpotifyWebHelper.exe" [2007-12-10 1140736]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Antivirus"="c:\program files\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-13 131072]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-13 163840]
"Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-13 135168]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-05-10 94208]
"btbb_wcm_McciTrayApp"="c:\program files\btbb_wcm\McciTrayApp.exe" [2006-12-07 935936]
"btbb_McciTrayApp"="c:\program files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe" [2009-09-14 1584640]
"YBrowser"="c:\progra~1\Yahoo!\browser\ybrwicon.exe" [2006-07-21 129536]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-01 634880]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 16855552]
"SkyTel"="SkyTel.EXE" [2007-10-11 1826816]
"SoundMan"="SOUNDMAN.EXE" [2006-07-21 86016]
"AlcWzrd"="ALCWZRD.EXE" [2006-05-04 2808832]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"Ad-Aware Browsing Protection"="c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe" [2011-10-21 198032]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe /start [2009-9-21 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-9-21 593920]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 273296]
NETGEAR WNA1100 Smart Wizard.lnk - c:\program files\NETGEAR\WNA1100\WNA1100.exe [2012-9-13 4545024]
NETGEAR WNA3100 Genie.lnk - c:\program files\NETGEAR\WNA3100\WNA3100.exe [2007-12-10 8364288]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]
@="Ad-Aware Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Spotify\\spotify.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\EpsonNet\\EpsonNet Setup\\tool10\\ENEasyApp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
.
R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [29/08/2012 17:26 21240]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [26/10/2011 13:23 101112]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\Ad-Aware Antivirus\AdAwareService.exe [12/07/2012 17:32 1239952]
R2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.3.107.0\BBSvc.EXE [30/08/2013 18:26 193696]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [21/09/2009 15:57 3712]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [15/09/2011 12:06 88576]
R2 SBAMSvc;Ad-Aware;c:\program files\Ad-Aware Antivirus\SBAMSvc.exe [19/12/2011 12:20 3289032]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [29/08/2012 17:26 77816]
R2 WSWNA1100;WSWNA1100;c:\program files\NETGEAR\WNA1100\WifiSvc.exe [13/09/2012 19:44 266240]
R3 JSWSCIMD;jswscimd Service;c:\windows\system32\drivers\jswscimd.sys [13/09/2012 19:44 57440]
S2 WSWNA3100;WSWNA3100;c:\program files\NETGEAR\WNA3100\WifiSvc.exe [10/12/2007 03:04 303360]
S3 AR9271;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [13/09/2012 18:54 1759584]
S3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.3.107.0\SeaPort.EXE [30/08/2013 18:26 240288]
S3 BCMH43XX;Broadcom 802.11 USB Network Adapter Driver;c:\windows\system32\drivers\bcmwlhigh5.sys [10/12/2007 03:36 1034240]
S3 DELTAII;Service for M-Audio Delta Driver (WDM);c:\windows\system32\DRIVERS\deltaII.sys --> c:\windows\system32\DRIVERS\deltaII.sys [?]
S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [10/02/2012 20:10 24576]
S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [22/06/2010 18:01 21248]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\NETGEAR\WNA1100\jswpsapi.exe [13/09/2012 19:44 360529]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [06/09/2013 16:29 235216]
S3 RDID1061;UA-4FX;c:\windows\system32\drivers\Rdwm1061.sys [05/08/2010 19:42 140672]
.
Contents of the 'Scheduled Tasks' folder
.
2013-05-05 c:\windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job
- c:\progra~1\AD-AWA~1\AdAwareLauncher.exe [2012-07-12 17:32]
.
2013-11-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 23:02]
.
2013-10-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-10-13 23:02]
.
2013-10-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1303643608-1417001333-1003Core.job
- c:\documents and settings\Gaitens\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-17 01:17]
.
2013-10-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-746137067-1303643608-1417001333-1003UA.job
- c:\documents and settings\Gaitens\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-17 01:17]
.
.
------- Supplementary Scan -------
.

uInternet Settings,ProxyOverride = 127.0.0.1


IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Gaitens\Start Menu\Programs\IMVU\Run IMVU.lnk
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKCU-Run-lime pro - c:\program files\Lime PRO\LimePro.exe
HKLM-Run-DeltaIITaskbarApp - c:\windows\system32\DeltaIITray.exe
HKLM-Run-jswtrayutil - c:\program files\NETGEAR\WNA1100\jswtrayutil.exe
c:\documents and settings\Gaitens\Start Menu\Programs\Startup\IMVU.lnk - c:\documents and settings\Gaitens\Application Data\IMVUClient\IMVUQualityAgent.exe "--startup"
c:\documents and settings\All Users\Start Menu\Programs\Startup\BT Broadband Desktop Help.lnk - c:\program files\BT Broadband Desktop Help\bin\matcli.exe -boot
AddRemove-Steinberg Ultravoice v1.02 - c:\cakewa~1\VSTPLU~1\ULTRAV~1\UNWISE.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-12 19:30
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(900)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\athgina.dll
.
- - - - - - - > 'explorer.exe'(3500)
c:\windows\system32\WININET.dll
c:\documents and settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\acs.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\HPZipm12.exe
c:\windows\SOUNDMAN.EXE
c:\progra~1\Yahoo!\browser\ycommon.exe
c:\progra~1\AD-AWA~1\AdAware.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\OSK.exe
c:\windows\system32\MSSWCHX.EXE
c:\program files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
c:\program files\McAfee Security Scan\3.8.130\McUicnt.exe
.
**************************************************************************
.
Completion time: 2013-11-12  19:34:45 - machine was rebooted
ComboFix-quarantined-files.txt  2013-11-12 19:34
.
Pre-Run: 3,925,250,048 bytes free
Post-Run: 6,674,944,000 bytes free
.
- - End Of File - - FA91ADBA5ABC5AD8F26D80C65E7C7DD3
8F558EB6672622401DA993E1E865C861
 

Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

Okay, try this one:

Please download the Kaspersky Virus Removal Tool from here to your Desktop.

Double-click the Removal Tool.

Click the cog in the upper right corner:

AVPfront.gif

Select down to and including your main drive.

Once done please select the Automatic Scan tab and press Start Scan.

avpsettings.gif

Allow AVP to delete all infections found.

Once it has finished select the Report tab.

Select the Detected threats report from the left and press the Save button.

Save it to your Desktop and post the contents in your next reply.

Link to post
Share on other sites

have attempted to install this and run it twice now and its failed, computer has also started running a bit slow.

Getting the following error:
CRC failed in 4308167rar.exe
Unexpected end of archive

This is showing on the actual Kaspersky screen and a pop up that says:
Some installation files are corrupt. Please download a fresh copy and retry the installation. As I said I downloaded it twice and got the same error..

Link to post
Share on other sites

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system.  You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
Link to post
Share on other sites

An update, I managed to get this connected to the internet and am managing to run the ESET scanner, it has found 2 threats so far. I'll post the log once its done. I does still concern me that I couldn't run FRST or OTL as above I managed to see the "program too big for memory" error. I checked online and this appears to possibly be a registry virus?

Link to post
Share on other sites

ESET Scan log:

C:\Documents and Settings\Gaitens\.frostwire5\updates\frostwire-5.3.2.windows.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Gaitens\Desktop\desktop crap\frostwire-5.2.11.windows.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Gaitens\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\9\5d79fb49-2b566195 multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Gaitens\My Documents\Downloads\WinZip165Multi-language.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
 

Link to post
Share on other sites

javaicon.gif Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older versions of Java components and upgrade the application.

Upgrading Java :

Please download JavaRa to your desktop and unzip it to its own folder

  • Run JavaRa.exe, then click Remove JRE.
  • Run the built-in uninstallers for all copies of java listed
  • Click the Next button
  • Click the Next button again
  • Click the Java Manual Download link
  • A browser window will open with the Java download page
  • Click the Windows Offline (32-bit) or Windows Offline (64-bit) link to download Java (based on your browser type)
  • Run the installer
  • Close JavaRa
Link to post
Share on other sites

Download Dr.Web CureIt to the desktop.

The download is nearly 104.6 MB in size

  • Turn OFF your antivirus program.

    How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

  • Turn off any other add-on security app {if you have them} like MBAM File System Protection.
  • If this system is Windows 8/7 or VISTA, then Right-click on drweb-cureit.exe and select Run as Administrator.
  • Otherwise, on Windows XP, doubleclick on drweb-cureit.exe file to start the tool.
  • You will see a screen similar to this:

    Drweb-cureit-1_zps34a2f747.gif

    Click the checkbox to participate, and then click on Continue button.

  • Next

    Drweb-cureit-2_zpsee7bdcb6.gif

    Click on Select onjects for scanning

  • Next

    Drweb-cureit-3_zps137b4332.gif

    Put a checkmark by clicking on the boxes as shown.

    Do not select Temporary files or System Restore points.

    Then click on Start scanning button

  • The scan in progress will be shown like this

    Drweb-cureit-4_zps211037d0.gif

  • IF something is detected, you will see a screen similar to this

    Drweb-cureit-5_zpsd7be6acf.gif

    For each item "detected", click on the Action column down arrow, like this

    Drweb-cureit-8_zpsb099f9d5.gif

    Your options will be Cure or Ignore

    IF you see an item that you are very sure is ok, then un-check the checkbox for that item.

    Typically, you will keep the Cure default.

    Then click on the Neutralize button.

  • When the actions are completed, you will see this

    Drweb-cureit-7_zpsd290a127.gif

  • Click on the green Open Report line. It will pop-up the report in NOTEPAD.

    Save the report to your desktop. The report will be called Cureit.log

  • Close Dr.Web Cureit.
  • Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  • After reboot, attach the log Cureit.log you saved previously in your next reply.
Re-Enable your antivirus program when all done.
Link to post
Share on other sites

I couldn't see the open report line so wasn't able to save the log.

It detected a trojan.redirect I think called acpi which was in the drivers folder. I don't know if you need to see the specific log or if it saved anywhere. I thought it would give me the option on reboot.

 

Update;

System still won't restart correctly first time, have to power down fully and then restart. Also still can't run FRST or OTL without getting "program too big for memory error".

Link to post
Share on other sites

Step 1

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    image000q.png

  • Put a checkmark beside loaded modules.

    2012081514h0118.png

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.

    2012081517h0349.png

  • Click the Start Scan button.

    19695967.jpg

  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    67776163.jpg

  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.

    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    62117367.jpg

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Step 2
  • Download on the desktop RogueKiller
  • Quit all programs
  • Start RogueKiller.exe
  • Wait until Prescan has finished ...
  • Click on Scan. Click on Report and copy/paste the content of the notepad in your next reply.
Note: Don't fix anything without my instructions

In your next reply, post the following log files:

  • TDSSKiller log
  • RogueKiller log
Link to post
Share on other sites

TDSS Killer Log:
 

01:06:21.0000 0x08ec  TDSS rootkit removing tool 3.0.0.17 Nov 12 2013 19:54:52
01:06:21.0109 0x08ec  ============================================================
01:06:21.0109 0x08ec  Current date / time: 2013/11/18 01:06:21.0109
01:06:21.0109 0x08ec  SystemInfo:
01:06:21.0109 0x08ec 
01:06:21.0109 0x08ec  OS Version: 5.1.2600 ServicePack: 3.0
01:06:21.0109 0x08ec  Product type: Workstation
01:06:21.0109 0x08ec  ComputerName: GAITENS-PC
01:06:21.0109 0x08ec  UserName: Gaitens
01:06:21.0109 0x08ec  Windows directory: C:\WINDOWS
01:06:21.0109 0x08ec  System windows directory: C:\WINDOWS
01:06:21.0109 0x08ec  Processor architecture: Intel x86
01:06:21.0109 0x08ec  Number of processors: 2
01:06:21.0109 0x08ec  Page size: 0x1000
01:06:21.0109 0x08ec  Boot type: Normal boot
01:06:21.0109 0x08ec  ============================================================
01:06:21.0109 0x08ec  BG loaded
01:06:21.0421 0x08ec  System UUID: {6201280A-1680-7E25-073B-C88DDC06133D}
01:06:22.0484 0x08ec  Drive \Device\Harddisk0\DR0 - Size: 0x45DECD2000 (279.48 Gb), SectorSize: 0x200, Cylinders: 0x8E83, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:06:22.0500 0x08ec  ============================================================
01:06:22.0500 0x08ec  \Device\Harddisk0\DR0:
01:06:22.0500 0x08ec  MBR partitions:
01:06:22.0500 0x08ec  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xA8544EC
01:06:22.0500 0x08ec  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA85456A, BlocksNum 0x180C415B
01:06:22.0500 0x08ec  ============================================================
01:06:22.0609 0x08ec  D: <-> \Device\Harddisk0\DR0\Partition2
01:06:22.0656 0x08ec  C: <-> \Device\Harddisk0\DR0\Partition1
01:06:22.0671 0x08ec  ============================================================
01:06:22.0671 0x08ec  Initialize success
01:06:22.0671 0x08ec  ============================================================
01:08:53.0546 0x060c  ============================================================
01:08:53.0546 0x060c  Scan started
01:08:53.0546 0x060c  Mode: Manual; SigCheck; TDLFS;
01:08:53.0546 0x060c  ============================================================
01:08:53.0546 0x060c  KSN ping started
01:09:00.0703 0x060c  KSN ping finished: false
01:09:01.0484 0x060c  ================ Scan system memory ========================
01:09:01.0484 0x060c  System memory - ok
01:09:01.0484 0x060c  ================ Scan services =============================
01:09:01.0593 0x060c  Abiosdsk - ok
01:09:01.0593 0x060c  abp480n5 - ok
01:09:01.0640 0x060c  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:09:02.0765 0x060c  ACPI - ok
01:09:02.0843 0x060c  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
01:09:02.0953 0x060c  ACPIEC - ok
01:09:03.0015 0x060c  [ 4ACF9052A6355D1530CF782E0919C5B4, A20B733010D29AB8F21A17D3FBD3C6354BA8F9D75D116348D93548ABA5F4E4BD ] ACS             C:\WINDOWS\system32\acs.exe
01:09:03.0031 0x060c  ACS - detected UnsignedFile.Multi.Generic ( 1 )
01:09:13.0140 0x060c  ACS ( UnsignedFile.Multi.Generic ) - warning
01:09:20.0796 0x060c  [ AF9658974154C3B6A333D86DC2E0AAC8, C3FCFC9EC01D7C96BA953CCCC8B540048ECC2840E8FA2C1994EEFD95E69D908A ] Ad-Aware Service C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
01:09:20.0875 0x060c  Ad-Aware Service - ok
01:09:20.0890 0x060c  adpu160m - ok
01:09:20.0921 0x060c  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
01:09:21.0046 0x060c  aec - ok
01:09:21.0078 0x060c  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
01:09:21.0109 0x060c  AFD - ok
01:09:21.0125 0x060c  Aha154x - ok
01:09:21.0125 0x060c  aic78u2 - ok
01:09:21.0140 0x060c  aic78xx - ok
01:09:21.0156 0x060c  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
01:09:21.0281 0x060c  Alerter - ok
01:09:21.0296 0x060c  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
01:09:21.0343 0x060c  ALG - ok
01:09:21.0359 0x060c  AliIde - ok
01:09:21.0359 0x060c  amsint - ok
01:09:21.0421 0x060c  [ 3DEBBECF665DCDDE3A95D9B902010817, F56F4A7A36FAF5FC2306E108A24E75E13EE1F2D1002D9CB71E3327A55F8694CE ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:09:21.0437 0x060c  Apple Mobile Device - ok
01:09:21.0468 0x060c  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
01:09:21.0531 0x060c  AppMgmt - ok
01:09:21.0656 0x060c  [ 3BC98A53C0ABE3FEB3B2B9B3BD9E7AA5, 6F9128B473A18560806F2C953D77677DD6A862E49B6EDDAD51CBF3DCA1A97ADE ] AR9271          C:\WINDOWS\system32\DRIVERS\athuw.sys
01:09:21.0906 0x060c  AR9271 - ok
01:09:21.0953 0x060c  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
01:09:22.0062 0x060c  Arp1394 - ok
01:09:22.0062 0x060c  asc - ok
01:09:22.0078 0x060c  asc3350p - ok
01:09:22.0078 0x060c  asc3550 - ok
01:09:22.0140 0x060c  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:09:22.0171 0x060c  aspnet_state - ok
01:09:22.0187 0x060c  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:09:22.0312 0x060c  AsyncMac - ok
01:09:22.0343 0x060c  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
01:09:22.0453 0x060c  atapi - ok
01:09:22.0468 0x060c  Atdisk - ok
01:09:22.0531 0x060c  [ 42E4E2CF0406394BBCE7EB358AE4E208, 0A934F89AA687C44AB08E66139E4DD91E6988895CA38198B0D5741EE69382DA2 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
01:09:22.0625 0x060c  Ati HotKey Poller - ok
01:09:22.0875 0x060c  [ 81C3E6674D0609AA84C07681BCA252DE, D9AE93C4BF19AA9BF1AFE32D9EB57CBA764B727EA98C8673832987A43EE974E1 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
01:09:23.0140 0x060c  ati2mtag - ok
01:09:23.0187 0x060c  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:09:23.0296 0x060c  Atmarpc - ok
01:09:23.0312 0x060c  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
01:09:23.0421 0x060c  AudioSrv - ok
01:09:23.0453 0x060c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
01:09:23.0546 0x060c  audstub - ok
01:09:23.0609 0x060c  [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
01:09:23.0640 0x060c  Autodesk Licensing Service - ok
01:09:23.0750 0x060c  [ AC9585B420C7FF0A25B078EBB7642AE9, 999F09645F675436ADE79083CC038C44527C6B287D19D6FC6575B5D1EFC45631 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.3.107.0\BBSvc.exe
01:09:23.0765 0x060c  BBSvc - ok
01:09:23.0796 0x060c  [ D829E0575EE424F77E78340D362B3664, 54255DCD0A36FCE189C29C9457F17AA6A095C60EB93C94A7DB3B77FC9891185C ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.3.107.0\SeaPort.exe
01:09:23.0828 0x060c  BBUpdate - ok
01:09:23.0921 0x060c  [ BCDF72DCE41874B3AD9143D537B493B2, C048C773137DD94C980179E90FAE7D90A6902DA0153342B33E784DB04C16385A ] BCMH43XX        C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys
01:09:24.0015 0x060c  BCMH43XX - ok
01:09:24.0062 0x060c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
01:09:24.0171 0x060c  Beep - ok
01:09:24.0218 0x060c  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
01:09:24.0406 0x060c  BITS - ok
01:09:24.0437 0x060c  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
01:09:24.0484 0x060c  Browser - ok
01:09:24.0500 0x060c  catchme - ok
01:09:24.0515 0x060c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
01:09:24.0640 0x060c  cbidf2k - ok
01:09:24.0687 0x060c  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:09:24.0781 0x060c  CCDECODE - ok
01:09:24.0781 0x060c  cd20xrnt - ok
01:09:24.0812 0x060c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
01:09:24.0921 0x060c  Cdaudio - ok
01:09:24.0953 0x060c  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
01:09:25.0062 0x060c  Cdfs - ok
01:09:25.0062 0x060c  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:09:25.0171 0x060c  Cdrom - ok
01:09:25.0171 0x060c  Changer - ok
01:09:25.0187 0x060c  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
01:09:25.0296 0x060c  CiSvc - ok
01:09:25.0328 0x060c  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
01:09:25.0421 0x060c  ClipSrv - ok
01:09:25.0453 0x060c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:09:25.0515 0x060c  clr_optimization_v2.0.50727_32 - ok
01:09:25.0515 0x060c  CmdIde - ok
01:09:25.0515 0x060c  COMSysApp - ok
01:09:25.0531 0x060c  Cpqarray - ok
01:09:25.0546 0x060c  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
01:09:25.0656 0x060c  CryptSvc - ok
01:09:25.0656 0x060c  dac2w2k - ok
01:09:25.0671 0x060c  dac960nt - ok
01:09:25.0812 0x060c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
01:09:26.0140 0x060c  DcomLaunch - ok
01:09:26.0187 0x060c  [ B34DAFA517F838B82A4256B08346917F, 471649BE27B1E5EFD0BA062A2374FB911C99EDF6C3A0D43617C7115DE8C3A039 ] DELTA           C:\WINDOWS\system32\DRIVERS\delta.sys
01:09:26.0218 0x060c  DELTA - detected UnsignedFile.Multi.Generic ( 1 )
01:09:26.0218 0x060c  DELTA ( UnsignedFile.Multi.Generic ) - warning
01:09:26.0218 0x060c  DELTAII - ok
01:09:26.0250 0x060c  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
01:09:26.0359 0x060c  Dhcp - ok
01:09:26.0375 0x060c  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
01:09:26.0500 0x060c  Disk - ok
01:09:26.0500 0x060c  dmadmin - ok
01:09:26.0578 0x060c  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
01:09:26.0765 0x060c  dmboot - ok
01:09:26.0796 0x060c  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
01:09:26.0921 0x060c  dmio - ok
01:09:26.0953 0x060c  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
01:09:27.0046 0x060c  dmload - ok
01:09:27.0062 0x060c  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
01:09:27.0171 0x060c  dmserver - ok
01:09:27.0203 0x060c  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
01:09:27.0312 0x060c  DMusic - ok
01:09:27.0343 0x060c  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
01:09:27.0390 0x060c  Dnscache - ok
01:09:27.0421 0x060c  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
01:09:27.0546 0x060c  Dot3svc - ok
01:09:27.0546 0x060c  dpti2o - ok
01:09:27.0578 0x060c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
01:09:27.0671 0x060c  drmkaud - ok
01:09:27.0687 0x060c  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
01:09:27.0812 0x060c  EapHost - ok
01:09:27.0843 0x060c  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
01:09:27.0937 0x060c  ERSvc - ok
01:09:27.0984 0x060c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
01:09:28.0031 0x060c  Eventlog - ok
01:09:28.0062 0x060c  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
01:09:28.0093 0x060c  EventSystem - ok
01:09:28.0125 0x060c  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
01:09:28.0234 0x060c  Fastfat - ok
01:09:28.0265 0x060c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:09:28.0328 0x060c  FastUserSwitchingCompatibility - ok
01:09:28.0328 0x060c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
01:09:28.0421 0x060c  Fdc - ok
01:09:28.0453 0x060c  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
01:09:28.0562 0x060c  Fips - ok
01:09:28.0578 0x060c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
01:09:28.0671 0x060c  Flpydisk - ok
01:09:28.0703 0x060c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
01:09:28.0828 0x060c  FltMgr - ok
01:09:28.0875 0x060c  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:09:28.0890 0x060c  FontCache3.0.0.0 - ok
01:09:28.0921 0x060c  [ C6EE3A87FE609D3E1DB9DBD072A248DE, 9C2189FA09A9E1DC39F9AB8F0C9C0B44BE0E11FC3165BCD0813DFA85EA62907C ] fssfltr         C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
01:09:28.0937 0x060c  fssfltr - ok
01:09:29.0046 0x060c  [ 206AD9A89BF05DFA1621F1FC7B82592D, EAEE557535D865232237898858F5AE35F868065A1F79BBB48A2173124E2B6F63 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
01:09:29.0125 0x060c  fsssvc - ok
01:09:29.0140 0x060c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:09:29.0250 0x060c  Fs_Rec - ok
01:09:29.0265 0x060c  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:09:29.0375 0x060c  Ftdisk - ok
01:09:29.0390 0x060c  [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:09:29.0406 0x060c  GEARAspiWDM - ok
01:09:29.0437 0x060c  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:09:29.0546 0x060c  Gpc - ok
01:09:29.0625 0x060c  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
01:09:29.0640 0x060c  gupdate - ok
01:09:29.0656 0x060c  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
01:09:29.0671 0x060c  gupdatem - ok
01:09:29.0750 0x060c  [ 4236E014632F4163F53EBB717F41594C, 0C29E1A6C036EC81E50D66503BCA4081706245E06EED5C4A92B13C23FDECB6DB ] HCF_MSFT        C:\WINDOWS\system32\DRIVERS\HCF_MSFT.sys
01:09:29.0937 0x060c  HCF_MSFT - ok
01:09:29.0984 0x060c  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:09:30.0093 0x060c  HDAudBus - ok
01:09:30.0140 0x060c  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:09:30.0265 0x060c  helpsvc - ok
01:09:30.0281 0x060c  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
01:09:30.0390 0x060c  HidServ - ok
01:09:30.0421 0x060c  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:09:30.0531 0x060c  hidusb - ok
01:09:30.0562 0x060c  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
01:09:30.0671 0x060c  hkmsvc - ok
01:09:30.0671 0x060c  hpn - ok
01:09:30.0703 0x060c  [ 9F1D80908658EB7F1BF70809E0B51470, 84FD62D34BC63BA41027DD2164B1E4F86BC8783E8A601E9F189627A4B3D54AAA ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
01:09:30.0781 0x060c  HPZid412 - ok
01:09:30.0781 0x060c  [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3, 886A5222940A6E14B359B45AA158390468B601FB58949E7F5BEC93B5459AF689 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
01:09:30.0828 0x060c  HPZipr12 - ok
01:09:30.0843 0x060c  [ CF1B7951B4EC8D13F3C93B74BB2B461B, 3A1B8A9A9AB0E916288AD6198C377E3A4D278DB3D8DCD4299F0ADC83973F0495 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
01:09:30.0875 0x060c  HPZius12 - ok
01:09:30.0906 0x060c  [ CBD09ED9CF6822177EE85AEA4D8816A2, 369897B4609B3FE55F9A82F19E38116E2E6527E349D48A956607EDED71F664D2 ] HTCAND32        C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
01:09:30.0937 0x060c  HTCAND32 - ok
01:09:30.0968 0x060c  [ 04E3B3554076B8192A668EFE88A682A1, 95EE46A1100178CC1989D61897239C09694647CA638E25CED10005730728E7A5 ] htcnprot        C:\WINDOWS\system32\DRIVERS\htcnprot.sys
01:09:31.0000 0x060c  htcnprot - ok
01:09:31.0031 0x060c  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
01:09:31.0062 0x060c  HTTP - ok
01:09:31.0093 0x060c  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
01:09:31.0203 0x060c  HTTPFilter - ok
01:09:31.0203 0x060c  i2omgmt - ok
01:09:31.0218 0x060c  i2omp - ok
01:09:31.0250 0x060c  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:09:31.0343 0x060c  i8042prt - ok
01:09:31.0687 0x060c  [ 2AAE7BE67911F4AEC9AD28E9CFB9096F, A06A325ABECFA76F50D9E11940EA5840228795A78961B9D4412680AD0CD50687 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:09:32.0296 0x060c  ialm - ok
01:09:32.0421 0x060c  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:09:32.0531 0x060c  idsvc - ok
01:09:32.0562 0x060c  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
01:09:32.0671 0x060c  Imapi - ok
01:09:32.0843 0x060c  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
01:09:32.0968 0x060c  ImapiService - ok
01:09:32.0968 0x060c  ini910u - ok
01:09:33.0312 0x060c  [ EB5608FD4F2961517AC9F5CAC88B023B, 31F3EFF97D332B03314CD57519ECFBDEF7FE8C3992E3C81602ABE3D60ABD7608 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:09:33.0843 0x060c  IntcAzAudAddService - ok
01:09:33.0859 0x060c  IntelIde - ok
01:09:33.0906 0x060c  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:09:34.0015 0x060c  intelppm - ok
01:09:34.0046 0x060c  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
01:09:34.0140 0x060c  Ip6Fw - ok
01:09:34.0171 0x060c  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:09:34.0265 0x060c  IpFilterDriver - ok
01:09:34.0281 0x060c  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:09:34.0390 0x060c  IpInIp - ok
01:09:34.0406 0x060c  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:09:34.0531 0x060c  IpNat - ok
01:09:34.0593 0x060c  [ 49918803B661367023BF325CF602AFDC, 2821451FD31EAFCB5D3081998756F7274B4C2594E9A378EEE5C1D5D92C1FC58C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
01:09:34.0640 0x060c  iPod Service - ok
01:09:34.0687 0x060c  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:09:34.0781 0x060c  IPSec - ok
01:09:34.0812 0x060c  [ ACA5E7B54409F9CB5EED97ED0C81120E, 1E22F442EA77596F58D133F1A5887CDC4F3325DD0836D24A665E1D31287ABFF7 ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
01:09:34.0859 0x060c  irda - ok
01:09:34.0890 0x060c  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
01:09:34.0937 0x060c  IRENUM - ok
01:09:34.0953 0x060c  [ 49CC4533CE897CB2E93C1E84A818FDE5, F2AC81CDB971F630699616509748DCE133874EFC79B9D6230517B5A4DFBE193D ] Irmon           C:\WINDOWS\System32\irmon.dll
01:09:35.0000 0x060c  Irmon - ok
01:09:35.0015 0x060c  [ 0501F0B9AB08425F8C0EACBDCC04AA32, 7764734BCA35CFF4E60B9F05553DF7500F03CB6A5398826746705FD758AE4D0A ] irsir           C:\WINDOWS\system32\DRIVERS\irsir.sys
01:09:35.0078 0x060c  irsir - ok
01:09:35.0125 0x060c  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:09:35.0218 0x060c  isapnp - ok
01:09:35.0328 0x060c  [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
01:09:35.0343 0x060c  JavaQuickStarterService - ok
01:09:35.0390 0x060c  [ AD7C73C72480EECB7675C90EB565E7CB, 3975739F539F153F3FF83F04CF146F4ED72EEB18978209D0D5ACE24197BD5879 ] jswpsapi        C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe
01:09:35.0453 0x060c  jswpsapi - detected UnsignedFile.Multi.Generic ( 1 )
01:09:35.0453 0x060c  jswpsapi ( UnsignedFile.Multi.Generic ) - warning
01:09:35.0453 0x060c  Force sending object to P2P due to detect: C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe
01:09:35.0468 0x060c  Object send P2P result: false
01:09:35.0515 0x060c  [ AD67795900AA8C05CC4570F5349E0639, D74DEDC8E88504C1D81108B561F9109B6D9583028280089B17DF38EDB04DBBBC ] JSWSCIMD        C:\WINDOWS\system32\DRIVERS\jswscimd.sys
01:09:35.0546 0x060c  JSWSCIMD - ok
01:09:35.0578 0x060c  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:09:35.0687 0x060c  Kbdclass - ok
01:09:35.0703 0x060c  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:09:35.0796 0x060c  kbdhid - ok
01:09:35.0843 0x060c  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
01:09:35.0984 0x060c  kmixer - ok
01:09:36.0015 0x060c  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
01:09:36.0093 0x060c  KSecDD - ok
01:09:36.0125 0x060c  [ E141AB3701EA166109212DCA4B28CA2C, B24BCC253FF334568CB55313CC6B5370085D8234C10BF2A42F22A56F8355FA21 ] L8042Kbd        C:\WINDOWS\system32\Drivers\L8042Kbd.sys
01:09:36.0140 0x060c  L8042Kbd - ok
01:09:36.0156 0x060c  [ F0F944E4DA9A75DEE6A37D4AFC7E1BBC, 6A32BA16F26AFF5A9FC0AFF1EA03B6BC2D0ED9262DD9CEA498388F534F0DEF28 ] L8042mou        C:\WINDOWS\system32\Drivers\L8042mou.sys
01:09:36.0171 0x060c  L8042mou - ok
01:09:36.0203 0x060c  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
01:09:36.0234 0x060c  LanmanServer - ok
01:09:36.0265 0x060c  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:09:36.0312 0x060c  lanmanworkstation - ok
01:09:36.0328 0x060c  [ B28C741AE2912A079CF90041A9E5C0A4, D4730585D24E89F1426091E9AAEC4C93D4F4D68BF06796FB9875966130BAC81D ] LBeepKE         C:\WINDOWS\system32\Drivers\LBeepKE.sys
01:09:36.0328 0x060c  LBeepKE - detected UnsignedFile.Multi.Generic ( 1 )
01:09:36.0328 0x060c  LBeepKE ( UnsignedFile.Multi.Generic ) - warning
01:09:36.0343 0x060c  lbrtfdc - ok
01:09:36.0359 0x060c  [ DD40C03D85649205EC086722474C8A63, AE90C3B9FF1D4A205D1646F32CBD709DB544A90F36FD14077517B433B9A089D5 ] LHidKe          C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
01:09:36.0375 0x060c  LHidKe - ok
01:09:36.0406 0x060c  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
01:09:36.0515 0x060c  LmHosts - ok
01:09:36.0515 0x060c  [ 2EBD4C02D259944869630A912EC86BCE, 26048FE85C2E8D54D0DB071119857F73E443917D5FB439C93A4350EE3B77D881 ] LMouKE          C:\WINDOWS\system32\Drivers\LMouKE.sys
01:09:36.0531 0x060c  LMouKE - ok
01:09:36.0578 0x060c  [ 9E9306063ECD8AA91B3FB76678D3CEE2, 892E749B670F9CBBE242C613F8B2A5BEE4D1D539C5F6FCEA46C6D637598B7139 ] LVUSBSta        C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys
01:09:36.0593 0x060c  LVUSBSta - ok
01:09:36.0640 0x060c  [ F8B823414A22DBF3BEC10DCAA5F93CD8, 651C7521033439C0AA9006F1AC2CF376B1588CE781BEE4D10B7622FA3D055F6C ] McciCMService   C:\Program Files\Common Files\Motive\McciCMService.exe
01:09:36.0703 0x060c  McciCMService - detected UnsignedFile.Multi.Generic ( 1 )
01:09:36.0703 0x060c  McciCMService ( UnsignedFile.Multi.Generic ) - warning
01:09:36.0765 0x060c  [ E4DFBE4C4A9C2BD87C1430F445F3E3CB, 34A0295D0AC37537B010FEC4534535D92AA4C30900DC37444C992C15F86D3AA4 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
01:09:36.0796 0x060c  McComponentHostService - ok
01:09:36.0843 0x060c  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
01:09:36.0875 0x060c  MDM - ok
01:09:36.0890 0x060c  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
01:09:37.0000 0x060c  Messenger - ok
01:09:37.0031 0x060c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
01:09:37.0125 0x060c  mnmdd - ok
01:09:37.0156 0x060c  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
01:09:37.0265 0x060c  mnmsrvc - ok
01:09:37.0281 0x060c  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
01:09:37.0406 0x060c  Modem - ok
01:09:37.0421 0x060c  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:09:37.0515 0x060c  Mouclass - ok
01:09:37.0546 0x060c  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:09:37.0656 0x060c  mouhid - ok
01:09:37.0671 0x060c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
01:09:37.0781 0x060c  MountMgr - ok
01:09:37.0796 0x060c  mraid35x - ok
01:09:37.0812 0x060c  [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B2C5FC7B6FDBA05 ] MREMP50         C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
01:09:37.0828 0x060c  MREMP50 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:37.0828 0x060c  MREMP50 ( UnsignedFile.Multi.Generic ) - warning
01:09:37.0859 0x060c  [ 2BC9E43F55DE8C30FC817ED56D0EE907, 0100BE629A0B80DDBC87AECA8E558C8B90A9884CE0530673899DC946D3A6C069 ] MREMPR5         C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS
01:09:37.0859 0x060c  MREMPR5 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:37.0875 0x060c  MREMPR5 ( UnsignedFile.Multi.Generic ) - warning
01:09:37.0875 0x060c  [ 594B9D8194E3F4ECBF0325BD10BBEB05, BA002410AB77F129564FBA4BA2989B8E4E7128F81C016D742ADBAA40D55728F3 ] MRENDIS5        C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS
01:09:37.0890 0x060c  MRENDIS5 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:37.0890 0x060c  MRENDIS5 ( UnsignedFile.Multi.Generic ) - warning
01:09:37.0906 0x060c  [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECACD43F14F88106B ] MRESP50         C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
01:09:37.0906 0x060c  MRESP50 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:37.0906 0x060c  MRESP50 ( UnsignedFile.Multi.Generic ) - warning
01:09:37.0921 0x060c  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:09:38.0046 0x060c  MRxDAV - ok
01:09:38.0078 0x060c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:09:38.0156 0x060c  MRxSmb - ok
01:09:38.0171 0x060c  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
01:09:38.0281 0x060c  MSDTC - ok
01:09:38.0312 0x060c  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
01:09:38.0421 0x060c  Msfs - ok
01:09:38.0421 0x060c  MSIServer - ok
01:09:38.0437 0x060c  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:09:38.0546 0x060c  MSKSSRV - ok
01:09:38.0562 0x060c  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:09:38.0656 0x060c  MSPCLOCK - ok
01:09:38.0671 0x060c  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
01:09:38.0781 0x060c  MSPQM - ok
01:09:38.0796 0x060c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:09:38.0890 0x060c  mssmbios - ok
01:09:38.0921 0x060c  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
01:09:39.0015 0x060c  MSTEE - ok
01:09:39.0062 0x060c  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
01:09:39.0078 0x060c  Mup - ok
01:09:39.0109 0x060c  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:09:39.0203 0x060c  NABTSFEC - ok
01:09:39.0265 0x060c  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
01:09:39.0390 0x060c  napagent - ok
01:09:39.0421 0x060c  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
01:09:39.0531 0x060c  NDIS - ok
01:09:39.0562 0x060c  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:09:39.0656 0x060c  NdisIP - ok
01:09:39.0703 0x060c  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:09:39.0734 0x060c  NdisTapi - ok
01:09:39.0765 0x060c  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:09:39.0875 0x060c  Ndisuio - ok
01:09:39.0875 0x060c  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:09:39.0984 0x060c  NdisWan - ok
01:09:40.0015 0x060c  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
01:09:40.0046 0x060c  NDProxy - ok
01:09:40.0078 0x060c  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
01:09:40.0171 0x060c  NetBIOS - ok
01:09:40.0187 0x060c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
01:09:40.0296 0x060c  NetBT - ok
01:09:40.0328 0x060c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
01:09:40.0421 0x060c  NetDDE - ok
01:09:40.0437 0x060c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
01:09:40.0531 0x060c  NetDDEdsdm - ok
01:09:40.0562 0x060c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
01:09:40.0656 0x060c  Netlogon - ok
01:09:40.0750 0x060c  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
01:09:41.0156 0x060c  Netman - ok
01:09:41.0187 0x060c  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:09:41.0218 0x060c  NetTcpPortSharing - ok
01:09:41.0250 0x060c  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
01:09:41.0359 0x060c  NIC1394 - ok
01:09:41.0375 0x060c  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
01:09:41.0406 0x060c  Nla - ok
01:09:41.0421 0x060c  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
01:09:41.0515 0x060c  Npfs - ok
01:09:41.0562 0x060c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
01:09:41.0718 0x060c  Ntfs - ok
01:09:41.0734 0x060c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
01:09:41.0828 0x060c  NtLmSsp - ok
01:09:41.0875 0x060c  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
01:09:42.0031 0x060c  NtmsSvc - ok
01:09:42.0046 0x060c  [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B639D6A5371F381CC ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
01:09:42.0062 0x060c  NuidFltr - ok
01:09:42.0093 0x060c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
01:09:42.0187 0x060c  Null - ok
01:09:42.0328 0x060c  [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:09:42.0609 0x060c  nv - ok
01:09:42.0625 0x060c  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:09:43.0000 0x060c  NwlnkFlt - ok
01:09:43.0015 0x060c  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:09:43.0109 0x060c  NwlnkFwd - ok
01:09:43.0125 0x060c  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
01:09:43.0234 0x060c  ohci1394 - ok
01:09:43.0265 0x060c  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:09:43.0281 0x060c  ose - ok
01:09:43.0375 0x060c  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
01:09:43.0500 0x060c  Parport - ok
01:09:43.0515 0x060c  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
01:09:43.0640 0x060c  PartMgr - ok
01:09:43.0703 0x060c  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
01:09:43.0875 0x060c  ParVdm - ok
01:09:43.0937 0x060c  [ 39B9DCD7040654C2E57D7396736C718E, 70A637A955A2611E5ADA31FDD4B1D7EEECFBC22504A770DA71B502E160AEDAFD ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
01:09:43.0937 0x060c  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
01:09:43.0953 0x060c  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
01:09:43.0984 0x060c  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
01:09:44.0093 0x060c  PCI - ok
01:09:44.0093 0x060c  PCIDump - ok
01:09:44.0109 0x060c  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
01:09:44.0203 0x060c  PCIIde - ok
01:09:44.0265 0x060c  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
01:09:44.0390 0x060c  Pcmcia - ok
01:09:44.0390 0x060c  PDCOMP - ok
01:09:44.0390 0x060c  PDFRAME - ok
01:09:44.0406 0x060c  PDRELI - ok
01:09:44.0406 0x060c  PDRFRAME - ok
01:09:44.0421 0x060c  perc2 - ok
01:09:44.0421 0x060c  perc2hib - ok
01:09:44.0546 0x060c  [ 0DA6C5E0C8DA6CEBE52DAACFE7AE9DE6, 6D42AB7A9D45BEEC387A61C9801AD6707F4BBA33BAA8C35A3419C43CC6862EC3 ] PID_PEPI        C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
01:09:44.0671 0x060c  PID_PEPI - ok
01:09:44.0687 0x060c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
01:09:44.0734 0x060c  PlugPlay - ok
01:09:44.0812 0x060c  [ 9D84376931440F3679BEEF2A414FA493, C800227A67C3C10A26114DB54F5390D2A475D36BE65E87CB890A6819B0BB4884 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
01:09:44.0890 0x060c  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:44.0890 0x060c  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
01:09:44.0953 0x060c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
01:09:45.0046 0x060c  PolicyAgent - ok
01:09:45.0093 0x060c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:09:45.0187 0x060c  PptpMiniport - ok
01:09:45.0187 0x060c  Profos - ok
01:09:45.0203 0x060c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:09:45.0296 0x060c  ProtectedStorage - ok
01:09:45.0312 0x060c  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
01:09:45.0421 0x060c  PSched - ok
01:09:45.0453 0x060c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:09:45.0546 0x060c  Ptilink - ok
01:09:45.0546 0x060c  ql1080 - ok
01:09:45.0562 0x060c  Ql10wnt - ok
01:09:45.0562 0x060c  ql12160 - ok
01:09:45.0578 0x060c  ql1240 - ok
01:09:45.0578 0x060c  ql1280 - ok
01:09:45.0593 0x060c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:09:45.0687 0x060c  RasAcd - ok
01:09:45.0718 0x060c  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
01:09:45.0812 0x060c  RasAuto - ok
01:09:45.0828 0x060c  [ 0207D26DDF796A193CCD9F83047BB5FC, 13613036BCB869FBD7229A0FE25D324710308385D8C35E5D990A40E52BE040DF ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
01:09:45.0875 0x060c  Rasirda - ok
01:09:45.0875 0x060c  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:09:45.0984 0x060c  Rasl2tp - ok
01:09:46.0015 0x060c  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
01:09:46.0109 0x060c  RasMan - ok
01:09:46.0125 0x060c  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:09:46.0234 0x060c  RasPppoe - ok
01:09:46.0250 0x060c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
01:09:46.0359 0x060c  Raspti - ok
01:09:46.0406 0x060c  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:09:46.0515 0x060c  Rdbss - ok
01:09:46.0546 0x060c  [ 91154E400C7E66F3953F3532930EF33A, 04276F605C33DDFF2F236F85576506B72220C3E7C5B29F01FD5D92434974B321 ] RDID1061        C:\WINDOWS\system32\Drivers\rdwm1061.sys
01:09:46.0578 0x060c  RDID1061 - detected UnsignedFile.Multi.Generic ( 1 )
01:09:46.0578 0x060c  RDID1061 ( UnsignedFile.Multi.Generic ) - warning
01:09:46.0593 0x060c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:09:46.0687 0x060c  RDPCDD - ok
01:09:46.0734 0x060c  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
01:09:46.0843 0x060c  rdpdr - ok
01:09:46.0875 0x060c  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
01:09:46.0968 0x060c  RDPWD - ok
01:09:47.0015 0x060c  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
01:09:47.0125 0x060c  RDSessMgr - ok
01:09:47.0140 0x060c  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
01:09:47.0250 0x060c  redbook - ok
01:09:47.0265 0x060c  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
01:09:47.0375 0x060c  RemoteAccess - ok
01:09:47.0421 0x060c  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
01:09:47.0531 0x060c  RemoteRegistry - ok
01:09:47.0546 0x060c  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
01:09:47.0640 0x060c  RpcLocator - ok
01:09:47.0687 0x060c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
01:09:47.0718 0x060c  RpcSs - ok
01:09:47.0796 0x060c  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
01:09:47.0921 0x060c  RSVP - ok
01:09:47.0953 0x060c  [ D507C1400284176573224903819FFDA3, DD0BDB2AB39A8A0A300B6D60FB6A7F5BA08C4DB8F59E0A784FB763EA8AD72AB2 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
01:09:48.0046 0x060c  rtl8139 - ok
01:09:48.0093 0x060c  [ B2961A8861DA27C4562282C3707250F5, 880964DB5186A56376FA9E80E8CEE83DF3D124A5AECC34F6F8F6B074961931CC ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
01:09:48.0125 0x060c  RTLE8023xp - ok
01:09:48.0140 0x060c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
01:09:48.0218 0x060c  SamSs - ok
01:09:48.0437 0x060c  [ BCE943896289A91AD75CC5652620B1C6, 6D261602C210888DD26215115A43FDCA29A96FFE649ABF0B7E67080B7DEAECED ] SBAMSvc         C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
01:09:48.0656 0x060c  SBAMSvc - ok
01:09:48.0671 0x060c  [ 62BA65CC0B4A4BD1EAFF5FED6E2B5069, DDB6CE351714DFC783F75254D23402AD75BEACF4B7AB56321CD397339202E89D ] sbaphd          C:\WINDOWS\system32\drivers\sbaphd.sys
01:09:48.0671 0x060c  sbaphd - ok
01:09:48.0703 0x060c  [ 3FFF8CDA4D2F29CA06F1557E85163C30, 83B6DC7652A9B6518EE768B0DE34275BFAB0A62E4459E51BD461636BC539D8CC ] sbapifs         C:\WINDOWS\system32\drivers\sbapifs.sys
01:09:48.0718 0x060c  sbapifs - ok
01:09:48.0734 0x060c  [ 1FD538C4FEB36B793D2121F20BBDC16F, 4785268D6116BD7363FD1802784D706A4392B3CCEBAE2840789A147903706BFB ] SBRE            C:\WINDOWS\system32\drivers\SBREdrv.sys
01:09:48.0750 0x060c  SBRE - ok
01:09:48.0796 0x060c  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
01:09:48.0906 0x060c  SCardSvr - ok
01:09:48.0937 0x060c  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
01:09:49.0046 0x060c  Schedule - ok
01:09:49.0062 0x060c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:09:49.0109 0x060c  Secdrv - ok
01:09:49.0125 0x060c  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
01:09:49.0218 0x060c  seclogon - ok
01:09:49.0250 0x060c  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
01:09:49.0359 0x060c  SENS - ok
01:09:49.0375 0x060c  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
01:09:49.0468 0x060c  serenum - ok
01:09:49.0500 0x060c  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
01:09:49.0593 0x060c  Serial - ok
01:09:49.0625 0x060c  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
01:09:49.0734 0x060c  Sfloppy - ok
01:09:49.0781 0x060c  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
01:09:49.0906 0x060c  SharedAccess - ok
01:09:49.0921 0x060c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:09:49.0937 0x060c  ShellHWDetection - ok
01:09:49.0953 0x060c  Simbad - ok
01:09:49.0968 0x060c  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
01:09:50.0078 0x060c  sisagp - ok
01:09:50.0078 0x060c  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:09:50.0187 0x060c  SLIP - ok
01:09:50.0187 0x060c  Sparrow - ok
01:09:50.0234 0x060c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
01:09:50.0328 0x060c  splitter - ok
01:09:50.0359 0x060c  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
01:09:50.0390 0x060c  Spooler - ok
01:09:50.0437 0x060c  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.