Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

corrupt Acrobat file? (appears to be malware)

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

corrupt Acrobat file? (appears to be malware)

Unread postby pfosinger » September 7th, 2012, 7:02 pm

If I attempt to launch a pdf, I get a message from the system tray: "DDE Server Window: AcroRd32.exe - Corrupt File The file or directory C:\Users\A\AppData\Local\Adobe\Acrobat\10.0 is corrupt and unreadable. Please run the Chkdsk utility."

Have uninstalled and re-installed Acrobat Reader twice, continue to get same error. However, the indicated file does not appear to exist at all, at least not in the folder indicated by the folder.

Here are the dds files


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by A at 18:52:22 on 2012-09-07
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3960.1570 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\TAMSvr.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
C:\Windows\system32\TODDSrv.exe
C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files (x86)\TrueSuite Access Manager\usbnotify.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Handbrake\Handbrake.exe
C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\A\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\A\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://isearch.whitesmoke.com/?q={searchTerms}&babsrc=home&s=web&as=0&isid=9858
uStart Page = hxxp://isearch.whitesmoke.com/?isid=9858
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uSearch Bar = hxxp://isearch.whitesmoke.com/?q={searchTerms}&babsrc=home&s=web&as=0&isid=9858
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://isearch.whitesmoke.com/?q={searchTerms}&babsrc=home&s=web&as=0&isid=9858
mWinlogon: Userinit=userinit.exe
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{ae07101b-46d4-4a98-af68-0333ea26e113}
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
uRun: [TOSCDSPD] TOSCDSPD.EXE
uRun: [Google Update] "C:\Users\A\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Spotify] "C:\Users\A\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
mRun: [NDSTray.exe] NDSTray.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe"
mRun: [FingerPrintNotifer] C:\Program Files (x86)\TrueSuite Access Manager\FpNotifier.exe
mRun: [UsbMonitor] C:\Program Files (x86)\TrueSuite Access Manager\usbnotify.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f
dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
IE: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: DhcpNameServer = 192.168.100.1
TCP: Interfaces\{84B50C36-E227-40D9-94E2-90DF11528080} : DhcpNameServer = 192.168.100.1
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO-X64: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: FDMIECookiesBHO Class: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{ae07101b-46d4-4a98-af68-0333ea26e113}
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
mRun-x64: [NDSTray.exe] NDSTray.exe
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe"
mRun-x64: [FingerPrintNotifer] C:\Program Files (x86)\TrueSuite Access Manager\FpNotifier.exe
mRun-x64: [UsbMonitor] C:\Program Files (x86)\TrueSuite Access Manager\usbnotify.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
mRun-x64: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun-x64: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
============= SERVICES / DRIVERS ===============
.
R0 AlfaFF;AlfaFF;C:\Windows\System32\drivers\AlfaFF.sys [2008-3-14 42608]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\system32\DRIVERS\tos_sps64.sys --> C:\Windows\system32\DRIVERS\tos_sps64.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 Authentec memory manager;Authentec memory manager service;system32\TAMSvr.exe --> system32\TAMSvr.exe [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-20 44808]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2008-4-17 40960]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 OpenLibSys;OpenLibSys;C:\Program Files (x86)\NXP\FM Radio\OpenLibSysX64.sys [2011-10-10 14544]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-2-9 31408]
R3 NETw5v64;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 64 Bit ;C:\Windows\system32\DRIVERS\NETw5v64.sys --> C:\Windows\system32\DRIVERS\NETw5v64.sys [?]
R3 O2MDRDR;O2MDRDR;C:\Windows\system32\DRIVERS\o2mdx64.sys --> C:\Windows\system32\DRIVERS\o2mdx64.sys [?]
R3 O2SDRDR;O2SDRDR;C:\Windows\system32\DRIVERS\o2sdx64.sys --> C:\Windows\system32\DRIVERS\o2sdx64.sys [?]
R3 QIOMem;Generic IO & Memory Access;C:\Windows\system32\DRIVERS\QIOMem.sys --> C:\Windows\system32\DRIVERS\QIOMem.sys [?]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-4-24 84992]
R3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?]
S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2008-4-4 36864]
S2 rpcnetp;rpcnetp;C:\Windows\System32\rpcnetp.exe [2012-9-6 17408]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2011-10-10 89920]
S4 KR10I64;KR10I64;C:\Windows\system32\drivers\kr10i64.sys --> C:\Windows\system32\drivers\kr10i64.sys [?]
S4 KR10N64;KR10N64;C:\Windows\system32\drivers\kr10n64.sys --> C:\Windows\system32\drivers\kr10n64.sys [?]
.
=============== File Associations ===============
.
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-09-07 05:49:00 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F480DF69-CE2F-4197-B1F4-513F0E5E8C6B}\offreg.dll
2012-09-07 05:44:34 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F480DF69-CE2F-4197-B1F4-513F0E5E8C6B}\mpengine.dll
2012-09-07 01:07:00 17408 ----a-w- C:\Windows\SysWow64\rpcnetp.dll
2012-09-07 01:05:17 17408 ----a-w- C:\Windows\SysWow64\rpcnetp.exe
2012-09-04 22:29:45 -------- d-----w- C:\Users\A\AppData\Local\Amazon
2012-08-16 07:06:59 748664 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2012-08-16 07:05:10 2769408 ----a-w- C:\Windows\System32\win32k.sys
2012-08-15 12:49:24 788480 ----a-w- C:\Windows\System32\localspl.dll
2012-08-15 12:49:23 623616 ----a-w- C:\Windows\SysWow64\localspl.dll
2012-08-13 02:52:28 -------- d-----w- C:\ProgramData\GFI Software
.
==================== Find3M ====================
.
2012-09-07 01:05:17 17408 ----a-w- C:\Windows\System32\rpcnetp.exe
2012-08-13 02:57:33 44544 ----a-w- C:\Windows\SysWow64\agremove.exe
2012-07-11 11:34:00 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 11:34:00 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-09 22:21:56 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-07-09 22:21:56 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-07-05 21:05:39 106496 ----a-w- C:\Windows\SysWow64\ATL71.DLL
2012-07-03 16:21:52 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-07-03 16:21:52 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-07-03 16:21:32 41224 ----a-w- C:\Windows\avastSS.scr
2012-06-28 03:28:35 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-06-28 03:21:17 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-06-28 03:20:41 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-06-28 03:16:25 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-06-28 03:12:35 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-06-28 00:27:12 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-06-28 00:19:52 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-06-28 00:18:16 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-06-28 00:12:08 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-06-28 00:07:44 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 18:53:08.05 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 10/10/2011 2:48:33 PM
System Uptime: 9/7/2012 2:39:46 AM (16 hours ago)
.
Motherboard: TOSHIBA | | Satellite U405
Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz | U2E1 | 2266/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 297 GiB total, 155.666 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP382: 8/11/2012 2:21:00 PM - Scheduled Checkpoint
RP383: 8/12/2012 10:07:11 AM - Scheduled Checkpoint
RP384: 8/12/2012 11:17:27 PM - Windows Update
RP385: 8/14/2012 12:00:03 AM - Scheduled Checkpoint
RP386: 8/15/2012 8:17:59 AM - Scheduled Checkpoint
RP387: 8/16/2012 3:00:31 AM - Windows Update
RP388: 8/16/2012 3:00:43 AM - Scheduled Checkpoint
RP389: 8/16/2012 3:03:33 AM - Windows Modules Installer
RP390: 8/17/2012 12:13:40 AM - Scheduled Checkpoint
RP391: 8/18/2012 6:59:26 AM - Scheduled Checkpoint
RP392: 8/19/2012 12:00:02 AM - Scheduled Checkpoint
RP393: 8/20/2012 - Scheduled Checkpoint
RP394: 8/21/2012 7:33:11 AM - Scheduled Checkpoint
RP395: 8/21/2012 8:06:34 PM - Windows Update
RP396: 8/22/2012 5:19:12 PM - Scheduled Checkpoint
RP397: 8/28/2012 8:40:10 AM - Scheduled Checkpoint
RP398: 8/28/2012 8:42:40 AM - Windows Update
RP399: 8/29/2012 8:36:58 PM - Scheduled Checkpoint
RP400: 8/30/2012 6:38:46 PM - Scheduled Checkpoint
RP401: 8/31/2012 3:35:36 PM - Windows Update
RP402: 9/1/2012 11:24:48 AM - Scheduled Checkpoint
RP403: 9/2/2012 10:59:21 AM - Scheduled Checkpoint
RP404: 9/3/2012 6:01:43 PM - Scheduled Checkpoint
RP405: 9/4/2012 8:00:08 AM - Windows Update
RP406: 9/5/2012 7:56:27 AM - Scheduled Checkpoint
RP407: 9/6/2012 12:00:03 AM - Scheduled Checkpoint
RP408: 9/6/2012 9:42:07 PM - Removed Adobe Reader X (10.1.4).
RP409: 9/6/2012 9:44:29 PM - Removed Adobe Acrobat X Pro - English, Français, Deutsch.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Creative Suite 5.5 Master Collection
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Adobe Story
Adobe Widget Browser
Amazon Kindle
Amazon MP3 Uploader
Apple Application Support
Apple Software Update
Applian FLV and Media Player 3.1.1.12
avast! Free Antivirus
BitTornado 0.3.17
BitTorrent
calibre
Camera Assistant Software for Toshiba
CD/DVD Drive Acoustic Silencer
Compatibility Pack for the 2007 Office system
CyberLink PowerCinema for TOSHIBA
Debut Video Capture Software
Drummix - Beta Edition
Drummix - Beta Edition Content
DVD MovieFactory for TOSHIBA
Express Zip File Compression Software
FM Tuner Utility
Free Download Manager 3.0
GearDrvs
Google Chrome
Google Gmail Notifier
Google Talk Plugin
HandBrake 0.9.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java(TM) 6 Update 6
Memeo AutoBackup
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Microsoft XML Parser
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MP4 player
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nikon Message Center 2
Nikon Movie Editor
PDF Settings CS5
Pixillion Image Converter
Prism Video File Converter
PxMergeModule
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Windows Media Encoder (KB2447961)
Toshiba Assist
TOSHIBA ConfigFree
TOSHIBA DVD PLAYER
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA PowerCinema Helper
Toshiba Registration
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TrueSuite Access Manager
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Media Encoder 9 Series
Wondershare Video Converter Ultimate(Build 5.7.1.1)
.
==== Event Viewer Messages From Past Week ========
.
9/7/2012 6:52:56 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume SQ004741V05.
9/7/2012 12:08:42 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
9/7/2012 12:08:42 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/7/2012 11:29:51 AM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
9/6/2012 9:43:01 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
9/6/2012 9:07:48 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE
9/6/2012 9:07:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the rpcnetp service to connect.
9/6/2012 9:07:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the ConfigFree Gadget Service service to connect.
9/6/2012 9:07:48 PM, Error: Service Control Manager [7000] - The rpcnetp service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/6/2012 9:07:48 PM, Error: Service Control Manager [7000] - The ConfigFree Gadget Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/4/2012 6:08:24 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer BRIASINGER-HP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{84B50C36-E227-40D9-94E2-90DF11528080}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================
pfosinger
Active Member
 
Posts: 4
Joined: September 7th, 2012, 11:23 am
Advertisement
Register to Remove

Re: corrupt Acrobat file? (appears to be malware)

Unread postby pgmigg » September 9th, 2012, 7:36 pm

Hello pfosinger,

Welcome to the forum! :)

My name is pgmigg and I'll be helping you with any malware problems.

Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process until we are done as well as
    DO NOT Remove, or Scan with anything on your system unless I ask. This adds more items to be researched.
    Extra Additions and Removals of files make the analysis more difficult.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  8. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions. In the meantime...

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf you have any questions or problems executing these instructions, <<STOP>> do not proceed, post back with the question or problem.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start


Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: corrupt Acrobat file? (appears to be malware)

Unread postby pgmigg » September 10th, 2012, 12:16 am

Hello pfosinger,

P2P Advisory!
IMPORTANT: There are signs of couple P2P (Peer to Peer) File Sharing Programs installed on your computer.
BitTornado
BitTorrent


As long as you have the P2P program(s) installed, per Forum Policy, I can offer you no further assistance.
If you choose NOT to remove the program(s), please indicate that in your next reply and this topic will be closed.

Otherwise, please perform the following steps:

Step 1.
Remove Program(s)
  1. Click on Start, then click the Start Search box on the Start Menu.
  2. Copy and paste the value below without the word Code: into the open text entry box:
    Code: Select all
     appwiz.cpl 
    and press Enter - the Unistall or change a program list will be opened.
  3. Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:
    BitTornado
    BitTorrent
  4. Take extra care in answering questions posed by any Uninstaller.
  5. When the program(s) have been uninstalled, please close Control Panel.
  6. Reboot you computer.

By using any form of P2P networking to download files you can anticipate infestations of malware to occur. The P2P program
itself, may be safe but the files may not - use P2P at your own risk!
Keep in mind that this practice may be the source of your current malware infestation.
Reference... siting risk factors, using P2P programs: How to Prevent the Online Invasion of Spyware and Adware

Step 2.
Run CKScanner
  1. Please download CKScanner from Here
  2. Important: - Save it to your Desktop.
  3. Right-click CKScanner.exe and select Run as administrator..., then click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Step 3.
TDSSKiller - Rootkit Removal Tool - Scan only
Please download the TDSSKiller.exe by Kaspersky and save it to your Desktop. <-Important!!!
  1. Right click on TDSSKiller.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
    If TDSSKiller does not run, please rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. zarodinu.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Please select Skip instead of Cure (default).
  5. Then click Continue, then Close and then Close again.
  6. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory (usually Local Disk C:).
  7. Copy and paste the contents of that file in your next reply.

Step 4.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Standard Output is selected.
  3. Check the boxes labeled:
    • Include 64 bit scans
    • Scan All Users
    • LOP check
    • Purity check
    • Extra Registry > Use SafeList
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Please include in your next reply:
  1. Your decision about P2P program.
  2. Do you have any problems executing the instructions?
  3. Contents of a log created by CKFiles.txt
  4. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  5. Contents of a OTL.txt log file
  6. Contents of a Extras.txt log file
  7. Do you see any changes in computer behavior?

Please do not hesitate to divide the post into multiple if it is too long...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: corrupt Acrobat file? (appears to be malware)

Unread postby pfosinger » September 11th, 2012, 7:58 am

Uninstalled p2p as directed. Ran programs as directed. Results below.

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\adobe\adobe premiere pro cs5.5\plug-ins\en_us\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs5.5\plug-ins\en_us\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs5.5\plug-ins\en_us\vstplugins\decrackler6.dll
c:\program files (x86)\adobe\adobe dreamweaver cs5.5\configuration\taglibraries\html\keygen.vtm
c:\program files (x86)\adobe\adobe flash catalyst cs5.5\plugins\com.adobe.thermo.core_1.5.0.308731\com\adobe\thermo\undo\thermoundosystem$undoabledocumentchangecracker.class
c:\program files (x86)\common files\adobe\adobe contribute cs5.1\app\configuration\browsers\mozilla run time libraries\dist\idl\nsikeygenthread.idl
c:\program files (x86)\common files\adobe\adobe contribute cs5.1\app\configuration\browsers\mozilla run time libraries\dist\include\nsikeygenthread.h
c:\users\a\desktop\zip_cracker.exe
c:\users\a\downloads\new york times best sellers fiction list july 29 plus ebook collection (221 books)\1-ny times best seller fiction\177-michael bennett series by james patterson & michael ledwidge\177-step on a crack - book 1.epub
c:\users\a\downloads\new york times best sellers fiction list july 29 plus ebook collection (221 books)\1-ny times best seller fiction\177-michael bennett series by james patterson & michael ledwidge\177-step on a crack - book 1.mobi
c:\users\a\downloads\new york times best sellers fiction list july 29 plus ebook collection (221 books)\1-ny times best seller fiction\177-michael bennett series by james patterson & michael ledwidge\177-step on a crack - book 1.opf
hosts 127.0.0.1 activate.adobe.com
hosts 127.0.0.1 activate-sea.adobe.com
hosts 127.0.0.1 practivate.adobe.com
hosts 127.0.0.1 activate.wip1.adobe.com
hosts 127.0.0.1 activate.wip2.adobe.com
hosts 127.0.0.1 activate.wip3.adobe.com
hosts 127.0.0.1 activate.wip4.adobe.com
hosts 127.0.0.1 hl2rcv.adobe.com
hosts 127.0.0.1 wip.adobe.com
hosts 127.0.0.1 wip2.adobe.com
hosts 127.0.0.1 wip3.adobe.com
hosts 127.0.0.1 wip4.adobe.com
hosts 127.0.0.1 www.wip.adobe.com
hosts 127.0.0.1 www.wip1.adobe.com
hosts 127.0.0.1 www.wip2.adobe.com
hosts 127.0.0.1 www.wip3.adobe.com
hosts 127.0.0.1 www.wip4.adobe.com
hosts 127.0.0.1 3dns.adobe.com
hosts 127.0.0.1 3dns-1.adobe.com
hosts 127.0.0.1 3dns-2.adobe.com
hosts 127.0.0.1 3dns-3.adobe.com
hosts 127.0.0.1 3dns-4.adobe.com
hosts 127.0.0.1 adobe-dns.adobe.com
hosts 127.0.0.1 adobe-dns-1.adobe.com
hosts 127.0.0.1 adobe-dns-2.adobe.com
hosts 127.0.0.1 adobe-dns-3.adobe.com
hosts 127.0.0.1 adobe-dns-4.adobe.com
hosts 127.0.0.1 ereg.adobe.com
hosts 127.0.0.1 ereg.wip.adobe.com
hosts 127.0.0.1 ereg.wip1.adobe.com
hosts 127.0.0.1 ereg.wip2.adobe.com
hosts 127.0.0.1 ereg.wip3.adobe.com
hosts 127.0.0.1 ereg.wip4.adobe.com
hosts 127.0.0.1 wwis-dubc1-vip60.adobe.com
hosts 127.0.0.1 activate-sjc0.adobe.com
scanner sequence 3.ZZ.11.HONABD
----- EOF -----


17:33:13.0067 0860 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:33:13.0612 0860 ============================================================
17:33:13.0612 0860 Current date / time: 2012/09/10 17:33:13.0612
17:33:13.0612 0860 SystemInfo:
17:33:13.0612 0860
17:33:13.0612 0860 OS Version: 6.0.6002 ServicePack: 2.0
17:33:13.0612 0860 Product type: Workstation
17:33:13.0613 0860 ComputerName: A-PC
17:33:13.0613 0860 UserName: A
17:33:13.0613 0860 Windows directory: C:\Windows
17:33:13.0613 0860 System windows directory: C:\Windows
17:33:13.0613 0860 Running under WOW64
17:33:13.0613 0860 Processor architecture: Intel x64
17:33:13.0613 0860 Number of processors: 2
17:33:13.0613 0860 Page size: 0x1000
17:33:13.0613 0860 Boot type: Normal boot
17:33:13.0613 0860 ============================================================
17:33:14.0139 0860 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:33:14.0149 0860 ============================================================
17:33:14.0149 0860 \Device\Harddisk0\DR0:
17:33:14.0149 0860 MBR partitions:
17:33:14.0149 0860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x25140000
17:33:14.0149 0860 ============================================================
17:33:14.0197 0860 C: <-> \Device\Harddisk0\DR0\Partition1
17:33:14.0197 0860 ============================================================
17:33:14.0198 0860 Initialize success
17:33:14.0198 0860 ============================================================
17:33:26.0723 4528 ============================================================
17:33:26.0724 4528 Scan started
17:33:26.0724 4528 Mode: Manual;
17:33:26.0724 4528 ============================================================
17:33:27.0184 4528 ================ Scan system memory ========================
17:33:27.0184 4528 System memory - ok
17:33:27.0185 4528 ================ Scan services =============================
17:33:27.0391 4528 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:33:27.0396 4528 ACPI - ok
17:33:27.0865 4528 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:33:27.0868 4528 AdobeARMservice - ok
17:33:27.0958 4528 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:33:27.0969 4528 adp94xx - ok
17:33:28.0028 4528 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:33:28.0036 4528 adpahci - ok
17:33:28.0065 4528 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:33:28.0069 4528 adpu160m - ok
17:33:28.0097 4528 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:33:28.0102 4528 adpu320 - ok
17:33:28.0216 4528 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:33:28.0218 4528 AeLookupSvc - ok
17:33:28.0338 4528 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
17:33:28.0347 4528 AFD - ok
17:33:28.0445 4528 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:33:28.0449 4528 agp440 - ok
17:33:28.0548 4528 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:33:28.0552 4528 aic78xx - ok
17:33:28.0625 4528 [ C940D4389C435019EBB2EA7AD515A1BD ] AlfaFF C:\Windows\system32\drivers\AlfaFF.sys
17:33:28.0629 4528 AlfaFF - ok
17:33:28.0694 4528 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
17:33:28.0698 4528 ALG - ok
17:33:28.0733 4528 [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide C:\Windows\system32\drivers\aliide.sys
17:33:28.0737 4528 aliide - ok
17:33:28.0752 4528 [ 970FA5059E61E30D25307B99903E991E ] amdide C:\Windows\system32\drivers\amdide.sys
17:33:28.0755 4528 amdide - ok
17:33:28.0828 4528 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:33:28.0832 4528 AmdK8 - ok
17:33:28.0887 4528 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
17:33:28.0890 4528 Appinfo - ok
17:33:28.0963 4528 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:33:28.0967 4528 Apple Mobile Device - ok
17:33:29.0055 4528 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
17:33:29.0060 4528 arc - ok
17:33:29.0086 4528 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:33:29.0090 4528 arcsas - ok
17:33:29.0176 4528 [ DF59B8E8DF0BD2E0E303778A3806A17D ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:33:29.0179 4528 aswFsBlk - ok
17:33:29.0339 4528 [ F8E6AB4F876FEFF69250F2E0C29EF004 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:33:29.0343 4528 aswMonFlt - ok
17:33:29.0361 4528 [ 8047968ED077344C10B3BB81643F4C79 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
17:33:29.0364 4528 aswRdr - ok
17:33:29.0487 4528 [ F06E230E1E8CA9437A6474B7B551CD37 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:33:29.0514 4528 aswSnx - ok
17:33:29.0611 4528 [ 3610CA74A69E380424F0452DEC5C1317 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:33:29.0619 4528 aswSP - ok
17:33:29.0647 4528 [ 87DE3E31CB0091D22351349869324065 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:33:29.0649 4528 aswTdi - ok
17:33:29.0731 4528 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:33:29.0733 4528 AsyncMac - ok
17:33:29.0775 4528 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
17:33:29.0777 4528 atapi - ok
17:33:29.0815 4528 [ 4B947A0ECC4A0D0349034A67E5C78DCC ] ATSWPDRV C:\Windows\system32\DRIVERS\ATSwpDrv.sys
17:33:29.0819 4528 ATSWPDRV - ok
17:33:29.0962 4528 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:33:29.0975 4528 AudioEndpointBuilder - ok
17:33:29.0998 4528 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:33:30.0007 4528 AudioSrv - ok
17:33:30.0074 4528 [ 3F3E2B2E5E987AD9428E5A8D35D7A37A ] Authentec memory manager C:\Windows\system32\TAMSvr.exe
17:33:30.0079 4528 Authentec memory manager - ok
17:33:30.0210 4528 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:33:30.0211 4528 avast! Antivirus - ok
17:33:30.0290 4528 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
17:33:30.0298 4528 BFE - ok
17:33:30.0399 4528 [ 6D316F4859634071CC25C4FD4589AD2C ] BITS C:\Windows\System32\qmgr.dll
17:33:30.0419 4528 BITS - ok
17:33:30.0470 4528 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
17:33:30.0471 4528 blbdrive - ok
17:33:30.0525 4528 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:33:30.0533 4528 Bonjour Service - ok
17:33:30.0558 4528 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:33:30.0561 4528 bowser - ok
17:33:30.0610 4528 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:33:30.0611 4528 BrFiltLo - ok
17:33:30.0616 4528 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:33:30.0617 4528 BrFiltUp - ok
17:33:30.0663 4528 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
17:33:30.0666 4528 Browser - ok
17:33:30.0696 4528 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
17:33:30.0699 4528 Brserid - ok
17:33:30.0704 4528 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:33:30.0706 4528 BrSerWdm - ok
17:33:30.0722 4528 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:33:30.0723 4528 BrUsbMdm - ok
17:33:30.0730 4528 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:33:30.0732 4528 BrUsbSer - ok
17:33:30.0736 4528 [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:33:30.0738 4528 BTHMODEM - ok
17:33:30.0783 4528 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:33:30.0785 4528 cdfs - ok
17:33:30.0831 4528 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:33:30.0834 4528 cdrom - ok
17:33:30.0942 4528 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
17:33:30.0945 4528 CertPropSvc - ok
17:33:30.0974 4528 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\drivers\circlass.sys
17:33:30.0976 4528 circlass - ok
17:33:31.0044 4528 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
17:33:31.0052 4528 CLFS - ok
17:33:31.0251 4528 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:33:31.0254 4528 clr_optimization_v2.0.50727_32 - ok
17:33:31.0372 4528 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:33:31.0376 4528 clr_optimization_v2.0.50727_64 - ok
17:33:31.0481 4528 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:33:31.0486 4528 clr_optimization_v4.0.30319_32 - ok
17:33:31.0548 4528 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:33:31.0553 4528 clr_optimization_v4.0.30319_64 - ok
17:33:31.0625 4528 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:33:31.0628 4528 CmBatt - ok
17:33:31.0656 4528 [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:33:31.0659 4528 cmdide - ok
17:33:31.0745 4528 [ 5A220D86C6E0DD92EA0EA157ED3CA267 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
17:33:31.0752 4528 CnxtHdAudService - ok
17:33:31.0809 4528 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:33:31.0820 4528 Compbatt - ok
17:33:31.0829 4528 COMSysApp - ok
17:33:31.0919 4528 [ 5AC8A997E8D9C131B5F90B4F3CCFAE34 ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
17:33:31.0921 4528 ConfigFree Gadget Service - ok
17:33:31.0954 4528 [ D10D01B2DFCD8D2F32A32ED29E8DA1C2 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
17:33:31.0956 4528 ConfigFree Service - ok
17:33:31.0986 4528 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:33:31.0989 4528 crcdisk - ok
17:33:32.0099 4528 [ 62740B9D2A137E8CED41A9E4239A7A31 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:33:32.0106 4528 CryptSvc - ok
17:33:32.0257 4528 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
17:33:32.0286 4528 DcomLaunch - ok
17:33:32.0343 4528 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:33:32.0348 4528 DfsC - ok
17:33:32.0523 4528 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
17:33:32.0611 4528 DFSR - ok
17:33:32.0696 4528 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:33:32.0702 4528 Dhcp - ok
17:33:32.0732 4528 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
17:33:32.0735 4528 disk - ok
17:33:32.0803 4528 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:33:32.0806 4528 Dnscache - ok
17:33:32.0910 4528 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
17:33:32.0916 4528 dot3svc - ok
17:33:32.0965 4528 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
17:33:32.0969 4528 DPS - ok
17:33:33.0020 4528 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:33:33.0022 4528 drmkaud - ok
17:33:33.0150 4528 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:33:33.0164 4528 DXGKrnl - ok
17:33:33.0192 4528 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
17:33:33.0196 4528 E1G60 - ok
17:33:33.0240 4528 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
17:33:33.0243 4528 EapHost - ok
17:33:33.0281 4528 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
17:33:33.0285 4528 Ecache - ok
17:33:33.0343 4528 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:33:33.0349 4528 ehRecvr - ok
17:33:33.0375 4528 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
17:33:33.0379 4528 ehSched - ok
17:33:33.0420 4528 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
17:33:33.0421 4528 ehstart - ok
17:33:33.0470 4528 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:33:33.0479 4528 elxstor - ok
17:33:33.0520 4528 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:33:33.0531 4528 EMDMgmt - ok
17:33:33.0566 4528 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:33:33.0568 4528 ErrDev - ok
17:33:33.0670 4528 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
17:33:33.0678 4528 EventSystem - ok
17:33:33.0862 4528 [ 7CD2F2C63693EF90B73F5362A52CAE26 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:33:33.0881 4528 EvtEng - ok
17:33:34.0038 4528 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
17:33:34.0045 4528 exfat - ok
17:33:34.0117 4528 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:33:34.0124 4528 fastfat - ok
17:33:34.0167 4528 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:33:34.0171 4528 fdc - ok
17:33:34.0209 4528 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
17:33:34.0214 4528 fdPHost - ok
17:33:34.0242 4528 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
17:33:34.0248 4528 FDResPub - ok
17:33:34.0274 4528 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:33:34.0279 4528 FileInfo - ok
17:33:34.0293 4528 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:33:34.0296 4528 Filetrace - ok
17:33:34.0313 4528 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:33:34.0316 4528 flpydisk - ok
17:33:34.0399 4528 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:33:34.0404 4528 FltMgr - ok
17:33:34.0452 4528 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
17:33:34.0477 4528 FontCache - ok
17:33:34.0541 4528 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:33:34.0542 4528 FontCache3.0.0.0 - ok
17:33:34.0585 4528 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:33:34.0587 4528 Fs_Rec - ok
17:33:34.0623 4528 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:33:34.0626 4528 gagp30kx - ok
17:33:34.0650 4528 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\Drivers\GEARAspiWDM.sys
17:33:34.0652 4528 GEARAspiWDM - ok
17:33:34.0720 4528 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
17:33:34.0736 4528 gpsvc - ok
17:33:34.0798 4528 [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:33:34.0805 4528 HdAudAddService - ok
17:33:34.0970 4528 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:33:34.0989 4528 HDAudBus - ok
17:33:35.0052 4528 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:33:35.0054 4528 HidBth - ok
17:33:35.0063 4528 [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:33:35.0065 4528 HidIr - ok
17:33:35.0147 4528 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\system32\hidserv.dll
17:33:35.0150 4528 hidserv - ok
17:33:35.0186 4528 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:33:35.0188 4528 HidUsb - ok
17:33:35.0237 4528 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
17:33:35.0242 4528 hkmsvc - ok
17:33:35.0280 4528 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:33:35.0283 4528 HpCISSs - ok
17:33:35.0328 4528 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:33:35.0342 4528 HTTP - ok
17:33:35.0359 4528 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:33:35.0361 4528 i2omp - ok
17:33:35.0389 4528 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:33:35.0391 4528 i8042prt - ok
17:33:35.0559 4528 [ CB686F44BF955EA02520710A56874FA4 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:33:35.0568 4528 IAANTMON - ok
17:33:35.0625 4528 [ 8D58627FEF3F8767665D9F4DC91CBD97 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:33:35.0632 4528 iaStor - ok
17:33:35.0660 4528 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:33:35.0669 4528 iaStorV - ok
17:33:35.0729 4528 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
17:33:35.0731 4528 IDriverT - ok
17:33:36.0019 4528 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:33:36.0037 4528 idsvc - ok
17:33:36.0436 4528 [ 663E7364F650A915D415EEB2DA98D86A ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:33:36.0670 4528 igfx - ok
17:33:36.0747 4528 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:33:36.0749 4528 iirsp - ok
17:33:36.0796 4528 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
17:33:36.0808 4528 IKEEXT - ok
17:33:36.0894 4528 [ DF797A12176F11B2D301C5B234BB200E ] intelide C:\Windows\system32\drivers\intelide.sys
17:33:36.0896 4528 intelide - ok
17:33:36.0912 4528 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:33:36.0913 4528 intelppm - ok
17:33:36.0968 4528 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:33:36.0972 4528 IPBusEnum - ok
17:33:37.0013 4528 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:33:37.0016 4528 IpFilterDriver - ok
17:33:37.0066 4528 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:33:37.0073 4528 iphlpsvc - ok
17:33:37.0087 4528 IpInIp - ok
17:33:37.0132 4528 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:33:37.0137 4528 IPMIDRV - ok
17:33:37.0170 4528 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:33:37.0176 4528 IPNAT - ok
17:33:37.0279 4528 [ 46D249F9DB7844CC01050A9345F0F61B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:33:37.0305 4528 iPod Service - ok
17:33:37.0321 4528 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:33:37.0324 4528 IRENUM - ok
17:33:37.0342 4528 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:33:37.0347 4528 isapnp - ok
17:33:37.0394 4528 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:33:37.0397 4528 iScsiPrt - ok
17:33:37.0417 4528 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:33:37.0419 4528 iteatapi - ok
17:33:37.0437 4528 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:33:37.0440 4528 iteraid - ok
17:33:37.0456 4528 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:33:37.0458 4528 kbdclass - ok
17:33:37.0462 4528 [ BF8783A5066CFECF45095459E8010FA7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:33:37.0464 4528 kbdhid - ok
17:33:37.0486 4528 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
17:33:37.0489 4528 KeyIso - ok
17:33:37.0508 4528 [ 7C999F96B239E214154DB3C808E6736A ] KR10I64 C:\Windows\system32\drivers\kr10i64.sys
17:33:37.0512 4528 KR10I64 - ok
17:33:37.0547 4528 [ 8CB9A9164D4E789424F943FA718FA3F2 ] KR10N64 C:\Windows\system32\drivers\kr10n64.sys
17:33:37.0552 4528 KR10N64 - ok
17:33:37.0670 4528 [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:33:37.0678 4528 KSecDD - ok
17:33:37.0739 4528 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:33:37.0740 4528 ksthunk - ok
17:33:37.0801 4528 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
17:33:37.0812 4528 KtmRm - ok
17:33:37.0888 4528 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:33:37.0895 4528 LanmanServer - ok
17:33:37.0953 4528 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:33:37.0960 4528 LanmanWorkstation - ok
17:33:37.0977 4528 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:33:37.0979 4528 lltdio - ok
17:33:38.0044 4528 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:33:38.0052 4528 lltdsvc - ok
17:33:38.0063 4528 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:33:38.0066 4528 lmhosts - ok
17:33:38.0111 4528 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:33:38.0115 4528 LSI_FC - ok
17:33:38.0121 4528 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:33:38.0125 4528 LSI_SAS - ok
17:33:38.0159 4528 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:33:38.0163 4528 LSI_SCSI - ok
17:33:38.0195 4528 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
17:33:38.0199 4528 luafv - ok
17:33:38.0256 4528 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:33:38.0261 4528 Mcx2Svc - ok
17:33:38.0325 4528 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
17:33:38.0356 4528 megasas - ok
17:33:38.0391 4528 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
17:33:38.0401 4528 MegaSR - ok
17:33:38.0423 4528 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
17:33:38.0427 4528 MMCSS - ok
17:33:38.0433 4528 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
17:33:38.0435 4528 Modem - ok
17:33:38.0461 4528 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:33:38.0463 4528 monitor - ok
17:33:38.0474 4528 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:33:38.0476 4528 mouclass - ok
17:33:38.0503 4528 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:33:38.0505 4528 mouhid - ok
17:33:38.0529 4528 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:33:38.0532 4528 MountMgr - ok
17:33:38.0573 4528 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
17:33:38.0577 4528 mpio - ok
17:33:38.0602 4528 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:33:38.0604 4528 mpsdrv - ok
17:33:38.0649 4528 [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc C:\Windows\system32\mpssvc.dll
17:33:38.0665 4528 MpsSvc - ok
17:33:38.0681 4528 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:33:38.0683 4528 Mraid35x - ok
17:33:38.0710 4528 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:33:38.0714 4528 MRxDAV - ok
17:33:38.0729 4528 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:33:38.0734 4528 mrxsmb - ok
17:33:38.0799 4528 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:33:38.0805 4528 mrxsmb10 - ok
17:33:38.0897 4528 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:33:38.0901 4528 mrxsmb20 - ok
17:33:38.0992 4528 [ 730B784962D22D2C6481EAE2370E7C8C ] msahci C:\Windows\system32\drivers\msahci.sys
17:33:38.0996 4528 msahci - ok
17:33:39.0017 4528 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:33:39.0023 4528 msdsm - ok
17:33:39.0073 4528 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
17:33:39.0079 4528 MSDTC - ok
17:33:39.0107 4528 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:33:39.0109 4528 Msfs - ok
17:33:39.0164 4528 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:33:39.0166 4528 msisadrv - ok
17:33:39.0215 4528 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:33:39.0222 4528 MSiSCSI - ok
17:33:39.0226 4528 msiserver - ok
17:33:39.0295 4528 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:33:39.0297 4528 MSKSSRV - ok
17:33:39.0304 4528 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:33:39.0306 4528 MSPCLOCK - ok
17:33:39.0318 4528 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:33:39.0320 4528 MSPQM - ok
17:33:39.0360 4528 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:33:39.0368 4528 MsRPC - ok
17:33:39.0398 4528 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:33:39.0400 4528 mssmbios - ok
17:33:39.0418 4528 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:33:39.0420 4528 MSTEE - ok
17:33:39.0444 4528 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
17:33:39.0447 4528 Mup - ok
17:33:39.0482 4528 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
17:33:39.0494 4528 napagent - ok
17:33:39.0561 4528 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:33:39.0566 4528 NativeWifiP - ok
17:33:39.0626 4528 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:33:39.0641 4528 NDIS - ok
17:33:39.0692 4528 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:33:39.0694 4528 NdisTapi - ok
17:33:39.0712 4528 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:33:39.0714 4528 Ndisuio - ok
17:33:39.0767 4528 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:33:39.0772 4528 NdisWan - ok
17:33:39.0784 4528 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:33:39.0786 4528 NDProxy - ok
17:33:39.0798 4528 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:33:39.0800 4528 NetBIOS - ok
17:33:39.0839 4528 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:33:39.0845 4528 netbt - ok
17:33:39.0909 4528 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
17:33:39.0912 4528 Netlogon - ok
17:33:39.0967 4528 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
17:33:39.0978 4528 Netman - ok
17:33:40.0000 4528 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
17:33:40.0010 4528 netprofm - ok
17:33:40.0041 4528 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:33:40.0045 4528 NetTcpPortSharing - ok
17:33:40.0212 4528 [ 93915C41A0DBBD121A0FAD2835E43776 ] NETw5v64 C:\Windows\system32\DRIVERS\NETw5v64.sys
17:33:40.0328 4528 NETw5v64 - ok
17:33:40.0373 4528 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:33:40.0376 4528 nfrd960 - ok
17:33:40.0395 4528 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
17:33:40.0403 4528 NlaSvc - ok
17:33:40.0432 4528 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:33:40.0434 4528 Npfs - ok
17:33:40.0478 4528 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
17:33:40.0483 4528 nsi - ok
17:33:40.0501 4528 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:33:40.0503 4528 nsiproxy - ok
17:33:40.0676 4528 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:33:40.0753 4528 Ntfs - ok
17:33:40.0801 4528 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
17:33:40.0804 4528 Null - ok
17:33:40.0890 4528 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:33:40.0895 4528 nvraid - ok
17:33:40.0911 4528 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:33:40.0915 4528 nvstor - ok
17:33:40.0943 4528 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:33:40.0949 4528 nv_agp - ok
17:33:40.0958 4528 NwlnkFlt - ok
17:33:40.0972 4528 NwlnkFwd - ok
17:33:41.0050 4528 [ D955D5DE998DB2476BF0892BE3A96C26 ] o2flash C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
17:33:41.0052 4528 o2flash - ok
17:33:41.0088 4528 [ 6531DCED1F12F8863F5C335C4A89A02E ] O2MDRDR C:\Windows\system32\DRIVERS\o2mdx64.sys
17:33:41.0091 4528 O2MDRDR - ok
17:33:41.0107 4528 [ E91B345D7E8FFAF29164B81311623941 ] O2SDRDR C:\Windows\system32\DRIVERS\o2sdx64.sys
17:33:41.0109 4528 O2SDRDR - ok
17:33:41.0307 4528 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:33:41.0317 4528 odserv - ok
17:33:41.0367 4528 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:33:41.0370 4528 ohci1394 - ok
17:33:41.0463 4528 [ CCF523B951AFAA0147F22E2A7AAE4976 ] OpenLibSys C:\Program Files (x86)\NXP\FM Radio\OpenLibSysX64.sys
17:33:41.0466 4528 OpenLibSys - ok
17:33:41.0541 4528 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:33:41.0546 4528 ose - ok
17:33:41.0620 4528 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:33:41.0646 4528 p2pimsvc - ok
17:33:41.0675 4528 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
17:33:41.0695 4528 p2psvc - ok
17:33:41.0753 4528 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
17:33:41.0758 4528 Parport - ok
17:33:41.0790 4528 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:33:41.0793 4528 partmgr - ok
17:33:41.0902 4528 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
17:33:41.0908 4528 PcaSvc - ok
17:33:41.0928 4528 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
17:33:41.0933 4528 pci - ok
17:33:41.0953 4528 [ 8D618C829034479985A9ED56106CC732 ] pciide C:\Windows\system32\drivers\pciide.sys
17:33:41.0955 4528 pciide - ok
17:33:41.0976 4528 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:33:41.0981 4528 pcmcia - ok
17:33:42.0049 4528 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:33:42.0064 4528 PEAUTH - ok
17:33:42.0175 4528 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:33:42.0183 4528 PerfHost - ok
17:33:42.0459 4528 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
17:33:42.0505 4528 pla - ok
17:33:42.0553 4528 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:33:42.0572 4528 PlugPlay - ok
17:33:42.0642 4528 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:33:42.0663 4528 PNRPAutoReg - ok
17:33:42.0704 4528 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:33:42.0724 4528 PNRPsvc - ok
17:33:42.0773 4528 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:33:42.0782 4528 PolicyAgent - ok
17:33:42.0817 4528 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:33:42.0820 4528 PptpMiniport - ok
17:33:42.0902 4528 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
17:33:42.0904 4528 Processor - ok
17:33:42.0936 4528 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
17:33:42.0941 4528 ProfSvc - ok
17:33:42.0953 4528 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
17:33:42.0956 4528 ProtectedStorage - ok
17:33:42.0999 4528 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:33:43.0002 4528 PSched - ok
17:33:43.0053 4528 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:33:43.0056 4528 PxHlpa64 - ok
17:33:43.0108 4528 [ 030176BD0B4AAEA01A651B51EFE295BB ] QIOMem C:\Windows\system32\DRIVERS\QIOMem.sys
17:33:43.0109 4528 QIOMem - ok
17:33:43.0175 4528 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:33:43.0194 4528 ql2300 - ok
17:33:43.0202 4528 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:33:43.0205 4528 ql40xx - ok
17:33:43.0254 4528 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
17:33:43.0262 4528 QWAVE - ok
17:33:43.0282 4528 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:33:43.0284 4528 QWAVEdrv - ok
17:33:43.0295 4528 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:33:43.0299 4528 RasAcd - ok
17:33:43.0313 4528 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
17:33:43.0319 4528 RasAuto - ok
17:33:43.0354 4528 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:33:43.0357 4528 Rasl2tp - ok
17:33:43.0365 4528 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
17:33:43.0373 4528 RasMan - ok
17:33:43.0391 4528 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:33:43.0392 4528 RasPppoe - ok
17:33:43.0450 4528 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:33:43.0453 4528 RasSstp - ok
17:33:43.0491 4528 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:33:43.0497 4528 rdbss - ok
17:33:43.0531 4528 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:33:43.0533 4528 RDPCDD - ok
17:33:43.0557 4528 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:33:43.0563 4528 rdpdr - ok
17:33:43.0575 4528 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:33:43.0576 4528 RDPENCDD - ok
17:33:43.0618 4528 [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:33:43.0623 4528 RDPWD - ok
17:33:43.0681 4528 [ AE210692B9BD101B0F1A9A6DC3790B3A ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
17:33:43.0682 4528 RealNetworks Downloader Resolver Service - ok
17:33:43.0812 4528 [ 7A917120A62BCF2883FDD5C352447556 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:33:43.0820 4528 RegSrvc - ok
17:33:43.0967 4528 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:33:43.0972 4528 RemoteAccess - ok
17:33:44.0042 4528 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:33:44.0051 4528 RemoteRegistry - ok
17:33:44.0096 4528 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
17:33:44.0103 4528 RpcLocator - ok
17:33:44.0179 4528 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
17:33:44.0199 4528 RpcSs - ok
17:33:44.0273 4528 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:33:44.0278 4528 rspndr - ok
17:33:44.0298 4528 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
17:33:44.0305 4528 SamSs - ok
17:33:44.0338 4528 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:33:44.0342 4528 sbp2port - ok
17:33:44.0351 4528 SBRE - ok
17:33:44.0415 4528 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:33:44.0420 4528 SCardSvr - ok
17:33:44.0466 4528 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
17:33:44.0480 4528 Schedule - ok
17:33:44.0521 4528 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:33:44.0522 4528 SCPolicySvc - ok
17:33:44.0558 4528 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:33:44.0561 4528 sdbus - ok
17:33:44.0611 4528 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:33:44.0616 4528 SDRSVC - ok
17:33:44.0632 4528 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:33:44.0633 4528 secdrv - ok
17:33:44.0650 4528 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
17:33:44.0654 4528 seclogon - ok
17:33:44.0673 4528 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\System32\sens.dll
17:33:44.0677 4528 SENS - ok
17:33:44.0681 4528 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:33:44.0683 4528 Serenum - ok
17:33:44.0698 4528 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
17:33:44.0701 4528 Serial - ok
17:33:44.0705 4528 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:33:44.0707 4528 sermouse - ok
17:33:44.0733 4528 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
17:33:44.0738 4528 SessionEnv - ok
17:33:44.0742 4528 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:33:44.0744 4528 sffdisk - ok
17:33:44.0757 4528 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:33:44.0759 4528 sffp_mmc - ok
17:33:44.0764 4528 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:33:44.0765 4528 sffp_sd - ok
17:33:44.0770 4528 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:33:44.0771 4528 sfloppy - ok
17:33:44.0810 4528 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:33:44.0823 4528 SharedAccess - ok
17:33:44.0963 4528 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:33:44.0972 4528 ShellHWDetection - ok
17:33:45.0003 4528 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:33:45.0005 4528 SiSRaid2 - ok
17:33:45.0010 4528 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:33:45.0013 4528 SiSRaid4 - ok
17:33:45.0099 4528 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
17:33:45.0156 4528 slsvc - ok
17:33:45.0198 4528 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:33:45.0205 4528 SLUINotify - ok
17:33:45.0388 4528 [ 79ED2D6DEC26E0FEFB93EA21F09E6A51 ] SmartFaceVWatchSrv C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
17:33:45.0391 4528 SmartFaceVWatchSrv - ok
17:33:45.0424 4528 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:33:45.0429 4528 Smb - ok
17:33:45.0468 4528 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:33:45.0474 4528 SNMPTRAP - ok
17:33:45.0547 4528 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
17:33:45.0549 4528 spldr - ok
17:33:45.0590 4528 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
17:33:45.0601 4528 Spooler - ok
17:33:45.0693 4528 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
17:33:45.0703 4528 srv - ok
17:33:45.0729 4528 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:33:45.0734 4528 srv2 - ok
17:33:45.0741 4528 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:33:45.0745 4528 srvnet - ok
17:33:45.0778 4528 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:33:45.0786 4528 SSDPSRV - ok
17:33:45.0823 4528 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:33:45.0832 4528 SstpSvc - ok
17:33:45.0918 4528 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
17:33:45.0935 4528 stisvc - ok
17:33:45.0966 4528 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:33:45.0968 4528 swenum - ok
17:33:46.0266 4528 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:33:46.0274 4528 SwitchBoard - ok
17:33:46.0429 4528 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
17:33:46.0453 4528 swprv - ok
17:33:46.0542 4528 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:33:46.0546 4528 Symc8xx - ok
17:33:46.0578 4528 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:33:46.0582 4528 Sym_hi - ok
17:33:46.0592 4528 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:33:46.0596 4528 Sym_u3 - ok
17:33:46.0655 4528 [ 8DE55385370E47F0E851C9BD6C310E9D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:33:46.0665 4528 SynTP - ok
17:33:46.0770 4528 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
17:33:46.0792 4528 SysMain - ok
17:33:46.0837 4528 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:33:46.0844 4528 TabletInputService - ok
17:33:46.0964 4528 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:33:46.0976 4528 TapiSrv - ok
17:33:46.0993 4528 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
17:33:46.0998 4528 TBS - ok
17:33:47.0193 4528 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:33:47.0235 4528 Tcpip - ok
17:33:47.0283 4528 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:33:47.0306 4528 Tcpip6 - ok
17:33:47.0343 4528 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:33:47.0347 4528 tcpipreg - ok
17:33:47.0382 4528 [ D45586A9FACB2C9708B10E491EF748A6 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
17:33:47.0385 4528 tdcmdpst - ok
17:33:47.0416 4528 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:33:47.0419 4528 TDPIPE - ok
17:33:47.0429 4528 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:33:47.0433 4528 TDTCP - ok
17:33:47.0477 4528 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:33:47.0480 4528 tdx - ok
17:33:47.0496 4528 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:33:47.0499 4528 TermDD - ok
17:33:47.0537 4528 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
17:33:47.0551 4528 TermService - ok
17:33:47.0575 4528 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
17:33:47.0582 4528 Themes - ok
17:33:47.0613 4528 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
17:33:47.0617 4528 THREADORDER - ok
17:33:47.0719 4528 [ B1C3E5DA9D0EC0EAA0F9374045CAA3A1 ] TNaviSrv C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
17:33:47.0721 4528 TNaviSrv - ok
17:33:47.0771 4528 [ 19AF3434564E973BC232BBD629EC2BF6 ] TODDSrv C:\Windows\system32\TODDSrv.exe
17:33:47.0778 4528 TODDSrv - ok
17:33:47.0783 4528 Tosrfcom - ok
17:33:47.0806 4528 [ FA427F666E4D425ACB193E406F2C3FA1 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
17:33:47.0818 4528 tosrfec - ok
17:33:47.0873 4528 [ DD50A5DF5F7B29FDB6B5FEA728C43DC3 ] tos_sps64 C:\Windows\system32\DRIVERS\tos_sps64.sys
17:33:47.0883 4528 tos_sps64 - ok
17:33:48.0007 4528 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
17:33:48.0014 4528 TrkWks - ok
17:33:48.0084 4528 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:33:48.0087 4528 TrustedInstaller - ok
17:33:48.0115 4528 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:33:48.0119 4528 tssecsrv - ok
17:33:48.0177 4528 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:33:48.0178 4528 tunmp - ok
17:33:48.0227 4528 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:33:48.0229 4528 tunnel - ok
17:33:48.0282 4528 [ 9A744CC3D804EC38A6C2C65BC3C6FCD8 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
17:33:48.0284 4528 TVALZ - ok
17:33:48.0299 4528 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:33:48.0302 4528 uagp35 - ok
17:33:48.0331 4528 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:33:48.0337 4528 udfs - ok
17:33:48.0373 4528 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:33:48.0378 4528 UI0Detect - ok
17:33:48.0443 4528 [ 332D341D92B933600D41953B08360DFB ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
17:33:48.0444 4528 UleadBurningHelper - ok
17:33:48.0501 4528 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:33:48.0504 4528 uliagpkx - ok
17:33:48.0526 4528 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:33:48.0532 4528 uliahci - ok
17:33:48.0539 4528 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:33:48.0542 4528 UlSata - ok
17:33:48.0564 4528 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:33:48.0568 4528 ulsata2 - ok
17:33:48.0589 4528 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:33:48.0591 4528 umbus - ok
17:33:48.0629 4528 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
17:33:48.0638 4528 upnphost - ok
17:33:48.0677 4528 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:33:48.0679 4528 USBAAPL64 - ok
17:33:48.0750 4528 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:33:48.0753 4528 usbccgp - ok
17:33:48.0774 4528 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:33:48.0777 4528 usbcir - ok
17:33:48.0808 4528 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:33:48.0819 4528 usbehci - ok
17:33:48.0908 4528 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:33:48.0915 4528 usbhub - ok
17:33:48.0932 4528 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:33:48.0934 4528 usbohci - ok
17:33:48.0958 4528 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:33:48.0961 4528 usbprint - ok
17:33:48.0990 4528 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:33:48.0994 4528 USBSTOR - ok
17:33:49.0030 4528 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:33:49.0032 4528 usbuhci - ok
17:33:49.0084 4528 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:33:49.0089 4528 usbvideo - ok
17:33:49.0138 4528 [ 060B7863943625E0193A3575C0C59E52 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS
17:33:49.0140 4528 UVCFTR - ok
17:33:49.0173 4528 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
17:33:49.0185 4528 UxSms - ok
17:33:49.0296 4528 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
17:33:49.0320 4528 vds - ok
17:33:49.0349 4528 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:33:49.0353 4528 vga - ok
17:33:49.0380 4528 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:33:49.0384 4528 VgaSave - ok
17:33:49.0434 4528 [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide C:\Windows\system32\drivers\viaide.sys
17:33:49.0437 4528 viaide - ok
17:33:49.0474 4528 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:33:49.0477 4528 volmgr - ok
17:33:49.0515 4528 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:33:49.0523 4528 volmgrx - ok
17:33:49.0542 4528 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:33:49.0548 4528 volsnap - ok
17:33:49.0591 4528 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:33:49.0596 4528 vsmraid - ok
17:33:49.0675 4528 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
17:33:49.0709 4528 VSS - ok
17:33:49.0756 4528 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
17:33:49.0769 4528 W32Time - ok
17:33:49.0789 4528 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:33:49.0791 4528 WacomPen - ok
17:33:49.0902 4528 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:33:49.0905 4528 Wanarp - ok
17:33:49.0910 4528 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:33:49.0913 4528 Wanarpv6 - ok
17:33:49.0945 4528 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:33:49.0961 4528 wcncsvc - ok
17:33:50.0001 4528 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:33:50.0008 4528 WcsPlugInService - ok
17:33:50.0041 4528 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
17:33:50.0044 4528 Wd - ok
17:33:50.0076 4528 [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:33:50.0094 4528 Wdf01000 - ok
17:33:50.0109 4528 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:33:50.0116 4528 WdiServiceHost - ok
17:33:50.0121 4528 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:33:50.0128 4528 WdiSystemHost - ok
17:33:50.0145 4528 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
17:33:50.0154 4528 WebClient - ok
17:33:50.0182 4528 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:33:50.0191 4528 Wecsvc - ok
17:33:50.0242 4528 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:33:50.0249 4528 wercplsupport - ok
17:33:50.0269 4528 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
17:33:50.0277 4528 WerSvc - ok
17:33:50.0295 4528 WinDefend - ok
17:33:50.0304 4528 WinHttpAutoProxySvc - ok
17:33:50.0372 4528 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:33:50.0380 4528 Winmgmt - ok
17:33:50.0567 4528 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
17:33:50.0631 4528 WinRM - ok
17:33:50.0753 4528 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:33:50.0772 4528 Wlansvc - ok
17:33:50.0818 4528 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:33:50.0820 4528 WmiAcpi - ok
17:33:50.0924 4528 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:33:50.0929 4528 wmiApSrv - ok
17:33:50.0951 4528 WMPNetworkSvc - ok
17:33:50.0980 4528 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:33:50.0990 4528 WPCSvc - ok
17:33:51.0043 4528 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:33:51.0051 4528 WPDBusEnum - ok
17:33:51.0113 4528 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:33:51.0117 4528 WpdUsb - ok
17:33:51.0252 4528 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:33:51.0269 4528 WPFFontCache_v0400 - ok
17:33:51.0325 4528 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:33:51.0326 4528 ws2ifsl - ok
17:33:51.0393 4528 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\System32\wscsvc.dll
17:33:51.0398 4528 wscsvc - ok
17:33:51.0402 4528 WSearch - ok
17:33:51.0590 4528 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:33:51.0658 4528 wuauserv - ok
17:33:51.0713 4528 [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:33:51.0716 4528 WUDFRd - ok
17:33:51.0744 4528 [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:33:51.0750 4528 wudfsvc - ok
17:33:51.0796 4528 [ 3373A1402397BD13455608E5852E1505 ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
17:33:51.0802 4528 yukonx64 - ok
17:33:51.0815 4528 ================ Scan global ===============================
17:33:51.0874 4528 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
17:33:51.0924 4528 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
17:33:51.0946 4528 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
17:33:52.0014 4528 [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
17:33:52.0027 4528 [Global] - ok
17:33:52.0027 4528 ================ Scan MBR ==================================
17:33:52.0044 4528 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
17:33:52.0364 4528 \Device\Harddisk0\DR0 - ok
17:33:52.0365 4528 ================ Scan VBR ==================================
17:33:52.0394 4528 [ 8E722779D3471354D748FF1C2FB2DBF9 ] \Device\Harddisk0\DR0\Partition1
17:33:52.0398 4528 \Device\Harddisk0\DR0\Partition1 - ok
17:33:52.0399 4528 ============================================================
17:33:52.0399 4528 Scan finished
17:33:52.0399 4528 ============================================================
17:33:52.0425 4952 Detected object count: 0
17:33:52.0425 4952 Actual detected object count: 0
17:34:46.0980 4756 Deinitialize success


OTL Extras logfile created on: 9/10/2012 5:39:13 PM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\A\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 57.30% Memory free
7.91 Gb Paging File | 6.09 Gb Available in Paging File | 76.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 296.62 Gb Total Space | 157.33 Gb Free Space | 53.04% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: A-PC | User Name: A | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files (x86)\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = AA 45 82 0E AF 87 CC 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F8D7D8A-3389-4474-8241-D99F169F2482}" = lport=137 | protocol=17 | dir=in | app=system |
"{2F00F790-970C-4708-914A-2FBF1C526946}" = lport=7935 | protocol=6 | dir=in | name=adobe flash builder 4.5 |
"{2F7FA3CC-2896-46DF-A0EF-16C916684BAA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{38AEEA5D-4011-4721-8280-6B24F5ABD2C4}" = lport=139 | protocol=6 | dir=in | app=system |
"{39196667-7B13-4113-8819-E4C29ED14F9E}" = rport=445 | protocol=6 | dir=out | app=system |
"{3DB8F8B8-A23B-4FD7-85E8-9D0CCA589A9C}" = rport=139 | protocol=6 | dir=out | app=system |
"{43E705CB-8F7C-4697-A210-42A037BDFBA5}" = rport=138 | protocol=17 | dir=out | app=system |
"{81066D02-A66A-43C9-B0D0-DA908EEAE250}" = lport=445 | protocol=6 | dir=in | app=system |
"{A153A11A-BA9F-4D75-A8BF-EEBFC840BB9E}" = lport=138 | protocol=17 | dir=in | app=system |
"{D07438AD-14D5-4A7E-9318-AB14D5CEDC34}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E44A690E-84FD-47A0-A89E-C3EA22CEE50C}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1358E527-E7E8-443B-ABAE-401F4EDE66D4}" = protocol=17 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.5\flashbuilder.exe |
"{14D25FFD-D96D-4C56-A201-E653710B5A5F}" = protocol=17 | dir=in | app=c:\users\a\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{1A261E03-654C-4065-81F1-1B8243204CD4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{35BE5A9F-CE60-4A79-A8C8-E90FAF90BF2A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3847791F-55A9-409C-9763-FCF7C2B7172B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{500EBB5A-963F-4C6C-A9E8-368E74D6AB70}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{66CDF824-FF5F-4690-A31A-08A5CF048CE8}" = dir=in | app=c:\program files (x86)\cyberlink\powercinema for toshiba\powercinema.exe |
"{7ABDFA90-5753-455A-A5B1-95B60BEC815C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8E0547C4-F999-4102-8296-140C1856EF69}" = protocol=6 | dir=in | app=c:\users\a\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{99E2D4CB-0A20-48AD-933D-BADAA55A92F5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9B94D190-B47F-436B-9063-D19E2EAA0398}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A5EC0061-0428-4EC8-93CD-0A4DD5AA1FC8}" = dir=in | app=c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\dms\clmsservice.exe |
"{A6DD8A0E-8EDE-4EE7-8FD0-B707D8D79C78}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{AB06C1D5-BA9D-49F1-A49C-E5FDD2CCD45A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AC2BCE8A-1CC8-4D7F-B298-6E5D139E5C33}" = dir=in | app=c:\program files (x86)\cyberlink\powercinema for toshiba\pcmservice.exe |
"{DCE2D929-D572-4DD3-96B0-BA67C3BAB7EC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DEF4E15F-274C-4E55-A342-70F9F67AAF7C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F2B1450D-478D-45DE-B037-195AC5061CF8}" = dir=in | app=c:\program files (x86)\cyberlink\powercinema for toshiba\kernel\dmp\clbrowserengine.exe |
"{F8D266BC-3179-4E21-AFE6-1CA840890D95}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{FC7F7C8B-F50A-48CA-8B5B-A4EB892EADE9}" = protocol=6 | dir=in | app=c:\program files (x86)\adobe\adobe flash builder 4.5\flashbuilder.exe |
"TCP Query User{3DFD3241-B274-48AD-B331-653266273D9D}C:\users\a\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\a\appdata\roaming\spotify\spotify.exe |
"TCP Query User{E580FDDB-AB72-4078-81C2-BD3C80690108}C:\program files (x86)\free download manager\fdm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\free download manager\fdm.exe |
"TCP Query User{EDAA5D68-A67D-49DB-AA5A-F6157AF9B772}C:\program files (x86)\calibre2\calibre.exe" = protocol=6 | dir=in | app=c:\program files (x86)\calibre2\calibre.exe |
"UDP Query User{38158D70-E7E0-4903-A42E-DB99D35B603F}C:\program files (x86)\calibre2\calibre.exe" = protocol=17 | dir=in | app=c:\program files (x86)\calibre2\calibre.exe |
"UDP Query User{BCEAEECB-B009-4814-B3DB-59BD5D79C28F}C:\users\a\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\a\appdata\roaming\spotify\spotify.exe |
"UDP Query User{D1F455FE-51B2-4729-BCF2-70935349A58D}C:\program files (x86)\free download manager\fdm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\free download manager\fdm.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11953C65-BB4E-4CA4-B0F0-2600A4B20040}" = Picture Control Utility x64
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26921B2E-3E62-47F9-A514-1FC4A83BD738}" = Intel(R) PROSet/Wireless WiFi Software
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{5254156F-AA77-499A-B7C1-D5581D44E788}" = Marvell Miniport Driver
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{635BE602-BB9C-4C59-8CC5-93F9366E8A21}" = ViewNX 2
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE64AAFB-8C9A-482A-B2A9-3A420A65D5D5}" = O2Micro Flash Memory Card Reader Driver (x64)
"{B431E4D3-ECE7-4D41-8668-BCF9BD685B62}" = TOSHIBA Application Disc Creator
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C515A5CE-7B56-4C80-881C-86B7768E2FD0}" = Memeo AutoBackup
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{DF0853CA-A1D0-4169-8472-F2822C8FA1EB}" = TOSHIBA Supervisor Password
"{E8B39B08-7FAB-48CC-89E9-37C5589E130C}" = TOSHIBA Hardware Setup
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"CNXT_AUDIO_HDA" = Conexant HD Audio
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}" = TOSHIBA ConfigFree
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1B87C40B-A60B-4EF3-9A68-706CF4B69978}" = Toshiba Assist
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{24176A21-AFC8-3DCC-A2BB-901734AA64B9}" = Google Talk Plugin
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema for TOSHIBA
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3248F0A8-6813-11D6-A77B-00B0D0160060}" = Java(TM) 6 Update 6
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{4C3F3228-13BE-41D0-A782-3DDE7CB2479A}" = CD/DVD Drive Acoustic Silencer
"{4E33D05D-76CF-5D3C-4D5D-7727530FA161}" = Adobe Content Viewer
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6FCEFE16-0A8E-4F79-A642-49582DD25F3A}" = RealDownloader
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1" = MP4 player
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C542173-96F0-435D-A95C-468CAAC75EA0}" = Adobe Flash Player 10 Plugin
"{9E051993-7665-FE91-148D-3B0855E57F70}" = Amazon MP3 Uploader
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AEAB754A-426C-4738-89C1-52FCB389FCDF}" = calibre
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
"{C485E390-78F5-4D5B-B56A-20A4C59B022A}" = FM Tuner Utility
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D57FC112-312E-4D70-860F-2DB8FB6858F0}" = Adobe Creative Suite 5.5 Master Collection
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA29D017-6E24-481D-BC7C-2B69335A0B3A}" = TrueSuite Access Manager
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{FB356619-7ECE-42BC-A28A-541973E29F28}" = TOSHIBA PowerCinema Helper
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Applian FLV and Media Player" = Applian FLV and Media Player 3.1.1.12
"avast" = avast! Free Antivirus
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
"com.adobe.dmp.contentviewer" = Adobe Content Viewer
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"com.amazon.music.uploader" = Amazon MP3 Uploader
"Debut" = Debut Video Capture Software
"Drummix - Beta Edition" = Drummix - Beta Edition
"Drummix - Beta Edition Content" = Drummix - Beta Edition Content
"ExpressZip" = Express Zip File Compression Software
"Free Download Manager_is1" = Free Download Manager 3.0
"HandBrake" = HandBrake 0.9.5
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = CyberLink PowerCinema for TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{C515A5CE-7B56-4C80-881C-86B7768E2FD0}" = Memeo AutoBackup
"InstallShield_{DA29D017-6E24-481D-BC7C-2B69335A0B3A}" = TrueSuite Access Manager
"InstallShield_{DF0853CA-A1D0-4169-8472-F2822C8FA1EB}" = TOSHIBA Supervisor Password
"InstallShield_{E8B39B08-7FAB-48CC-89E9-37C5589E130C}" = TOSHIBA Hardware Setup
"InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}" = TOSHIBA Face Recognition
"Pixillion" = Pixillion Image Converter
"Prism" = Prism Video File Converter
"RealPlayer 15.0" = RealPlayer
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Wondershare Video Converter Ultimate_is1" = Wondershare Video Converter Ultimate(Build 5.7.1.1)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-413128071-3352485094-2835957488-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/1/2012 9:11:57 AM | Computer Name = A-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 593209

Error - 7/1/2012 9:11:57 AM | Computer Name = A-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 593209

Error - 7/1/2012 9:11:58 AM | Computer Name = A-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/1/2012 9:11:58 AM | Computer Name = A-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 594208

Error - 7/1/2012 9:11:58 AM | Computer Name = A-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 594208

Error - 7/1/2012 9:11:59 AM | Computer Name = A-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/1/2012 9:11:59 AM | Computer Name = A-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 595222

Error - 7/1/2012 9:11:59 AM | Computer Name = A-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 595222

Error - 7/1/2012 9:12:00 AM | Computer Name = A-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/1/2012 9:12:00 AM | Computer Name = A-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 596220

[ System Events ]
Error - 9/10/2012 5:42:16 PM | Computer Name = A-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume SQ004741V05.

Error - 9/10/2012 5:42:16 PM | Computer Name = A-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume SQ004741V05.

Error - 9/10/2012 5:42:35 PM | Computer Name = A-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume SQ004741V05.

Error - 9/10/2012 5:42:36 PM | Computer Name = A-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume SQ004741V05.

Error - 9/10/2012 5:42:43 PM | Computer Name = A-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume SQ004741V05.

Error - 9/10/2012 5:42:44 PM | Computer Name = A-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume SQ004741V05.

Error - 9/10/2012 5:43:03 PM | Computer Name = A-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume C:.

Error - 9/10/2012 5:43:12 PM | Computer Name = A-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume SQ004741V05.

Error - 9/10/2012 5:43:15 PM | Computer Name = A-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume SQ004741V05.

Error - 9/10/2012 5:43:16 PM | Computer Name = A-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume SQ004741V05.


< End of report >
pfosinger
Active Member
 
Posts: 4
Joined: September 7th, 2012, 11:23 am

Re: corrupt Acrobat file? (appears to be malware)

Unread postby pfosinger » September 11th, 2012, 7:59 am

Here's the rest (OTL):



OTL logfile created on: 9/10/2012 5:39:13 PM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Users\A\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 57.30% Memory free
7.91 Gb Paging File | 6.09 Gb Available in Paging File | 76.94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 296.62 Gb Total Space | 157.33 Gb Free Space | 53.04% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: A-PC | User Name: A | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/10 17:35:20 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe
PRC - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/09 18:21:58 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/07/03 12:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/09 14:16:58 | 000,205,944 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
PRC - [2012/02/09 14:15:06 | 000,031,408 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2009/04/11 02:28:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/01/22 19:43:18 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\TrueSuite Access Manager\usbnotify.exe
PRC - [2008/04/30 17:55:58 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008/04/17 03:21:24 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
PRC - [2008/04/17 03:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2008/04/17 03:19:16 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/04/15 20:54:40 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/02/12 19:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2005/07/15 17:48:33 | 000,479,232 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/01/22 19:43:18 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\TrueSuite Access Manager\usbnotify.exe


========== Services (SafeList) ==========

SRV:64bit: - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2008/11/05 19:58:42 | 000,048,640 | ---- | M] (AuthenTec Inc.) [Auto | Running] -- C:\Windows\SysNative\TAMSvr.exe -- (Authentec memory manager)
SRV:64bit: - [2008/04/30 23:20:42 | 001,371,136 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2008/04/30 22:42:20 | 000,826,368 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2008/04/24 21:57:40 | 000,084,992 | ---- | M] (Toshiba) [On_Demand | Running] -- C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe -- (SmartFaceVWatchSrv)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/11/21 19:53:16 | 000,135,168 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/02/09 14:15:06 | 000,031,408 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/05 19:58:42 | 000,049,152 | ---- | M] (AuthenTec Inc.) [Auto | Running] -- C:\Windows\SysWOW64\TAMSvr.exe -- (Authentec memory manager)
SRV - [2008/04/30 17:55:58 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/04/17 03:19:48 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2008/04/15 20:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008/04/04 00:01:28 | 000,036,864 | ---- | M] (TOSHIBA Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe -- (ConfigFree Gadget Service)
SRV - [2007/02/12 19:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/03 12:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/03 12:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/03 12:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/03 12:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/03 12:21:52 | 000,044,272 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2012/07/03 12:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/08/02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/08/27 05:42:50 | 000,019,824 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tosrfec.sys -- (tosrfec)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/26 13:41:46 | 000,217,856 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ATSwpDrv.sys -- (ATSWPDRV)
DRV:64bit: - [2008/06/12 21:51:36 | 007,911,840 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/04/30 17:23:04 | 000,504,912 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tos_sps64.sys -- (tos_sps64)
DRV:64bit: - [2008/04/28 09:38:12 | 004,730,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64)
DRV:64bit: - [2008/04/15 20:54:16 | 000,388,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/04/15 13:14:40 | 000,062,040 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2mdx64.sys -- (O2MDRDR)
DRV:64bit: - [2008/04/08 13:46:44 | 000,051,928 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\o2sdx64.sys -- (O2SDRDR)
DRV:64bit: - [2008/04/04 13:57:00 | 000,404,992 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/03/14 15:18:34 | 000,053,744 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\AlfaFF.sys -- (AlfaFF)
DRV:64bit: - [2008/03/04 13:32:46 | 000,222,720 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/12/20 19:10:50 | 000,028,200 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV:64bit: - [2007/12/11 17:03:36 | 000,027,272 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\tdcmdpst.sys -- (tdcmdpst)
DRV:64bit: - [2007/11/29 20:58:58 | 000,320,048 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2007/11/09 17:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV:64bit: - [2007/04/09 19:15:44 | 000,009,728 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\QIOMem.sys -- (QIOMem)
DRV:64bit: - [2006/11/09 17:34:42 | 000,237,568 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\kr10n64.sys -- (KR10N64)
DRV:64bit: - [2006/11/09 17:33:44 | 000,248,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\kr10i64.sys -- (KR10I64)
DRV - [2008/03/14 15:18:34 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot | Running] -- C:\Windows\SysWOW64\drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2007/10/19 17:05:38 | 000,014,544 | ---- | M] (OpenLibSys.org) [Kernel | Auto | Running] -- C:\Program Files (x86)\NXP\FM Radio\OpenLibSysX64.sys -- (OpenLibSys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {FB3661C6-18D3-4D9F-B2BA-A4E2B07620C8}
IE:64bit: - HKLM\..\SearchScopes\{FB3661C6-18D3-4D9F-B2BA-A4E2B07620C8}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage};
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://isearch.whitesmoke.com/?q={searchTerms}&babsrc=home&s=web&as=0&isid=9858
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{7CC94BCA-8E5E-4FAD-ACE5-798C208642BC}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://isearch.whitesmoke.com/?q={searchTerms}&babsrc=home&s=web&as=0&isid=9858
IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://isearch.whitesmoke.com/?q={searchTerms}&babsrc=home&s=web&as=0&isid=9858
IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.whitesmoke.com/?isid=9858
IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://isearch.whitesmoke.com/?q={searchTerms}&babsrc=home&s=web&as=0&isid=9858
IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://isearch.whitesmoke.com/?q={searchTerms}&babsrc=home&s=web&as=0&isid=9858
IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://isearch.whitesmoke.com/?q={searchTerms}&babsrc=home&s=web&as=0&isid=9858
IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-413128071-3352485094-2835957488-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.0.3: C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.0.3: C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.5.109: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.5.109: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\A\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\A\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\A\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\A\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012/02/19 17:44:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012/05/10 22:40:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/09 18:22:32 | 000,000,000 | ---D | M]



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\A\AppData\Local\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\A\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\A\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\A\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\A\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\A\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Google Update (Enabled) = C:\Users\A\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: RealNetworks Downloader Extension = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.0_0\
CHR - Extension: Gmail = C:\Users\A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/10 04:32:48 | 000,002,198 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.newoa
O1 - Hosts: 127.0.0.1 practivate.adobe.ntp
O1 - Hosts: 127.0.0.1 practivate.adobe.ipp
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O1 - Hosts: 127.0.0.1 wip.adobe.com
O1 - Hosts: 127.0.0.1 wip1.aobe.com
O1 - Hosts: 127.0.0.1 wip2.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.wip.adobe.com
O1 - Hosts: 127.0.0.1 www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com
O1 - Hosts: 127.0.0.1 www.wip3.adobe.com
O1 - Hosts: 127.0.0.1 www.wip4.adobe.com
O1 - Hosts: 18 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [FingerPrintNotifer] C:\Program Files (x86)\TrueSuite Access Manager\FpNotifier.exe (AuthenTec, Inc)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UsbMonitor] C:\Program Files (x86)\TrueSuite Access Manager\usbnotify.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-413128071-3352485094-2835957488-1000..\Run: [Spotify] "C:\Users\A\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart File not found
O4 - HKU\S-1-5-21-413128071-3352485094-2835957488-1000..\Run: [TOSCDSPD] TOSCDSPD.EXE File not found
O4 - HKU\.DEFAULT..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O8:64bit: - Extra context menu item: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8:64bit: - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8:64bit: - Extra context menu item: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Download all with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Download selected with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Download video with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Download with Free Download Manager - C:\Program Files (x86)\Free Download Manager\dllink.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.100.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84B50C36-E227-40D9-94E2-90DF11528080}: DhcpNameServer = 192.168.100.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\A\Pictures\cowpokes.jpg
O24 - Desktop BackupWallPaper: C:\Users\A\Pictures\cowpokes.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e9a548c1-6da5-11e1-aed2-001e68e1d8e6}\Shell - "" = AutoRun
O33 - MountPoints2\{e9a548c1-6da5-11e1-aed2-001e68e1d8e6}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/10 17:38:03 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe
[2012/09/10 17:33:01 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\A\Desktop\tdsskiller.exe
[2012/09/08 10:23:43 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\com.adobe.dmp.contentviewer
[2012/09/06 21:46:31 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/09/04 18:30:10 | 000,000,000 | ---D | C] -- C:\Users\A\Documents\My Kindle Content
[2012/09/04 18:30:01 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2012/09/04 18:29:45 | 000,000,000 | ---D | C] -- C:\Users\A\AppData\Local\Amazon
[2012/08/16 22:35:36 | 000,000,000 | ---D | C] -- C:\Users\A\Desktop\horn
[2012/08/16 03:07:06 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/16 03:07:06 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/16 03:07:04 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/16 03:07:04 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/16 03:07:01 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/16 03:07:00 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/16 03:07:00 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/16 03:06:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/16 03:06:58 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/16 03:06:58 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/16 03:06:56 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/16 03:06:53 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/16 03:06:52 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/15 08:49:24 | 000,788,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/08/15 08:49:23 | 000,623,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\localspl.dll
[2012/08/15 08:49:15 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/12 22:52:28 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/10 17:35:20 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\A\Desktop\OTL.exe
[2012/09/10 17:34:05 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-413128071-3352485094-2835957488-1000UA.job
[2012/09/10 17:32:48 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\A\Desktop\tdsskiller.exe
[2012/09/10 17:26:27 | 000,044,544 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\agremove.exe
[2012/09/10 17:22:44 | 004,885,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/09/10 17:21:17 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/10 17:21:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/10 17:20:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/10 17:20:34 | 4153,274,368 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/10 17:14:32 | 000,458,240 | ---- | M] () -- C:\Users\A\Desktop\CKScanner.exe
[2012/09/09 21:34:00 | 000,000,840 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-413128071-3352485094-2835957488-1000Core.job
[2012/09/08 18:55:18 | 000,604,752 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/08 18:55:17 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/08 18:55:17 | 000,104,420 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/07 10:44:09 | 000,017,920 | ---- | M] () -- C:\Users\A\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/07 00:08:57 | 000,001,893 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/06 21:05:17 | 000,017,408 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2012/09/04 18:30:02 | 000,002,044 | ---- | M] () -- C:\Users\A\Desktop\Kindle.lnk
[2012/09/04 18:05:06 | 000,001,995 | ---- | M] () -- C:\Users\A\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/12 14:26:57 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLet.DAT
[2012/08/12 14:00:03 | 000,001,456 | ---- | M] () -- C:\Users\A\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/08/12 12:00:23 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\SBRC.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/10 17:14:27 | 000,458,240 | ---- | C] () -- C:\Users\A\Desktop\CKScanner.exe
[2012/09/07 00:08:57 | 000,001,893 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
[2012/09/07 00:08:56 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/04 18:30:02 | 000,002,044 | ---- | C] () -- C:\Users\A\Desktop\Kindle.lnk
[2012/08/12 12:00:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\SBRC.dat
[2012/07/05 17:08:15 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Installer Plugin
[2012/07/05 17:08:15 | 000,000,268 | RH-- | C] () -- C:\Users\A\AppData\Roaming\Image Units
[2012/07/05 17:08:15 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/07/05 17:06:09 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Instrument Library
[2012/07/05 17:06:09 | 000,000,268 | RH-- | C] () -- C:\Users\A\AppData\Roaming\Images
[2012/07/05 17:06:09 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/07/05 17:06:08 | 000,000,268 | RH-- | C] () -- C:\ProgramData\InkjetPrinter
[2012/07/05 17:06:08 | 000,000,268 | RH-- | C] () -- C:\Users\A\AppData\Roaming\Image Manipulation
[2012/07/05 17:06:08 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/06/13 18:30:21 | 000,001,456 | ---- | C] () -- C:\Users\A\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/02/18 22:59:53 | 000,156,160 | ---- | C] () -- C:\Windows\SysWow64\WS_ContextMenu.dll
[2012/01/17 21:02:26 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/01/17 21:02:26 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/01/15 15:58:56 | 000,000,680 | ---- | C] () -- C:\Users\A\AppData\Local\d3d9caps.dat
[2012/01/14 19:12:04 | 000,723,294 | ---- | C] () -- C:\Windows\unins000.exe
[2012/01/14 19:12:04 | 000,136,215 | ---- | C] () -- C:\Windows\unins000.dat
[2011/10/15 18:30:11 | 000,017,920 | ---- | C] () -- C:\Users\A\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/10 18:08:19 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2011/10/10 18:07:24 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2011/10/10 18:06:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2011/10/10 16:58:01 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2011/10/10 14:06:48 | 000,000,016 | RHS- | C] () -- C:\Windows\SysWow64\drivers\fbd.sys

========== LOP Check ==========

[2011/12/21 10:27:29 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\.BitTornado
[2012/09/07 10:52:37 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Applian FLV and Media Player
[2012/03/31 19:46:34 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\calibre
[2012/05/11 12:12:05 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2012/09/08 10:23:43 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\com.adobe.dmp.contentviewer
[2012/01/25 17:51:25 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\com.amazon.music.uploader
[2012/02/16 04:27:35 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Free Download Manager
[2012/02/18 23:11:35 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\HandBrake
[2012/07/05 18:34:49 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Nikon
[2011/12/25 20:17:38 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\TOSHIBA
[2012/08/07 17:51:51 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\WinBatch
[2012/01/29 10:16:14 | 000,000,000 | ---D | M] -- C:\Users\A\AppData\Roaming\Wondershare Video Converter Ultimate
[2012/09/10 17:19:09 | 000,029,918 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >
pfosinger
Active Member
 
Posts: 4
Joined: September 7th, 2012, 11:23 am

Re: corrupt Acrobat file? (appears to be malware)

Unread postby pgmigg » September 11th, 2012, 11:11 am

Cracked/Keygen related software detected!!!

While going through your logs I found out that you have downloaded various keygen/cracked software, including illegal versions of different Adobe programs, and you are actively using it.

corrupt Acrobat file? (appears to be malware)
There is nothing new for the fact that having illegal Adobe products you have some corrupted Acrobat files - it is not a malware issue!

So in accordance with our policy, we will not provide any further help.
See here: viewtopic.php?p=491395#p491395

This thread will be closed.

pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: corrupt Acrobat file? (appears to be malware)

Unread postby NonSuch » September 12th, 2012, 3:18 am

It is the policy of this site that our volunteers do not assist with computers on which pirated, counterfeit, and/or cracked software is installed. Therefore, this topic will be closed.

This topic is now closed.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 305 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware