how-to block ads
|
|
Uniqs:
1649 |
Share Topic
 |
 |
|
|
|
1 edit | Help with Infected computer fake security defender Hello all,
My computer has been infected with a program that says that is a anti virus and it suddenly pops up and starts scanning my computer and the next thing I know my computer turns off. I have look online and fix it TWICE already but it seems to keep coming back. Also my firefox and chrome web browsers google results sometimes redirect me to different sites. And I cant activate my windows firewall as well. Please help me. Im really tired of it and I want to get rid of this as soon as possible. Thank you!!
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8312
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
12/4/2011 9:46:52 PM
mbam-log-2011-12-04 (21-46-52).txt
Scan type: Quick scan
Objects scanned: 208396
Time elapsed: 7 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Privacy Protection (Rogue.PrvacyProtect) -> Value: Privacy Protection -> Not selected for removal.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL logfile created on: 12/4/2011 10:18:01 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Steve\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 48.42% Memory free
7.93 Gb Paging File | 5.61 Gb Available in Paging File | 70.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.97 Gb Total Space | 195.31 Gb Free Space | 42.65% Space Free | Partition Type: NTFS
Computer Name: STEVE-VAIO | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2011/12/04 22:16:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Steve\Downloads\OTL.exe
PRC - [2011/11/14 21:39:56 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011/09/01 16:42:06 | 024,183,152 | ---- | M] (Dropbox, Inc.) -- C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/03/21 10:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/02/03 15:51:40 | 001,432,800 | ---- | M] (IBM Corp.) -- C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClientUI.exe
PRC - [2011/02/03 15:51:36 | 002,982,624 | ---- | M] (IBM Corp.) -- C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe
PRC - [2009/10/30 03:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/08/26 16:11:50 | 000,173,368 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
PRC - [2009/08/26 16:11:50 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
PRC - [2009/08/26 16:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
PRC - [2009/08/26 16:11:48 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
PRC - [2009/07/27 15:58:40 | 000,091,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
PRC - [2009/07/27 15:58:38 | 000,427,304 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
PRC - [2009/07/27 15:58:38 | 000,075,048 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
PRC - [2009/07/27 15:58:38 | 000,070,952 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
PRC - [2009/07/27 15:58:36 | 000,120,104 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
PRC - [2009/07/27 15:58:36 | 000,099,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
PRC - [2009/07/23 09:39:38 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009/07/23 09:39:36 | 000,206,336 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/07/22 14:03:04 | 000,642,920 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2009/07/01 10:49:34 | 000,204,648 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/07/01 10:49:34 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/06/26 13:35:04 | 000,468,264 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
PRC - [2009/06/04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/09/18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2011/11/14 21:39:54 | 000,420,920 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppgooglenaclpluginchrome.dll
MOD - [2011/11/14 21:39:53 | 003,702,840 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll
MOD - [2011/11/14 21:38:16 | 000,122,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MOD - [2011/11/14 21:38:15 | 000,222,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MOD - [2011/11/14 21:38:14 | 001,746,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MOD - [2011/10/16 21:15:44 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MOD - [2011/10/16 21:15:33 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011/10/16 21:14:51 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/16 21:14:41 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/16 21:14:18 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011/10/16 21:14:10 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/16 21:14:06 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/16 21:14:04 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/16 21:13:55 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011/05/04 14:32:40 | 003,190,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/03/29 14:33:52 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011/03/21 10:57:34 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/03/21 10:56:16 | 001,230,704 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/11/20 04:19:56 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\syswow64\mswsock.DLL
MOD - [2010/11/04 17:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010/11/04 17:58:10 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010/11/04 17:58:09 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2010/11/04 17:58:08 | 000,626,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2010/01/21 00:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 19:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009/11/03 15:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/08/26 16:11:50 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
MOD - [2009/08/26 16:11:50 | 000,081,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
MOD - [2009/08/26 16:11:50 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
MOD - [2009/08/26 16:11:50 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
MOD - [2009/08/26 16:11:50 | 000,023,040 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
MOD - [2009/08/26 16:11:50 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
MOD - [2009/08/26 16:11:50 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
MOD - [2009/08/26 16:11:50 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
MOD - [2009/08/26 16:11:50 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
MOD - [2009/08/26 16:11:50 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
MOD - [2009/08/26 16:11:50 | 000,007,168 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
MOD - [2009/08/26 16:11:50 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
MOD - [2009/08/26 16:11:50 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
MOD - [2009/08/26 16:11:50 | 000,004,608 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
MOD - [2009/08/26 16:11:48 | 000,017,920 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
MOD - [2009/08/26 16:11:48 | 000,015,360 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
MOD - [2009/08/26 16:11:48 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
MOD - [2009/08/26 16:11:48 | 000,009,728 | ---- | M] () -- C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
MOD - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV:64bit: - [2009/09/21 15:24:40 | 001,420,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2009/09/21 15:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2009/09/16 23:28:42 | 000,167,424 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\collsvc.exe -- (SampleCollector)
SRV:64bit: - [2009/08/22 13:19:06 | 000,411,496 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009/08/18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/23 20:34:31 | 000,189,984 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/01 17:54:02 | 000,864,032 | ---- | M] (Broadcom Corporation.) [On_Demand | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009/06/26 13:56:10 | 000,357,672 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2009/06/26 13:35:04 | 000,468,264 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2009/06/17 17:50:30 | 000,110,888 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2008/05/02 02:49:54 | 000,160,272 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011/09/02 05:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Stopped] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/02/03 15:51:36 | 002,982,624 | ---- | M] (IBM Corp.) [Auto | Running] -- C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClient.exe -- (BESClient)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/19 10:46:00 | 003,474,384 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009/07/27 15:58:40 | 000,091,432 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/07/27 15:58:38 | 000,427,304 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/07/27 15:58:38 | 000,075,048 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/07/27 15:58:38 | 000,070,952 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/07/27 15:58:36 | 000,120,104 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/07/23 09:39:38 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009/07/23 09:39:38 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/07/23 09:39:36 | 000,206,336 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/07/22 14:03:04 | 000,642,920 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/07/13 00:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2009/07/01 10:49:34 | 000,204,648 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/06/26 10:25:36 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009/06/26 10:25:24 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2008/09/18 09:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:64bit: - [2011/07/01 19:52:22 | 000,055,384 | ---- | M] (Sunbelt Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SBREDrv.sys -- (SBRE)
DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/03 01:05:34 | 000,069,152 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 01:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/06/09 15:01:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/25 23:34:22 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2010/01/02 11:04:48 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/11/04 02:58:42 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (HID)
DRV:64bit: - [2009/09/15 11:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009/08/18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/08/03 12:14:11 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/08/03 12:14:10 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/08/03 12:14:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/08/03 12:13:42 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009/08/03 12:06:34 | 000,250,928 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/07/31 12:14:14 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2009/07/31 12:13:51 | 000,086,528 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2009/07/23 21:12:53 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 00:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:64bit: - [2009/06/11 12:19:09 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/06/10 12:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 12:04:10 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/04 17:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008/02/29 03:17:08 | 000,041,488 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2008/02/29 03:16:52 | 000,057,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2008/02/29 03:16:44 | 000,054,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2004/12/31 07:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
| |
| [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = »www.google.com/ig/redirectdomain···mod=SNNT
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = »www.google.com/ig/redirectdomain···mod=SNNT
IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = »www.google.com/ig/redirectdomain···mod=SNNT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = »www.google.com/ig/redirectdomain···mod=SNNT
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 22 04 C6 0C 5A 39 39 47 AF DE A7 91 81 1A 1E CD [binary data]
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = »proxy.lib.berkeley.edu:7777/proxy.pac
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "http://www.bbc.co.uk/news"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de680400}:1.4.0.5
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: treestyletab@piro.sakura.ne.jp:0.8.2009122501
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {fc2b8f80-d9a5-4f51-8076-7c7ce3c67ee3}:5.1.0.18
FF - prefs.js..network.proxy.autoconfig_url: "http://proxy.lib.berkeley.edu:7777/proxy.pac"
FF - prefs.js..network.proxy.type: 2
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Steve\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Steve\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Steve\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Steve\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Steve\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 10.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components [2011/11/15 05:57:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 10.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins
[2010/01/04 20:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions
[2010/01/04 20:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2011/11/27 14:02:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\esnpww7v.default\extensions
[2011/11/12 18:32:44 | 000,000,000 | ---D | M] (WebMail Notifier) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\esnpww7v.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}
[2011/11/09 00:48:27 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\esnpww7v.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011/11/09 00:48:27 | 000,000,000 | ---D | M] (Wired-Marker) -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\esnpww7v.default\extensions\{e36db930-f18d-4449-b45f-e286cfb9e03a}
[2011/08/01 00:27:54 | 000,002,533 | ---- | M] () -- C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\esnpww7v.default\searchplugins\diigo--google.xml
[2011/11/12 22:56:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/11/08 23:59:34 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/11/09 00:47:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/11/09 00:47:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\STEVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ESNPWW7V.DEFAULT\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}.XPI
() (No name found) -- C:\USERS\STEVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ESNPWW7V.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\STEVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ESNPWW7V.DEFAULT\EXTENSIONS\ISREADITLATER@IDEASHOWER.COM.XPI
() (No name found) -- C:\USERS\STEVE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\ESNPWW7V.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2009/11/19 14:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/07/03 00:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2009/11/19 14:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[color=#E56717]========== Chrome ==========[/color]
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: ijji Auto Install Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Steve\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Steve\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Steve\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Steve\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Google Tasks (by Google) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmglolhoplikcoamfgjgammjbgchgjdd\1.0_0\
CHR - Extension: Offline Google Mail = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.13_0\
CHR - Extension: Feltipen = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\eocigfodbakglnhcfokapbcgbmnjnnna\0.0.5_0\
CHR - Extension: Springpad = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\4_0\
CHR - Extension: Google Voice (by Google) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo\2.3.6.1_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.6_0\
CHR - Extension: Google Mail Checker = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Google Calendar Checker (by Google) = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek\1.2.2_0\
CHR - Extension: Edgeworld = C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfmpdiaehhnljpdomnggcbfofdgkmbp\1.0.1.2_0\
O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [SHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Privacy Protection] C:\Users\Steve\AppData\Roaming\privacy.exe File not found
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} »java.sun.com/update/1.6.0/jinsta···i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} »trial.trymicrosoftoffice.com/tri···rc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} »java.sun.com/update/1.6.0/jinsta···i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6DEDEC70-2E09-4D2E-94E6-51891A3719AD}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL) -C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~2\GO36F4~1.DLL) -C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{55882fb2-6309-11df-8d90-002643ab9c87}\Shell - "" = AutoRun
O33 - MountPoints2\{55882fb2-6309-11df-8d90-002643ab9c87}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{6db233b5-fa4a-11de-80c6-002643ab9c87}\Shell - "" = AutoRun
O33 - MountPoints2\{6db233b5-fa4a-11de-80c6-002643ab9c87}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a
O33 - MountPoints2\{f4b71206-8c74-11e0-b050-002643ab9c87}\Shell - "" = AutoRun
O33 - MountPoints2\{f4b71206-8c74-11e0-b050-002643ab9c87}\Shell\AutoRun\command - "" = H:\MI.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %* | |
| reply to cxsteve
%*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/12/04 21:57:44 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/11/30 22:51:34 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\redsn0w
[2011/11/24 12:33:42 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Steve\Desktop\TDSSKiller.exe
[2011/11/16 19:06:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/16 00:07:46 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/11/13 19:04:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/11/13 19:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/11/12 23:04:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
[2011/11/12 14:41:14 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Thunderbird
[2011/11/12 14:41:14 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Thunderbird
[2011/11/12 14:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2011/11/12 12:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aurora
[2011/11/12 12:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2011/11/12 00:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/11/12 00:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/11/12 00:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2011/11/08 18:55:55 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/11/05 17:35:00 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2011/11/05 17:30:00 | 000,000,000 | -HSD | C] -- C:\Users\Steve\AppData\Local\253e9aeb
[2 C:\Users\Steve\Desktop\*.tmp files -> C:\Users\Steve\Desktop\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/12/04 22:19:39 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/04 22:19:39 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/04 22:18:05 | 000,739,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/04 22:18:05 | 000,632,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/04 22:18:05 | 000,110,548 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/04 22:11:29 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011/12/04 22:11:25 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/04 22:11:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/04 22:11:09 | 3195,289,600 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/04 21:58:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/04 21:35:33 | 585,062,681 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/04 20:11:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1606318821-766111990-2593504495-1001UA.job
[2011/12/03 22:42:13 | 000,033,420 | ---- | M] () -- C:\test.xml
[2011/12/03 08:11:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1606318821-766111990-2593504495-1001Core.job
[2011/12/02 19:41:46 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/12/02 19:41:46 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/11/30 01:30:53 | 000,262,024 | ---- | M] () -- C:\Users\Steve\Desktop\fee_waiver_form.pdf
[2011/11/29 23:42:43 | 001,498,487 | ---- | M] () -- C:\Users\Steve\Desktop\Steve Li experience v1.pdf
[2011/11/29 23:39:41 | 001,994,582 | ---- | M] () -- C:\Users\Steve\Desktop\Steve Li major v2.pdf
[2011/11/24 12:33:42 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Steve\Desktop\TDSSKiller.exe
[2011/11/23 02:46:39 | 000,324,874 | ---- | M] () -- C:\Users\Steve\Desktop\ApplyOnline_12-13_Transfer.pdf
[2011/11/23 02:18:31 | 000,160,047 | ---- | M] () -- C:\Users\Steve\Desktop\OCDTDREAMSCHOLARSHIP2011.pdf
[2011/11/16 00:07:46 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/11/15 01:23:39 | 001,193,607 | ---- | M] () -- C:\Users\Public\Documents\12234101.pdf
[2011/11/15 01:11:55 | 000,456,831 | ---- | M] () -- C:\Users\Steve\Desktop\6ec51404_C.pdf
[2011/11/14 19:55:21 | 000,066,629 | ---- | M] () -- C:\Users\Steve\Desktop\392907_10150945251365014_717960013_22055751_602297732_n.jpg
[2011/11/12 22:58:09 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Aurora.lnk
[2011/11/12 20:45:31 | 000,475,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/08 17:42:09 | 000,000,304 | ---- | M] () -- C:\ProgramData\~oMZP4Bol6R5QcJ
[2011/11/08 17:37:51 | 000,000,440 | ---- | M] () -- C:\ProgramData\oMZP4Bol6R5QcJ
[2011/11/08 17:35:24 | 000,000,224 | ---- | M] () -- C:\ProgramData\~oMZP4Bol6R5QcJr
[2 C:\Users\Steve\Desktop\*.tmp files -> C:\Users\Steve\Desktop\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/11/30 01:31:01 | 000,262,024 | ---- | C] () -- C:\Users\Steve\Desktop\fee_waiver_form.pdf
[2011/11/29 23:42:30 | 001,498,487 | ---- | C] () -- C:\Users\Steve\Desktop\Steve Li experience v1.pdf
[2011/11/29 23:39:28 | 001,994,582 | ---- | C] () -- C:\Users\Steve\Desktop\Steve Li major v2.pdf
[2011/11/23 02:46:43 | 000,324,874 | ---- | C] () -- C:\Users\Steve\Desktop\ApplyOnline_12-13_Transfer.pdf
[2011/11/23 02:18:41 | 000,160,047 | ---- | C] () -- C:\Users\Steve\Desktop\OCDTDREAMSCHOLARSHIP2011.pdf
[2011/11/15 01:23:39 | 001,193,607 | ---- | C] () -- C:\Users\Public\Documents\12234101.pdf
[2011/11/15 01:12:04 | 000,456,831 | ---- | C] () -- C:\Users\Steve\Desktop\6ec51404_C.pdf
[2011/11/14 19:55:20 | 000,066,629 | ---- | C] () -- C:\Users\Steve\Desktop\392907_10150945251365014_717960013_22055751_602297732_n.jpg
[2011/11/12 22:58:09 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora.lnk
[2011/11/12 22:58:09 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Aurora.lnk
[2011/11/08 17:35:24 | 000,000,224 | ---- | C] () -- C:\ProgramData\~oMZP4Bol6R5QcJr
[2011/11/08 17:35:23 | 000,000,304 | ---- | C] () -- C:\ProgramData\~oMZP4Bol6R5QcJ
[2011/11/08 17:35:20 | 000,000,440 | ---- | C] () -- C:\ProgramData\oMZP4Bol6R5QcJ
[2011/11/06 00:50:53 | 585,062,681 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/07/27 10:50:51 | 000,006,656 | ---- | C] () -- C:\Users\Steve\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/20 16:26:16 | 000,000,119 | ---- | C] () -- C:\ProgramData\20b4050b
[2011/05/31 02:10:07 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/25 20:04:49 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/04/25 20:04:49 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/27 00:19:09 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/09/12 18:53:38 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/09/12 18:53:38 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010/09/02 19:02:11 | 000,001,886 | ---- | C] () -- C:\Windows\ActivStats.INI
[2010/07/16 12:39:16 | 000,000,093 | ---- | C] () -- C:\Users\Steve\AppData\Local\fusioncache.dat
[2010/07/16 12:13:41 | 000,756,022 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/03/08 03:22:41 | 000,000,216 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\wklnhst.dat
[2010/02/02 19:01:27 | 000,000,068 | ---- | C] () -- C:\Windows\GunzLauncher.INI
[2010/01/31 19:27:31 | 000,000,760 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\setup_ldm.iss
[2010/01/02 12:04:44 | 000,000,017 | ---- | C] () -- C:\Users\Steve\AppData\Local\resmon.resmoncfg
[2009/12/31 23:30:20 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2009/09/08 05:40:42 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009/09/04 09:41:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[color=#E56717]========== LOP Check ==========[/color]
[2011/09/30 15:05:12 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\.anki
[2011/07/25 22:46:54 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\.matplotlib
[2011/11/09 00:48:26 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\.minecraft
[2010/01/28 21:57:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\acccore
[2010/12/26 14:28:13 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Auslogics
[2010/01/03 02:29:17 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\BitZipper
[2011/11/30 22:50:55 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DAEMON Tools Lite
[2011/02/16 01:43:06 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DocumentsToGoDesktop
[2011/12/04 22:13:12 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Dropbox
[2011/11/09 00:48:27 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\GetRightToGo
[2010/01/06 17:52:37 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\ijjigame
[2011/11/09 00:29:54 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\IObit
[2010/01/31 19:27:33 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Leadertech
[2010/06/14 15:04:21 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\LolClient
[2011/08/01 23:57:19 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\ooVoo Details
[2011/11/09 00:30:03 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\OpenOffice.org
[2011/11/22 20:35:21 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Rainmeter
[2011/11/30 22:51:34 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\redsn0w
[2011/08/20 15:17:36 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\runic games
[2011/09/15 01:29:15 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Smart PDF Creator Pro
[2011/11/27 22:26:50 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Spotify
[2011/11/09 00:30:04 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Stanford
[2010/01/04 01:06:50 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Stardock
[2010/07/14 22:13:34 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Template
[2011/11/12 17:59:59 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Thunderbird
[2011/11/09 00:30:06 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Titanium
[2011/11/12 18:16:19 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\uTorrent
[2011/11/23 23:32:03 | 000,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color] | | |
|
| reply to cxsteve
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2011/12/04 21:57:44 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/11/30 22:51:34 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\redsn0w
[2011/11/24 12:33:42 | 001,566,512 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Steve\Desktop\TDSSKiller.exe
[2011/11/16 19:06:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/11/16 00:07:46 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/11/13 19:04:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011/11/13 19:04:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2011/11/12 23:04:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
[2011/11/12 14:41:14 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Roaming\Thunderbird
[2011/11/12 14:41:14 | 000,000,000 | ---D | C] -- C:\Users\Steve\AppData\Local\Thunderbird
[2011/11/12 14:40:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2011/11/12 12:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aurora
[2011/11/12 12:07:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2011/11/12 00:24:19 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2011/11/12 00:23:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/11/12 00:23:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symantec
[2011/11/08 18:55:55 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/11/05 17:35:00 | 000,000,000 | -HSD | C] -- C:\Windows\SysNative\%APPDATA%
[2011/11/05 17:30:00 | 000,000,000 | -HSD | C] -- C:\Users\Steve\AppData\Local\253e9aeb
[2 C:\Users\Steve\Desktop\*.tmp files -> C:\Users\Steve\Desktop\*.tmp -> ]
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2011/12/04 22:19:39 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/04 22:19:39 | 000,010,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/04 22:18:05 | 000,739,790 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/12/04 22:18:05 | 000,632,946 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/12/04 22:18:05 | 000,110,548 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/12/04 22:11:29 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2011/12/04 22:11:25 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/04 22:11:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/04 22:11:09 | 3195,289,600 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/04 21:58:02 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/04 21:35:33 | 585,062,681 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/04 20:11:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1606318821-766111990-2593504495-1001UA.job
[2011/12/03 22:42:13 | 000,033,420 | ---- | M] () -- C:\test.xml
[2011/12/03 08:11:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1606318821-766111990-2593504495-1001Core.job
[2011/12/02 19:41:46 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/12/02 19:41:46 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/11/30 01:30:53 | 000,262,024 | ---- | M] () -- C:\Users\Steve\Desktop\fee_waiver_form.pdf
[2011/11/29 23:42:43 | 001,498,487 | ---- | M] () -- C:\Users\Steve\Desktop\Steve Li experience v1.pdf
[2011/11/29 23:39:41 | 001,994,582 | ---- | M] () -- C:\Users\Steve\Desktop\Steve Li major v2.pdf
[2011/11/24 12:33:42 | 001,566,512 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Steve\Desktop\TDSSKiller.exe
[2011/11/23 02:46:39 | 000,324,874 | ---- | M] () -- C:\Users\Steve\Desktop\ApplyOnline_12-13_Transfer.pdf
[2011/11/23 02:18:31 | 000,160,047 | ---- | M] () -- C:\Users\Steve\Desktop\OCDTDREAMSCHOLARSHIP2011.pdf
[2011/11/16 00:07:46 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/11/15 01:23:39 | 001,193,607 | ---- | M] () -- C:\Users\Public\Documents\12234101.pdf
[2011/11/15 01:11:55 | 000,456,831 | ---- | M] () -- C:\Users\Steve\Desktop\6ec51404_C.pdf
[2011/11/14 19:55:21 | 000,066,629 | ---- | M] () -- C:\Users\Steve\Desktop\392907_10150945251365014_717960013_22055751_602297732_n.jpg
[2011/11/12 22:58:09 | 000,001,065 | ---- | M] () -- C:\Users\Public\Desktop\Aurora.lnk
[2011/11/12 20:45:31 | 000,475,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/08 17:42:09 | 000,000,304 | ---- | M] () -- C:\ProgramData\~oMZP4Bol6R5QcJ
[2011/11/08 17:37:51 | 000,000,440 | ---- | M] () -- C:\ProgramData\oMZP4Bol6R5QcJ
[2011/11/08 17:35:24 | 000,000,224 | ---- | M] () -- C:\ProgramData\~oMZP4Bol6R5QcJr
[2 C:\Users\Steve\Desktop\*.tmp files -> C:\Users\Steve\Desktop\*.tmp -> ]
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2011/11/30 01:31:01 | 000,262,024 | ---- | C] () -- C:\Users\Steve\Desktop\fee_waiver_form.pdf
[2011/11/29 23:42:30 | 001,498,487 | ---- | C] () -- C:\Users\Steve\Desktop\Steve Li experience v1.pdf
[2011/11/29 23:39:28 | 001,994,582 | ---- | C] () -- C:\Users\Steve\Desktop\Steve Li major v2.pdf
[2011/11/23 02:46:43 | 000,324,874 | ---- | C] () -- C:\Users\Steve\Desktop\ApplyOnline_12-13_Transfer.pdf
[2011/11/23 02:18:41 | 000,160,047 | ---- | C] () -- C:\Users\Steve\Desktop\OCDTDREAMSCHOLARSHIP2011.pdf
[2011/11/15 01:23:39 | 001,193,607 | ---- | C] () -- C:\Users\Public\Documents\12234101.pdf
[2011/11/15 01:12:04 | 000,456,831 | ---- | C] () -- C:\Users\Steve\Desktop\6ec51404_C.pdf
[2011/11/14 19:55:20 | 000,066,629 | ---- | C] () -- C:\Users\Steve\Desktop\392907_10150945251365014_717960013_22055751_602297732_n.jpg
[2011/11/12 22:58:09 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora.lnk
[2011/11/12 22:58:09 | 000,001,065 | ---- | C] () -- C:\Users\Public\Desktop\Aurora.lnk
[2011/11/08 17:35:24 | 000,000,224 | ---- | C] () -- C:\ProgramData\~oMZP4Bol6R5QcJr
[2011/11/08 17:35:23 | 000,000,304 | ---- | C] () -- C:\ProgramData\~oMZP4Bol6R5QcJ
[2011/11/08 17:35:20 | 000,000,440 | ---- | C] () -- C:\ProgramData\oMZP4Bol6R5QcJ
[2011/11/06 00:50:53 | 585,062,681 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/07/27 10:50:51 | 000,006,656 | ---- | C] () -- C:\Users\Steve\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/06/20 16:26:16 | 000,000,119 | ---- | C] () -- C:\ProgramData\20b4050b
[2011/05/31 02:10:07 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2011/04/25 20:04:49 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011/04/25 20:04:49 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/03/27 00:19:09 | 000,000,268 | ---- | C] () -- C:\Windows\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2010/09/12 18:53:38 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/09/12 18:53:38 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010/09/02 19:02:11 | 000,001,886 | ---- | C] () -- C:\Windows\ActivStats.INI
[2010/07/16 12:39:16 | 000,000,093 | ---- | C] () -- C:\Users\Steve\AppData\Local\fusioncache.dat
[2010/07/16 12:13:41 | 000,756,022 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/03/08 03:22:41 | 000,000,216 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\wklnhst.dat
[2010/02/02 19:01:27 | 000,000,068 | ---- | C] () -- C:\Windows\GunzLauncher.INI
[2010/01/31 19:27:31 | 000,000,760 | ---- | C] () -- C:\Users\Steve\AppData\Roaming\setup_ldm.iss
[2010/01/02 12:04:44 | 000,000,017 | ---- | C] () -- C:\Users\Steve\AppData\Local\resmon.resmoncfg
[2009/12/31 23:30:20 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2009/09/08 05:40:42 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009/09/04 09:41:31 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/10/07 09:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 09:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 09:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[color=#E56717]========== LOP Check ==========[/color]
[2011/09/30 15:05:12 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\.anki
[2011/07/25 22:46:54 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\.matplotlib
[2011/11/09 00:48:26 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\.minecraft
[2010/01/28 21:57:48 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\acccore
[2010/12/26 14:28:13 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Auslogics
[2010/01/03 02:29:17 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\BitZipper
[2011/11/30 22:50:55 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DAEMON Tools Lite
[2011/02/16 01:43:06 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\DocumentsToGoDesktop
[2011/12/04 22:13:12 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Dropbox
[2011/11/09 00:48:27 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\GetRightToGo
[2010/01/06 17:52:37 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\ijjigame
[2011/11/09 00:29:54 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\IObit
[2010/01/31 19:27:33 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Leadertech
[2010/06/14 15:04:21 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\LolClient
[2011/08/01 23:57:19 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\ooVoo Details
[2011/11/09 00:30:03 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\OpenOffice.org
[2011/11/22 20:35:21 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Rainmeter
[2011/11/30 22:51:34 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\redsn0w
[2011/08/20 15:17:36 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\runic games
[2011/09/15 01:29:15 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Smart PDF Creator Pro
[2011/11/27 22:26:50 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Spotify
[2011/11/09 00:30:04 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Stanford
[2010/01/04 01:06:50 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Stardock
[2010/07/14 22:13:34 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Template
[2011/11/12 17:59:59 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Thunderbird
[2011/11/09 00:30:06 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\Titanium
[2011/11/12 18:16:19 | 000,000,000 | ---D | M] -- C:\Users\Steve\AppData\Roaming\uTorrent
[2011/11/23 23:32:03 | 000,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color] | |
| reply to cxsteve
Im having a lot of trouble posting long text so I will just attach them...
OTL Extras logfile created on: 12/4/2011 10:18:01 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Steve\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 48.42% Memory free
7.93 Gb Paging File | 5.61 Gb Available in Paging File | 70.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 457.97 Gb Total Space | 195.31 Gb Free Space | 42.65% Space Free | Partition Type: NTFS
Computer Name: STEVE-VAIO | User Name: Steve | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Aurora\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1888CCF4-C705-5466-07B7-FF68501F436B}" = ATI Catalyst Install Manager
"{26A24AE4-039D-4CA4-87B4-2F86416015FF}" = Java(TM) 6 Update 15 (64-bit)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{5D492FFA-C816-57FD-10F6-4742329EED76}" = ccc-utility64
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160150}" = Java(TM) SE Development Kit 6 Update 15 (64-bit)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}" = UxStyle Core Beta
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{CCAFF072-4DDB-4846-963D-15F02A8E9472}" = Intel(R) PROSet/Wireless WiFi Software
"{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}" = Dolby Control Center
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"Go2PDF_is1" = Go2PDF 3.3
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update
"{5CF6EEE9-86B1-3DB6-A07C-8F6C079C39BA}" = Google Talk Plugin
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"AIM_7" = AIM 7
"Aurora 10.0a2 (x86 en-US)" = Aurora 10.0a2 (x86 en-US)
"Google Chrome" = Google Chrome
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"MWSnap 3" = MWSnap 3
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Spotify" = Spotify
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 12/5/2011 2:06:34 AM | Computer Name = Steve-VAIO | Source = Windows Search Service | ID = 3034
Description =
Error - 12/5/2011 2:06:34 AM | Computer Name = Steve-VAIO | Source = Windows Search Service | ID = 7010
Description =
Error - 12/5/2011 2:06:37 AM | Computer Name = Steve-VAIO | Source = Windows Search Service | ID = 3034
Description =
Error - 12/5/2011 2:06:37 AM | Computer Name = Steve-VAIO | Source = Windows Search Service | ID = 7010
Description =
Error - 12/5/2011 2:06:46 AM | Computer Name = Steve-VAIO | Source = Windows Search Service | ID = 3034
Description =
Error - 12/5/2011 2:06:46 AM | Computer Name = Steve-VAIO | Source = Windows Search Service | ID = 7010
Description =
Error - 12/5/2011 2:06:46 AM | Computer Name = Steve-VAIO | Source = Windows Search Service | ID = 3034
Description =
Error - 12/5/2011 2:06:46 AM | Computer Name = Steve-VAIO | Source = Windows Search Service | ID = 7010
Description =
Error - 12/5/2011 2:11:59 AM | Computer Name = Steve-VAIO | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)
Error - 12/5/2011 2:17:38 AM | Computer Name = Steve-VAIO | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.31.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 1adc Start Time:
01ccb3156ea82b2f Termination Time: 10 Application Path: C:\Users\Steve\Downloads\OTL.exe
Report
Id: d0834b80-1f08-11e1-aeb8-0024be7b896f
[ OSession Events ]
Error - 6/10/2010 1:20:48 AM | Computer Name = Steve-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5
seconds with 0 seconds of active time. This session ended with a crash.
Error - 1/3/2011 7:13:47 AM | Computer Name = Steve-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.
Error - 7/28/2011 4:46:45 AM | Computer Name = Steve-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 22928 seconds with 13380 seconds of active time. This session ended with
a crash.
Error - 11/12/2011 6:33:01 PM | Computer Name = Steve-VAIO | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 432
seconds with 120 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 12/5/2011 2:13:52 AM | Computer Name = Steve-VAIO | Source = Service Control Manager | ID = 7023
Description = The Windows Search service terminated with the following error: %%1613
Error - 12/5/2011 2:13:52 AM | Computer Name = Steve-VAIO | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
15 time(s).
Error - 12/5/2011 2:14:34 AM | Computer Name = Steve-VAIO | Source = Service Control Manager | ID = 7023
Description = The Windows Search service terminated with the following error: %%1613
Error - 12/5/2011 2:14:34 AM | Computer Name = Steve-VAIO | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
16 time(s).
Error - 12/5/2011 2:15:22 AM | Computer Name = Steve-VAIO | Source = Service Control Manager | ID = 7023
Description = The Windows Search service terminated with the following error: %%1613
Error - 12/5/2011 2:15:22 AM | Computer Name = Steve-VAIO | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
17 time(s).
Error - 12/5/2011 2:16:15 AM | Computer Name = Steve-VAIO | Source = Service Control Manager | ID = 7023
Description = The Windows Search service terminated with the following error: %%1613
Error - 12/5/2011 2:16:15 AM | Computer Name = Steve-VAIO | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
18 time(s).
Error - 12/5/2011 2:16:22 AM | Computer Name = Steve-VAIO | Source = Service Control Manager | ID = 7023
Description = The Windows Search service terminated with the following error: %%1613
Error - 12/5/2011 2:16:22 AM | Computer Name = Steve-VAIO | Source = Service Control Manager | ID = 7034
Description = The Windows Search service terminated unexpectedly. It has done this
19 time(s).
Results of screen317's Security Check version 0.99.28
Windows 7 x64 (UAC is enabled)
``````````````````````````````
[u]Antivirus/Firewall Check:[/u]
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
[u]Anti-malware/Other Utilities Check:[/u]
Malwarebytes' Anti-Malware
````````````````````````````````
Process Check:
[u]objlist.exe by Laurent[/u]
``````````End of Log````````````
QuickScan 32-bit v0.9.9.100
---------------------------
Scan date: Sun Dec 04 22:34:19 2011
Machine ID: 7034020C
C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClientUI.exe - hidden file!
No infection found.
-------------------
Processes
---------
CCP 5332 C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
DAEMON Tools Lite 4516 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
DivX Update 428 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Dropbox 4716 C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
Google Chrome 2172 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 3284 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 3712 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 3856 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 4204 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 4292 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 4420 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 4756 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 5000 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 5056 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 5912 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 6164 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 6560 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 7008 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Chrome 7712 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
iTunes 4784 C:\Program Files (x86)\iTunes\iTunesHelper.exe
Microsoft Office 2010 5016 C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
Microsoft Office 2010 4696 C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
Microsoft® Windows® Operating System 7860 C:\Windows\SysWOW64\rundll32.exe
PowerManager 5636 C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
RAID Event Monitor 4328 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
RocketDock.exe 4648 C:\Program Files (x86)\RocketDock\RocketDock.exe
SmartWi Connection Utility 5952 C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
ThirdPartyAppMgr 5620 C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
Tivoli Endpoint Manager 6012 C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClientUI.exe
VAIO Media plus 4928 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(verified) Google Update 4564 C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe
Network activity
----------------
Process chrome.exe (4292) connected on port 443 (HTTP over SSL) --> 74.125.224.144
Process chrome.exe (4292) connected on port 443 (HTTP over SSL) --> 74.125.224.149
Process chrome.exe (4292) connected on port 80 (HTTP) --> 74.125.224.43
Process chrome.exe (4292) connected on port 80 (HTTP) --> 74.125.224.122
Process chrome.exe (4292) connected on port 80 (HTTP) --> 74.125.224.122
Process chrome.exe (4292) connected on port 80 (HTTP) --> 74.125.224.122
Process chrome.exe (4292) connected on port 443 (HTTP over SSL) --> 74.125.127.95
Process chrome.exe (4292) connected on port 80 (HTTP) --> 198.87.51.50
Process chrome.exe (4292) connected on port 80 (HTTP) --> 128.241.90.75
Process chrome.exe (4292) connected on port 80 (HTTP) --> 69.171.224.40
Process chrome.exe (4292) connected on port 80 (HTTP) --> 198.87.51.50
Process chrome.exe (4292) connected on port 443 (HTTP over SSL) --> 74.125.224.142
Process chrome.exe (4292) connected on port 443 (HTTP over SSL) --> 74.125.127.132
Process chrome.exe (4292) connected on port 80 (HTTP) --> 66.235.142.2
Process Dropbox.exe (4716) connected on port 80 (HTTP) --> 199.47.216.148
Process GROOVE.EXE (5016) connected on port 2492 --> 65.55.122.233
Process chrome.exe (4292) listens on ports: 50374, 50377, 50379, 50381, 50416, 50508, 50511, 50655, 50658, 50686
Process Dropbox.exe (4716) listens on ports: 17500, 49322
Process GROOVE.EXE (5016) listens on ports: 2492
Autoruns and critical files
---------------------------
Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
Application C:\Program Files (x86)\Google\Chrome\Application
Catalyst® Control Center C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
DAEMON Tools Lite C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
DivX Update C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
Google Chrome C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Google Desktop C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe
Google Desktop C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
iTunes C:\Program Files (x86)\iTunes\iTunesHelper.exe
Java(TM) Platform SE Auto Updater 2 0 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
Microsoft® Windows® Operating System C:\Windows\system32\cmd.exe
Microsoft® Windows® Operating System c:\windows\syswow64\userinit.exe
QuickTime C:\Program Files (x86)\QuickTime\QTTask.exe
Rainmeter C:\Program Files\Rainmeter\Rainmeter.exe
RocketDock.exe C:\Program Files (x86)\RocketDock\RocketDock.exe
SmartWi Helper C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe
VAIO Event Service C:\Windows\system32\VESWinlogon.dll
VAIO Media plus C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
Windows Live Messenger C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
Windows Live® Photo Gallery C:\Windows\WLXPGSS.SCR
(verified) Google Update C:\Users\Steve\AppData\Local\Google\Update\GoogleUpdate.exe
Browser plugins
---------------
ijji Optimizer Application C:\Windows\Downloaded Program Files\ijjiOptimizer.exe
AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll
BitDefender QuickScan C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.100_0\npqscan.dll
Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
ChannelingPluginforReactor Dynamic Link C:\Windows\Downloaded Program Files\ChannelingPluginforReactor.dll
Conduit Toolbar c:\program files (x86)\conduitengine\conduitengine.dll
Conduit Toolbar c:\program files (x86)\utorrentbar\tbutor.dll
DivX VOD Helper Plug-in C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
DivX Web Player C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
Google Earth Plugin C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
Google Talk Plugin C:\Users\Steve\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
Google Talk Plugin Video Accelerator C:\Users\Steve\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
Google Update C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
Google Update C:\Users\Steve\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
ijjiNotify2 C:\Windows\Downloaded Program Files\ijjiNotify2.exe
ijjiPCPlugin C:\Windows\Downloaded Program Files\ijjiPCPlugin.dll
ijjiPreNotify C:\Windows\Downloaded Program Files\ijjiPreNotify2.exe
ijjiPreStarter C:\Windows\Downloaded Program Files\ijjiPreStarter2.exe
ijjiSetup Module C:\Windows\Downloaded Program Files\ijjiSetup1010.dll
ijjistarter C:\Windows\Downloaded Program Files\ijjistarter2.exe
Java(TM) Platform SE 6 U23 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
Java(TM) Platform SE 6 U23 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL
Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL
Microsoft Office 2010 c:\program files (x86)\microsoft office\office14\urlredir.dll
Microsoft Office Live Plug-in for Firef C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
Microsoft Office WRC Control C:\Windows\Downloaded Program Files\wrc32.ocx
Microsoft® Windows Live ID c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll
Microsoft® Windows Live ID C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows Live ID C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
Microsoft® Windows® Operating System C:\Windows\system32\wshbth.dll
npitunes.dll C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
Pando Web Plugin C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
Picasa C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
Purple Launcher C:\Windows\Downloaded Program Files\PLauncher.exe
QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll
Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
Windows Live® Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Windows® Internet Explorer C:\Windows\SysWOW64\ieframe.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
(verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll
Missing files
-------------
File not found: C:\Users\Steve\AppData\Roaming\privacy.exe
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"Privacy Protection"
File not found: C:\Windows\System32\StikyNot.exe
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"RESTART_STICKY_NOTES"
Scan
----
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 \\?\globalroot\systemroot\syswow64\mswsock.DLL
MD5: 4393dcb856a2a109e266e6f59e2ef31a C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
MD5: 69169586efad19f53c2012ffd8fdcf45 C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
MD5: 494d1d57779360d2632328c3646de5db C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
MD5: 6561a097e3a6534bf4e7819929172fb1 C:\Program Files (x86)\BigFix Enterprise\BES Client\BESClientUI.exe
MD5: 2b81226910f765a9191eb9db93743237 C:\Program Files (x86)\Bonjour\mdnsNSP.dll
MD5: 1c87705ccb2f60172b0fc86b5d82f00d C:\Program Files (x86)\Bonjour\mDNSResponder.exe
MD5: 203a74767eb81f96a5166b1933db46d0 c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
MD5: dddd1d04d5f4360371bc99c7c476f70d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
MD5: 1edd423e34c5ff8f1c9c94a1afc12d03 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.DLL
MD5: de4835a2de88d3597fdc92b863333f05 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: d30dd708f05fb85ef2c53727ed3573d2 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt40.dll
MD5: 38711bb50d27b7145186f61ce31b3336 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuin40.dll
MD5: 9e515554a3ea7b70c975f61971c6977d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icuuc40.dll
MD5: 7ef0c8a9a1a57756f4868e3693173c08 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 258d35f5f5f5f3f6045488ecdc14faab C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
MD5: 20f6f19fe9e753f2780dc2fa083ad597 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: e6748a0adc22f0595e31448cac746d3f C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: d4c4092e92a86ac100ca4023c619521a C:\Program Files (x86)\Common Files\Microsoft Shared\office14\1033\MSOINTL.DLL
MD5: 25e3d482aa56b0babb49ce798c1b3c0e C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll
MD5: ffc54fa19fd67dde232cfc0a87b0b1a7 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MD5: 022fef4e72936bc44f669559aca66891 C:\Program Files (x86)\Common Files\Microsoft Shared\office14\mso.dll
MD5: 58153a61b24881c06685188e763e851d C:\Program Files (x86)\Common Files\Microsoft Shared\office14\riched20.dll
MD5: 69e5c55137289de546610c39134a5820 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\USP10.DLL
MD5: 1d9c3d7a1f8838e6280fa3f7d1fe4ed8 C:\Program Files (x86)\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
MD5: 7d6d3605ceb50d5da275ede9349f549f C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
MD5: 72b46103e4111439109acf5882627c24 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
MD5: cebcbffe48509722612177627c17da94 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDtcpB.dll
MD5: e67c990ba8e132c480f0d0a937eca177 C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\UK\SHSResource.dll
MD5: ddace49b758d25408e41c44a91cdd758 C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
MD5: 06fe5beddadb158d84e6de33cbe19f3e C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
MD5: 313ce91f1b734e2e02f0f4465b52115a C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
MD5: d8bef4ac1eac809dbdbd441d6cff6c4c C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
MD5: 4e7135d6d0127067e4cfee12259f895d C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
MD5: 01e190b029476013db4d7203fd20cebc c:\program files (x86)\conduitengine\conduitengine.dll
MD5: a96cf24dce0dbac3c3b80b61fb1c44a7 C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
MD5: 7636713b4f0944045ab4af7ced5245ab C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MD5: 7726c681f89f51d1d03f5dec2538da7b C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MD5: f94e03ab18d089b2545f9a01c348afa4 C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\avcodec-53.dll
MD5: fc61b78c3eb5d9da981946dba1e0f43b C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\avformat-53.dll
MD5: 44b41701012a102a3a929f47bf878f25 C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\avutil-51.dll
MD5: 891735892cda9aa81ba3a1f4abf046af C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\chrome.dll
MD5: be0ff1633a2b280fb455ccd07c111050 C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll
MD5: 97bb4e265dee073326e46f9b14463db7 C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\icudt.dll
MD5: aee3e6bfcd9e53c4f7a916befcf95eee C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll
MD5: aad4d633eec058b392b66644f50cd909 C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
MD5: 5e101bf6336d3def4a588bf56bb2aa38 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
MD5: c6ff4d368d86cf10e4cd7ace4fbc728e C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopAPI2.dll
MD5: bcdf0c5b579c74f364aa5c74a9f173e5 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopCommon.dll
MD5: 38dabd323f34974cfb7c565ea1db62a4 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
MD5: ba8ff281ffb4600046127f3a69764658 C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopResources_en.dll
MD5: 2437be68d5a37a75fad51c5f0e9a03ed C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
MD5: 45d7f2fabdfd500e3c35dc068b552544 C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
MD5: 8c2044169be2224c8a7cb8e81e7581af C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
MD5: fc4c561550e5407ffa29d4f6c69b272f C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ENU\IAAMon_ENU.dll
MD5: 984bdac9f4fc9993ce8d3a7d7da3e9a5 C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\ISDI.dll
MD5: 4393dcb856a2a109e266e6f59e2ef31a C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll
MD5: 534fb04d167ce2b8de6e180a23646074 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll
MD5: 28e494b3876cb33097c10ef1db54fb08 C:\Program Files (x86)\iTunes\iTunesHelper.dll
MD5: 879d74337173a6d630d3d06184d354c1 C:\Program Files (x86)\iTunes\iTunesHelper.exe
MD5: c3c3c665d4cb8460f45c92c87ff5ad63 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: bed23c787df1f672959bf29f6aebe68a C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: 2dee3cbe9db65124c49a6366d0b042a3 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
MD5: 67e74163c6178aa696e2b4a726770a02 c:\program files (x86)\java\jre6\bin\jp2ssv.dll
MD5: ea8fcf30d2961369435c84ce3b3063f1 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
MD5: ed60ffd305ac0424920d146db9f9ed78 C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
MD5: 877e4382e0b72289bfb9b959ec993e0d C:\Program Files (x86)\Microsoft Office\Office14\1033\ospintl.dll
MD5: 67bd916f01424deb8ab8cd9e0096f277 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
MD5: 07a9c6a8a3fb33293f6d7b2b550432a4 C:\Program Files (x86)\Microsoft Office\Office14\cdlmso.dll
MD5: 4e761946589408d5cb491a64898bcc4c C:\Program Files (x86)\Microsoft Office\Office14\GROOVEMN.EXE
MD5: 65efc0b7a266304a4b21444771fd4f33 C:\Program Files (x86)\Microsoft Office\Office14\IPEDITOR.DLL
MD5: ad21d4c8d41075b2fceb6ab6468199a6 C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
MD5: ce6db25ffa35fd051c503f11db745862 c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
MD5: 4a9325c8c85f54cb32f8954542d6b85a C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
MD5: 9132794c7d729764081476176a4015d0 C:\Program Files (x86)\QuickTime\QTSystem\QTCF.dll
MD5: 521e6a5e7bfbd595cbba5dea84a83a43 C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.qts
MD5: 73430e79d6df4de9055e2a7742b881d3 C:\Program Files (x86)\QuickTime\QTTask.exe
MD5: 4a2a05b25df4385f5aec6f07b1c1e93d C:\Program Files (x86)\RocketDock\RocketDock.dll
MD5: 7dfccc67990b6de7f30f553a4e4612a4 C:\Program Files (x86)\RocketDock\RocketDock.exe
MD5: d02e5a46f77c182ca1964080bcd586f7 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
MD5: e5809597278802d09273ee07b5fc56e1 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
MD5: 6e90c46f455525fc6cd990db4f109c33 C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe
MD5: 37dea89c9fe6068dc6a8a89e07b632ec C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll
MD5: ab85ab94829889f0fd2d96567da7bdc4 C:\Program Files (x86)\Sony\SmartWi Connection Utility\DevicePanel.dll
MD5: 4bf7d247cd6ba9308a56090f40f23fe9 C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll
MD5: 60d615ea71f76c0bd90423e7cfce5120 C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
MD5: a67abcbcf3794495f3275db41698af92 C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
MD5: 399e93b0308e8a7d88b7a5a0253babef C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.GobiThirdPartyApp.dll
MD5: 86071b067ea919c2f5996260de0bb3d4 C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
MD5: 16c87f327daf7c8dc35f85a01ce62230 C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
MD5: ddb8970437eddeba38701532983485a6 C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
MD5: 7fc80c43638ee598758690bd526db613 C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
MD5: 486a504dbc6d324afbcd641b266c0aef C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
MD5: 4cd6c978e82d9daf0c16855cf2b6217b C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
MD5: d7faa3d35f8e96b222a97b50d9fcb630 C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll
MD5: 72b946bcea81c48b1cdc89527df7f143 C:\Program Files (x86)\Sony\SmartWi Connection Utility\NativeWifiWrap.dll
MD5: c5f220cb4bcf60db86c876fcbb434c08 C:\Program Files (x86)\Sony\SmartWi Connection Utility\NotifyIconEx.dll
MD5: 37f9b529e21329e030b245daa7705892 C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe
MD5: c1c6bacda7a322b79bbdfaf8e090be86 C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll
MD5: 6583e91a9782e7fe4aff336e7ce118e0 C:\Program Files (x86)\Sony\SmartWi Connection Utility\SendMessage.dll
MD5: ee3a4809e3442106b81f2eae80e60c9f C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll
MD5: bab460b9b90e22c25c5d9d5d68aa5222 C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWi.exe
MD5: 1cf67ce6f38af0e7be6544288411aa80 C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe
MD5: c6623e363583ff4d496f6ea67ab675e7 C:\Program Files (x86)\Sony\SmartWi Connection Utility\SnyUtilsWrapper.dll
MD5: 1de485cc399c7431b482c7c76b66cfac C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll
MD5: 98b3f05aa14e36dafaba1c0eeed99b21 C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe
MD5: ccb814d6f15a5aae4e4ff8b9399779ab C:\Program Files (x86)\Sony\SmartWi Connection Utility\TosBtWrap.dll
MD5: d4197cf0c8567046fd4af28ff47af528 C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
MD5: 01e190b029476013db4d7203fd20cebc c:\program files (x86)\utorrentbar\tbutor.dll
MD5: 131f7859e5e5c04449bad797f3eeb5d9 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: 3b71b5b91e7dca93585d5a86c897adc4 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
MD5: 4d25a79a9f67a7e2d8d5382e75fcb124 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
MD5: 0a888754c63c3a5d8cd8f7492c62b40d C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
MD5: db544b487f360128dc1c383e0a6fcc2f C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
MD5: 51643ee2712d9212e1e53ca7e8d8eb4a C:\Program Files\Intel\WiFi\bin\EvtEng.exe
MD5: b7cb0b121962cd89f98c0dd89331b0c0 C:\Program Files\iPod\bin\iPodService.exe
MD5: a2f02d47bb30e5f473352f435f7d7835 C:\Program Files\Rainmeter\Rainmeter.exe
MD5: 01e6a1e53e39a0b1e2b6ae62bf52e8ec C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
MD5: 6b318f9443740a907d1c8f3460c19009 C:\Program Files\Sony\VAIO Care\collsvc.exe
MD5: 2d6605c1f0bbd0f71a4cb3a5b1e07240 C:\Program Files\Sony\VAIO Power Management\SPMService.exe
MD5: 34063c0b842e73662067f9b03947c55c C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
MD5: a8f5d1651a324abc6c308891a1252ee3 C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: deb0136cea7fbbbf96171e22bd74053d C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.100_0\npqscan.dll
MD5: ebb3c5714874cdf1a4fa98f9b99bb834 C:\Users\Steve\AppData\Local\Google\Update\1.3.21.79\goopdate.dll
MD5: 8c2044169be2224c8a7cb8e81e7581af C:\Users\Steve\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
MD5: 05a72e267523163acdb753a6ec36ce2f C:\Users\Steve\AppData\Roaming\Dropbox\bin\Dropbox.exe
MD5: 6d74290856347cf8682277a54b433d4b C:\Users\Steve\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
MD5: 0b02d9aa67eea2c5524943b69418512e C:\Users\Steve\AppData\Roaming\Dropbox\bin\PYTHON25.DLL
MD5: ad2c471e10d9af88b80571afbedc2028 C:\Users\Steve\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
MD5: 113fe2ed884604b4f32f746a4d7296a3 C:\Users\Steve\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
MD5: 368b2bee3f88bfb883d2c74a258de6f6 C:\Windows\AppPatch\AcLayers.DLL
MD5: 6d7de520d8aa80a243347becd401eb54 C:\Windows\AppPatch\AcWow64.DLL
MD5: 34b28f4ad92f4a75d739f7b0e06858ef C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MD5: 52c875e8f96e4f9e69914a538c129c6e C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MD5: 1d4da021b0ad837b35afb772cc7c636d C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MD5: 2228fa05bcc728e116663a5e11ed6301 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MD5: 5b3fa17e1cd6fbbdf41ac34daeecc256 C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MD5: 175c13b93432e9fa2e5a1496f70a2a8b C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MD5: 638f45c6397c911828d2a478729b23aa C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MD5: 3e80e0995b343504acdc380a6e485193 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MD5: ae6ed044b086de628d79456baf2acf36 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MD5: ad5e49c6f29bae44c175fb1516421d4e C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MD5: c53291a27182148d28f47cfc2bdadff5 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll
MD5: a59af86f303b943da25724ef1a9060f6 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MD5: a2fbad05e30d830e9208b6e8dfb409f6 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MD5: c1ef78195dee2d5c6175b4bc1f4d69a0 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MD5: 8df679660a0eb85917e447f0dd962fee C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MD5: e802baf0b20ccca90ec32d1d7d0ba05a C:\Windows\Downloaded Program Files\ChannelingPluginforReactor.dll
MD5: fa29cb29cdd57bbe809e4fd6246f9dbf C:\Windows\Downloaded Program Files\ijjiNotify2.exe
MD5: 9956cb0a1a1c8886a956efaa3bbd6ff0 C:\Windows\Downloaded Program Files\ijjiOptimizer.exe
MD5: e16b129afb492be9733cae06ed8c8a03 C:\Windows\Downloaded Program Files\ijjiPCPlugin.dll
MD5: 543f242ca5472a601f320a6e2c0a7dde C:\Windows\Downloaded Program Files\ijjiPreNotify2.exe
MD5: a316f1c526ce672425290247376c2f45 C:\Windows\Downloaded Program Files\ijjiPreStarter2.exe
MD5: dcd06b578090c2af0e5bf03b46889464 C:\Windows\Downloaded Program Files\ijjiSetup1010.dll
MD5: e9384e90fea5eff55b093c7aa932aadf C:\Windows\Downloaded Program Files\ijjistarter2.exe
MD5: df2db4692826fdf6ca59e4e6347effd0 C:\Windows\Downloaded Program Files\PLauncher.exe
MD5: c4002b6b41975f057d98c439030cea07 C:\Windows\ehome\ehRecvr.exe
MD5: 332feab1435662fc6c672e25beb37be3 C:\Windows\Explorer.exe
MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
MD5: 7b46a076184b73aedc1a66a71d9131e8 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
MD5: 59d16fd61802739988728790bf1232b3 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MD5: 96076b8fcdff3c6db4ccfbf7fe3a9b28 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MD5: 972dcc74d4cdcb64086e7cfacbdb74cb C:\Windows\Microsoft.NET\Framework\v2.0.50727\wminet_utils.dll
MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MD5: 773212b2aaa24c1e31f10246b15b276c C:\Windows\servicing\TrustedInstaller.exe
MD5: 37ce7a79d901235504f9add99a7ac177 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 7a044b0746d957bfd7aae18cfd8422c5 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 0a12d948b2cc7fbb01e28daa5e7c01ea C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: cb4863f2bd46aa02d954b86b56a149da C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 2cae4ed96aa903578452b85e5383940c C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: e96170a923a69711b4d08e885f05d889 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 44ca750001f0db8c308d1ca4abd0f8e5 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 15df9eb8daba744e4d0e9b117f760f49 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: a2385b02cb492131af6f79959a42a93f C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3ad0832e8e29fbe9bd722e3354dd4f57 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 88dc1714e38d4eb41a4378aab98e753b C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: a1d4deb5176c96b1a80715f6a1fdfb4f C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: b302a1630e5aea2d830b76bbcd761d72 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 22f767bb3b704f79363999bd4a49e68e C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 00b83152f99e846fefb139c574cd4a96 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 50035c36acee069d0c209288208626d9 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: cdf677ad479fa99f2e4d9766b83ef53c C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 12c34c7325b74e8347e8db75279a8f3f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 96324ed3218133a13fff82055afac733 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: a7bdf88a46bcc218b73e383e6547ba5f C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 573c70d7076f2f101752a727db7c2280 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: 29b01d02e9ff3d8a63f8747b50a5a1a3 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 0cc90316b34118e3b8af760d92c262a4 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 6f399c3e562c4e69df96039743a7aa26 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: f3b94e04053c2483a6fecf953d6661d6 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: c6942a18444bfffc3cceca69a7e1879c C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: f47e08b025ae376ef1342fc9ecfecdf1 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 8a13e14b68e00ac2cb67420396d8a1c5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\system32\AUDIOSES.DLL
MD5: 7a6986dd659b96398a11af5173892715 C:\Windows\system32\Cabinet.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
MD5: a585bebf7d054bd9618eda0922d5484a C:\Windows\system32\cryptsvc.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\cscapi.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\system32\dbghelp.dll
MD5: 162d247e995eaebf3ef4289069e1111c C:\Windows\system32\DEVRTL.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\dnsapi.DLL
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\system32\explorer.exe
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\explorerframe.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\System32\fwpuclnt.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\system32\IMM32.DLL
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\system32\iphlpapi.DLL
MD5: bc5525c19f79b6099b085d0c00c4ef46 C:\Windows\system32\irprops.cpl
MD5: 1f6080e8af9791687d946907644f01b3 C:\Windows\system32\jsproxy.dll
MD5: 8ea53101ff2b15bdff934b62a8fb326d C:\Windows\system32\LOGONCLI.DLL
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\system32\MMDevAPI.DLL
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: d83947a58613e9091b4c9cc0f1546a8d C:\Windows\SYSTEM32\MSCOREE.DLL
MD5: 0ce4d3bd306da6d1f6f233c403f5b667 C:\Windows\system32\msi.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: c5a99a4c0dc9f0f5a95ba0c83d30a549 C:\Windows\System32\mstask.dll
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\system32\mswsock.dll
MD5: 4205ca4cd43e725db9ff02b0a588a8c6 C:\Windows\System32\msxml3.dll
MD5: 269d867585cda04d3972a39f3694e7df C:\Windows\System32\msxml6.dll
MD5: 8ce1a6d16b9077e91e192499eb611c5f C:\Windows\system32\NETAPI32.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
MD5: 104a1070e90f1c530328e69b49718841 C:\Windows\System32\nlaapi.dll
MD5: 9131fe60adfab595c8da53ad6a06aa31 C:\Windows\system32\npptNT2.sys
MD5: eb77db354791a5932ca559b6f6374e95 C:\Windows\system32\ntshrui.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\OLEACC.dll
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\system32\propsys.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\system32\provsvc.dll
MD5: 102cf6879887bbe846a00c459e6d4abc C:\Windows\system32\RICHED20.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\system32\rtutils.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
MD5: a8ce0c7f1d37e0b8082608a148b6b976 C:\Windows\system32\Secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: be247ae996a9fde007a27b51413a6c79 C:\Windows\system32\shdocvw.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\SXS.DLL
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\USERENV.dll
MD5: 84b633c780df58fbf240f37ea776e9e7 C:\Windows\system32\VESWinlogon.dll
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: d205c24a9d069049fe2df2a1b38726a7 C:\Windows\system32\wdmaud.drv
MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
MD5: 02c61d8ad469417f5508225c75de3236 C:\Windows\system32\webio.dll
MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\Windows\system32\WindowsCodecs.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\system32\WINHTTP.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\WINSPOOL.DRV
MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\system32\WINSTA.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
MD5: ac122407b29378ff9646f03404ac7c54 C:\Windows\system32\wshbth.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\WTSAPI32.dll
MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\syswow64\ADVAPI32.dll
MD5: f436e847fa799ecd75ad8c313673f450 C:\Windows\syswow64\CFGMGR32.dll
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\syswow64\COMDLG32.dll
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\SysWOW64\credssp.dll
MD5: 454e292861a4ef1d72f43f42bbaf6917 C:\Windows\syswow64\CRYPT32.dll
MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\Windows\syswow64\DEVOBJ.dll
MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\Windows\syswow64\GDI32.dll
MD5: d029a6232e1d87b8cd707c1486020217 C:\Windows\SysWOW64\ieframe.dll
MD5: 35b39fdaa786ec7cef7eec5a6e8df854 C:\Windows\syswow64\iertutil.dll
MD5: b2fd31e20b423335fe3273b4bf95813c C:\Windows\syswow64\imagehlp.dll
MD5: a6f09e5669d9a19035f6d942caa15882 C:\Windows\syswow64\IMM32.dll
MD5: 494701186ccf559024b9db11760b7dbc C:\Windows\SysWOW64\jscript.dll
MD5: 99c3f8e9cc59d95666eb8d8a8b4c2beb C:\Windows\syswow64\kernel32.dll
MD5: 5c2d21c9b6b6175b89bc5d7e3cb979e1 C:\Windows\syswow64\KERNELBASE.dll
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\syswow64\MSASN1.dll
MD5: 009751094a5a9041723d635af249dc6f C:\Windows\SysWOW64\mshtml.dll
MD5: 4c1e16b9a53102c8d6fba587cbcb95de C:\Windows\SysWOW64\msv1_0.DLL
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\syswow64\mswsock.dll
MD5: d124f55b9393c976963407dff51ffa79 C:\Windows\SysWOW64\ntdll.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\syswow64\ole32.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\SysWOW64\OLEACC.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\syswow64\OLEAUT32.dll
MD5: c5ad8083cf94201f1f8084ecc696a8b7 C:\Windows\syswow64\RPCRT4.dll
MD5: 135f7ac9be35ab1df727faf2e60e92f8 C:\Windows\SysWOW64\schannel.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\syswow64\SETUPAPI.dll
MD5: 16ab4bd2acc52109f43739bf0e89e18f C:\Windows\syswow64\SHELL32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\syswow64\SHLWAPI.dll
MD5: 7224d964a6d657374c551c878eb2c386 C:\Windows\syswow64\SspiCli.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\SysWOW64\SXS.DLL
MD5: 6773e5901026c70f738d239c020f2722 C:\Windows\syswow64\urlmon.dll
MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\Windows\syswow64\USER32.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\syswow64\userinit.exe
MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\Windows\syswow64\USP10.dll
MD5: dbf24e87cb605a4f6e7424dd86f7a62c C:\Windows\syswow64\WININET.dll
MD5: 2d0d2da87bea7144f2a17f19d0d17e4c C:\Windows\syswow64\WINTRUST.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\syswow64\WLDAP32.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\syswow64\WS2_32.dll
MD5: 8f387a1cc015a3f5020700c657a0fc85 C:\Windows\UnsignedThemesSvc.exe
MD5: d5e459bed3db9cf7fc6cc1455f177d2d C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: e2c48cd0132d4d1dc7d0df9a6bef686a C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
MD5: 28a09777d2d952122567a8a82f1a2c7b C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
MD5: 58a14c45a5cd2528f10a889e7b0c3fc2 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: ca6ade4f7761bb15b3325356dc3b82bb C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
MD5: fbfca1a574d47ee575448b719cbbf2e4 C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\Comctl32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\COMCTL32.dll
MD5: 0029eba325f2fc9b6ba46bee33f32a09 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll
MD5: 24742745eaa2bc6674b2882c7f345ccb C:\Windows\WLXPGSS.SCR
No file uploaded.
Scan finished - communication took 3 sec
Total traffic - 0.03 MB sent, 1.24 KB recvd
Scanned 471 files and modules - 61 seconds | |
 LoPhatPhuudPremium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:23
 ·Comcast
| reply to cxsteve
First:
You did not remove the detects foudn by MBAM. Please run MBAM again, the time selecting detected items for removal. See the Mandatory FAQ for full info on running MBAM.
Second:
Download and run TDSS Killer, posting the log in this thread. Please post the log, even if nothing is detected.
You'll find the link(s) and instruction(s) here:
»Security Cleanup FAQ »Rootkit Detection Applications
Third:
The logs do not show an antivirus program. How long have you been running without an antivirus program?
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum | |
| Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8312
Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514
12/6/2011 10:02:01 PM
mbam-log-2011-12-06 (22-02-01).txt
Scan type: Quick scan
Objects scanned: 207249
Time elapsed: 3 minute(s), 57 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected) | |
| reply to LoPhatPhuud
TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
22:04:30.0640 8156 ============================================================
22:04:30.0640 8156 Current date / time: 2011/12/06 22:04:30.0640
22:04:30.0640 8156 SystemInfo:
22:04:30.0640 8156
22:04:30.0640 8156 OS Version: 6.1.7601 ServicePack: 1.0
22:04:30.0640 8156 Product type: Workstation
22:04:30.0641 8156 ComputerName: STEVE-VAIO
22:04:30.0641 8156 UserName: Steve
22:04:30.0641 8156 Windows directory: C:\Windows
22:04:30.0641 8156 System windows directory: C:\Windows
22:04:30.0641 8156 Running under WOW64
22:04:30.0641 8156 Processor architecture: Intel x64
22:04:30.0641 8156 Number of processors: 2
22:04:30.0641 8156 Page size: 0x1000
22:04:30.0641 8156 Boot type: Normal boot
22:04:30.0641 8156 ============================================================
22:04:31.0850 8156 Initialize success
22:04:33.0964 9736 ============================================================
22:04:33.0964 9736 Scan started
22:04:33.0964 9736 Mode: Manual;
22:04:33.0964 9736 ============================================================
22:04:35.0440 9736 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
22:04:35.0448 9736 1394ohci - ok
22:04:36.0115 9736 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
22:04:36.0167 9736 ACPI - ok
22:04:36.0417 9736 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
22:04:36.0423 9736 AcpiPmi - ok
22:04:36.0530 9736 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:04:36.0538 9736 adp94xx - ok
22:04:36.0657 9736 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:04:36.0666 9736 adpahci - ok
22:04:36.0708 9736 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:04:36.0717 9736 adpu320 - ok
22:04:36.0941 9736 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
22:04:36.0962 9736 AFD - ok
22:04:37.0074 9736 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
22:04:37.0077 9736 agp440 - ok
22:04:37.0149 9736 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
22:04:37.0151 9736 aliide - ok
22:04:37.0210 9736 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
22:04:37.0212 9736 amdide - ok
22:04:37.0259 9736 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:04:37.0262 9736 AmdK8 - ok
22:04:37.0347 9736 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:04:37.0415 9736 AmdPPM - ok
22:04:37.0545 9736 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
22:04:37.0548 9736 amdsata - ok
22:04:37.0634 9736 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:04:37.0638 9736 amdsbs - ok
22:04:37.0763 9736 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
22:04:37.0765 9736 amdxata - ok
22:04:37.0860 9736 ApfiltrService (56bd886820c4aedf493cfcdf1ccfb004) C:\Windows\system32\DRIVERS\Apfiltr.sys
22:04:37.0868 9736 ApfiltrService - ok
22:04:37.0947 9736 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
22:04:37.0958 9736 AppID - ok
22:04:38.0193 9736 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:04:38.0195 9736 arc - ok
22:04:38.0281 9736 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:04:38.0284 9736 arcsas - ok
22:04:38.0370 9736 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
22:04:38.0371 9736 ArcSoftKsUFilter - ok
22:04:38.0490 9736 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:04:38.0492 9736 AsyncMac - ok
22:04:38.0616 9736 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
22:04:38.0619 9736 atapi - ok
22:04:39.0168 9736 atikmdag (52bd95caa9cae8977fe043e9ad6d2d0e) C:\Windows\system32\DRIVERS\atikmdag.sys
22:04:39.0324 9736 atikmdag - ok
22:04:39.0458 9736 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:04:39.0467 9736 b06bdrv - ok
22:04:39.0527 9736 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:04:39.0534 9736 b57nd60a - ok
22:04:39.0573 9736 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:04:39.0574 9736 Beep - ok
22:04:39.0698 9736 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:04:39.0700 9736 blbdrive - ok
22:04:39.0840 9736 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
22:04:39.0843 9736 bowser - ok
22:04:39.0914 9736 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:04:39.0915 9736 BrFiltLo - ok
22:04:39.0948 9736 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:04:39.0950 9736 BrFiltUp - ok
22:04:39.0997 9736 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:04:40.0004 9736 Brserid - ok
22:04:40.0042 9736 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:04:40.0044 9736 BrSerWdm - ok
22:04:40.0106 9736 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:04:40.0107 9736 BrUsbMdm - ok
22:04:40.0146 9736 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:04:40.0148 9736 BrUsbSer - ok
22:04:40.0288 9736 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
22:04:40.0291 9736 BthEnum - ok
22:04:40.0355 9736 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:04:40.0358 9736 BTHMODEM - ok
22:04:40.0405 9736 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
22:04:40.0408 9736 BthPan - ok
22:04:40.0530 9736 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
22:04:40.0542 9736 BTHPORT - ok
22:04:40.0599 9736 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
22:04:40.0602 9736 BTHUSB - ok
22:04:40.0778 9736 btwaudio (6bcfdc2b5b7f66d484486d4bd4b39a6b) C:\Windows\system32\drivers\btwaudio.sys
22:04:40.0806 9736 btwaudio - ok
22:04:40.0952 9736 btwavdt (82dc8b7c626e526681c1bebed2bc3ff9) C:\Windows\system32\drivers\btwavdt.sys
22:04:40.0957 9736 btwavdt - ok
22:04:41.0128 9736 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
22:04:41.0130 9736 btwl2cap - ok
22:04:41.0198 9736 btwrchid (28e105ad3b79f440bf94780f507bf66a) C:\Windows\system32\DRIVERS\btwrchid.sys
22:04:41.0200 9736 btwrchid - ok
22:04:41.0238 9736 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:04:41.0247 9736 cdfs - ok
22:04:41.0772 9736 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
22:04:41.0777 9736 cdrom - ok
22:04:41.0905 9736 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:04:41.0908 9736 circlass - ok
22:04:41.0954 9736 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:04:41.0963 9736 CLFS - ok
22:04:42.0056 9736 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:04:42.0059 9736 CmBatt - ok
22:04:42.0101 9736 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
22:04:42.0102 9736 cmdide - ok
22:04:42.0161 9736 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
22:04:42.0170 9736 CNG - ok
22:04:42.0282 9736 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:04:42.0284 9736 Compbatt - ok
22:04:42.0400 9736 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
22:04:42.0403 9736 CompositeBus - ok
22:04:42.0451 9736 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:04:42.0453 9736 crcdisk - ok
22:04:42.0605 9736 dc3d (db0459afd124ce5ccb649e33f95d715f) C:\Windows\system32\DRIVERS\dc3d.sys
22:04:42.0607 9736 dc3d - ok
22:04:42.0697 9736 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
22:04:42.0701 9736 DfsC - ok
22:04:42.0743 9736 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:04:42.0746 9736 discache - ok
22:04:42.0813 9736 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:04:42.0816 9736 Disk - ok
22:04:42.0928 9736 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:04:42.0930 9736 drmkaud - ok
22:04:42.0958 9736 dump_wmimmc - ok
22:04:43.0044 9736 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
22:04:43.0078 9736 DXGKrnl - ok
22:04:43.0225 9736 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:04:43.0319 9736 ebdrv - ok
22:04:43.0459 9736 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:04:43.0469 9736 elxstor - ok
22:04:43.0535 9736 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
22:04:43.0537 9736 ErrDev - ok
22:04:43.0703 9736 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:04:43.0709 9736 exfat - ok
22:04:43.0732 9736 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:04:43.0739 9736 fastfat - ok
22:04:43.0795 9736 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:04:43.0798 9736 fdc - ok
22:04:43.0854 9736 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:04:43.0858 9736 FileInfo - ok
22:04:43.0922 9736 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:04:43.0924 9736 Filetrace - ok
22:04:44.0000 9736 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:04:44.0002 9736 flpydisk - ok
22:04:44.0076 9736 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
22:04:44.0084 9736 FltMgr - ok
22:04:44.0151 9736 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:04:44.0155 9736 FsDepends - ok
22:04:44.0207 9736 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
22:04:44.0210 9736 Fs_Rec - ok
22:04:44.0273 9736 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:04:44.0279 9736 fvevol - ok
22:04:44.0362 9736 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:04:44.0369 9736 gagp30kx - ok
22:04:44.0526 9736 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:04:44.0530 9736 GEARAspiWDM - ok
22:04:44.0722 9736 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:04:44.0724 9736 hcw85cir - ok
22:04:44.0838 9736 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
22:04:44.0847 9736 HdAudAddService - ok
22:04:44.0949 9736 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
22:04:44.0956 9736 HDAudBus - ok
22:04:45.0000 9736 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:04:45.0003 9736 HidBatt - ok
22:04:45.0045 9736 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:04:45.0049 9736 HidBth - ok
22:04:45.0112 9736 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:04:45.0121 9736 HidIr - ok
22:04:45.0320 9736 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
22:04:45.0324 9736 HidUsb - ok
22:04:45.0699 9736 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
22:04:45.0702 9736 HpSAMD - ok
22:04:45.0955 9736 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
22:04:46.0011 9736 HTTP - ok
22:04:46.0122 9736 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
22:04:46.0124 9736 hwpolicy - ok
22:04:46.0186 9736 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
22:04:46.0188 9736 i8042prt - ok
22:04:46.0241 9736 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
22:04:46.0243 9736 iaStor - ok
22:04:46.0305 9736 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
22:04:46.0313 9736 iaStorV - ok
22:04:46.0360 9736 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:04:46.0363 9736 iirsp - ok
22:04:46.0520 9736 IntcAzAudAddService (b16fc828ce7a76a8f1ce682e6ead2627) C:\Windows\system32\drivers\RTKVHD64.sys
22:04:46.0598 9736 IntcAzAudAddService - ok
22:04:46.0703 9736 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
22:04:46.0705 9736 intelide - ok
22:04:46.0763 9736 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:04:46.0765 9736 intelppm - ok
22:04:46.0840 9736 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:04:46.0843 9736 IpFilterDriver - ok
22:04:46.0907 9736 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
22:04:46.0909 9736 IPMIDRV - ok
22:04:46.0960 9736 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:04:46.0963 9736 IPNAT - ok
22:04:47.0000 9736 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:04:47.0002 9736 IRENUM - ok
22:04:47.0049 9736 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
22:04:47.0052 9736 isapnp - ok
22:04:47.0129 9736 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
22:04:47.0137 9736 iScsiPrt - ok
22:04:47.0335 9736 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
22:04:47.0337 9736 kbdclass - ok
22:04:47.0427 9736 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
22:04:47.0430 9736 kbdhid - ok
22:04:47.0523 9736 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
22:04:47.0526 9736 KSecDD - ok
22:04:47.0614 9736 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
22:04:47.0618 9736 KSecPkg - ok
22:04:47.0706 9736 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:04:47.0710 9736 ksthunk - ok
22:04:47.0865 9736 Lbd (3c46290f7a5d45ba6ef32c248e22aa69) C:\Windows\system32\DRIVERS\Lbd.sys
22:04:47.0869 9736 Lbd - ok
22:04:47.0957 9736 LHidFilt (aa3d903c5a7538803f2400a8391f1881) C:\Windows\system32\DRIVERS\LHidFilt.Sys
22:04:47.0959 9736 LHidFilt - ok
22:04:48.0005 9736 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:04:48.0008 9736 lltdio - ok
22:04:48.0124 9736 LMouFilt (90b4b2b0b5f05abb9fb365405a7b825b) C:\Windows\system32\DRIVERS\LMouFilt.Sys
22:04:48.0127 9736 LMouFilt - ok
22:04:48.0194 9736 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:04:48.0197 9736 LSI_FC - ok
22:04:48.0221 9736 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:04:48.0225 9736 LSI_SAS - ok
22:04:48.0257 9736 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:04:48.0259 9736 LSI_SAS2 - ok
22:04:48.0295 9736 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:04:48.0299 9736 LSI_SCSI - ok
22:04:48.0341 9736 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:04:48.0344 9736 luafv - ok
22:04:48.0407 9736 LUsbFilt (4eb7886f6223f68ca855730a96d6110c) C:\Windows\system32\Drivers\LUsbFilt.Sys
22:04:48.0410 9736 LUsbFilt - ok
22:04:48.0478 9736 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:04:48.0480 9736 megasas - ok
22:04:48.0512 9736 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:04:48.0518 9736 MegaSR - ok
22:04:48.0637 9736 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:04:48.0639 9736 Modem - ok
22:04:48.0676 9736 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:04:48.0678 9736 monitor - ok
22:04:48.0762 9736 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
22:04:48.0765 9736 mouclass - ok
22:04:48.0853 9736 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:04:48.0855 9736 mouhid - ok
22:04:48.0918 9736 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
22:04:48.0921 9736 mountmgr - ok
22:04:48.0982 9736 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
22:04:48.0986 9736 mpio - ok
22:04:49.0023 9736 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:04:49.0025 9736 mpsdrv - ok
22:04:49.0086 9736 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
22:04:49.0090 9736 MRxDAV - ok
22:04:49.0146 9736 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:04:49.0150 9736 mrxsmb - ok
22:04:49.0206 9736 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:04:49.0213 9736 mrxsmb10 - ok
22:04:49.0284 9736 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:04:49.0287 9736 mrxsmb20 - ok
22:04:49.0481 9736 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
22:04:49.0484 9736 msahci - ok
22:04:49.0637 9736 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
22:04:49.0642 9736 msdsm - ok
22:04:49.0825 9736 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:04:49.0832 9736 Msfs - ok
22:04:49.0929 9736 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:04:49.0934 9736 mshidkmdf - ok
22:04:50.0090 9736 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
22:04:50.0092 9736 msisadrv - ok
22:04:50.0180 9736 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:04:50.0181 9736 MSKSSRV - ok
22:04:50.0215 9736 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:04:50.0217 9736 MSPCLOCK - ok
22:04:50.0252 9736 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:04:50.0254 9736 MSPQM - ok
22:04:50.0319 9736 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
22:04:50.0327 9736 MsRPC - ok
22:04:50.0377 9736 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
22:04:50.0379 9736 mssmbios - ok
22:04:50.0422 9736 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:04:50.0424 9736 MSTEE - ok
22:04:50.0445 9736 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:04:50.0453 9736 MTConfig - ok
22:04:50.0518 9736 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:04:50.0521 9736 Mup - ok
22:04:50.0712 9736 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:04:50.0719 9736 NativeWifiP - ok
22:04:50.0821 9736 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
22:04:50.0849 9736 NDIS - ok
22:04:50.0943 9736 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:04:50.0945 9736 NdisCap - ok
22:04:51.0054 9736 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:04:51.0056 9736 NdisTapi - ok
22:04:51.0118 9736 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
22:04:51.0121 9736 Ndisuio - ok
22:04:51.0168 9736 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
22:04:51.0173 9736 NdisWan - ok
22:04:51.0217 9736 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
22:04:51.0219 9736 NDProxy - ok
22:04:51.0257 9736 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:04:51.0259 9736 NetBIOS - ok
22:04:51.0320 9736 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
22:04:51.0327 9736 NetBT - ok
22:04:51.0540 9736 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys
22:04:51.0691 9736 NETw5s64 - ok
22:04:51.0874 9736 netw5v64 (705283c02177809ca9fa7cc58a4f1e77) C:\Windows\system32\DRIVERS\netw5v64.sys
22:04:51.0999 9736 netw5v64 - ok
22:04:52.0045 9736 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:04:52.0048 9736 nfrd960 - ok
22:04:52.0086 9736 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:04:52.0089 9736 Npfs - ok
22:04:52.0112 9736 NPPTNT2 - ok
22:04:52.0184 9736 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:04:52.0188 9736 nsiproxy - ok
22:04:52.0305 9736 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
22:04:52.0356 9736 Ntfs - ok
22:04:52.0408 9736 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:04:52.0410 9736 Null - ok
22:04:52.0475 9736 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
22:04:52.0480 9736 nvraid - ok
22:04:52.0527 9736 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
22:04:52.0532 9736 nvstor - ok
22:04:52.0601 9736 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
22:04:52.0604 9736 nv_agp - ok
22:04:52.0690 9736 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
22:04:52.0697 9736 ohci1394 - ok
22:04:52.0860 9736 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:04:52.0864 9736 Parport - ok
22:04:52.0920 9736 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
22:04:52.0922 9736 partmgr - ok
22:04:52.0998 9736 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
22:04:53.0004 9736 pci - ok
22:04:53.0062 9736 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
22:04:53.0064 9736 pciide - ok
22:04:53.0126 9736 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:04:53.0136 9736 pcmcia - ok
22:04:53.0322 9736 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:04:53.0324 9736 pcw - ok
22:04:53.0422 9736 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:04:53.0435 9736 PEAUTH - ok
22:04:53.0590 9736 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
22:04:53.0594 9736 PptpMiniport - ok
22:04:53.0691 9736 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:04:53.0694 9736 Processor - ok
22:04:53.0777 9736 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
22:04:53.0782 9736 Psched - ok
22:04:53.0837 9736 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
22:04:53.0839 9736 PxHlpa64 - ok
22:04:53.0893 9736 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:04:53.0927 9736 ql2300 - ok
22:04:53.0978 9736 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:04:53.0982 9736 ql40xx - ok
22:04:54.0026 9736 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:04:54.0029 9736 QWAVEdrv - ok
22:04:54.0055 9736 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:04:54.0057 9736 RasAcd - ok
22:04:54.0093 9736 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:04:54.0096 9736 RasAgileVpn - ok
22:04:54.0178 9736 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:04:54.0184 9736 Rasl2tp - ok
22:04:54.0224 9736 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:04:54.0227 9736 RasPppoe - ok
22:04:54.0264 9736 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:04:54.0267 9736 RasSstp - ok
22:04:54.0320 9736 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
22:04:54.0326 9736 rdbss - ok
22:04:54.0359 9736 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:04:54.0361 9736 rdpbus - ok
22:04:54.0393 9736 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:04:54.0395 9736 RDPCDD - ok
22:04:54.0439 9736 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:04:54.0441 9736 RDPENCDD - ok
22:04:54.0460 9736 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:04:54.0462 9736 RDPREFMP - ok
22:04:54.0515 9736 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
22:04:54.0520 9736 RDPWD - ok
22:04:54.0575 9736 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
22:04:54.0580 9736 rdyboost - ok
22:04:54.0710 9736 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
22:04:54.0714 9736 RFCOMM - ok
22:04:54.0763 9736 rimsptsk (258aadb43e3f3468b5cf8cb0f84872c2) C:\Windows\system32\DRIVERS\rimssn64.sys
22:04:54.0764 9736 rimsptsk - ok
22:04:54.0824 9736 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
22:04:54.0826 9736 RimUsb - ok
22:04:54.0874 9736 risdptsk (71e182a0de1cecb3f912960716345405) C:\Windows\system32\DRIVERS\risdsn64.sys
22:04:54.0874 9736 risdptsk - ok
22:04:54.0935 9736 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:04:54.0939 9736 rspndr - ok
22:04:54.0996 9736 RTHDMIAzAudService (34f05c417f038ffa3bef69b798d7d7dd) C:\Windows\system32\drivers\RtHDMIVX.sys
22:04:55.0001 9736 RTHDMIAzAudService - ok
22:04:55.0090 9736 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
22:04:55.0094 9736 sbp2port - ok
22:04:55.0138 9736 SBRE (fd833bee2fd9befdc0afd1941a306d9e) C:\Windows\system32\drivers\SBREdrv.sys
22:04:55.0140 9736 SBRE - ok
22:04:55.0218 9736 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
22:04:55.0221 9736 scfilter - ok
22:04:55.0288 9736 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
22:04:55.0291 9736 sdbus - ok
22:04:55.0332 9736 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:04:55.0334 9736 secdrv - ok
22:04:55.0392 9736 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:04:55.0394 9736 Serenum - ok
22:04:55.0444 9736 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:04:55.0446 9736 Serial - ok
22:04:55.0495 9736 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:04:55.0497 9736 sermouse - ok
22:04:55.0610 9736 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys
22:04:55.0613 9736 SFEP - ok
22:04:55.0661 9736 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:04:55.0662 9736 sffdisk - ok
22:04:55.0714 9736 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:04:55.0716 9736 sffp_mmc - ok
22:04:55.0737 9736 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
22:04:55.0739 9736 sffp_sd - ok
22:04:55.0770 9736 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:04:55.0772 9736 sfloppy - ok
22:04:55.0817 9736 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:04:55.0819 9736 SiSRaid2 - ok
22:04:55.0855 9736 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:04:55.0858 9736 SiSRaid4 - ok
22:04:55.0899 9736 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:04:55.0902 9736 Smb - ok
22:04:56.0020 9736 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:04:56.0023 9736 spldr - ok
22:04:56.0152 9736 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
22:04:56.0152 9736 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
22:04:56.0154 9736 sptd ( LockedFile.Multi.Generic ) - warning
22:04:56.0154 9736 sptd - detected LockedFile.Multi.Generic (1)
22:04:56.0223 9736 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
22:04:56.0233 9736 srv - ok
22:04:56.0293 9736 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
22:04:56.0301 9736 srv2 - ok
22:04:56.0328 9736 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
22:04:56.0332 9736 srvnet - ok
22:04:56.0372 9736 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:04:56.0374 9736 stexstor - ok
22:04:56.0432 9736 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
22:04:56.0435 9736 swenum - ok
22:04:56.0532 9736 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
22:04:56.0596 9736 Tcpip - ok
22:04:56.0726 9736 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
22:04:56.0738 9736 TCPIP6 - ok
22:04:56.0803 9736 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
22:04:56.0805 9736 tcpipreg - ok
22:04:56.0846 9736 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:04:56.0849 9736 TDPIPE - ok
22:04:56.0865 9736 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
22:04:56.0867 9736 TDTCP - ok
22:04:56.0918 9736 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
22:04:56.0922 9736 tdx - ok
22:04:56.0984 9736 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
22:04:56.0986 9736 TermDD - ok
22:04:57.0133 9736 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:04:57.0135 9736 tssecsrv - ok
22:04:57.0207 9736 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
22:04:57.0209 9736 TsUsbFlt - ok
22:04:57.0273 9736 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
22:04:57.0276 9736 tunnel - ok
22:04:57.0327 9736 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:04:57.0329 9736 uagp35 - ok
22:04:57.0389 9736 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
22:04:57.0396 9736 udfs - ok
22:04:57.0564 9736 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
22:04:57.0571 9736 uliagpkx - ok
22:04:57.0689 9736 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
22:04:57.0691 9736 umbus - ok
22:04:57.0732 9736 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:04:57.0734 9736 UmPass - ok
22:04:57.0824 9736 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
22:04:57.0827 9736 USBAAPL64 - ok
22:04:57.0911 9736 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
22:04:57.0918 9736 usbccgp - ok
22:04:58.0080 9736 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
22:04:58.0084 9736 usbcir - ok
22:04:58.0133 9736 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
22:04:58.0137 9736 usbehci - ok
22:04:58.0226 9736 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
22:04:58.0237 9736 usbhub - ok
22:04:58.0281 9736 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
22:04:58.0283 9736 usbohci - ok
22:04:58.0317 9736 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:04:58.0319 9736 usbprint - ok
22:04:58.0378 9736 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
22:04:58.0380 9736 usbscan - ok
22:04:58.0430 9736 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
22:04:58.0434 9736 USBSTOR - ok
22:04:58.0472 9736 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
22:04:58.0474 9736 usbuhci - ok
22:04:58.0544 9736 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
22:04:58.0549 9736 usbvideo - ok
22:04:58.0693 9736 uxpatch (297ee9c666fc8bb96a232db0ddba1e49) C:\Windows\system32\drivers\uxpatch.sys
22:04:58.0695 9736 uxpatch - ok
22:04:58.0877 9736 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
22:04:58.0879 9736 vdrvroot - ok
22:04:58.0925 9736 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:04:58.0927 9736 vga - ok
22:04:58.0951 9736 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:04:58.0953 9736 VgaSave - ok
22:04:59.0000 9736 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
22:04:59.0006 9736 vhdmp - ok
22:04:59.0061 9736 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
22:04:59.0063 9736 viaide - ok
22:04:59.0111 9736 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
22:04:59.0113 9736 volmgr - ok
22:04:59.0178 9736 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
22:04:59.0186 9736 volmgrx - ok
22:04:59.0242 9736 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
22:04:59.0248 9736 volsnap - ok
22:04:59.0286 9736 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:04:59.0291 9736 vsmraid - ok
22:04:59.0329 9736 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:04:59.0331 9736 vwifibus - ok
22:04:59.0371 9736 VWiFiFlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:04:59.0375 9736 VWiFiFlt - ok
22:04:59.0513 9736 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
22:04:59.0516 9736 vwifimp - ok
22:04:59.0617 9736 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:04:59.0619 9736 WacomPen - ok
22:04:59.0706 9736 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:04:59.0709 9736 WANARP - ok
22:04:59.0719 9736 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
22:04:59.0720 9736 Wanarpv6 - ok
22:04:59.0853 9736 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:04:59.0854 9736 Wd - ok
22:04:59.0904 9736 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:04:59.0925 9736 Wdf01000 - ok
22:05:00.0050 9736 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:05:00.0052 9736 WfpLwf - ok
22:05:00.0080 9736 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:05:00.0082 9736 WIMMount - ok
22:05:00.0287 9736 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
22:05:00.0289 9736 WinUsb - ok
22:05:00.0382 9736 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
22:05:00.0384 9736 WmiAcpi - ok
22:05:00.0464 9736 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:05:00.0466 9736 ws2ifsl - ok
22:05:00.0531 9736 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
22:05:00.0534 9736 WudfPf - ok
22:05:00.0568 9736 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:05:00.0572 9736 WUDFRd - ok
22:05:00.0625 9736 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
22:05:00.0633 9736 yukonw7 - ok
22:05:00.0682 9736 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:05:00.0695 9736 \Device\Harddisk0\DR0 - ok
22:05:00.0706 9736 Boot (0x1200) (f1c5d818a57bd112470f516550974c23) \Device\Harddisk0\DR0\Partition0
22:05:00.0708 9736 \Device\Harddisk0\DR0\Partition0 - ok
22:05:00.0724 9736 Boot (0x1200) (6b530725e692a2ff7735750f6343007d) \Device\Harddisk0\DR0\Partition1
22:05:00.0726 9736 \Device\Harddisk0\DR0\Partition1 - ok
22:05:00.0726 9736 ============================================================
22:05:00.0726 9736 Scan finished
22:05:00.0726 9736 ============================================================
22:05:00.0743 9840 Detected object count: 1
22:05:00.0743 9840 Actual detected object count: 1
22:05:09.0336 9840 C:\Windows\system32\Drivers\sptd.sys - copied to quarantine
22:05:09.0337 9840 sptd ( LockedFile.Multi.Generic ) - User select action: Quarantine
I only use ad-ware protection and malware antivirus.. I have not been using an antivirus for a year because slowed down my computer but I just purchase synemantic antivirus so I will be installing that once I fix this issue. | |
| reply to cxsteve
help please! Is anything wrong with my computer? | |
LoPhatPhuudPremium,VIP,MVM
join:2002-01-06
Albuquerque, NM
kudos:23 Reviews:
·Comcast
| reply to cxsteve
The TDSS log removed one infected system file. With no anitvirus at the time of infection and running a torrent (p2p) program via the Conduit toolbar I can only assume that your OS has been compromised.
My only recommendation is to reformat and re-install. Make sure you back up all necessary data first.
See here for reference:
»Security Cleanup FAQ »Noteworthy Comments About Compromised Computers
Note: On reinstall, I would recommend not installing the Conduit programs to avoid utorrent.
--
When angry count four; when very angry, swear.
Microsoft MVP/Consumer Security 2005-2011
Gladiator Security Forum | |
|
