WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Please help with virus issue

Started by ngarrett111 , Oct 12 2011 03:46 PM

This topic is locked

6 replies to this topic

#1 ngarrett111

New Member

New Member
3 posts

Posted 12 October 2011 - 03:46 PM

Ok, so I have been having some issues with viruses for a bit now. I use ESET Smart Security and Malwarebytes. Eset picks up infected files, but can't seem to do anything with them. Malwarebytes doesn't pick them up at all. I am using Windows 7 64 bit, with a qx6800 cpu, and 8 gigs of memory. So this is the list of symptoms I've picked up thus far:

-PING.exe runs all the time in task manager. When I tell it to stop, it just runs again in a couple of minutes
-All my space on C drive is being used up. When I delete any files, it just gets used up again. It does this whether my network connection is enabled or not. When checking connections with netstat -a it shows connections established at 127.0.0.1 at several ports.
-Whenever using google, I get redirected to other sites.

Ok, so reading through the forums, I obtained a general idea of what to post. Here are 2 back to back reports from tdskiller, the first one having rebooted:

16:46:21.0545 2020 TDSS rootkit removing tool 2.6.8.0 Oct 12 2011 07:30:54
16:46:23.0545 2020 ============================================================
16:46:23.0545 2020 Current date / time: 2011/10/12 16:46:23.0545
16:46:23.0545 2020 SystemInfo:
16:46:23.0545 2020
16:46:23.0545 2020 OS Version: 6.1.7600 ServicePack: 0.0
16:46:23.0545 2020 Product type: Workstation
16:46:23.0545 2020 ComputerName: PIMP-PC
16:46:23.0545 2020 UserName: Pimp
16:46:23.0545 2020 Windows directory: C:\Windows
16:46:23.0545 2020 System windows directory: C:\Windows
16:46:23.0545 2020 Running under WOW64
16:46:23.0545 2020 Processor architecture: Intel x64
16:46:23.0545 2020 Number of processors: 4
16:46:23.0545 2020 Page size: 0x1000
16:46:23.0545 2020 Boot type: Normal boot
16:46:23.0545 2020 ============================================================
16:46:34.0624 2020 Initialize success
16:46:37.0014 2084 ============================================================
16:46:37.0014 2084 Scan started
16:46:37.0014 2084 Mode: Manual;
16:46:37.0014 2084 ============================================================
16:46:38.0436 2084 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:46:38.0467 2084 1394ohci - ok
16:46:38.0499 2084 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:46:38.0499 2084 ACPI - ok
16:46:38.0514 2084 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:46:38.0530 2084 AcpiPmi - ok
16:46:38.0561 2084 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:46:38.0608 2084 adp94xx - ok
16:46:38.0639 2084 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:46:38.0686 2084 adpahci - ok
16:46:38.0702 2084 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:46:38.0702 2084 adpu320 - ok
16:46:38.0811 2084 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
16:46:38.0842 2084 AFD - ok
16:46:38.0858 2084 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:46:38.0874 2084 agp440 - ok
16:46:38.0920 2084 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:46:38.0936 2084 aliide - ok
16:46:38.0936 2084 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:46:38.0952 2084 amdide - ok
16:46:38.0983 2084 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:46:38.0999 2084 AmdK8 - ok
16:46:39.0014 2084 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:46:39.0030 2084 AmdPPM - ok
16:46:39.0061 2084 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
16:46:39.0077 2084 amdsata - ok
16:46:39.0092 2084 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:46:39.0124 2084 amdsbs - ok
16:46:39.0139 2084 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
16:46:39.0139 2084 amdxata - ok
16:46:39.0155 2084 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:46:39.0186 2084 AppID - ok
16:46:39.0311 2084 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:46:39.0327 2084 arc - ok
16:46:39.0342 2084 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:46:39.0358 2084 arcsas - ok
16:46:39.0374 2084 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:46:39.0389 2084 AsyncMac - ok
16:46:39.0389 2084 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:46:39.0389 2084 atapi - ok
16:46:39.0452 2084 atksgt (1fd0fa6618b31fad14385740d0f6c333) C:\Windows\system32\DRIVERS\atksgt.sys
16:46:39.0483 2084 atksgt - ok
16:46:39.0561 2084 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:46:39.0577 2084 b06bdrv - ok
16:46:39.0624 2084 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:46:39.0655 2084 b57nd60a - ok
16:46:39.0686 2084 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:46:39.0686 2084 Beep - ok
16:46:39.0780 2084 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:46:39.0795 2084 blbdrive - ok
16:46:39.0811 2084 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
16:46:39.0842 2084 bowser - ok
16:46:39.0858 2084 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:46:39.0858 2084 BrFiltLo - ok
16:46:39.0858 2084 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:46:39.0858 2084 BrFiltUp - ok
16:46:39.0889 2084 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:46:39.0905 2084 Bridge - ok
16:46:39.0920 2084 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:46:39.0920 2084 BridgeMP - ok
16:46:39.0952 2084 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:46:39.0983 2084 Brserid - ok
16:46:39.0983 2084 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:46:39.0999 2084 BrSerWdm - ok
16:46:40.0030 2084 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:46:40.0045 2084 BrUsbMdm - ok
16:46:40.0045 2084 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:46:40.0061 2084 BrUsbSer - ok
16:46:40.0061 2084 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:46:40.0077 2084 BTHMODEM - ok
16:46:40.0139 2084 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:46:40.0139 2084 cdfs - ok
16:46:40.0170 2084 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:46:40.0186 2084 cdrom - ok
16:46:40.0249 2084 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:46:40.0249 2084 circlass - ok
16:46:40.0264 2084 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:46:40.0311 2084 CLFS - ok
16:46:40.0374 2084 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:46:40.0374 2084 CmBatt - ok
16:46:40.0389 2084 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:46:40.0405 2084 cmdide - ok
16:46:40.0436 2084 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
16:46:40.0467 2084 CNG - ok
16:46:40.0499 2084 COMMONFX.DLL (125e376581faff581408220d781933ba) C:\Windows\System32\COMMONFX.DLL
16:46:40.0514 2084 COMMONFX.DLL - ok
16:46:40.0514 2084 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:46:40.0530 2084 Compbatt - ok
16:46:40.0545 2084 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:46:40.0545 2084 CompositeBus - ok
16:46:40.0577 2084 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:46:40.0577 2084 crcdisk - ok
16:46:40.0686 2084 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
16:46:40.0702 2084 CSC - ok
16:46:40.0764 2084 CT20XUT (229e3b8f266abdafd54e4a372b9d5ddc) C:\Windows\system32\drivers\CT20XUT.SYS
16:46:40.0811 2084 CT20XUT - ok
16:46:40.0811 2084 CT20XUT.DLL - ok
16:46:40.0858 2084 CT20XUT.SYS (229e3b8f266abdafd54e4a372b9d5ddc) C:\Windows\System32\drivers\CT20XUT.SYS
16:46:40.0858 2084 CT20XUT.SYS - ok
16:46:40.0905 2084 ctac32k (eb3843a91a10150c9e05607cbcb44090) C:\Windows\system32\drivers\ctac32k.sys
16:46:40.0936 2084 ctac32k - ok
16:46:40.0952 2084 ctaud2k (bc06efb59a2316537765462dfe40f764) C:\Windows\system32\drivers\ctaud2k.sys
16:46:40.0967 2084 ctaud2k - ok
16:46:40.0999 2084 CTAUDFX.DLL (31f9708301e8ea0437f3b73458f0b5e1) C:\Windows\System32\CTAUDFX.DLL
16:46:41.0014 2084 CTAUDFX.DLL - ok
16:46:41.0061 2084 CTEAPSFX.DLL (d8d7898d5a930d743bc8ef513588ff38) C:\Windows\System32\CTEAPSFX.DLL
16:46:41.0061 2084 CTEAPSFX.DLL - ok
16:46:41.0092 2084 CTEDSPFX.DLL (eeee656f957112f3bcf3cdd17ee4ce25) C:\Windows\System32\CTEDSPFX.DLL
16:46:41.0092 2084 CTEDSPFX.DLL - ok
16:46:41.0108 2084 CTEDSPIO.DLL (cf83159e82a634691554d432e9e14fe0) C:\Windows\System32\CTEDSPIO.DLL
16:46:41.0124 2084 CTEDSPIO.DLL - ok
16:46:41.0139 2084 CTEDSPSY.DLL (d6d9b2f3083fbf20eee2d289ad87583b) C:\Windows\System32\CTEDSPSY.DLL
16:46:41.0155 2084 CTEDSPSY.DLL - ok
16:46:41.0202 2084 CTEXFIFX (63b2b6ce9d3ef182981fb64bd5433da4) C:\Windows\system32\drivers\CTEXFIFX.SYS
16:46:41.0280 2084 CTEXFIFX - ok
16:46:41.0280 2084 CTEXFIFX.DLL - ok
16:46:41.0311 2084 CTEXFIFX.SYS (63b2b6ce9d3ef182981fb64bd5433da4) C:\Windows\System32\drivers\CTEXFIFX.SYS
16:46:41.0327 2084 CTEXFIFX.SYS - ok
16:46:41.0358 2084 CTHWIUT (6d115cc80873b85fd80dda1c41f75a2c) C:\Windows\system32\drivers\CTHWIUT.SYS
16:46:41.0358 2084 CTHWIUT - ok
16:46:41.0374 2084 CTHWIUT.DLL - ok
16:46:41.0389 2084 CTHWIUT.SYS (6d115cc80873b85fd80dda1c41f75a2c) C:\Windows\System32\drivers\CTHWIUT.SYS
16:46:41.0389 2084 CTHWIUT.SYS - ok
16:46:41.0405 2084 ctprxy2k (ebc9548ef5838cb5aa8f18b3ac28af12) C:\Windows\system32\drivers\ctprxy2k.sys
16:46:41.0420 2084 ctprxy2k - ok
16:46:41.0436 2084 CTSBLFX.DLL (865254ebc7eb19eba45122074d3cf40f) C:\Windows\System32\CTSBLFX.DLL
16:46:41.0467 2084 CTSBLFX.DLL - ok
16:46:41.0483 2084 ctsfm2k (459bee1682121842285c162e2d98d81a) C:\Windows\system32\drivers\ctsfm2k.sys
16:46:41.0499 2084 ctsfm2k - ok
16:46:41.0624 2084 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
16:46:41.0624 2084 DfsC - ok
16:46:41.0655 2084 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:46:41.0686 2084 discache - ok
16:46:41.0717 2084 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:46:41.0749 2084 Disk - ok
16:46:41.0795 2084 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:46:41.0811 2084 drmkaud - ok
16:46:41.0858 2084 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:46:41.0874 2084 DXGKrnl - ok
16:46:41.0905 2084 e1express (416a2007878ed1d6fc5dddb9e1f6db3e) C:\Windows\system32\DRIVERS\e1e6032e.sys
16:46:41.0920 2084 e1express - ok
16:46:41.0920 2084 EagleX64 - ok
16:46:41.0983 2084 eamonm (72a1aa3c6c79b928d02a6fad387b1349) C:\Windows\system32\DRIVERS\eamonm.sys
16:46:41.0983 2084 eamonm - ok
16:46:42.0077 2084 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:46:42.0170 2084 ebdrv - ok
16:46:42.0233 2084 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
16:46:42.0249 2084 ehdrv - ok
16:46:42.0358 2084 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:46:42.0389 2084 elxstor - ok
16:46:42.0436 2084 emupia (c26133b6165928fbd156c6fe570f9ed2) C:\Windows\system32\drivers\emupia2k.sys
16:46:42.0452 2084 emupia - ok
16:46:42.0483 2084 epfw (f9d0d6a7a6d48391be1f314ef7669ce2) C:\Windows\system32\DRIVERS\epfw.sys
16:46:42.0514 2084 epfw - ok
16:46:42.0530 2084 Epfwndis (96620ad728144d8e30a7baec9ddc811c) C:\Windows\system32\DRIVERS\Epfwndis.sys
16:46:42.0561 2084 Epfwndis - ok
16:46:42.0608 2084 epfwwfp (16576f3a76f4d0dd83522d69b5eafaa1) C:\Windows\system32\DRIVERS\epfwwfp.sys
16:46:42.0624 2084 epfwwfp - ok
16:46:42.0655 2084 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
16:46:42.0655 2084 epmntdrv - ok
16:46:42.0670 2084 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:46:42.0686 2084 ErrDev - ok
16:46:42.0733 2084 EuGdiDrv (40292f3332b76b726e5312d088f5bea9) C:\Windows\system32\EuGdiDrv.sys
16:46:42.0733 2084 EuGdiDrv - ok
16:46:42.0780 2084 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:46:42.0811 2084 exfat - ok
16:46:42.0827 2084 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:46:42.0827 2084 fastfat - ok
16:46:42.0858 2084 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:46:42.0889 2084 fdc - ok
16:46:42.0920 2084 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:46:42.0936 2084 FileInfo - ok
16:46:42.0936 2084 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:46:42.0967 2084 Filetrace - ok
16:46:42.0967 2084 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:46:42.0967 2084 flpydisk - ok
16:46:42.0999 2084 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:46:43.0030 2084 FltMgr - ok
16:46:43.0045 2084 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:46:43.0061 2084 FsDepends - ok
16:46:43.0077 2084 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:46:43.0092 2084 Fs_Rec - ok
16:46:43.0124 2084 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:46:43.0155 2084 fvevol - ok
16:46:43.0186 2084 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:46:43.0233 2084 gagp30kx - ok
16:46:43.0374 2084 ha20x2k (a3f010d5dbfb589a3b3288c05c2ea3f9) C:\Windows\system32\drivers\ha20x2k.sys
16:46:43.0467 2084 ha20x2k - ok
16:46:43.0483 2084 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:46:43.0483 2084 hcw85cir - ok
16:46:43.0514 2084 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:46:43.0530 2084 HdAudAddService - ok
16:46:43.0545 2084 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:46:43.0545 2084 HDAudBus - ok
16:46:43.0561 2084 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:46:43.0577 2084 HidBatt - ok
16:46:43.0608 2084 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:46:43.0624 2084 HidBth - ok
16:46:43.0624 2084 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:46:43.0655 2084 HidIr - ok
16:46:43.0702 2084 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:46:43.0717 2084 HidUsb - ok
16:46:43.0811 2084 hotcore3 (78d379ce4d18ed735224660abf972716) C:\Windows\system32\DRIVERS\hotcore3.sys
16:46:43.0827 2084 hotcore3 - ok
16:46:43.0842 2084 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:46:43.0858 2084 HpSAMD - ok
16:46:43.0889 2084 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:46:43.0920 2084 HTTP - ok
16:46:43.0952 2084 hwinterface - ok
16:46:43.0967 2084 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:46:43.0983 2084 hwpolicy - ok
16:46:44.0014 2084 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:46:44.0030 2084 i8042prt - ok
16:46:44.0045 2084 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
16:46:44.0077 2084 iaStorV - ok
16:46:44.0092 2084 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:46:44.0092 2084 iirsp - ok
16:46:44.0124 2084 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:46:44.0124 2084 intelide - ok
16:46:44.0155 2084 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:46:44.0155 2084 intelppm - ok
16:46:44.0170 2084 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:46:44.0186 2084 IpFilterDriver - ok
16:46:44.0202 2084 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:46:44.0202 2084 IPMIDRV - ok
16:46:44.0233 2084 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:46:44.0249 2084 IPNAT - ok
16:46:44.0280 2084 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:46:44.0280 2084 IRENUM - ok
16:46:44.0295 2084 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:46:44.0311 2084 isapnp - ok
16:46:44.0342 2084 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:46:44.0374 2084 iScsiPrt - ok
16:46:44.0420 2084 JLTECH0227 (cd91d1bd200d9f39682a08e987f0dbe2) C:\Windows\system32\Drivers\jl2005c.sys
16:46:44.0420 2084 JLTECH0227 - ok
16:46:44.0452 2084 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:46:44.0452 2084 kbdclass - ok
16:46:44.0483 2084 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:46:44.0483 2084 kbdhid - ok
16:46:44.0514 2084 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
16:46:44.0514 2084 KSecDD - ok
16:46:44.0545 2084 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
16:46:44.0545 2084 KSecPkg - ok
16:46:44.0561 2084 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:46:44.0577 2084 ksthunk - ok
16:46:44.0670 2084 lirsgt (5ea407821bb3104c31a705175ab4f309) C:\Windows\system32\DRIVERS\lirsgt.sys
16:46:44.0686 2084 lirsgt - ok
16:46:44.0702 2084 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:46:44.0717 2084 lltdio - ok
16:46:44.0764 2084 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:46:44.0780 2084 LSI_FC - ok
16:46:44.0811 2084 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:46:44.0827 2084 LSI_SAS - ok
16:46:44.0858 2084 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:46:44.0874 2084 LSI_SAS2 - ok
16:46:44.0889 2084 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:46:44.0905 2084 LSI_SCSI - ok
16:46:44.0936 2084 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:46:44.0936 2084 luafv - ok
16:46:44.0983 2084 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:46:45.0014 2084 megasas - ok
16:46:45.0045 2084 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:46:45.0077 2084 MegaSR - ok
16:46:45.0124 2084 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:46:45.0124 2084 Modem - ok
16:46:45.0155 2084 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:46:45.0155 2084 monitor - ok
16:46:45.0202 2084 motccgp (5d1080dbd8ec5f2d6e550e01398e17cf) C:\Windows\system32\DRIVERS\motccgp.sys
16:46:45.0217 2084 motccgp - ok
16:46:45.0264 2084 motccgpfl (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
16:46:45.0280 2084 motccgpfl - ok
16:46:45.0311 2084 motmodem (6cbc0f4005593c96c9aecad39f0690fc) C:\Windows\system32\DRIVERS\motmodem.sys
16:46:45.0342 2084 motmodem - ok
16:46:45.0405 2084 motport (6cbc0f4005593c96c9aecad39f0690fc) C:\Windows\system32\DRIVERS\motport.sys
16:46:45.0436 2084 motport - ok
16:46:45.0467 2084 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:46:45.0467 2084 mouclass - ok
16:46:45.0499 2084 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:46:45.0499 2084 mouhid - ok
16:46:45.0514 2084 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:46:45.0530 2084 mountmgr - ok
16:46:45.0545 2084 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:46:45.0561 2084 mpio - ok
16:46:45.0561 2084 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:46:45.0592 2084 mpsdrv - ok
16:46:45.0655 2084 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:46:45.0670 2084 MRxDAV - ok
16:46:45.0702 2084 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:46:45.0733 2084 mrxsmb - ok
16:46:45.0749 2084 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:46:45.0749 2084 mrxsmb10 - ok
16:46:45.0795 2084 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:46:45.0811 2084 mrxsmb20 - ok
16:46:45.0827 2084 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:46:45.0842 2084 msahci - ok
16:46:45.0858 2084 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:46:45.0889 2084 msdsm - ok
16:46:45.0920 2084 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:46:45.0920 2084 Msfs - ok
16:46:45.0952 2084 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:46:45.0952 2084 mshidkmdf - ok
16:46:45.0967 2084 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:46:45.0983 2084 msisadrv - ok
16:46:46.0045 2084 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:46:46.0045 2084 MSKSSRV - ok
16:46:46.0061 2084 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:46:46.0061 2084 MSPCLOCK - ok
16:46:46.0077 2084 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:46:46.0092 2084 MSPQM - ok
16:46:46.0124 2084 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:46:46.0124 2084 MsRPC - ok
16:46:46.0139 2084 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:46:46.0155 2084 mssmbios - ok
16:46:46.0170 2084 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:46:46.0170 2084 MSTEE - ok
16:46:46.0186 2084 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:46:46.0186 2084 MTConfig - ok
16:46:46.0217 2084 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:46:46.0233 2084 Mup - ok
16:46:46.0264 2084 mv61xx (8ac8276cd9b0ea755cddd6421fc607e3) C:\Windows\system32\DRIVERS\mv61xx.sys
16:46:46.0264 2084 mv61xx - ok
16:46:46.0311 2084 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:46:46.0358 2084 NativeWifiP - ok
16:46:46.0405 2084 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:46:46.0420 2084 NDIS - ok
16:46:46.0436 2084 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:46:46.0452 2084 NdisCap - ok
16:46:46.0483 2084 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:46:46.0483 2084 NdisTapi - ok
16:46:46.0514 2084 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:46:46.0514 2084 Ndisuio - ok
16:46:46.0545 2084 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:46:46.0561 2084 NdisWan - ok
16:46:46.0577 2084 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:46:46.0592 2084 NDProxy - ok
16:46:46.0639 2084 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:46:46.0655 2084 NetBIOS - ok
16:46:46.0670 2084 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:46:46.0670 2084 NetBT - ok
16:46:46.0749 2084 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:46:46.0764 2084 nfrd960 - ok
16:46:46.0827 2084 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
16:46:46.0858 2084 NPF - ok
16:46:46.0874 2084 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:46:46.0889 2084 Npfs - ok
16:46:46.0920 2084 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:46:46.0936 2084 nsiproxy - ok
16:46:46.0983 2084 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
16:46:47.0061 2084 Ntfs - ok
16:46:47.0077 2084 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:46:47.0092 2084 Null - ok
16:46:47.0374 2084 nvlddmkm (bbe872a814b00798c2d568d46c42a71b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:46:47.0608 2084 nvlddmkm - ok
16:46:47.0639 2084 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
16:46:47.0639 2084 nvraid - ok
16:46:47.0670 2084 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
16:46:47.0686 2084 nvstor - ok
16:46:47.0702 2084 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:46:47.0717 2084 nv_agp - ok
16:46:47.0764 2084 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:46:47.0780 2084 ohci1394 - ok
16:46:47.0842 2084 ossrv (0e2de427ebe106e7e5b52869d5c99f68) C:\Windows\system32\drivers\ctoss2k.sys
16:46:47.0858 2084 ossrv - ok
16:46:47.0905 2084 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:46:47.0920 2084 Parport - ok
16:46:47.0952 2084 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:46:47.0967 2084 partmgr - ok
16:46:47.0983 2084 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:46:48.0014 2084 pci - ok
16:46:48.0030 2084 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:46:48.0045 2084 pciide - ok
16:46:48.0077 2084 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:46:48.0092 2084 pcmcia - ok
16:46:48.0108 2084 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:46:48.0124 2084 pcw - ok
16:46:48.0155 2084 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:46:48.0202 2084 PEAUTH - ok
16:46:48.0358 2084 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:46:48.0374 2084 PptpMiniport - ok
16:46:48.0389 2084 PQNTDrv - ok
16:46:48.0405 2084 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:46:48.0420 2084 Processor - ok
16:46:48.0483 2084 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:46:48.0514 2084 Psched - ok
16:46:48.0561 2084 PsSdk41 (86154f3a156fa2a5429c2940c69f426f) C:\Windows\system32\Drivers\pssdk41.sys
16:46:48.0577 2084 PsSdk41 - ok
16:46:48.0624 2084 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:46:48.0670 2084 ql2300 - ok
16:46:48.0702 2084 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:46:48.0702 2084 ql40xx - ok
16:46:48.0717 2084 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:46:48.0733 2084 QWAVEdrv - ok
16:46:48.0764 2084 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:46:48.0780 2084 RasAcd - ok
16:46:48.0795 2084 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:46:48.0795 2084 RasAgileVpn - ok
16:46:48.0811 2084 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:46:48.0827 2084 Rasl2tp - ok
16:46:48.0858 2084 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:46:48.0858 2084 RasPppoe - ok
16:46:48.0889 2084 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:46:48.0905 2084 RasSstp - ok
16:46:48.0920 2084 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:46:48.0936 2084 rdbss - ok
16:46:48.0952 2084 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:46:48.0983 2084 rdpbus - ok
16:46:48.0999 2084 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:46:48.0999 2084 RDPCDD - ok
16:46:49.0014 2084 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
16:46:49.0061 2084 RDPDR - ok
16:46:49.0092 2084 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:46:49.0092 2084 RDPENCDD - ok
16:46:49.0108 2084 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:46:49.0108 2084 RDPREFMP - ok
16:46:49.0124 2084 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:46:49.0155 2084 RDPWD - ok
16:46:49.0170 2084 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:46:49.0202 2084 rdyboost - ok
16:46:49.0311 2084 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
16:46:49.0327 2084 RivaTuner64 - ok
16:46:49.0467 2084 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:46:49.0483 2084 rspndr - ok
16:46:49.0514 2084 RTL8187B (4a06585c8673f4458e9fbbc9dddb4d28) C:\Windows\system32\DRIVERS\wg111v3.sys
16:46:49.0530 2084 RTL8187B - ok
16:46:49.0561 2084 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
16:46:49.0577 2084 s3cap - ok
16:46:49.0608 2084 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:46:49.0624 2084 sbp2port - ok
16:46:49.0655 2084 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:46:49.0670 2084 scfilter - ok
16:46:49.0717 2084 ScreamBAudioSvc (490b0b68bb938d5c628ec4a67277be75) C:\Windows\system32\drivers\ScreamingBAudio64.sys
16:46:49.0733 2084 ScreamBAudioSvc - ok
16:46:49.0764 2084 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:46:49.0780 2084 secdrv - ok
16:46:49.0827 2084 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:46:49.0842 2084 Serenum - ok
16:46:49.0858 2084 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:46:49.0920 2084 Serial - ok
16:46:49.0936 2084 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:46:49.0952 2084 sermouse - ok
16:46:50.0014 2084 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:46:50.0030 2084 sffdisk - ok
16:46:50.0061 2084 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:46:50.0077 2084 sffp_mmc - ok
16:46:50.0108 2084 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:46:50.0108 2084 sffp_sd - ok
16:46:50.0139 2084 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:46:50.0155 2084 sfloppy - ok
16:46:50.0217 2084 SI3112r (0a7b53a1bbbd65bf770327deb0f78ed3) C:\Windows\system32\DRIVERS\SI3112r.sys
16:46:50.0249 2084 SI3112r - ok
16:46:50.0280 2084 Si3132r5 (1a7335ddaac8cda00db03491f353814e) C:\Windows\system32\DRIVERS\Si3132r5.sys
16:46:50.0311 2084 Si3132r5 - ok
16:46:50.0342 2084 SiFilter (8f10f5d5063f9392a9701d6d9f574e59) C:\Windows\system32\DRIVERS\SiWinAcc.sys
16:46:50.0342 2084 SiFilter - ok
16:46:50.0389 2084 SiRemFil (156eb53760a64ce26d615ca5352fb50a) C:\Windows\system32\DRIVERS\SiRemFil.sys
16:46:50.0405 2084 SiRemFil - ok
16:46:50.0436 2084 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:46:50.0467 2084 SiSRaid2 - ok
16:46:50.0499 2084 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:46:50.0514 2084 SiSRaid4 - ok
16:46:50.0545 2084 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:46:50.0545 2084 Smb - ok
16:46:50.0592 2084 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:46:50.0608 2084 spldr - ok
16:46:50.0702 2084 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
16:46:50.0702 2084 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
16:46:50.0717 2084 sptd ( LockedFile.Multi.Generic ) - warning
16:46:50.0717 2084 sptd - detected LockedFile.Multi.Generic (1)
16:46:50.0749 2084 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
16:46:50.0764 2084 srv - ok
16:46:50.0811 2084 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
16:46:50.0858 2084 srv2 - ok
16:46:50.0889 2084 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
16:46:50.0889 2084 srvnet - ok
16:46:50.0999 2084 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:46:50.0999 2084 stexstor - ok
16:46:51.0061 2084 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
16:46:51.0061 2084 storflt - ok
16:46:51.0108 2084 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
16:46:51.0124 2084 storvsc - ok
16:46:51.0139 2084 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:46:51.0155 2084 swenum - ok
16:46:51.0327 2084 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
16:46:51.0358 2084 Tcpip - ok
16:46:51.0420 2084 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
16:46:51.0420 2084 TCPIP6 - ok
16:46:51.0452 2084 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:46:51.0452 2084 tcpipreg - ok
16:46:51.0467 2084 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:46:51.0483 2084 TDPIPE - ok
16:46:51.0499 2084 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:46:51.0514 2084 TDTCP - ok
16:46:51.0530 2084 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:46:51.0577 2084 tdx - ok
16:46:51.0592 2084 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:46:51.0592 2084 TermDD - ok
16:46:51.0702 2084 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:46:51.0702 2084 tssecsrv - ok
16:46:51.0733 2084 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:46:51.0749 2084 tunnel - ok
16:46:51.0780 2084 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:46:51.0795 2084 uagp35 - ok
16:46:51.0827 2084 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:46:51.0827 2084 udfs - ok
16:46:51.0874 2084 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:46:51.0889 2084 uliagpkx - ok
16:46:51.0920 2084 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:46:51.0936 2084 umbus - ok
16:46:51.0952 2084 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:46:51.0967 2084 UmPass - ok
16:46:52.0014 2084 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
16:46:52.0045 2084 usbccgp - ok
16:46:52.0061 2084 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:46:52.0061 2084 usbcir - ok
16:46:52.0092 2084 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
16:46:52.0092 2084 usbehci - ok
16:46:52.0124 2084 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
16:46:52.0139 2084 usbhub - ok
16:46:52.0155 2084 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
16:46:52.0170 2084 usbohci - ok
16:46:52.0186 2084 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:46:52.0202 2084 usbprint - ok
16:46:52.0233 2084 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:46:52.0233 2084 USBSTOR - ok
16:46:52.0249 2084 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:46:52.0249 2084 usbuhci - ok
16:46:52.0295 2084 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:46:52.0327 2084 vdrvroot - ok
16:46:52.0358 2084 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:46:52.0358 2084 vga - ok
16:46:52.0374 2084 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:46:52.0389 2084 VgaSave - ok
16:46:52.0405 2084 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:46:52.0436 2084 vhdmp - ok
16:46:52.0452 2084 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:46:52.0467 2084 viaide - ok
16:46:52.0499 2084 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
16:46:52.0561 2084 vmbus - ok
16:46:52.0577 2084 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
16:46:52.0592 2084 VMBusHID - ok
16:46:52.0608 2084 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:46:52.0639 2084 volmgr - ok
16:46:52.0655 2084 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:46:52.0670 2084 volmgrx - ok
16:46:52.0717 2084 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:46:52.0780 2084 volsnap - ok
16:46:52.0795 2084 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:46:52.0827 2084 vsmraid - ok
16:46:52.0889 2084 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:46:52.0905 2084 vwifibus - ok
16:46:52.0936 2084 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:46:52.0936 2084 vwififlt - ok
16:46:52.0983 2084 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:46:52.0983 2084 WacomPen - ok
16:46:53.0014 2084 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:46:53.0030 2084 WANARP - ok
16:46:53.0030 2084 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:46:53.0030 2084 Wanarpv6 - ok
16:46:53.0170 2084 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:46:53.0186 2084 Wd - ok
16:46:53.0233 2084 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:46:53.0249 2084 Wdf01000 - ok
16:46:53.0374 2084 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:46:53.0389 2084 WfpLwf - ok
16:46:53.0405 2084 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:46:53.0420 2084 WIMMount - ok
16:46:53.0545 2084 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:46:53.0561 2084 WinUsb - ok
16:46:53.0577 2084 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:46:53.0592 2084 WmiAcpi - ok
16:46:53.0670 2084 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:46:53.0686 2084 ws2ifsl - ok
16:46:53.0749 2084 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:46:53.0764 2084 WudfPf - ok
16:46:53.0811 2084 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:46:53.0827 2084 WUDFRd - ok
16:46:53.0920 2084 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys
16:46:53.0952 2084 xnacc - ok
16:46:54.0014 2084 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
16:46:54.0030 2084 xusb21 - ok
16:46:54.0061 2084 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk2\DR2
16:46:54.0061 2084 \Device\Harddisk2\DR2 - ok
16:46:54.0077 2084 MBR (0x1B8) (096b4d6d03500a9b7deb27f2244e9a60) \Device\Harddisk3\DR3
16:46:54.0077 2084 \Device\Harddisk3\DR3 - ok
16:46:54.0092 2084 MBR (0x1B8) (096b4d6d03500a9b7deb27f2244e9a60) \Device\Harddisk4\DR4
16:46:54.0092 2084 \Device\Harddisk4\DR4 - ok
16:46:54.0108 2084 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:46:54.0108 2084 \Device\Harddisk0\DR0 - ok
16:46:54.0108 2084 MBR (0x1B8) (de1996b5390bac8242e23168f828c750) \Device\Harddisk1\DR1
16:46:54.0108 2084 \Device\Harddisk1\DR1 ( Rootkit.Win32.TDSS.tdl4 ) - infected
16:46:54.0108 2084 \Device\Harddisk1\DR1 - detected Rootkit.Win32.TDSS.tdl4 (0)
16:46:54.0124 2084 Boot (0x1200) (f26be945077d9a99651d888dbca5cd65) \Device\Harddisk2\DR2\Partition0
16:46:54.0124 2084 \Device\Harddisk2\DR2\Partition0 - ok
16:46:54.0124 2084 Boot (0x1200) (e73ae3dcf809e2f21b9d78fa5725371c) \Device\Harddisk3\DR3\Partition0
16:46:54.0124 2084 \Device\Harddisk3\DR3\Partition0 - ok
16:46:54.0124 2084 Boot (0x1200) (f3ca9a92934d37c3b0d68e178e59b127) \Device\Harddisk4\DR4\Partition0
16:46:54.0124 2084 \Device\Harddisk4\DR4\Partition0 - ok
16:46:54.0139 2084 Boot (0x1200) (4ce922eddc7cec8ab97d6ee73cc09436) \Device\Harddisk1\DR1\Partition0
16:46:54.0139 2084 \Device\Harddisk1\DR1\Partition0 - ok
16:46:54.0155 2084 Boot (0x1200) (11575093fd660003a99973e632691371) \Device\Harddisk1\DR1\Partition1
16:46:54.0155 2084 \Device\Harddisk1\DR1\Partition1 - ok
16:46:54.0170 2084 Boot (0x1200) (e9fa052c4d09206c8504f7a1d2e842eb) \Device\Harddisk1\DR1\Partition2
16:46:54.0170 2084 \Device\Harddisk1\DR1\Partition2 - ok
16:46:54.0170 2084 Boot (0x1200) (6fa502e907ac17b800581fae6a751e90) \Device\Harddisk1\DR1\Partition3
16:46:54.0170 2084 \Device\Harddisk1\DR1\Partition3 - ok
16:46:54.0170 2084 ============================================================
16:46:54.0170 2084 Scan finished
16:46:54.0170 2084 ============================================================
16:46:54.0186 2632 Detected object count: 2
16:46:54.0186 2632 Actual detected object count: 2
16:47:06.0108 2632 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:47:06.0108 2632 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
16:47:06.0139 2632 \Device\Harddisk1\DR1 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
16:47:06.0139 2632 \Device\Harddisk1\DR1 - ok
16:47:06.0139 2632 \Device\Harddisk1\DR1 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure
16:47:17.0389 3828 Deinitialize success

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------

16:57:58.0524 4276 TDSS rootkit removing tool 2.6.8.0 Oct 12 2011 07:30:54
16:57:58.0868 4276 ============================================================
16:57:58.0868 4276 Current date / time: 2011/10/12 16:57:58.0868
16:57:58.0868 4276 SystemInfo:
16:57:58.0868 4276
16:57:58.0868 4276 OS Version: 6.1.7600 ServicePack: 0.0
16:57:58.0868 4276 Product type: Workstation
16:57:58.0868 4276 ComputerName: PIMP-PC
16:57:58.0868 4276 UserName: Pimp
16:57:58.0868 4276 Windows directory: C:\Windows
16:57:58.0868 4276 System windows directory: C:\Windows
16:57:58.0868 4276 Running under WOW64
16:57:58.0868 4276 Processor architecture: Intel x64
16:57:58.0868 4276 Number of processors: 4
16:57:58.0868 4276 Page size: 0x1000
16:57:58.0868 4276 Boot type: Normal boot
16:57:58.0868 4276 ============================================================
16:58:05.0025 4276 Initialize success
16:58:21.0494 3868 ============================================================
16:58:21.0494 3868 Scan started
16:58:21.0494 3868 Mode: Manual;
16:58:21.0494 3868 ============================================================
16:58:22.0384 3868 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
16:58:22.0384 3868 1394ohci - ok
16:58:22.0431 3868 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
16:58:22.0431 3868 ACPI - ok
16:58:22.0447 3868 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
16:58:22.0462 3868 AcpiPmi - ok
16:58:22.0494 3868 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:58:22.0525 3868 adp94xx - ok
16:58:22.0556 3868 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:58:22.0603 3868 adpahci - ok
16:58:22.0619 3868 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:58:22.0619 3868 adpu320 - ok
16:58:22.0728 3868 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
16:58:22.0759 3868 AFD - ok
16:58:22.0775 3868 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
16:58:22.0791 3868 agp440 - ok
16:58:22.0837 3868 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
16:58:22.0853 3868 aliide - ok
16:58:22.0869 3868 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
16:58:22.0884 3868 amdide - ok
16:58:22.0900 3868 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:58:22.0916 3868 AmdK8 - ok
16:58:22.0931 3868 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:58:22.0947 3868 AmdPPM - ok
16:58:22.0978 3868 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
16:58:22.0994 3868 amdsata - ok
16:58:23.0025 3868 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:58:23.0056 3868 amdsbs - ok
16:58:23.0072 3868 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
16:58:23.0072 3868 amdxata - ok
16:58:23.0072 3868 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
16:58:23.0103 3868 AppID - ok
16:58:23.0197 3868 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:58:23.0228 3868 arc - ok
16:58:23.0244 3868 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:58:23.0244 3868 arcsas - ok
16:58:23.0259 3868 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:58:23.0275 3868 AsyncMac - ok
16:58:23.0291 3868 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
16:58:23.0291 3868 atapi - ok
16:58:23.0337 3868 atksgt (1fd0fa6618b31fad14385740d0f6c333) C:\Windows\system32\DRIVERS\atksgt.sys
16:58:23.0353 3868 atksgt - ok
16:58:23.0431 3868 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:58:23.0447 3868 b06bdrv - ok
16:58:23.0494 3868 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:58:23.0525 3868 b57nd60a - ok
16:58:23.0556 3868 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:58:23.0556 3868 Beep - ok
16:58:23.0619 3868 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:58:23.0634 3868 blbdrive - ok
16:58:23.0650 3868 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
16:58:23.0681 3868 bowser - ok
16:58:23.0697 3868 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:58:23.0697 3868 BrFiltLo - ok
16:58:23.0712 3868 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:58:23.0712 3868 BrFiltUp - ok
16:58:23.0728 3868 Bridge (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:58:23.0744 3868 Bridge - ok
16:58:23.0759 3868 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
16:58:23.0759 3868 BridgeMP - ok
16:58:23.0806 3868 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:58:23.0837 3868 Brserid - ok
16:58:23.0837 3868 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:58:23.0853 3868 BrSerWdm - ok
16:58:23.0884 3868 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:58:23.0900 3868 BrUsbMdm - ok
16:58:23.0900 3868 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:58:23.0916 3868 BrUsbSer - ok
16:58:23.0931 3868 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:58:23.0947 3868 BTHMODEM - ok
16:58:23.0994 3868 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:58:23.0994 3868 cdfs - ok
16:58:24.0025 3868 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
16:58:24.0056 3868 cdrom - ok
16:58:24.0087 3868 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:58:24.0087 3868 circlass - ok
16:58:24.0119 3868 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:58:24.0150 3868 CLFS - ok
16:58:24.0212 3868 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:58:24.0228 3868 CmBatt - ok
16:58:24.0244 3868 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
16:58:24.0259 3868 cmdide - ok
16:58:24.0275 3868 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
16:58:24.0306 3868 CNG - ok
16:58:24.0353 3868 COMMONFX.DLL (125e376581faff581408220d781933ba) C:\Windows\System32\COMMONFX.DLL
16:58:24.0353 3868 COMMONFX.DLL - ok
16:58:24.0369 3868 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:58:24.0384 3868 Compbatt - ok
16:58:24.0400 3868 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
16:58:24.0400 3868 CompositeBus - ok
16:58:24.0431 3868 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:58:24.0431 3868 crcdisk - ok
16:58:24.0541 3868 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
16:58:24.0556 3868 CSC - ok
16:58:24.0603 3868 CT20XUT (229e3b8f266abdafd54e4a372b9d5ddc) C:\Windows\system32\drivers\CT20XUT.SYS
16:58:24.0634 3868 CT20XUT - ok
16:58:24.0650 3868 CT20XUT.DLL - ok
16:58:24.0697 3868 CT20XUT.SYS (229e3b8f266abdafd54e4a372b9d5ddc) C:\Windows\System32\drivers\CT20XUT.SYS
16:58:24.0697 3868 CT20XUT.SYS - ok
16:58:24.0744 3868 ctac32k (eb3843a91a10150c9e05607cbcb44090) C:\Windows\system32\drivers\ctac32k.sys
16:58:24.0759 3868 ctac32k - ok
16:58:24.0791 3868 ctaud2k (bc06efb59a2316537765462dfe40f764) C:\Windows\system32\drivers\ctaud2k.sys
16:58:24.0791 3868 ctaud2k - ok
16:58:24.0837 3868 CTAUDFX.DLL (31f9708301e8ea0437f3b73458f0b5e1) C:\Windows\System32\CTAUDFX.DLL
16:58:24.0853 3868 CTAUDFX.DLL - ok
16:58:24.0900 3868 CTEAPSFX.DLL (d8d7898d5a930d743bc8ef513588ff38) C:\Windows\System32\CTEAPSFX.DLL
16:58:24.0900 3868 CTEAPSFX.DLL - ok
16:58:24.0916 3868 CTEDSPFX.DLL (eeee656f957112f3bcf3cdd17ee4ce25) C:\Windows\System32\CTEDSPFX.DLL
16:58:24.0931 3868 CTEDSPFX.DLL - ok
16:58:24.0947 3868 CTEDSPIO.DLL (cf83159e82a634691554d432e9e14fe0) C:\Windows\System32\CTEDSPIO.DLL
16:58:24.0947 3868 CTEDSPIO.DLL - ok
16:58:24.0978 3868 CTEDSPSY.DLL (d6d9b2f3083fbf20eee2d289ad87583b) C:\Windows\System32\CTEDSPSY.DLL
16:58:24.0978 3868 CTEDSPSY.DLL - ok
16:58:25.0041 3868 CTEXFIFX (63b2b6ce9d3ef182981fb64bd5433da4) C:\Windows\system32\drivers\CTEXFIFX.SYS
16:58:25.0087 3868 CTEXFIFX - ok
16:58:25.0087 3868 CTEXFIFX.DLL - ok
16:58:25.0119 3868 CTEXFIFX.SYS (63b2b6ce9d3ef182981fb64bd5433da4) C:\Windows\System32\drivers\CTEXFIFX.SYS
16:58:25.0134 3868 CTEXFIFX.SYS - ok
16:58:25.0166 3868 CTHWIUT (6d115cc80873b85fd80dda1c41f75a2c) C:\Windows\system32\drivers\CTHWIUT.SYS
16:58:25.0166 3868 CTHWIUT - ok
16:58:25.0181 3868 CTHWIUT.DLL - ok
16:58:25.0197 3868 CTHWIUT.SYS (6d115cc80873b85fd80dda1c41f75a2c) C:\Windows\System32\drivers\CTHWIUT.SYS
16:58:25.0197 3868 CTHWIUT.SYS - ok
16:58:25.0212 3868 ctprxy2k (ebc9548ef5838cb5aa8f18b3ac28af12) C:\Windows\system32\drivers\ctprxy2k.sys
16:58:25.0228 3868 ctprxy2k - ok
16:58:25.0259 3868 CTSBLFX.DLL (865254ebc7eb19eba45122074d3cf40f) C:\Windows\System32\CTSBLFX.DLL
16:58:25.0275 3868 CTSBLFX.DLL - ok
16:58:25.0306 3868 ctsfm2k (459bee1682121842285c162e2d98d81a) C:\Windows\system32\drivers\ctsfm2k.sys
16:58:25.0322 3868 ctsfm2k - ok
16:58:25.0447 3868 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
16:58:25.0462 3868 DfsC - ok
16:58:25.0494 3868 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:58:25.0509 3868 discache - ok
16:58:25.0541 3868 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:58:25.0556 3868 Disk - ok
16:58:25.0603 3868 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:58:25.0619 3868 drmkaud - ok
16:58:25.0666 3868 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
16:58:25.0681 3868 DXGKrnl - ok
16:58:25.0712 3868 e1express (416a2007878ed1d6fc5dddb9e1f6db3e) C:\Windows\system32\DRIVERS\e1e6032e.sys
16:58:25.0712 3868 e1express - ok
16:58:25.0728 3868 EagleX64 - ok
16:58:25.0791 3868 eamonm (72a1aa3c6c79b928d02a6fad387b1349) C:\Windows\system32\DRIVERS\eamonm.sys
16:58:25.0791 3868 eamonm - ok
16:58:25.0884 3868 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:58:25.0962 3868 ebdrv - ok
16:58:26.0025 3868 ehdrv (e99457900012b53b2226f146ecaf9136) C:\Windows\system32\DRIVERS\ehdrv.sys
16:58:26.0041 3868 ehdrv - ok
16:58:26.0134 3868 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:58:26.0150 3868 elxstor - ok
16:58:26.0212 3868 emupia (c26133b6165928fbd156c6fe570f9ed2) C:\Windows\system32\drivers\emupia2k.sys
16:58:26.0228 3868 emupia - ok
16:58:26.0259 3868 epfw (f9d0d6a7a6d48391be1f314ef7669ce2) C:\Windows\system32\DRIVERS\epfw.sys
16:58:26.0275 3868 epfw - ok
16:58:26.0291 3868 Epfwndis (96620ad728144d8e30a7baec9ddc811c) C:\Windows\system32\DRIVERS\Epfwndis.sys
16:58:26.0322 3868 Epfwndis - ok
16:58:26.0369 3868 epfwwfp (16576f3a76f4d0dd83522d69b5eafaa1) C:\Windows\system32\DRIVERS\epfwwfp.sys
16:58:26.0384 3868 epfwwfp - ok
16:58:26.0416 3868 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys
16:58:26.0416 3868 epmntdrv - ok
16:58:26.0431 3868 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
16:58:26.0447 3868 ErrDev - ok
16:58:26.0478 3868 EuGdiDrv (40292f3332b76b726e5312d088f5bea9) C:\Windows\system32\EuGdiDrv.sys
16:58:26.0478 3868 EuGdiDrv - ok
16:58:26.0525 3868 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:58:26.0556 3868 exfat - ok
16:58:26.0572 3868 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:58:26.0603 3868 fastfat - ok
16:58:26.0681 3868 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:58:26.0712 3868 fdc - ok
16:58:26.0744 3868 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:58:26.0759 3868 FileInfo - ok
16:58:26.0759 3868 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:58:26.0775 3868 Filetrace - ok
16:58:26.0791 3868 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:58:26.0791 3868 flpydisk - ok
16:58:26.0822 3868 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
16:58:26.0853 3868 FltMgr - ok
16:58:26.0869 3868 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:58:26.0884 3868 FsDepends - ok
16:58:26.0884 3868 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:58:26.0900 3868 Fs_Rec - ok
16:58:26.0947 3868 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:58:26.0978 3868 fvevol - ok
16:58:26.0994 3868 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:58:27.0041 3868 gagp30kx - ok
16:58:27.0166 3868 ha20x2k (a3f010d5dbfb589a3b3288c05c2ea3f9) C:\Windows\system32\drivers\ha20x2k.sys
16:58:27.0212 3868 ha20x2k - ok
16:58:27.0212 3868 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:58:27.0212 3868 hcw85cir - ok
16:58:27.0259 3868 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
16:58:27.0259 3868 HdAudAddService - ok
16:58:27.0275 3868 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
16:58:27.0291 3868 HDAudBus - ok
16:58:27.0291 3868 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:58:27.0322 3868 HidBatt - ok
16:58:27.0337 3868 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:58:27.0353 3868 HidBth - ok
16:58:27.0369 3868 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:58:27.0400 3868 HidIr - ok
16:58:27.0431 3868 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
16:58:27.0447 3868 HidUsb - ok
16:58:27.0541 3868 hotcore3 (78d379ce4d18ed735224660abf972716) C:\Windows\system32\DRIVERS\hotcore3.sys
16:58:27.0556 3868 hotcore3 - ok
16:58:27.0572 3868 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
16:58:27.0587 3868 HpSAMD - ok
16:58:27.0619 3868 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
16:58:27.0650 3868 HTTP - ok
16:58:27.0681 3868 hwinterface - ok
16:58:27.0712 3868 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
16:58:27.0728 3868 hwpolicy - ok
16:58:27.0744 3868 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
16:58:27.0759 3868 i8042prt - ok
16:58:27.0791 3868 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
16:58:27.0806 3868 iaStorV - ok
16:58:27.0837 3868 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:58:27.0837 3868 iirsp - ok
16:58:27.0853 3868 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
16:58:27.0869 3868 intelide - ok
16:58:27.0884 3868 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:58:27.0900 3868 intelppm - ok
16:58:27.0916 3868 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:58:27.0916 3868 IpFilterDriver - ok
16:58:27.0947 3868 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:58:27.0947 3868 IPMIDRV - ok
16:58:27.0962 3868 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:58:27.0978 3868 IPNAT - ok
16:58:28.0009 3868 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:58:28.0025 3868 IRENUM - ok
16:58:28.0025 3868 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
16:58:28.0041 3868 isapnp - ok
16:58:28.0072 3868 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
16:58:28.0087 3868 iScsiPrt - ok
16:58:28.0134 3868 JLTECH0227 (cd91d1bd200d9f39682a08e987f0dbe2) C:\Windows\system32\Drivers\jl2005c.sys
16:58:28.0134 3868 JLTECH0227 - ok
16:58:28.0166 3868 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
16:58:28.0166 3868 kbdclass - ok
16:58:28.0197 3868 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
16:58:28.0197 3868 kbdhid - ok
16:58:28.0228 3868 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
16:58:28.0228 3868 KSecDD - ok
16:58:28.0259 3868 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
16:58:28.0275 3868 KSecPkg - ok
16:58:28.0291 3868 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:58:28.0306 3868 ksthunk - ok
16:58:28.0400 3868 lirsgt (5ea407821bb3104c31a705175ab4f309) C:\Windows\system32\DRIVERS\lirsgt.sys
16:58:28.0416 3868 lirsgt - ok
16:58:28.0431 3868 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:58:28.0447 3868 lltdio - ok
16:58:28.0494 3868 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:58:28.0525 3868 LSI_FC - ok
16:58:28.0541 3868 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:58:28.0556 3868 LSI_SAS - ok
16:58:28.0572 3868 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:58:28.0587 3868 LSI_SAS2 - ok
16:58:28.0603 3868 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:58:28.0619 3868 LSI_SCSI - ok
16:58:28.0650 3868 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:58:28.0650 3868 luafv - ok
16:58:28.0712 3868 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:58:28.0744 3868 megasas - ok
16:58:28.0759 3868 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:58:28.0791 3868 MegaSR - ok
16:58:28.0853 3868 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:58:28.0853 3868 Modem - ok
16:58:28.0869 3868 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:58:28.0884 3868 monitor - ok
16:58:28.0931 3868 motccgp (5d1080dbd8ec5f2d6e550e01398e17cf) C:\Windows\system32\DRIVERS\motccgp.sys
16:58:28.0947 3868 motccgp - ok
16:58:28.0978 3868 motccgpfl (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
16:58:28.0994 3868 motccgpfl - ok
16:58:29.0009 3868 motmodem (6cbc0f4005593c96c9aecad39f0690fc) C:\Windows\system32\DRIVERS\motmodem.sys
16:58:29.0041 3868 motmodem - ok
16:58:29.0103 3868 motport (6cbc0f4005593c96c9aecad39f0690fc) C:\Windows\system32\DRIVERS\motport.sys
16:58:29.0119 3868 motport - ok
16:58:29.0150 3868 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:58:29.0150 3868 mouclass - ok
16:58:29.0181 3868 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:58:29.0181 3868 mouhid - ok
16:58:29.0197 3868 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
16:58:29.0212 3868 mountmgr - ok
16:58:29.0244 3868 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
16:58:29.0244 3868 mpio - ok
16:58:29.0259 3868 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:58:29.0275 3868 mpsdrv - ok
16:58:29.0587 3868 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
16:58:29.0587 3868 MRxDAV - ok
16:58:29.0619 3868 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:58:29.0650 3868 mrxsmb - ok
16:58:29.0666 3868 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:58:29.0666 3868 mrxsmb10 - ok
16:58:29.0712 3868 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:58:29.0728 3868 mrxsmb20 - ok
16:58:29.0744 3868 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
16:58:29.0759 3868 msahci - ok
16:58:29.0775 3868 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
16:58:29.0806 3868 msdsm - ok
16:58:29.0822 3868 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:58:29.0837 3868 Msfs - ok
16:58:29.0853 3868 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:58:29.0853 3868 mshidkmdf - ok
16:58:29.0869 3868 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
16:58:29.0884 3868 msisadrv - ok
16:58:29.0931 3868 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:58:29.0931 3868 MSKSSRV - ok
16:58:29.0947 3868 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:58:29.0947 3868 MSPCLOCK - ok
16:58:29.0962 3868 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:58:29.0978 3868 MSPQM - ok
16:58:29.0994 3868 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
16:58:30.0009 3868 MsRPC - ok
16:58:30.0025 3868 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
16:58:30.0025 3868 mssmbios - ok
16:58:30.0041 3868 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:58:30.0041 3868 MSTEE - ok
16:58:30.0056 3868 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:58:30.0056 3868 MTConfig - ok
16:58:30.0087 3868 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:58:30.0087 3868 Mup - ok
16:58:30.0134 3868 mv61xx (8ac8276cd9b0ea755cddd6421fc607e3) C:\Windows\system32\DRIVERS\mv61xx.sys
16:58:30.0134 3868 mv61xx - ok
16:58:30.0166 3868 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:58:30.0228 3868 NativeWifiP - ok
16:58:30.0259 3868 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
16:58:30.0291 3868 NDIS - ok
16:58:30.0322 3868 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:58:30.0337 3868 NdisCap - ok
16:58:30.0369 3868 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:58:30.0369 3868 NdisTapi - ok
16:58:30.0400 3868 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
16:58:30.0400 3868 Ndisuio - ok
16:58:30.0416 3868 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
16:58:30.0447 3868 NdisWan - ok
16:58:30.0462 3868 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
16:58:30.0478 3868 NDProxy - ok
16:58:30.0509 3868 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:58:30.0525 3868 NetBIOS - ok
16:58:30.0541 3868 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
16:58:30.0541 3868 NetBT - ok
16:58:30.0587 3868 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:58:30.0619 3868 nfrd960 - ok
16:58:30.0681 3868 NPF (351533acc2a069b94e80bbfc177e8fdf) C:\Windows\system32\drivers\npf.sys
16:58:30.0697 3868 NPF - ok
16:58:30.0728 3868 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:58:30.0728 3868 Npfs - ok
16:58:30.0775 3868 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:58:30.0791 3868 nsiproxy - ok
16:58:30.0837 3868 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
16:58:30.0916 3868 Ntfs - ok
16:58:30.0931 3868 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:58:30.0947 3868 Null - ok
16:58:31.0181 3868 nvlddmkm (bbe872a814b00798c2d568d46c42a71b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:58:31.0259 3868 nvlddmkm - ok
16:58:31.0291 3868 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
16:58:31.0291 3868 nvraid - ok
16:58:31.0306 3868 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
16:58:31.0337 3868 nvstor - ok
16:58:31.0353 3868 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
16:58:31.0369 3868 nv_agp - ok
16:58:31.0400 3868 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
16:58:31.0416 3868 ohci1394 - ok
16:58:31.0478 3868 ossrv (0e2de427ebe106e7e5b52869d5c99f68) C:\Windows\system32\drivers\ctoss2k.sys
16:58:31.0494 3868 ossrv - ok
16:58:31.0541 3868 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:58:31.0556 3868 Parport - ok
16:58:31.0572 3868 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
16:58:31.0587 3868 partmgr - ok
16:58:31.0619 3868 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
16:58:31.0650 3868 pci - ok
16:58:31.0666 3868 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
16:58:31.0681 3868 pciide - ok
16:58:31.0697 3868 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:58:31.0728 3868 pcmcia - ok
16:58:31.0744 3868 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:58:31.0759 3868 pcw - ok
16:58:31.0791 3868 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:58:31.0822 3868 PEAUTH - ok
16:58:31.0962 3868 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
16:58:31.0978 3868 PptpMiniport - ok
16:58:32.0009 3868 PQNTDrv - ok
16:58:32.0025 3868 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:58:32.0041 3868 Processor - ok
16:58:32.0087 3868 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
16:58:32.0119 3868 Psched - ok
16:58:32.0166 3868 PsSdk41 (86154f3a156fa2a5429c2940c69f426f) C:\Windows\system32\Drivers\pssdk41.sys
16:58:32.0181 3868 PsSdk41 - ok
16:58:32.0228 3868 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:58:32.0244 3868 ql2300 - ok
16:58:32.0259 3868 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:58:32.0275 3868 ql40xx - ok
16:58:32.0291 3868 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:58:32.0306 3868 QWAVEdrv - ok
16:58:32.0306 3868 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:58:32.0322 3868 RasAcd - ok
16:58:32.0353 3868 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:58:32.0353 3868 RasAgileVpn - ok
16:58:32.0384 3868 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:58:32.0400 3868 Rasl2tp - ok
16:58:32.0431 3868 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:58:32.0431 3868 RasPppoe - ok
16:58:32.0447 3868 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:58:32.0462 3868 RasSstp - ok
16:58:32.0494 3868 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
16:58:32.0494 3868 rdbss - ok
16:58:32.0525 3868 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:58:32.0541 3868 rdpbus - ok
16:58:32.0556 3868 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:58:32.0556 3868 RDPCDD - ok
16:58:32.0587 3868 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
16:58:32.0619 3868 RDPDR - ok
16:58:32.0634 3868 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:58:32.0650 3868 RDPENCDD - ok
16:58:32.0650 3868 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:58:32.0666 3868 RDPREFMP - ok
16:58:32.0681 3868 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
16:58:32.0697 3868 RDPWD - ok
16:58:32.0728 3868 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
16:58:32.0744 3868 rdyboost - ok
16:58:32.0837 3868 RivaTuner64 (a10b40cf9eb57d24e44717a2d38a00f4) C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys
16:58:32.0853 3868 RivaTuner64 - ok
16:58:32.0947 3868 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:58:32.0962 3868 rspndr - ok
16:58:33.0009 3868 RTL8187B (4a06585c8673f4458e9fbbc9dddb4d28) C:\Windows\system32\DRIVERS\wg111v3.sys
16:58:33.0009 3868 RTL8187B - ok
16:58:33.0041 3868 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
16:58:33.0041 3868 s3cap - ok
16:58:33.0072 3868 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
16:58:33.0087 3868 sbp2port - ok
16:58:33.0119 3868 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
16:58:33.0134 3868 scfilter - ok
16:58:33.0181 3868 ScreamBAudioSvc (490b0b68bb938d5c628ec4a67277be75) C:\Windows\system32\drivers\ScreamingBAudio64.sys
16:58:33.0197 3868 ScreamBAudioSvc - ok
16:58:33.0228 3868 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:58:33.0244 3868 secdrv - ok
16:58:33.0291 3868 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:58:33.0306 3868 Serenum - ok
16:58:33.0322 3868 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:58:33.0384 3868 Serial - ok
16:58:33.0400 3868 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:58:33.0416 3868 sermouse - ok
16:58:33.0462 3868 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
16:58:33.0478 3868 sffdisk - ok
16:58:33.0525 3868 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:58:33.0541 3868 sffp_mmc - ok
16:58:33.0572 3868 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
16:58:33.0572 3868 sffp_sd - ok
16:58:33.0587 3868 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:58:33.0603 3868 sfloppy - ok
16:58:33.0666 3868 SI3112r (0a7b53a1bbbd65bf770327deb0f78ed3) C:\Windows\system32\DRIVERS\SI3112r.sys
16:58:33.0681 3868 SI3112r - ok
16:58:33.0728 3868 Si3132r5 (1a7335ddaac8cda00db03491f353814e) C:\Windows\system32\DRIVERS\Si3132r5.sys
16:58:33.0744 3868 Si3132r5 - ok
16:58:33.0759 3868 SiFilter (8f10f5d5063f9392a9701d6d9f574e59) C:\Windows\system32\DRIVERS\SiWinAcc.sys
16:58:33.0759 3868 SiFilter - ok
16:58:33.0822 3868 SiRemFil (156eb53760a64ce26d615ca5352fb50a) C:\Windows\system32\DRIVERS\SiRemFil.sys
16:58:33.0837 3868 SiRemFil - ok
16:58:33.0837 3868 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:58:33.0869 3868 SiSRaid2 - ok
16:58:33.0900 3868 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:58:33.0916 3868 SiSRaid4 - ok
16:58:33.0931 3868 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:58:33.0947 3868 Smb - ok
16:58:33.0994 3868 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:58:34.0009 3868 spldr - ok
16:58:34.0119 3868 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
16:58:34.0119 3868 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
16:58:34.0119 3868 sptd ( LockedFile.Multi.Generic ) - warning
16:58:34.0119 3868 sptd - detected LockedFile.Multi.Generic (1)
16:58:34.0150 3868 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
16:58:34.0166 3868 srv - ok
16:58:34.0197 3868 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
16:58:34.0244 3868 srv2 - ok
16:58:34.0291 3868 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
16:58:34.0291 3868 srvnet - ok
16:58:34.0400 3868 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:58:34.0400 3868 stexstor - ok
16:58:34.0462 3868 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
16:58:34.0462 3868 storflt - ok
16:58:34.0509 3868 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
16:58:34.0525 3868 storvsc - ok
16:58:34.0541 3868 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
16:58:34.0556 3868 swenum - ok
16:58:34.0728 3868 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
16:58:34.0791 3868 Tcpip - ok
16:58:34.0822 3868 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
16:58:34.0837 3868 TCPIP6 - ok
16:58:34.0853 3868 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
16:58:34.0869 3868 tcpipreg - ok
16:58:34.0884 3868 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:58:34.0900 3868 TDPIPE - ok
16:58:34.0916 3868 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:58:34.0916 3868 TDTCP - ok
16:58:34.0947 3868 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
16:58:34.0994 3868 tdx - ok
16:58:35.0009 3868 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
16:58:35.0009 3868 TermDD - ok
16:58:35.0103 3868 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:58:35.0119 3868 tssecsrv - ok
16:58:35.0150 3868 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
16:58:35.0166 3868 tunnel - ok
16:58:35.0197 3868 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:58:35.0212 3868 uagp35 - ok
16:58:35.0228 3868 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
16:58:35.0244 3868 udfs - ok
16:58:35.0291 3868 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
16:58:35.0306 3868 uliagpkx - ok
16:58:35.0337 3868 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
16:58:35.0353 3868 umbus - ok
16:58:35.0369 3868 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:58:35.0384 3868 UmPass - ok
16:58:35.0431 3868 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
16:58:35.0447 3868 usbccgp - ok
16:58:35.0462 3868 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
16:58:35.0478 3868 usbcir - ok
16:58:35.0494 3868 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
16:58:35.0494 3868 usbehci - ok
16:58:35.0525 3868 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
16:58:35.0541 3868 usbhub - ok
16:58:35.0556 3868 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
16:58:35.0572 3868 usbohci - ok
16:58:35.0603 3868 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:58:35.0619 3868 usbprint - ok
16:58:35.0634 3868 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:58:35.0634 3868 USBSTOR - ok
16:58:35.0650 3868 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
16:58:35.0650 3868 usbuhci - ok
16:58:35.0712 3868 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
16:58:35.0728 3868 vdrvroot - ok
16:58:35.0759 3868 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:58:35.0759 3868 vga - ok
16:58:35.0791 3868 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:58:35.0806 3868 VgaSave - ok
16:58:35.0822 3868 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
16:58:35.0853 3868 vhdmp - ok
16:58:35.0869 3868 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
16:58:35.0884 3868 viaide - ok
16:58:35.0900 3868 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
16:58:35.0962 3868 vmbus - ok
16:58:35.0978 3868 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
16:58:35.0994 3868 VMBusHID - ok
16:58:36.0009 3868 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
16:58:36.0041 3868 volmgr - ok
16:58:36.0056 3868 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
16:58:36.0072 3868 volmgrx - ok
16:58:36.0103 3868 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
16:58:36.0166 3868 volsnap - ok
16:58:36.0212 3868 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:58:36.0228 3868 vsmraid - ok
16:58:36.0291 3868 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
16:58:36.0306 3868 vwifibus - ok
16:58:36.0337 3868 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:58:36.0337 3868 vwififlt - ok
16:58:36.0384 3868 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:58:36.0384 3868 WacomPen - ok
16:58:36.0400 3868 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:58:36.0416 3868 WANARP - ok
16:58:36.0431 3868 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
16:58:36.0431 3868 Wanarpv6 - ok
16:58:36.0572 3868 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:58:36.0572 3868 Wd - ok
16:58:36.0603 3868 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:58:36.0619 3868 Wdf01000 - ok
16:58:36.0744 3868 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:58:36.0759 3868 WfpLwf - ok
16:58:36.0775 3868 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:58:36.0791 3868 WIMMount - ok
16:58:36.0900 3868 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
16:58:36.0916 3868 WinUsb - ok
16:58:36.0931 3868 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
16:58:36.0947 3868 WmiAcpi - ok
16:58:37.0009 3868 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:58:37.0025 3868 ws2ifsl - ok
16:58:37.0087 3868 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
16:58:37.0103 3868 WudfPf - ok
16:58:37.0134 3868 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:58:37.0166 3868 WUDFRd - ok
16:58:37.0259 3868 xnacc (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys
16:58:37.0275 3868 xnacc - ok
16:58:37.0322 3868 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
16:58:37.0337 3868 xusb21 - ok
16:58:37.0384 3868 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
16:58:37.0384 3868 \Device\Harddisk3\DR3 - ok
16:58:37.0400 3868 MBR (0x1B8) (096b4d6d03500a9b7deb27f2244e9a60) \Device\Harddisk4\DR4
16:58:37.0400 3868 \Device\Harddisk4\DR4 - ok
16:58:37.0416 3868 MBR (0x1B8) (096b4d6d03500a9b7deb27f2244e9a60) \Device\Harddisk5\DR5
16:58:37.0431 3868 \Device\Harddisk5\DR5 - ok
16:58:37.0431 3868 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:58:37.0431 3868 \Device\Harddisk0\DR0 - ok
16:58:37.0431 3868 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR1
16:58:37.0431 3868 \Device\Harddisk1\DR1 - ok
16:58:37.0447 3868 MBR (0x1B8) (de1996b5390bac8242e23168f828c750) \Device\Harddisk2\DR2
16:58:37.0447 3868 \Device\Harddisk2\DR2 ( Rootkit.Win32.TDSS.tdl4 ) - infected
16:58:37.0447 3868 \Device\Harddisk2\DR2 - detected Rootkit.Win32.TDSS.tdl4 (0)
16:58:37.0447 3868 Boot (0x1200) (f26be945077d9a99651d888dbca5cd65) \Device\Harddisk3\DR3\Partition0
16:58:37.0447 3868 \Device\Harddisk3\DR3\Partition0 - ok
16:58:37.0447 3868 Boot (0x1200) (e73ae3dcf809e2f21b9d78fa5725371c) \Device\Harddisk4\DR4\Partition0
16:58:37.0447 3868 \Device\Harddisk4\DR4\Partition0 - ok
16:58:37.0447 3868 Boot (0x1200) (f3ca9a92934d37c3b0d68e178e59b127) \Device\Harddisk5\DR5\Partition0
16:58:37.0447 3868 \Device\Harddisk5\DR5\Partition0 - ok
16:58:37.0447 3868 Boot (0x1200) (a93296ddbb03078e7bbc9131c9ac9a56) \Device\Harddisk1\DR1\Partition0
16:58:37.0447 3868 \Device\Harddisk1\DR1\Partition0 - ok
16:58:37.0447 3868 Boot (0x1200) (4ce922eddc7cec8ab97d6ee73cc09436) \Device\Harddisk2\DR2\Partition0
16:58:37.0447 3868 \Device\Harddisk2\DR2\Partition0 - ok
16:58:37.0462 3868 Boot (0x1200) (11575093fd660003a99973e632691371) \Device\Harddisk2\DR2\Partition1
16:58:37.0462 3868 \Device\Harddisk2\DR2\Partition1 - ok
16:58:37.0478 3868 Boot (0x1200) (e9fa052c4d09206c8504f7a1d2e842eb) \Device\Harddisk2\DR2\Partition2
16:58:37.0478 3868 \Device\Harddisk2\DR2\Partition2 - ok
16:58:37.0478 3868 Boot (0x1200) (6fa502e907ac17b800581fae6a751e90) \Device\Harddisk2\DR2\Partition3
16:58:37.0478 3868 \Device\Harddisk2\DR2\Partition3 - ok
16:58:37.0478 3868 ============================================================
16:58:37.0478 3868 Scan finished
16:58:37.0478 3868 ============================================================
16:58:37.0478 4956 Detected object count: 2
16:58:37.0478 4956 Actual detected object count: 2
16:59:27.0768 4956 sptd ( LockedFile.Multi.Generic ) - skipped by user
16:59:27.0768 4956 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
16:59:27.0799 4956 \Device\Harddisk2\DR2 ( Rootkit.Win32.TDSS.tdl4 ) - will be cured on reboot
16:59:27.0799 4956 \Device\Harddisk2\DR2 - ok
16:59:27.0799 4956 \Device\Harddisk2\DR2 ( Rootkit.Win32.TDSS.tdl4 ) - User select action: Cure

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Here is OTL.txt

OTL logfile created on: 10/12/2011 5:12:59 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Pimp\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.48 Gb Available Physical Memory | 81.02% Memory free
15.99 Gb Paging File | 14.44 Gb Available in Paging File | 90.31% Paging File free
Paging file location(s): f:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 158.11 Gb Total Space | 0.06 Gb Free Space | 0.04% Space Free | Partition Type: NTFS
Drive D: | 287.43 Gb Total Space | 15.84 Gb Free Space | 5.51% Space Free | Partition Type: NTFS
Drive F: | 20.12 Gb Total Space | 12.04 Gb Free Space | 59.81% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 117.55 Gb Free Space | 12.62% Space Free | Partition Type: NTFS
Drive H: | 465.75 Gb Total Space | 27.59 Gb Free Space | 5.92% Space Free | Partition Type: NTFS
Drive K: | 465.76 Gb Total Space | 271.64 Gb Free Space | 58.32% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 278.98 Gb Free Space | 59.90% Space Free | Partition Type: NTFS
Drive M: | 465.76 Gb Total Space | 120.94 Gb Free Space | 25.97% Space Free | Partition Type: NTFS

Computer Name: PIMP-PC | User Name: Pimp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Pimp\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe (Nero AG)
PRC - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\OEM\Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files (x86)\Silicon Image\Silicon Image HBA Wakeup Utility\SiHbaWakeupService.exe ()
PRC - C:\Windows\SysWOW64\PING.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\OEM\Wireless LAN Utility\RtlService.exe (Realtek)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe ()
PRC - C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Windows\SysWOW64\CTSVCCDA.EXE (Creative Technology Ltd)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\js3250.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - \\.\globalroot\systemroot\syswow64\mswsock.dll ()

========== Win32 Services (SafeList) ==========

SRV:64bit: - (EhttpSrv) -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (ESET)
SRV:64bit: - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (ESET)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (lxbc_device) -- C:\Windows\SysNative\lxbccoms.exe ( )
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (DeviceMonitorService) -- C:\Program Files (x86)\Motorola Media Link\NServiceEntry.exe (Nero AG)
SRV - (MotoHelper) -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (Sony SCSI Helper Service) -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)
SRV - (SiHbaWakeupService) -- C:\Program Files (x86)\Silicon Image\Silicon Image HBA Wakeup Utility\SiHbaWakeupService.exe ()
SRV - (Realtek8185) -- C:\Program Files (x86)\OEM\Wireless LAN Utility\RtlService.exe (Realtek)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (Marvell RAID) -- C:\Program Files (x86)\Marvell\raid\svc\mvraidsvc.exe ()
SRV - (MRUWebService) -- C:\Program Files (x86)\Marvell\raid\Apache2\bin\httpd.exe (Apache Software Foundation)
SRV - (lxbc_device) -- C:\Windows\SysWow64\lxbccoms.exe ( )
SRV - (Creative Service for CDROM Access) -- C:\Windows\SysWOW64\CTSVCCDA.EXE (Creative Technology Ltd)

========== Driver Services (SafeList) ==========

DRV:64bit: - (PsSdk41) -- C:\Windows\SysNative\drivers\pssdk41.sys (microOLAP Technologies LTD)
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\drivers\motccgp.sys (Motorola)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (motport) -- C:\Windows\SysNative\drivers\motport.sys (Motorola)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\drivers\motmodem.sys (Motorola)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (eamonm) -- C:\Windows\SysNative\drivers\eamonm.sys (ESET)
DRV:64bit: - (epfw) -- C:\Windows\SysNative\drivers\epfw.sys (ESET)
DRV:64bit: - (ehdrv) -- C:\Windows\SysNative\drivers\ehdrv.sys (ESET)
DRV:64bit: - (epfwwfp) -- C:\Windows\SysNative\drivers\epfwwfp.sys (ESET)
DRV:64bit: - (Epfwndis) -- C:\Windows\SysNative\drivers\epfwndis.sys (ESET)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\drivers\SiWinAcc.sys (Silicon Image, Inc)
DRV:64bit: - (SI3112r) -- C:\Windows\SysNative\drivers\SI3112r.sys (Silicon Image, Inc)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\drivers\wg111v3.sys (NETGEAR Inc. )
DRV:64bit: - (hotcore3) -- C:\Windows\SysNative\drivers\hotcore3.sys (Paragon Software Group)
DRV:64bit: - (mv61xx) -- C:\Windows\SysNative\drivers\mv61xx.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (xnacc) -- C:\Windows\SysNative\drivers\xnacc.sys (Microsoft Corporation)
DRV:64bit: - (e1express) Intel® -- C:\Windows\SysNative\drivers\e1e6032e.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (JLTECH0227) -- C:\Windows\SysNative\drivers\jl2005c.sys (Windows ® Codename Longhorn DDK provider)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys ()
DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys ()
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\drivers\motccgpfl.sys (Motorola)
DRV:64bit: - (Si3132r5) -- C:\Windows\SysNative\drivers\Si3132r5.sys (Silicon Image, Inc)
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\drivers\SiRemFil.sys (Silicon Image, Inc.)
DRV:64bit: - (CTSBLFX.DLL) -- C:\Windows\SysNative\CTSBLFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEAPSFX.DLL) -- C:\Windows\SysNative\CTEAPSFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTAUDFX.DLL) -- C:\Windows\SysNative\CTAUDFX.DLL (Creative Technology Ltd)
DRV:64bit: - (COMMONFX.DLL) -- C:\Windows\SysNative\COMMONFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPSY.DLL) -- C:\Windows\SysNative\CTEDSPSY.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPIO.DLL) -- C:\Windows\SysNative\CTEDSPIO.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPFX.DLL) -- C:\Windows\SysNative\CTEDSPFX.DLL (Creative Technology Ltd)
DRV - (RivaTuner64) -- C:\Program Files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys ()
DRV - (hwinterface) -- C:\Windows\SysWOW64\drivers\hwinterface.sys (Logix4u)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys ()
DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys ()
DRV - (PQNTDrv) -- C:\Windows\SysWow64\drivers\PQNTDRV.sys (PowerQuest Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...=...hTerms}&f=4
IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\prxtbBro0.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 1E 5D D7 CB DA CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 61 86 73 13 DE 61 AD 4E 9D 5E 0C AB 64 4E 03 B7 [binary data]
IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\prxtbBro0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@sony.com/eBookLibrary: C:\Program Files (x86)\Sony\Reader\Data\bin\npebldetectmoz.dll (Sony Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2011/09/28 09:02:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/02 20:32:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/02 20:32:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2011/09/28 09:02:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{1266764D-FC4F-4FA7-B63B-884D53B1680F}: C:\Users\Pimp\AppData\Roaming\NetAssistant\ [2011/06/16 21:48:08 | 000,000,000 | ---D | M]

[2010/09/25 20:01:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pimp\AppData\Roaming\Mozilla\Extensions
[2010/09/25 20:01:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pimp\AppData\Roaming\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2011/10/10 14:54:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions
[2011/10/04 08:12:55 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{4fc741b6-c922-4d03-b8b7-dea86b2d4b13}
[2011/10/04 08:12:55 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{c58450c4-dffd-4f71-b2db-0f64b3c201a4}
[2011/10/04 08:12:55 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{d269ca94-3f4e-4da4-a78f-d72e73390365}
[2011/10/04 08:12:55 | 000,000,000 | ---D | M] (XUL Cache) -- C:\Users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{ef5ddf7e-b108-4478-a49f-5184a59569c8}
[2011/06/16 21:50:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/03/18 14:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2010/11/01 06:48:41 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 14:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/04/27 02:03:29 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml

Hosts file not found
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (Reg Error: Value error.) - {13738661-61DE-4EAD-9D5E-0CAB644E03B7} - Reg Error: Value error. File not found
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\prxtbBro0.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - Reg Error: Value error. File not found
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Program Files (x86)\BrotherSoft_Extreme\prxtbBro0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (BrotherSoft Extreme Toolbar) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - C:\Program Files (x86)\BrotherSoft_Extreme\prxtbBro0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Nero Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKCU..\Run: [{0A8EA412-E054-C2AF-E02B-F339611C836D}] C:\Users\Pimp\AppData\Roaming\Zosiu\oqdaelo.exe File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKLM..\RunServices: [winsrv.exe] C:\Program Files (x86)\winsrv.exe File not found
O4 - Startup: C:\Users\Pimp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Pimp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - mmswsock.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\pnrpnsp.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\pnrpnsp.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9585544E-0E5F-44B8-B354-370588273F53}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/10/12 15:20:10 | 000,000,000 | ---D | C] -- C:\Users\Pimp\Desktop\New Patched default_mp.xex for TU6
[2011/10/04 16:27:06 | 000,000,000 | ---D | C] -- C:\Open Cloud AV
[2011/09/28 19:37:33 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/09/28 09:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2011/09/28 09:02:43 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2011/09/27 21:38:31 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\nNyxA1uvSoFpGsJ
[2011/09/27 21:38:31 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\eWK7fEL9gXjCkBz
[2011/09/27 21:38:23 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Tofye
[2011/09/27 21:38:23 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Retiu
[2011/09/27 14:11:34 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Con4amH5sJfLgZj
[2011/09/27 14:11:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\x1uvD2onFpHsJLI
[2011/09/27 14:11:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\x1uvD2onFpHsJdL
[2011/09/27 14:11:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\tA1uvD2on4m5W7E
[2011/09/27 14:11:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GcA1uvD2oFpHsJL
[2011/09/27 14:11:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GcA1uvD2oFpHsJg
[2011/09/27 14:11:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GcA1uvD2oFpHsJE
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\rbD3pnG4aHdK
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\qRqhYXwkUrOt
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\QQH6dWK7fLhXjCl
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\oNycA1uvDoFpHsJ
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\oNyc1uvD2n4m5W7
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\LJ7dEK8gRqYwUrO
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\LdEK8gRZqYwUrOt
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\LdEK8gRqhXkVltP
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fQJdEK8gRqYwUrO
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fQdEK8gRqYwUrOt
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\EQJdEK8gRqYwUrO
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\EQJ7dEK8gZhXkVl
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\AgRZqhYXwUrO
[2011/09/27 14:11:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\AgRqhYXwkVlt
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\WfEL9TqCkBOyAu2
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\V5sQJdEK8RqYwUr
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\V5sQJ7dEKgZhXkV
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\UG5sQJdEKgZhXkV
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\s7fEL9TqCkBOyA
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\q6sWK7EL9TqY
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\PH6sWK7fE9T
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ndEK8gRZq
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ndEK8gRqh
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Ko4H6sWK7E9TqYe
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fsQJ7dEK8RqYwUr
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\BAu2FmG5sJdKg
[2011/09/27 14:11:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\BAu2bpGsQdKgq
[2011/09/27 14:11:27 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\xyc1iD3on4m6W7E
[2011/09/27 14:11:27 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\cXwjeBzP0
[2011/09/27 14:11:23 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\UeIzyA1vo4HWf9
[2011/09/27 14:10:07 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\CKcZ3Us08v909c
[2011/09/27 14:09:26 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\JwWF1NwhHuBCZLh
[2011/09/27 14:09:24 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\XhH2yrhR4xeq87R
[2011/09/27 14:09:23 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Y1xtIYXwjhh9dGD
[2011/09/27 14:09:22 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Xlq88WmnmGpnDSt
[2011/09/27 14:09:22 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\nStCZRfaasQ5GDS
[2011/09/27 14:09:20 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\nzK3Bd2C5t83BR4
[2011/09/27 14:09:20 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\IOYaAOUgEKdW
[2011/09/27 14:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\sBEoV7Dw6Aq3BfF
[2011/09/27 14:09:19 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\cFeJvws1haNgieW
[2011/09/27 14:09:17 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\mXoY6cqGxTpOR
[2011/09/27 14:09:15 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\xV5OWyKxKNhW4vl
[2011/09/27 14:09:10 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\R0Jkb9AgSdlnVE3
[2011/09/27 14:08:57 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\G4HWf9XjeBPcu2n
[2011/09/27 14:08:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\XbF4pmGsJdKgZhX
[2011/09/27 14:08:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\XbF4pGQ7dKgZhXk
[2011/09/27 14:08:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\WNyA1uvS2b4msJd
[2011/09/27 14:08:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\oyA1uvS2oFpGQ7E
[2011/09/27 14:08:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\oyA1uvS2oFGsJdK
[2011/09/27 14:08:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\dzONyA1uv2b4GsJ
[2011/09/27 14:08:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\CzONyA1uv2b4ms
[2011/09/27 14:08:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\CzONyA1uv2b4Gs
[2011/09/27 14:08:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\CrzyxA1uv2bp5J
[2011/09/27 14:08:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\qkIBrzyxAuSo
[2011/09/27 14:08:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\LTXjYCekIryAuSo
[2011/09/27 14:08:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\jIBrzONyAuSoF
[2011/09/27 14:08:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GYCekIBrzy
[2011/09/27 14:08:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GYCekIBrzN
[2011/09/27 14:08:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GjYCekIBry
[2011/09/27 14:08:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ETXqjYCekBzNAuS
[2011/09/27 14:08:54 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\dxQXcaEkximQ
[2011/09/27 14:08:40 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\T5j2qSKBa
[2011/09/27 14:08:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\xPADm7Ctb8B4jv
[2011/09/27 14:08:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\x1pEktbQZV036g
[2011/09/27 14:08:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\JZV0pdhlcFJq
[2011/09/27 14:08:27 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\QKCcoJYOS58
[2011/09/27 14:08:27 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Dt13aKLUP1oHETC
[2011/09/27 14:08:25 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\io9AdO5U2gAJeoT
[2011/09/27 14:08:24 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\NeBPci2FHs7EgqC
[2011/09/27 14:08:24 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ApHfwBi5gridjyG
[2011/09/27 14:08:22 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\wu2Fm6Zwlyb4W9U
[2011/09/27 14:08:22 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ri4KgCNvH
[2011/09/27 14:08:22 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\QeOubGE9ecn6RqI
[2011/09/27 14:08:22 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\gb4W9UrupEY
[2011/09/27 14:08:22 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\dZecn6RqkAoQ
[2011/09/27 14:08:22 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Ab5E9ecn6RqIAoQ
[2011/09/27 14:08:20 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\jpQ7TCz1n5EqItc
[2011/09/27 14:08:19 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\pVtcD4dLj
[2011/09/27 14:08:18 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\wyJV3ZcWBp
[2011/09/27 14:08:18 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\v3RtaTxGYc6jAsk
[2011/09/27 14:08:18 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\lo69eN25gU03
[2011/09/27 14:08:17 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\vn9zFEk0mfjzDmE
[2011/09/27 14:08:17 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\TEk0mfjzDmEj
[2011/09/27 14:08:16 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\zVPbaKTlyDa7TwO
[2011/09/27 14:08:16 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\YqtaXym8VS
[2011/09/27 14:08:16 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\wXlyDa7TwO
[2011/09/27 14:08:16 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\v0DQKTlyDa7TwO0
[2011/09/27 13:59:36 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\gDnaHd8R9XeItPc
[2011/09/27 13:59:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fxu2Fm5JdgqXrBP
[2011/09/27 13:59:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Lu2Dnad8LTwCIPc
[2011/09/27 13:59:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fUu2Dnad8LTwCIP
[2011/09/27 13:59:27 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Pe16qzup7ghwUu2
[2011/09/27 13:59:11 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Coi1xBCZ75nopo2
[2011/09/27 13:59:07 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\nBVUg8sQQ43i
[2011/09/27 13:58:53 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\TYLE6Hmno3Fbvuu
[2011/09/27 13:58:53 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\eHbcOwqRdaFD1PP
[2011/09/27 13:58:52 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\VE665dWaa
[2011/09/27 13:58:52 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\DR4AY8s3buxCY9E
[2011/09/27 13:58:51 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\VJGo2uPNV
[2011/09/27 13:58:51 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\s8GAY8s3buxCY9
[2011/09/27 13:58:50 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\VmyR4AUKD
[2011/09/27 13:58:49 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\uHDIfnAVfo0BeRR
[2011/09/27 13:58:49 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\NiNwWvwZ7Go
[2011/09/27 13:58:49 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\I0F6YtLQpDuzzVk
[2011/09/27 13:58:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\FyYsuBkTE
[2011/09/27 13:58:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\FKj0Xd4n2
[2011/09/27 13:58:43 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\EVBc3axlCj
[2011/09/27 13:58:42 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\KOcboHTBAL
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ZVelIB0AD
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\vZ9hTXwjUeI01Do
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\RUVelIBP4m6W7ET
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\RUVelIB0ADo4m6W
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Q8fRZ9hTXjVlB01
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\pelIBAo4m
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\pelIB0ADo
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Nc2ibF3pn5QdKfZ
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\mlIBP4amHs
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\J3pnG5aQJ
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\IXwjUVelIAo4m6W
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\HfRZ9hTXwUeIP4m
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\HfRZ9hTXwUeI01D
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GIBAo4mH6W
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ehTXwjUVeIP4m6W
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\aK8fRZ9hTwUeIPA
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\aK8fRZ9hTwUeIP4
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\aK8fRZ9hTwUeIAo
[2011/09/27 13:58:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\aK8fRZ9hTwUeI01
[2011/09/27 13:58:38 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\uu2FpHs7E
[2011/09/27 13:58:38 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Ju2FpHs7E
[2011/09/27 13:58:38 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Jc1DoFm5J
[2011/09/27 13:58:38 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\J1DoFm5JE
[2011/09/27 13:58:37 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\HxF6hO14EqIy2m7
[2011/09/27 13:58:36 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\BxuSb3ma6K
[2011/09/27 13:58:32 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\gyKzsUbLc7VbfBn
[2011/09/27 13:58:31 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\yPHkFglb7BnLrbK
[2011/09/27 13:58:31 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fnqSgxQeFq
[2011/09/27 13:58:31 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\BenXu7kuQj1WCca
[2011/09/27 13:58:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\VnqSgxQeF
[2011/09/27 13:58:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\LD9xsXPGTc5
[2011/09/27 13:58:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\BuWI4judBaY2KVS
[2011/09/27 13:58:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Z9hwVOzy1Dna6KE
[2011/09/27 13:58:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\whwVOzy1Dna6KEg
[2011/09/27 13:58:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\c9hwVOzy1Dna6KE
[2011/09/27 13:58:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\IR9hwVOzy1Dna6K
[2011/09/27 13:58:27 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ptiafUNvn
[2011/09/27 13:58:15 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\srbfzGT1JkS6CD
[2011/09/27 13:57:54 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\KpxX5uj7pPITGve
[2011/09/27 13:57:52 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\NkaBsO6t6yEufA
[2011/09/27 13:57:52 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\HT8HFcPkLJpiOk
[2011/09/27 13:57:21 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\YoLzpqP6NfAZDkd
[2011/09/27 13:57:19 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ce37BFRtGwc5
[2011/09/27 13:57:14 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Rb5E9UtS3H9eAF8
[2011/09/27 13:57:12 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\klNv4sLjItSpdZ
[2011/09/27 13:57:09 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\tu2Fms6KR9
[2011/09/27 13:57:09 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\pjVyxu2Fms6KR9X
[2011/09/27 13:57:08 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\peynJqNiQfU0
[2011/09/27 13:57:08 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\oWf9XUeBzy1vo4
[2011/09/27 13:57:08 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ny0So3GQd
[2011/09/27 13:57:03 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\CP1bHdqUtS3aW9j
[2011/09/27 13:56:57 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\L9gTXqjYCkBzNx1
[2011/09/27 13:56:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\JfEL8gTZq
[2011/09/27 13:56:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\tBtxP0ycSiDoGaH
[2011/09/27 13:56:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ecS2ibD3pGaHdKf
[2011/09/27 13:56:51 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\EfRL9hTXqUeIrPy
[2011/09/27 13:56:51 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\d7fRL9hTXjClBzN
[2011/09/27 13:56:50 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\sNA0uvS2iFpGaJ
[2011/09/27 13:56:50 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Jx0vS2ibFpGaJdK
[2011/09/27 13:56:50 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\JA0uvS2ib3m5Q6E
[2011/09/27 13:56:49 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\yvo4H5WEgZCIzNx
[2011/09/27 13:56:48 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\P5aHWf9XUltN1Dn
[2011/09/27 13:56:48 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GAvo4H5WEgZCIzN
[2011/09/27 13:56:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\yySpJgXBc3Q7TCz
[2011/09/27 13:56:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\xxoGdZktSoQ7XkN
[2011/09/27 13:56:46 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\mIOyuSbp5JE8ZYk
[2011/09/27 13:56:46 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\LkrNAvom6RweBPc
[2011/09/27 13:56:46 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GrNAvom6RweBPci
[2011/09/27 13:52:51 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\UooonF4pmH5sJ7E
[2011/09/27 13:52:51 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\aXqqjUUCel
[2011/09/27 13:52:44 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\N33pnnG5a6dW8f
[2011/09/27 13:52:37 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\BammH6sWfELgZjY
[2011/09/27 13:52:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\WkkUUVelO
[2011/09/27 13:52:24 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Z5aaQQH6d
[2011/09/27 13:52:18 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\dfRZ9hYXwUeOtPy
[2011/09/27 13:52:12 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\KOBtxP0uc1
[2011/09/27 13:52:06 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\PA0ucS2ib3n5Q6
[2011/09/27 13:51:59 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\jjYCekIVrOyAuSo
[2011/09/27 13:51:53 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\bIBrzPNyx1v
[2011/09/27 13:51:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\lonF4amH5W7E8Tq
[2011/09/27 13:51:41 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\hS2obF4pm5Q7E8R
[2011/09/27 13:51:35 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fucS2ibF3n
[2011/09/27 13:51:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\OlOBtxP0ySiDoGa
[2011/09/27 13:51:24 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\VK8fRL9hTwUeItP
[2011/09/27 13:51:18 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\X1ivD3onGaHsKfL
[2011/09/27 13:51:12 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\LqjUCelIBzNc1v2
[2011/09/27 13:51:06 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\KamH6sWJ7E9TqYe
[2011/09/27 13:51:00 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GF4pmH5sQ7E8RqY
[2011/09/27 13:50:54 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\TxA0uvS2iFpGaJd
[2011/09/27 13:50:48 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\WpnG4aQH6
[2011/09/27 13:50:43 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ovD3onF4aHsJfLg
[2011/09/27 13:50:37 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fF4pmH5sQ7E8RqY
[2011/09/27 13:50:31 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\iONtxA0uv2b3m5Q
[2011/09/27 13:50:25 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\jtxP0ucS1b3n4Q6
[2011/09/27 13:50:20 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\eUVelIBtz0c1v3n
[2011/09/27 13:50:14 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\NqjUCekIBzNx1v2
[2011/09/27 13:50:08 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\tkIVrzONtAuSiFp
[2011/09/27 13:50:02 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\LlOBtxP0uSiDpG
[2011/09/27 13:49:57 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\TXwjUVelItPyAiD
[2011/09/27 13:49:51 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\oXqjUCekIrPyAuD
[2011/09/27 13:49:45 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\AZqjYCwkIrOt
[2011/09/27 13:49:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\aYXwkUVrlB
[2011/09/27 13:49:34 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\aIBtzP0yc1
[2011/09/27 13:49:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\oekIBrzPNx1v2b4
[2011/09/27 13:49:22 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\RgTZqjYCwIr
[2011/09/27 13:49:17 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\OYXwkUVrlB
[2011/09/27 13:49:11 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\relIBtzP0
[2011/09/27 13:49:05 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\CkkIBrzPNyA1v2b
[2011/09/27 13:49:00 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ZCwkIVrzOtAuSiF
[2011/09/27 13:48:54 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\u00ucS1ibDpn4Q6
[2011/09/27 13:48:48 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\QvvD3onF4aH6W7E
[2011/09/27 13:48:43 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\hbbF4pmH5sJ7E8R
[2011/09/27 13:48:37 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\C66dEK8fRZhYwUe
[2011/09/27 13:48:31 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\CzzzPNNycA1
[2011/09/27 13:48:26 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\SqjYCekIVzNx0v2
[2011/09/27 13:48:20 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\qmH5sQJ7dLgZhCk
[2011/09/27 13:48:14 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GQJ6dEK8fZhXjVl
[2011/09/27 13:48:08 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\TibD3pnG4Q6W7R9
[2011/09/27 13:48:02 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\SZ9hTXwjUeItPyA
[2011/09/27 13:47:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\DWK7fRL9gXj
[2011/09/27 13:47:50 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\h3pnG5aQHdKfLhX
[2011/09/27 13:47:44 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\T8fRZ9hYXjVlBz0
[2011/09/27 13:47:37 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\sF4pmG5sQ7E8RqY
[2011/09/27 13:47:31 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\oPNycA1uv2n4m5W
[2011/09/27 13:47:24 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\w6dWK8fRZhXjVlB
[2011/09/27 13:47:17 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\NIVrzONyx0v2b3m
[2011/09/27 13:47:11 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\w5sQJ7dELgZhCkV
[2011/09/27 13:47:05 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\suvS2ibF3m5Q6E8
[2011/09/27 13:46:59 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ywkUVrlOBx0
[2011/09/27 13:46:54 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\XK8fRZ9hTwUeItP
[2011/09/27 13:46:48 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\KsWK7fRL9T
[2011/09/27 13:46:42 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\BonF4amH5W7E8Tq
[2011/09/27 13:46:36 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\XS2obFpmGs
[2011/09/27 13:46:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\uEL8gTZqhCkVlNx
[2011/09/27 13:46:24 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GvS2obF3pGsJdKg
[2011/09/27 13:46:18 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\iqhYCwkUVlNx0c2
[2011/09/27 13:46:12 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\tRZ9hYXwjVlBz0c
[2011/09/27 13:46:06 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\gG4aQH6dW7R9TqU
[2011/09/27 13:46:00 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\RZZ9hhTXwjUVlI
[2011/09/27 13:45:54 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\uL99ggTXq
[2011/09/27 13:45:49 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\iCCCwkkIVr
[2011/09/27 13:45:43 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\v1uuvSS2obFpm5s
[2011/09/27 13:45:37 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\nggTTZqhYCwkVrO
[2011/09/27 13:45:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\PZqqjYYCekIrzNy
[2011/09/27 13:45:24 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\NNNyyxA11vD2oF
[2011/09/27 13:45:18 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\TaaamH55s
[2011/09/27 13:45:11 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\tK88fRRZ9hYwjVe
[2011/09/27 13:45:05 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\rUUUVrlOOtxP
[2011/09/27 13:44:59 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\TFF3ppnG5
[2011/09/27 13:44:53 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\x99hhYXwkUVeOBx
[2011/09/27 13:44:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\hPP00ucS2ibDpn5
[2011/09/27 13:44:41 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\JJ66dEEK8fR9
[2011/09/27 13:44:35 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\wUUVVrlOBtxPuc1
[2011/09/27 13:44:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ZgggTZqqhYwkIrO
[2011/09/27 13:44:21 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\szPP0yycA1vD3F4
[2011/09/27 13:44:15 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\p55sQQJ6dEK8R9h
[2011/09/27 13:44:07 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\tD33oonG4aQHsW7
[2011/09/27 13:44:00 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\tPPNNyxA1uvDob4
[2011/09/27 13:43:54 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\kQHH6ddWK8fL9Xj
[2011/09/27 13:43:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\uONNtxA0u
[2011/09/27 13:43:40 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\y000yccS1iv3oGa
[2011/09/27 13:43:33 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\RKK88gRRZqYXwUr
[2011/09/27 13:43:26 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\xUUCCelIBrzPyc1
[2011/09/27 13:43:20 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\kiiibF33pn5aQ6W
[2011/09/27 13:43:13 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\bssWWJ7fEL9gZq
[2011/09/27 13:43:06 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\kOOOBttxP0yS1bD
[2011/09/27 13:43:00 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\A222ibD3p
[2011/09/27 13:42:53 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\wkIIVrrzONtA0vS
[2011/09/27 13:42:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\D1ivD3onGaHsKf
[2011/09/27 13:42:41 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\f7fRL9hTXj
[2011/09/27 13:42:34 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\C8gTZqhYCkVlNx0
[2011/09/27 13:42:27 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\SivD3onF4m6W7E9
[2011/09/27 13:42:21 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\xH6sWK7fR9TqUe
[2011/09/27 13:42:14 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\y5aQH6dWKfLhXj
[2011/09/27 13:42:08 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\UJ6dEK8fR9YwUeO
[2011/09/27 13:42:02 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\nbF4pmG5sJdK
[2011/09/27 13:41:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\xF4pmH5sW7E8Tq
[2011/09/27 13:41:49 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\AnF4amH6sJfLgZj
[2011/09/27 13:41:43 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\qRL9gTXqj
[2011/09/27 13:41:36 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ncS2ibD3pGaH
[2011/09/27 13:41:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\LxA0uvS2iFp
[2011/09/27 13:41:17 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\bTZqhYCwkVlNx0
[2011/09/27 13:41:12 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\A3pmG5sQJdKgZhX
[2011/09/27 13:41:05 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\CZqhYCwkUrO
[2011/09/27 13:40:59 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\JxA0uvS2iFpGaJd
[2011/09/27 13:40:53 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\luvS2obF4
[2011/09/27 13:40:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\R7dEL8gTZhCkVlN
[2011/09/27 13:40:41 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\zF3pmG5sQ6
[2011/09/27 13:40:35 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\nP0ucS2ib3n5Q6W
[2011/09/27 13:40:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\uBtzP0ycS
[2011/09/27 13:40:23 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\L6dWK7fRLhXjClB
[2011/09/27 13:40:17 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\XzP0ycA1iDoFaHs
[2011/09/27 13:40:11 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\SH6sWK7fR9TqUeI
[2011/09/27 13:40:05 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\UjUCelIBtPyAiD
[2011/09/27 13:39:59 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ZqjYCekIB
[2011/09/27 13:39:53 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\mcA1uvD2oFpHsJd
[2011/09/27 13:39:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\QrzONyxA0v2
[2011/09/27 13:39:41 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\p7dEL8gRZhCk
[2011/09/27 13:39:36 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ffRZ9hYXwU
[2011/09/27 13:39:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\aelIBrzPNc1v2
[2011/09/27 13:39:24 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\PEL9gTZqjCkVzNx
[2011/09/27 13:39:19 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\nRZqhYCwkVlNx0c
[2011/09/27 13:39:13 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\v8fRZ9hYXj
[2011/09/27 13:39:06 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\KkIBrzONybm5Q7E
[2011/09/27 13:39:00 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\UXqjUCelIrPyAuD
[2011/09/27 13:38:54 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\mqjYCekIVzNx0v2
[2011/09/27 13:38:48 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\vRZqhYCwkV
[2011/09/27 13:38:42 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\WXwjUVelO
[2011/09/27 13:38:37 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\dIBrzPNyc
[2011/09/27 13:38:31 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\G2obF3pmGsJdK
[2011/09/27 13:38:26 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\HP0ucS2ib3n5Q6W
[2011/09/27 13:38:20 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\xhYXwjUVeOtPySi
[2011/09/27 13:38:14 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\EycA1uvD2n4m5
[2011/09/27 13:38:08 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\w0uvS2obFp
[2011/09/27 13:38:02 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\E7dEL8gRZhCkVlN
[2011/09/27 13:37:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\gmG5aQJ6dKfZhX
[2011/09/27 13:37:50 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\uuvS2obF4
[2011/09/27 13:37:44 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\btxA0ucS2b3n5Q6
[2011/09/27 13:37:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\V0ycS1ibDoGaHsK
[2011/09/27 13:37:33 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\V2onF4amHsJfLgZ
[2011/09/27 13:37:27 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\D4pmG5sQJdKgZh
[2011/09/27 13:37:21 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\t2ibF3pnGaJdKfZ
[2011/09/27 13:37:16 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\KfRL9gTXqUeIr
[2011/09/27 13:37:10 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\VTZqjYCwkVzN
[2011/09/27 13:37:05 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\pOBtxP0uc1b3n4Q
[2011/09/27 13:36:59 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\pA1ivD3on4m6W7E
[2011/09/27 13:36:53 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ND2obF4pm5Q7E8
[2011/09/27 13:36:48 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\PmG5aQJ6dKfZhX
[2011/09/27 13:36:42 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\nQH6dWK7fLhX
[2011/09/27 13:36:36 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\L7fEL9gTZjC
[2011/09/27 13:36:31 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fRZqhYCwkV
[2011/09/27 13:36:25 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\QOBtzP0yc1v3n4
[2011/09/27 13:36:20 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\scA1uvD2oFpHsJ
[2011/09/27 13:36:14 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\PuvS2obF3m5
[2011/09/27 13:36:08 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\wtxP0ucS2b3n5Q6
[2011/09/27 13:36:03 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ZG4amH6sW
[2011/09/27 13:35:57 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\NA1uvD2on4m5W7
[2011/09/27 13:35:51 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\h3pmG5sQJdKgZhX
[2011/09/27 13:35:46 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\j6dWK8fRLhXjClB
[2011/09/27 13:35:40 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\wL9gTXqjYeIrOyA
[2011/09/27 13:35:34 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\SYCwkIVrlNx0c2b
[2011/09/27 13:35:29 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ubD3onG4a
[2011/09/27 13:35:23 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\B7fEL8gTZjCkV
[2011/09/27 13:35:18 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\YsQJ7dEK8RqYwUr
[2011/09/27 13:35:12 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\W9hTXwjUV
[2011/09/27 13:35:06 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\L7fRL9gTXjCkBzN
[2011/09/27 13:35:00 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\JWJ7fEL8gZjC
[2011/09/27 13:34:55 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\dF4pmG5sQ7E8RqY
[2011/09/27 13:34:49 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\AZ9hTXwjU
[2011/09/27 13:34:43 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\eK7fRL9gTqUeIrP
[2011/09/27 13:34:38 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\sfEL8gTZqYwIrO
[2011/09/27 13:34:32 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\CqhYXwkUVlBx0c
[2011/09/27 13:34:26 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\EfRZ9hTXwUeItPy
[2011/09/27 13:34:21 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\QK7fRL9gTqUeIrP
[2011/09/27 13:34:15 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\T8gTZqjYCkVzNx0
[2011/09/27 13:34:09 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\FRZqhYXwkVlB
[2011/09/27 13:34:03 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\LXwjUVelItP
[2011/09/27 13:33:58 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fkIBrzPNyA
[2011/09/27 13:33:52 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\BtxA0uvS2b
[2011/09/27 13:33:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\O1ibD3pnGa
[2011/09/27 13:33:41 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\zF4amH6sW7
[2011/09/27 13:33:35 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\tQJ7dEL8gZ
[2011/09/27 13:33:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\VwjUVelOBz0c1v3
[2011/09/27 13:33:24 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\kIBrzPNyc1v2n4
[2011/09/27 13:33:19 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\exA0uvS2oFpGsJ
[2011/09/27 13:33:13 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\lD3pnG5aQ6W8R9T
[2011/09/27 13:33:07 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\rmH6sWK7fLgXjCk
[2011/09/27 13:33:02 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\d5sWJ7dELgZh
[2011/09/27 13:32:56 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\eS2obF3pm5Q6E8R
[2011/09/27 13:32:50 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\oONtxP0uc2b3n5Q
[2011/09/27 13:32:44 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\HVelOBtzPySiDoG
[2011/09/27 13:32:39 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\azPNycA1uDoFpHs
[2011/09/27 13:32:33 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\rONyxA0uv2b3
[2011/09/27 13:32:27 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\x2ibD3pnGaHdKf
[2011/09/27 13:32:21 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\p3onG4amHsKf
[2011/09/27 13:32:16 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\fpmH5sWJ7E
[2011/09/27 13:32:10 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\uZ9hYXwkUeOtPyS
[2011/09/27 13:32:05 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\N9hTXwjUClB
[2011/09/27 13:31:59 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\wK7fEL9gTqYeIrO
[2011/09/27 13:31:53 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\pdEL8gTZqYwIrOt
[2011/09/27 13:31:47 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\gRZ9hYXwkVlBx0
[2011/09/27 13:31:42 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\PwjUCelIBzNc1v
[2011/09/27 13:31:36 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\yfEL9gTXqYeIrOy
[2011/09/27 13:31:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\BEL8gTZqhCkVlNx
[2011/09/27 13:31:25 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\JK8gRZ9hYwUe
[2011/09/27 13:31:19 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\FUCelIBtzNc1v2n
[2011/09/27 13:31:13 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\orzONyxA1v2b4m
[2011/09/27 13:31:08 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\ncS2ibF3pGaJdKf
[2011/09/27 13:31:02 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\I1ibD3onGaHs
[2011/09/27 13:30:57 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\TH5sWJ7fE8TqYwI
[2011/09/27 13:30:51 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\jobF4pmG5Q7E8Rq
[2011/09/27 13:30:45 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\d6dWK8fRZ
[2011/09/27 13:30:40 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\GjUCekIBrPyAu
[2011/09/27 13:30:34 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\HzONtxA0uSiFpG
[2011/09/27 13:30:28 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\HcS1ibD3pGaHdK
[2011/09/27 13:30:23 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\QonF4amH6W7E9T
[2011/09/27 13:30:17 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\s5sQJ7dELgZhCk
[2011/09/27 13:30:11 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\xQJ6dEK8fZh
[2011/09/27 13:30:06 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\mK7fRL9hTq
[2011/09/27 13:25:17 | 000,000,000 | ---D | C] -- C:\Windows\system64
[2011/09/27 13:05:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Zosiu
[2011/09/27 13:05:30 | 000,000,000 | ---D | C] -- C:\Users\Pimp\AppData\Roaming\Uwkia
[2010/11/22 16:34:41 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcusb1.dll
[2010/11/22 16:34:41 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpmui.dll
[2010/11/22 16:34:41 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcinpa.dll
[2010/11/22 16:34:41 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbciesc.dll
[2010/11/22 16:34:40 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcserv.dll
[2010/11/22 16:34:40 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbchbn3.dll
[2010/11/22 16:34:40 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomc.dll
[2010/11/22 16:34:40 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbclmpm.dll
[2010/11/22 16:34:40 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccoms.exe
[2010/11/22 16:34:40 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomm.dll
[2010/11/22 16:34:40 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcih.exe
[2010/11/22 16:34:40 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccfg.exe
[2010/11/22 16:34:40 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcppls.exe
[2010/11/22 16:34:40 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcprox.dll
[2010/11/22 16:34:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpplc.dll
[2010/05/05 19:59:10 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2010/05/05 19:38:18 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/12 16:57:54 | 000,015,536 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/12 16:57:54 | 000,015,536 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/12 16:57:38 | 000,730,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/10/12 16:57:38 | 000,626,844 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/10/12 16:57:38 | 000,107,160 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/10/12 16:55:59 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\PC Optimizer Pro64 startups.job
[2011/10/12 16:55:58 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/12 16:50:42 | 000,000,344 | ---- | M] () -- C:\Windows\SysWow64\mvcli.xml
[2011/10/12 16:50:41 | 000,000,008 | ---- | M] () -- C:\Windows\mvraidver.dat
[2011/10/12 16:50:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/12 16:48:54 | 2145,570,815 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/12 16:45:15 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/08 19:31:04 | 000,000,000 | -H-- | M] () -- C:\Windows\MEMORY.DMP
[2011/10/06 20:06:17 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\MOTOROLA MEDIA LINK.lnk
[2011/10/04 16:27:07 | 000,002,000 | ---- | M] () -- C:\Open Cloud AV.lnk
[2011/10/02 17:32:17 | 001,920,000 | ---- | M] () -- C:\Windows\SysWow64\VaQQHH6sWK7fL9T.exe
[2011/10/02 17:08:15 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\hJ7fEL9gTqYeIrO.exe
[2011/09/29 08:50:45 | 001,933,312 | ---- | M] () -- C:\Users\Pimp\Desktop\torchlight.sav
[2011/09/28 19:37:33 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/09/28 14:54:50 | 000,000,149 | ---- | M] () -- C:\Windows\SysWow64\1181453732
[2011/09/27 14:12:11 | 000,000,915 | ---- | M] () -- C:\Users\Pimp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk
[2011/09/27 13:59:36 | 002,368,000 | ---- | M] () -- C:\Windows\SysWow64\jvoFa5W7EgjwI.exe
[2011/09/27 13:59:32 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\aiDna5JE8ZjwVOx.exe
[2011/09/27 13:59:31 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\uDna5JE8Z.exe
[2011/09/27 13:59:29 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\Fnad8LTwjCIPciD.exe
[2011/09/27 13:59:28 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\VjgK6H32S.exe
[2011/09/27 13:59:25 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\VlIUqqLE6HGo.exe
[2011/09/27 13:59:25 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\e5DvyzUUqZJsGoc.exe
[2011/09/27 13:59:24 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\byBrNtzlCwXgKJQ.exe
[2011/09/27 13:59:18 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\CaZliC8d5no21Ac.exe
[2011/09/27 13:59:17 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\kBESUfGSld530tB.exe
[2011/09/27 13:59:14 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\Jr0bGdXlPiGPUwT.exe
[2011/09/27 13:59:13 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\YmH6sWJ7fTCNSpQ.exe
[2011/09/27 13:59:13 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\YmH6sW7fjkxbGEY.exe
[2011/09/27 13:59:12 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\d6sWJ7fET.exe
[2011/09/27 13:59:12 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\b7fETCNSpQ9.exe
[2011/09/27 13:59:11 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\b7fLTqekVz0.exe
[2011/09/27 13:59:10 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\YH6sWJ7fLTjeVz0.exe
[2011/09/27 13:59:10 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\iJ7fETCNSp.exe
[2011/09/27 13:59:10 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\CH6sWJ7fLTjeVz0.exe
[2011/09/27 13:59:07 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\b7fEgqCkrOx.exe
[2011/09/27 13:59:05 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\YmH6sWJ7fgqCkrO.exe
[2011/09/27 13:59:03 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\d6sWJ7fLT.exe
[2011/09/27 13:58:57 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\aK8fRZ9hTwUeIPA.exe
[2011/09/27 13:58:52 | 002,463,744 | ---- | M] () -- C:\Windows\SysWow64\fZqYkIVlNAu2b3n.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/10 15:27:03 | 000,302,592 | ---- | C] () -- C:\Users\Pimp\Desktop\gmer.exe
[2011/10/08 15:39:50 | 000,000,000 | -H-- | C] () -- C:\Windows\MEMORY.DMP
[2011/10/06 20:06:17 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\MOTOROLA MEDIA LINK.lnk
[2011/10/04 16:27:07 | 000,002,000 | ---- | C] () -- C:\Open Cloud AV.lnk
[2011/10/02 17:32:17 | 001,920,000 | ---- | C] () -- C:\Windows\SysWow64\VaQQHH6sWK7fL9T.exe
[2011/10/02 17:08:15 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\hJ7fEL9gTqYeIrO.exe
[2011/09/27 13:59:36 | 002,368,000 | ---- | C] () -- C:\Windows\SysWow64\jvoFa5W7EgjwI.exe
[2011/09/27 13:59:29 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\uDna5JE8Z.exe
[2011/09/27 13:59:29 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\aiDna5JE8ZjwVOx.exe
[2011/09/27 13:59:28 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\Fnad8LTwjCIPciD.exe
[2011/09/27 13:58:59 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\VjgK6H32S.exe
[2011/09/27 13:58:57 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\e5DvyzUUqZJsGoc.exe
[2011/09/27 13:58:56 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\VlIUqqLE6HGo.exe
[2011/09/27 13:58:56 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\byBrNtzlCwXgKJQ.exe
[2011/09/27 13:58:50 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\CaZliC8d5no21Ac.exe
[2011/09/27 13:58:49 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\kBESUfGSld530tB.exe
[2011/09/27 13:58:43 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\Jr0bGdXlPiGPUwT.exe
[2011/09/27 13:58:40 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\YmH6sWJ7fTCNSpQ.exe
[2011/09/27 13:58:40 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\YmH6sWJ7fgqCkrO.exe
[2011/09/27 13:58:40 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\YmH6sW7fjkxbGEY.exe
[2011/09/27 13:58:40 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\YH6sWJ7fLTjeVz0.exe
[2011/09/27 13:58:40 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\iJ7fETCNSp.exe
[2011/09/27 13:58:40 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\CH6sWJ7fLTjeVz0.exe
[2011/09/27 13:58:40 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\b7fLTqekVz0.exe
[2011/09/27 13:58:40 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\b7fETCNSpQ9.exe
[2011/09/27 13:58:40 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\b7fEgqCkrOx.exe
[2011/09/27 13:58:39 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\fZqYkIVlNAu2b3n.exe
[2011/09/27 13:58:39 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\d6sWJ7fLT.exe
[2011/09/27 13:58:39 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\d6sWJ7fET.exe
[2011/09/27 13:58:39 | 002,463,744 | ---- | C] () -- C:\Windows\SysWow64\aK8fRZ9hTwUeIPA.exe
[2011/07/15 01:08:47 | 000,001,456 | ---- | C] () -- C:\Users\Pimp\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/07/07 14:57:35 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/07/03 19:35:36 | 000,010,900 | ---- | C] () -- C:\Users\Pimp\AppData\Roaming\E922.6F6
[2011/03/24 18:23:50 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/20 16:57:17 | 001,907,712 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2011/03/20 16:57:17 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2011/03/20 16:57:17 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2011/03/20 16:57:17 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2011/03/20 16:57:17 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2011/01/25 11:06:56 | 000,042,132 | ---- | C] () -- C:\Windows\XF2000.INI
[2011/01/22 00:56:09 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/01/21 05:40:19 | 000,000,627 | ---- | C] () -- C:\Windows\cdiemu.ini
[2011/01/19 18:18:30 | 000,000,132 | ---- | C] () -- C:\Users\Pimp\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/12/20 06:06:54 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010/12/12 01:12:20 | 000,000,186 | ---- | C] () -- C:\Users\Pimp\AppData\Roaming\default.rss
[2010/12/12 01:12:07 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010/11/23 20:13:28 | 002,493,643 | ---- | C] () -- C:\Windows\SysWow64\abgx360.exe
[2010/11/22 16:35:17 | 000,000,294 | ---- | C] () -- C:\Windows\Lexstat.ini
[2010/11/22 16:34:41 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbcutil.dll
[2010/11/22 16:34:41 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBCinst.dll
[2010/10/07 02:57:03 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe
[2010/09/30 17:30:26 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/09/30 17:30:23 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/09/30 17:30:22 | 000,000,299 | ---- | C] () -- C:\Windows\game.ini
[2010/09/24 15:38:44 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2010/09/16 13:49:27 | 000,000,008 | ---- | C] () -- C:\Windows\mvraidver.dat
[2010/09/10 16:16:58 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2010/09/10 16:08:21 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2010/09/10 16:08:21 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2010/06/25 13:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/05/05 20:37:52 | 000,021,204 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010/05/05 20:37:50 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2010/05/05 19:56:46 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CTXFIRES.DLL
[2010/05/05 19:46:30 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2010/05/05 19:46:30 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2010/05/05 19:38:22 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/06 13:47:08 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008/10/22 05:29:06 | 000,173,550 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2008/04/17 06:35:52 | 000,047,394 | ---- | C] () -- C:\Windows\php.ini

========== LOP Check ==========

[2011/09/27 13:43:00 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\A222ibD3p
[2011/09/27 13:41:12 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\A3pmG5sQJdKgZhX
[2011/09/27 14:08:22 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Ab5E9ecn6RqIAoQ
[2011/05/31 13:54:52 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\abgx360
[2011/09/27 13:39:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\aelIBrzPNc1v2
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\AgRqhYXwkVlt
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\AgRZqhYXwUrO
[2011/09/27 13:49:34 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\aIBtzP0yc1
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\aK8fRZ9hTwUeI01
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\aK8fRZ9hTwUeIAo
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\aK8fRZ9hTwUeIP4
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\aK8fRZ9hTwUeIPA
[2011/09/27 13:41:49 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\AnF4amH6sJfLgZj
[2011/07/19 03:57:49 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\AnvSoft
[2011/09/27 14:08:24 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ApHfwBi5gridjyG
[2010/11/08 13:27:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Atari
[2011/09/27 13:52:51 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\aXqqjUUCel
[2011/09/27 13:49:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\aYXwkUVrlB
[2011/09/27 13:34:49 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\AZ9hTXwjU
[2011/09/27 13:32:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\azPNycA1uDoFpHs
[2011/09/27 13:49:45 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\AZqjYCwkIrOt
[2011/09/27 13:35:23 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\B7fEL8gTZjCkV
[2011/09/27 13:52:37 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\BammH6sWfELgZjY
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\BAu2bpGsQdKgq
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\BAu2FmG5sJdKg
[2011/09/27 13:31:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\BEL8gTZqhCkVlNx
[2011/09/27 13:58:31 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\BenXu7kuQj1WCca
[2011/09/27 13:51:53 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\bIBrzPNyx1v
[2011/09/27 13:46:42 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\BonF4amH5W7E8Tq
[2011/09/27 13:43:13 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\bssWWJ7fEL9gZq
[2011/09/27 13:37:44 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\btxA0ucS2b3n5Q6
[2011/09/27 13:33:52 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\BtxA0uvS2b
[2011/09/27 13:41:17 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\bTZqhYCwkVlNx0
[2011/09/27 13:58:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\BuWI4judBaY2KVS
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\BxuSb3ma6K
[2011/09/27 13:48:37 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\C66dEK8fRZhYwUe
[2011/09/27 13:42:34 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\C8gTZqhYCkVlNx0
[2011/09/27 13:58:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\c9hwVOzy1Dna6KE
[2011/09/27 13:57:19 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ce37BFRtGwc5
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\cFeJvws1haNgieW
[2011/09/27 14:10:07 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\CKcZ3Us08v909c
[2011/09/27 13:49:05 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\CkkIBrzPNyA1v2b
[2011/09/27 13:59:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Coi1xBCZ75nopo2
[2011/09/27 14:11:34 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Con4amH5sJfLgZj
[2011/09/27 13:57:03 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\CP1bHdqUtS3aW9j
[2011/09/27 13:34:32 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\CqhYXwkUVlBx0c
[2011/09/27 14:08:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\CrzyxA1uv2bp5J
[2011/09/27 14:11:27 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\cXwjeBzP0
[2011/09/27 14:08:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\CzONyA1uv2b4Gs
[2011/09/27 14:08:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\CzONyA1uv2b4ms
[2011/09/27 13:41:05 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\CZqhYCwkUrO
[2011/09/27 13:48:31 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\CzzzPNNycA1
[2011/09/27 13:42:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\D1ivD3onGaHsKf
[2011/09/27 13:37:27 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\D4pmG5sQJdKgZh
[2011/09/27 13:33:02 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\d5sWJ7dELgZh
[2011/09/27 13:30:45 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\d6dWK8fRZ
[2011/09/27 13:56:51 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\d7fRL9hTXjClBzN
[2010/09/26 09:12:25 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\DAEMON Tools Lite
[2011/03/29 04:16:53 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\DarksporeData
[2011/03/06 02:36:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Datel
[2011/09/27 13:34:55 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\dF4pmG5sQ7E8RqY
[2011/09/27 13:52:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\dfRZ9hYXwUeOtPy
[2011/09/27 13:38:37 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\dIBrzPNyc
[2011/09/27 13:59:01 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\DR4AY8s3buxCY9E
[2011/09/27 14:08:27 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Dt13aKLUP1oHETC
[2011/09/27 13:47:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\DWK7fRL9gXj
[2011/09/27 14:08:54 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\dxQXcaEkximQ
[2011/09/27 14:08:22 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\dZecn6RqkAoQ
[2011/09/27 14:08:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\dzONyA1uv2b4GsJ
[2011/09/27 13:38:02 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\E7dEL8gRZhCkVlN
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ecS2ibD3pGaHdKf
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\EfRL9hTXqUeIrPy
[2011/09/27 13:34:26 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\EfRZ9hTXwUeItPy
[2011/09/27 13:58:53 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\eHbcOwqRdaFD1PP
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ehTXwjUVeIP4m6W
[2011/09/27 13:34:43 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\eK7fRL9gTqUeIrP
[2011/01/25 10:57:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Emulators
[2011/01/22 20:46:36 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Epic
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\EQJ7dEK8gZhXkVl
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\EQJdEK8gRqYwUrO
[2011/09/27 13:32:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\eS2obF3pm5Q6E8R
[2010/10/04 12:47:57 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ESET
[2011/09/27 14:08:55 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ETXqjYCekBzNAuS
[2011/09/27 13:50:20 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\eUVelIBtz0c1v3n
[2011/09/27 13:58:43 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\EVBc3axlCj
[2011/09/27 21:38:31 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\eWK7fEL9gXjCkBz
[2011/09/27 13:33:19 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\exA0uvS2oFpGsJ
[2011/09/27 13:38:14 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\EycA1uvD2n4m5
[2011/09/27 13:42:41 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\f7fRL9hTXj
[2011/09/27 13:50:37 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fF4pmH5sQ7E8RqY
[2011/09/27 13:39:36 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ffRZ9hYXwU
[2010/12/03 02:46:32 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\FileBoss
[2011/02/04 02:26:48 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\FileZilla
[2011/09/27 13:33:58 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fkIBrzPNyA
[2011/09/27 13:58:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\FKj0Xd4n2
[2011/09/27 13:58:31 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fnqSgxQeFq
[2011/09/27 13:32:16 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fpmH5sWJ7E
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fQdEK8gRqYwUrOt
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fQJdEK8gRqYwUrO
[2011/09/27 13:36:31 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fRZqhYCwkV
[2011/09/27 13:34:09 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\FRZqhYXwkVlB
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fsQJ7dEK8RqYwUr
[2011/09/27 13:31:19 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\FUCelIBtzNc1v2n
[2011/09/27 13:51:35 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fucS2ibF3n
[2011/09/27 13:59:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fUu2Dnad8LTwCIP
[2011/09/27 13:59:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\fxu2Fm5JdgqXrBP
[2011/09/27 13:58:53 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\FyYsuBkTE
[2011/09/27 13:38:31 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\G2obF3pmGsJdK
[2011/09/27 14:08:57 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\G4HWf9XjeBPcu2n
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GAvo4H5WEgZCIzN
[2011/09/27 14:08:22 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\gb4W9UrupEY
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GcA1uvD2oFpHsJE
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GcA1uvD2oFpHsJg
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GcA1uvD2oFpHsJL
[2011/09/27 13:59:36 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\gDnaHd8R9XeItPc
[2011/01/13 13:32:06 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GetRightToGo
[2011/09/27 13:51:00 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GF4pmH5sQ7E8RqY
[2011/09/27 13:46:06 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\gG4aQH6dW7R9TqU
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GIBAo4mH6W
[2011/09/27 13:30:40 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GjUCekIBrPyAu
[2011/09/27 14:08:55 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GjYCekIBry
[2011/09/27 13:37:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\gmG5aQJ6dKfZhX
[2011/09/27 13:48:14 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GQJ6dEK8fZhXjVl
[2011/09/27 13:56:46 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GrNAvom6RweBPci
[2011/09/27 13:31:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\gRZ9hYXwkVlBx0
[2011/09/27 13:46:24 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GvS2obF3pGsJdKg
[2011/09/27 14:08:55 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GYCekIBrzN
[2011/09/27 14:08:55 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\GYCekIBrzy
[2011/09/27 13:58:32 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\gyKzsUbLc7VbfBn
[2011/09/27 13:35:51 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\h3pmG5sQJdKgZhX
[2011/09/27 13:47:50 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\h3pnG5aQHdKfLhX
[2011/09/27 13:48:43 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\hbbF4pmH5sJ7E8R
[2011/09/27 13:30:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\HcS1ibD3pGaHdK
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\HfRZ9hTXwUeI01D
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\HfRZ9hTXwUeIP4m
[2011/01/24 22:23:22 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Hoyle
[2011/03/06 17:35:12 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Hoyle FaceCreator
[2011/08/01 00:55:34 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Hoyle Puzzle and Board Games
[2011/09/27 13:51:41 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\hS2obF4pm5Q7E8R
[2011/09/27 13:57:52 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\HT8HFcPkLJpiOk
[2011/09/27 13:32:44 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\HVelOBtzPySiDoG
[2011/09/27 13:58:37 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\HxF6hO14EqIy2m7
[2011/09/27 13:30:34 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\HzONtxA0uSiFpG
[2011/09/27 13:58:49 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\I0F6YtLQpDuzzVk
[2011/09/27 13:31:02 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\I1ibD3onGaHs
[2011/09/27 13:45:49 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\iCCCwkkIVr
[2010/11/11 00:07:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ImgBurn
[2011/09/27 14:08:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\IMVU
[2010/12/12 18:14:03 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\IMVUClient
[2011/09/27 14:08:25 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\io9AdO5U2gAJeoT
[2011/09/27 13:50:31 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\iONtxA0uv2b3m5Q
[2011/09/27 14:09:34 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\IOYaAOUgEKdW
[2011/09/27 13:46:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\iqhYCwkUVlNx0c2
[2011/09/27 13:58:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\IR9hwVOzy1Dna6K
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\IXwjUVelIAo4m6W
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\J1DoFm5JE
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\J3pnG5aQJ
[2011/09/27 13:35:46 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\j6dWK8fRLhXjClB
[2011/09/27 13:56:50 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\JA0uvS2ib3m5Q6E
[2011/09/27 13:58:38 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Jc1DoFm5J
[2011/09/27 13:56:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\JfEL8gTZq
[2011/09/27 14:08:55 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\jIBrzONyAuSoF
[2011/09/27 13:44:41 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\JJ66dEEK8fR9
[2011/09/27 13:51:59 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\jjYCekIVrOyAuSo
[2011/09/27 13:31:25 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\JK8gRZ9hYwUe
[2011/09/27 13:30:51 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\jobF4pmG5Q7E8Rq
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\jpQ7TCz1n5EqItc
[2011/09/27 13:50:25 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\jtxP0ucS1b3n4Q6
[2011/09/27 13:58:38 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Ju2FpHs7E
[2011/09/27 13:35:00 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\JWJ7fEL8gZjC
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\JwWF1NwhHuBCZLh
[2011/09/27 13:56:50 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Jx0vS2ibFpGaJdK
[2011/09/27 13:40:59 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\JxA0uvS2iFpGaJd
[2011/09/27 14:08:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\JZV0pdhlcFJq
[2011/09/27 13:51:06 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\KamH6sWJ7E9TqYe
[2011/09/27 13:37:16 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\KfRL9gTXqUeIr
[2011/09/27 13:33:24 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\kIBrzPNyc1v2n4
[2011/09/27 13:43:20 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\kiiibF33pn5aQ6W
[2011/09/27 13:39:06 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\KkIBrzONybm5Q7E
[2011/09/27 13:57:12 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\klNv4sLjItSpdZ
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Ko4H6sWK7E9TqYe
[2011/09/27 13:52:12 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\KOBtxP0uc1
[2011/09/27 13:58:42 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\KOcboHTBAL
[2011/09/27 13:43:06 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\kOOOBttxP0yS1bD
[2011/09/27 13:57:54 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\KpxX5uj7pPITGve
[2011/09/27 13:43:54 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\kQHH6ddWK8fL9Xj
[2011/09/27 13:46:48 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\KsWK7fRL9T
[2011/09/27 13:40:23 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\L6dWK7fRLhXjClB
[2011/09/27 13:36:36 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\L7fEL9gTZjC
[2011/09/27 13:35:06 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\L7fRL9gTXjCkBzN
[2011/09/27 13:56:57 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\L9gTXqjYCkBzNx1
[2011/09/27 13:33:13 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\lD3pnG5aQ6W8R9T
[2011/09/27 13:58:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\LD9xsXPGTc5
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\LdEK8gRqhXkVltP
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\LdEK8gRZqYwUrOt
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\LJ7dEK8gRqYwUrO
[2011/09/27 13:56:46 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\LkrNAvom6RweBPc
[2011/09/27 13:50:02 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\LlOBtxP0uSiDpG
[2011/09/27 14:08:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\lo69eN25gU03
[2011/09/27 13:51:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\lonF4amH5W7E8Tq
[2011/09/27 13:51:12 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\LqjUCelIBzNc1v2
[2011/09/27 14:08:55 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\LTXjYCekIryAuSo
[2011/09/27 13:59:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Lu2Dnad8LTwCIPc
[2011/09/27 13:40:53 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\luvS2obF4
[2011/09/27 13:41:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\LxA0uvS2iFp
[2011/09/27 13:34:03 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\LXwjUVelItP
[2011/09/27 13:39:53 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\mcA1uvD2oFpHsJd
[2011/09/27 13:56:46 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\mIOyuSbp5JE8ZYk
[2011/09/27 13:30:06 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\mK7fRL9hTq
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\mlIBP4amHs
[2011/03/16 13:59:52 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\motorola
[2011/09/27 13:38:54 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\mqjYCekIVzNx0v2
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\mXoY6cqGxTpOR
[2011/02/27 01:32:20 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\MyScribe
[2011/09/27 13:52:44 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\N33pnnG5a6dW8f
[2011/09/27 13:32:05 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\N9hTXwjUClB
[2011/09/27 13:35:57 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\NA1uvD2on4m5W7
[2011/09/27 13:42:02 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\nbF4pmG5sJdK
[2011/09/27 13:59:16 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\nBVUg8sQQ43i
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Nc2ibF3pn5QdKfZ
[2011/09/27 13:41:36 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ncS2ibD3pGaH
[2011/09/27 13:31:08 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ncS2ibF3pGaJdKf
[2011/09/27 13:36:53 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ND2obF4pm5Q7E8
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ndEK8gRqh
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ndEK8gRZq
[2011/09/27 14:08:24 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\NeBPci2FHs7EgqC
[2011/06/16 21:48:08 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\NetAssistant
[2011/09/27 13:45:37 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\nggTTZqhYCwkVrO
[2011/09/27 13:58:54 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\NiNwWvwZ7Go
[2011/09/27 13:47:17 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\NIVrzONyx0v2b3m
[2011/09/27 13:57:52 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\NkaBsO6t6yEufA
[2011/09/27 13:45:24 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\NNNyyxA11vD2oF
[2011/09/27 21:38:31 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\nNyxA1uvSoFpGsJ
[2011/09/27 13:40:35 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\nP0ucS2ib3n5Q6W
[2011/09/27 13:36:42 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\nQH6dWK7fLhX
[2011/09/27 13:50:14 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\NqjUCekIBzNx1v2
[2011/09/27 13:39:19 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\nRZqhYCwkVlNx0c
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\nStCZRfaasQ5GDS
[2011/09/27 13:57:08 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ny0So3GQd
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\nzK3Bd2C5t83BR4
[2011/09/27 13:33:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\O1ibD3pnGa
[2011/09/27 13:49:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\oekIBrzPNx1v2b4
[2011/09/27 13:51:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\OlOBtxP0ySiDoGa
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\oNyc1uvD2n4m5W7
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\oNycA1uvDoFpHsJ
[2011/09/27 13:32:50 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\oONtxP0uc2b3n5Q
[2011/09/27 13:47:31 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\oPNycA1uv2n4m5W
[2011/09/27 13:31:13 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\orzONyxA1v2b4m
[2011/09/27 13:50:43 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ovD3onF4aHsJfLg
[2011/09/27 13:57:08 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\oWf9XUeBzy1vo4
[2011/09/27 13:49:51 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\oXqjUCekIrPyAuD
[2011/09/27 14:08:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\oyA1uvS2oFGsJdK
[2011/09/27 14:08:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\oyA1uvS2oFpGQ7E
[2011/09/27 13:49:17 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\OYXwkUVrlB
[2011/09/27 13:32:21 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\p3onG4amHsKf
[2011/09/27 13:44:15 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\p55sQQJ6dEK8R9h
[2011/09/27 13:56:48 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\P5aHWf9XUltN1Dn
[2011/09/27 13:39:41 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\p7dEL8gRZhCk
[2011/09/27 13:52:06 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\PA0ucS2ib3n5Q6
[2011/09/27 13:36:59 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\pA1ivD3on4m6W7E
[2011/09/27 13:31:53 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\pdEL8gTZqYwIrOt
[2011/09/27 13:59:27 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Pe16qzup7ghwUu2
[2011/09/27 13:39:24 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\PEL9gTZqjCkVzNx
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\pelIB0ADo
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\pelIBAo4m
[2011/09/27 13:57:08 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\peynJqNiQfU0
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\PH6sWK7fE9T
[2011/09/27 13:57:09 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\pjVyxu2Fms6KR9X
[2011/09/27 13:36:48 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\PmG5aQJ6dKfZhX
[2011/09/27 13:37:05 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\pOBtxP0uc1b3n4Q
[2011/09/27 13:58:27 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ptiafUNvn
[2011/09/27 13:36:14 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\PuvS2obF3m5
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\pVtcD4dLj
[2011/09/27 13:31:42 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\PwjUCelIBzNc1v
[2011/09/27 13:45:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\PZqqjYYCekIrzNy
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\q6sWK7EL9TqY
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Q8fRZ9hTXjVlB01
[2011/09/27 14:08:22 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\QeOubGE9ecn6RqI
[2011/09/27 13:34:21 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\QK7fRL9gTqUeIrP
[2011/09/27 14:08:27 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\QKCcoJYOS58
[2011/09/27 14:08:55 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\qkIBrzyxAuSo
[2011/09/27 13:48:20 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\qmH5sQJ7dLgZhCk
[2011/09/27 13:36:25 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\QOBtzP0yc1v3n4
[2011/09/27 13:30:23 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\QonF4amH6W7E9T
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\QQH6dWK7fLhXjCl
[2011/09/27 13:41:43 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\qRL9gTXqj
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\qRqhYXwkUrOt
[2011/09/27 13:39:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\QrzONyxA0v2
[2011/09/27 13:48:48 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\QvvD3onF4aH6W7E
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\R0Jkb9AgSdlnVE3
[2011/09/27 13:40:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\R7dEL8gTZhCkVlN
[2011/09/27 13:57:14 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Rb5E9UtS3H9eAF8
[2011/09/27 14:11:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\rbD3pnG4aHdK
[2011/09/27 13:49:11 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\relIBtzP0
[2011/09/28 07:52:03 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Retiu
[2011/09/27 13:49:22 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\RgTZqjYCwIr
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ri4KgCNvH
[2011/09/27 13:43:33 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\RKK88gRRZqYXwUr
[2011/09/27 13:33:07 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\rmH6sWK7fLgXjCk
[2011/09/27 13:32:33 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\rONyxA0uv2b3
[2011/09/27 13:45:05 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\rUUUVrlOOtxP
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\RUVelIB0ADo4m6W
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\RUVelIBP4m6W7ET
[2011/09/27 13:46:00 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\RZZ9hhTXwjUVlI
[2011/09/27 13:30:17 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\s5sQJ7dELgZhCk
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\s7fEL9TqCkBOyA
[2011/09/27 13:59:01 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\s8GAY8s3buxCY9
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\sBEoV7Dw6Aq3BfF
[2011/09/27 13:36:20 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\scA1uvD2oFpHsJ
[2011/02/26 19:39:37 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Screaming Bee
[2011/09/27 13:47:37 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\sF4pmG5sQ7E8RqY
[2011/09/27 13:34:38 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\sfEL8gTZqYwIrO
[2011/09/27 13:40:11 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\SH6sWK7fR9TqUeI
[2011/09/27 13:42:27 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\SivD3onF4m6W7E9
[2011/09/27 13:56:50 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\sNA0uvS2iFpGaJ
[2011/06/02 21:24:40 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Sony
[2011/09/27 13:48:26 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\SqjYCekIVzNx0v2
[2011/09/27 13:58:15 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\srbfzGT1JkS6CD
[2011/01/20 00:27:50 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010/12/01 13:25:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Stella
[2011/09/27 13:47:05 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\suvS2ibF3m5Q6E8
[2011/09/27 13:35:34 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\SYCwkIVrlNx0c2b
[2011/09/27 13:48:02 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\SZ9hTXwjUeItPyA
[2011/09/27 13:44:21 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\szPP0yycA1vD3F4
[2011/09/27 13:37:21 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\t2ibF3pnGaJdKfZ
[2011/09/27 14:08:40 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\T5j2qSKBa
[2011/09/27 13:47:44 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\T8fRZ9hYXjVlBz0
[2011/09/27 13:34:15 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\T8gTZqjYCkVzNx0
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\tA1uvD2on4m5W7E
[2011/09/27 13:45:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\TaaamH55s
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\tBtxP0ycSiDoGaH
[2011/09/27 13:44:07 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\tD33oonG4aQHsW7
[2010/12/23 20:53:20 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\TeamViewer
[2011/09/27 14:08:17 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\TEk0mfjzDmEj
[2011/09/27 13:44:59 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\TFF3ppnG5
[2011/09/27 13:30:57 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\TH5sWJ7fE8TqYwI
[2011/09/27 13:48:08 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\TibD3pnG4Q6W7R9
[2011/09/27 13:45:11 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\tK88fRRZ9hYwjVe
[2011/09/27 13:50:08 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\tkIVrzONtAuSiFp
[2011/09/27 21:38:35 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Tofye
[2011/09/27 13:44:00 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\tPPNNyxA1uvDob4
[2011/09/27 13:33:35 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\tQJ7dEL8gZ
[2011/09/27 13:46:12 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\tRZ9hYXwjVlBz0c
[2011/09/27 13:57:09 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\tu2Fms6KR9
[2011/09/27 13:50:54 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\TxA0uvS2iFpGaJd
[2011/09/27 13:49:57 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\TXwjUVelItPyAiD
[2011/09/27 13:59:02 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\TYLE6Hmno3Fbvuu
[2011/09/27 13:48:54 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\u00ucS1ibDpn4Q6
[2011/09/27 13:35:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ubD3onG4a
[2011/09/27 13:40:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\uBtzP0ycS
[2011/09/27 14:11:23 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\UeIzyA1vo4HWf9
[2011/09/27 13:46:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\uEL8gTZqhCkVlNx
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\UG5sQJdEKgZhXkV
[2011/09/27 13:58:49 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\uHDIfnAVfo0BeRR
[2011/09/27 13:42:08 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\UJ6dEK8fR9YwUeO
[2011/09/27 13:40:05 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\UjUCelIBtPyAiD
[2011/09/27 13:45:54 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\uL99ggTXq
[2011/09/27 13:43:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\uONNtxA0u
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\UooonF4pmH5sJ7E
[2011/10/12 16:47:17 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\uTorrent
[2011/10/04 08:13:22 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\uu2FpHs7E
[2011/09/27 13:37:50 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\uuvS2obF4
[2011/09/28 09:06:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Uwkia
[2011/09/27 13:39:00 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\UXqjUCelIrPyAuD
[2011/09/27 13:32:10 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\uZ9hYXwkUeOtPyS
[2011/09/27 14:08:16 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\v0DQKTlyDa7TwO0
[2011/09/27 13:37:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\V0ycS1ibDoGaHsK
[2011/09/27 13:45:43 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\v1uuvSS2obFpm5s
[2011/09/27 13:37:33 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\V2onF4amHsJfLgZ
[2011/09/27 14:08:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\v3RtaTxGYc6jAsk
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\V5sQJ7dEKgZhXkV
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\V5sQJdEK8RqYwUr
[2011/09/27 13:39:13 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\v8fRZ9hYXj
[2011/09/27 13:59:01 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\VE665dWaa
[2010/09/25 20:03:33 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Vivox
[2011/09/27 13:59:01 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\VJGo2uPNV
[2011/09/27 13:51:24 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\VK8fRL9hTwUeItP
[2011/09/27 13:58:57 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\VmyR4AUKD
[2011/09/27 14:08:17 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\vn9zFEk0mfjzDmE
[2011/09/27 13:58:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\VnqSgxQeF
[2011/09/27 13:38:48 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\vRZqhYCwkV
[2011/09/27 13:37:10 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\VTZqjYCwkVzN
[2011/09/27 13:33:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\VwjUVelOBz0c1v3
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\vZ9hTXwjUeI01Do
[2011/09/27 13:38:08 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\w0uvS2obFp
[2011/09/27 13:47:11 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\w5sQJ7dELgZhCkV
[2011/09/27 13:47:24 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\w6dWK8fRZhXjVlB
[2011/09/27 13:35:12 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\W9hTXwjUV
[2011/09/27 14:11:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\WfEL9TqCkBOyAu2
[2011/09/27 13:58:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\whwVOzy1Dna6KEg
[2011/02/17 14:54:50 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Wireshark
[2011/09/27 13:31:59 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\wK7fEL9gTqYeIrO
[2011/09/27 13:42:53 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\wkIIVrrzONtA0vS
[2011/09/27 13:52:30 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\WkkUUVelO
[2011/09/27 13:35:40 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\wL9gTXqjYeIrOyA
[2011/09/27 14:08:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\WNyA1uvS2b4msJd
[2011/09/27 13:50:48 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\WpnG4aQH6
[2011/09/27 13:36:08 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\wtxP0ucS2b3n5Q6
[2011/09/27 14:08:22 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\wu2Fm6Zwlyb4W9U
[2011/09/27 13:44:35 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\wUUVVrlOBtxPuc1
[2011/09/27 14:08:16 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\wXlyDa7TwO
[2011/09/27 13:38:42 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\WXwjUVelO
[2011/09/27 14:08:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\wyJV3ZcWBp
[2011/09/27 13:51:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\X1ivD3onGaHsKfL
[2011/09/27 14:08:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\x1pEktbQZV036g
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\x1uvD2onFpHsJdL
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\x1uvD2onFpHsJLI
[2011/09/27 13:32:27 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\x2ibD3pnGaHdKf
[2011/09/27 13:44:53 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\x99hhYXwkUVeOBx
[2011/09/27 14:08:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\XbF4pGQ7dKgZhXk
[2011/09/27 14:08:56 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\XbF4pmGsJdKgZhX
[2011/09/27 13:41:55 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\xF4pmH5sW7E8Tq
[2011/09/27 13:42:21 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\xH6sWK7fR9TqUe
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\XhH2yrhR4xeq87R
[2011/09/27 13:38:20 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\xhYXwjUVeOtPySi
[2010/12/02 04:06:33 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Xilisoft Corporation
[2011/09/27 13:46:54 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\XK8fRZ9hTwUeItP
[2011/05/18 16:04:35 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\XLink Kai
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Xlq88WmnmGpnDSt
[2011/09/27 14:08:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\xPADm7Ctb8B4jv
[2011/09/27 13:30:11 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\xQJ6dEK8fZh
[2011/09/27 13:46:36 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\XS2obFpmGs
[2011/09/27 13:43:26 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\xUUCCelIBrzPyc1
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\xV5OWyKxKNhW4vl
[2011/09/27 13:56:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\xxoGdZktSoQ7XkN
[2011/09/27 14:11:27 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\xyc1iD3on4m6W7E
[2011/09/27 13:40:17 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\XzP0ycA1iDoFaHs
[2011/09/27 13:43:40 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\y000yccS1iv3oGa
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Y1xtIYXwjhh9dGD
[2011/09/27 13:42:14 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\y5aQH6dWKfLhXj
[2011/09/27 13:31:36 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\yfEL9gTXqYeIrOy
[2011/09/27 13:57:21 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\YoLzpqP6NfAZDkd
[2011/09/27 13:58:31 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\yPHkFglb7BnLrbK
[2011/09/27 14:08:16 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\YqtaXym8VS
[2011/09/27 13:35:18 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\YsQJ7dEK8RqYwUr
[2011/09/27 16:23:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\yvo4H5WEgZCIzNx
[2011/09/27 13:46:59 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ywkUVrlOBx0
[2011/09/27 13:56:47 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\yySpJgXBc3Q7TCz
[2011/09/27 13:52:24 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Z5aaQQH6d
[2011/09/27 13:58:29 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Z9hwVOzy1Dna6KE
[2011/09/27 13:49:00 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ZCwkIVrzOtAuSiF
[2011/09/27 13:40:41 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\zF3pmG5sQ6
[2011/09/27 13:33:41 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\zF4amH6sW7
[2011/09/27 13:36:03 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ZG4amH6sW
[2011/09/27 13:44:28 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ZgggTZqqhYwkIrO
[2011/09/28 14:54:55 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\Zosiu
[2011/09/27 13:39:59 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ZqjYCekIB
[2011/09/27 13:58:39 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\ZVelIB0AD
[2011/09/27 14:08:16 | 000,000,000 | ---D | M] -- C:\Users\Pimp\AppData\Roaming\zVPbaKTlyDa7TwO
[2011/10/12 16:55:59 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\PC Optimizer Pro64 startups.job
[2011/10/12 09:15:18 | 000,032,578 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2011/01/16 02:45:34 | 000,268,415 | ---- | M] () -- C:\debug.fz10.log
[2011/01/16 02:46:21 | 000,428,515 | ---- | M] () -- C:\debug.fz10.mes
[2011/01/16 02:45:35 | 000,002,395 | ---- | M] () -- C:\debug.fz10.reg
[2010/12/16 23:57:36 | 000,009,504 | ---- | M] () -- C:\errlgr.txt
[2009/03/02 23:47:38 | 000,049,233 | ---- | M] () -- C:\fat32format.exe
[2007/12/03 10:30:42 | 000,008,192 | ---- | M] () -- C:\grldr.mbr
[2011/10/12 16:48:54 | 2145,570,815 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/20 17:01:47 | 000,000,392 | ---- | M] () -- C:\LogEnbWinV.txt
[2011/03/20 17:01:47 | 000,000,028 | ---- | M] () -- C:\LogProsType.txt
[2011/10/04 16:27:07 | 000,002,000 | ---- | M] () -- C:\Open Cloud AV.lnk
[2011/02/17 03:00:11 | 000,001,119 | ---- | M] () -- C:\results.txt
[2011/02/17 03:01:05 | 000,000,994 | ---- | M] () -- C:\results2.txt
[2010/10/04 16:31:42 | 000,000,290 | ---- | M] () -- C:\rkill.log
[2011/10/12 16:47:17 | 000,090,458 | ---- | M] () -- C:\TDSSKiller.2.6.8.0_12.10.2011_16.46.21_log.txt
[2011/10/12 17:12:33 | 000,091,062 | ---- | M] () -- C:\TDSSKiller.2.6.8.0_12.10.2011_16.57.58_log.txt
[2011/02/04 17:15:56 | 000,000,135 | ---- | M] () -- C:\VundoFix.txt
[2010/09/29 10:03:32 | 000,088,242 | ---- | M] () -- C:\wubildr
[2010/09/29 10:03:32 | 000,008,192 | ---- | M] () -- C:\wubildr.mbr

< %systemroot%\Fonts\*.com >
[2009/07/14 01:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 01:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 01:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 01:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 16:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 00:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/09/04 01:25:44 | 000,000,221 | -HS- | M] () -- C:\Users\Pimp\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/07/16 22:21:04 | 000,302,592 | ---- | M] () -- C:\Users\Pimp\Desktop\gmer.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/10 17:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/09/25 03:29:05 | 000,000,402 | -HS- | M] () -- C:\Users\Pimp\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >
[2011/07/26 00:55:21 | 000,000,045 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\jagex_runescape_preferences2.dat

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\system64] -> \systemroot\system32 -> Mount Point

========== Alternate Data Streams ==========

@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:EA029835
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:661DFA1C

< End of report >

-----------------------------------------------------------------------------------------------------------------------------------------------------------------

Here is extras.txt

OTL Extras logfile created on: 10/12/2011 5:12:59 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Pimp\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.00 Gb Total Physical Memory | 6.48 Gb Available Physical Memory | 81.02% Memory free
15.99 Gb Paging File | 14.44 Gb Available in Paging File | 90.31% Paging File free
Paging file location(s): f:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 158.11 Gb Total Space | 0.06 Gb Free Space | 0.04% Space Free | Partition Type: NTFS
Drive D: | 287.43 Gb Total Space | 15.84 Gb Free Space | 5.51% Space Free | Partition Type: NTFS
Drive F: | 20.12 Gb Total Space | 12.04 Gb Free Space | 59.81% Space Free | Partition Type: NTFS
Drive G: | 931.51 Gb Total Space | 117.55 Gb Free Space | 12.62% Space Free | Partition Type: NTFS
Drive H: | 465.75 Gb Total Space | 27.59 Gb Free Space | 5.92% Space Free | Partition Type: NTFS
Drive K: | 465.76 Gb Total Space | 271.64 Gb Free Space | 58.32% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 278.98 Gb Free Space | 59.90% Space Free | Partition Type: NTFS
Drive M: | 465.76 Gb Total Space | 120.94 Gb Free Space | 25.97% Space Free | Partition Type: NTFS

Computer Name: PIMP-PC | User Name: Pimp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Explore_with_FileBoss] -- "C:\Program Files (x86)\FileBoss V2\FILEBOSS.EXE" /nosplash /o "%1" (The Utility Factory)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Explore_with_FileBoss] -- "C:\Program Files (x86)\FileBoss V2\FILEBOSS.EXE" /nosplash /o "%1" (The Utility Factory)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{57A55288-6BA7-47F4-9F6D-9E4086463471}" = ESET Smart Security
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers 1.10.01
"{88C91C9F-1399-47A2-86A0-FAA734432739}" = SmartFTP Client
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{986A654F-F1E4-11DD-9FCA-005056C00008}" = Paragon Partition Manager™ 10.0 Personal
"{9DADBA45-2B06-4F7F-970B-E854ABC8917A}" = WBFS Manager 2.5
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 260.99
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 260.99
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{D7F7D7C0-6832-4687-B8EB-92555DA859A8}" = Motorola Mobile Drivers Installation 4.9.0
"{DD57342D-62B2-4D22-90FB-0BE732962410}" = Vegas Pro 9.0 (64-bit)
"{EFFCC1E3-35FF-4F61-9DEC-7871DBA39A17}" = Hex Workshop v6.5
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Better File Rename_is1" = Better File Rename 4.9.5
"Lexmark Z500-Z600 Series" = Lexmark Z500-Z600 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Stella_is1" = Stella 3.3

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02627EE5-EACA-4742-A9CC-E687631773E4}" = Nero ShowTime
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07473686-FC3A-4825-9CA9-97D269145F62}" = Motorola Phone Tools
"{086A7D8C-0A38-4C7F-819A-620275550D5C}" = Nero Burning ROM Help
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1266764D-FC4F-4FA7-B63B-884D53B1680F}" = NetAssistant
"{12C85315-0989-4C28-8956-33458F464DD6}" = The Chronicles of Riddick - Assault on Dark Athena
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}" = Sound Blaster X-Fi
"{1C00C7C5-E615-4139-B817-7F4003DE68C0}" = Nero PhotoSnap Help
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{2773B836-AC66-4178-A414-C5A0F9F5D805}" = XLink Kai
"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50D9C7D1-86C4-4982-A47E-D490C70A1C7D}_is1" = DealRunner 1.25
"{5454083B-1308-4485-BF17-1110000D8301}" = Grand Theft Auto IV
"{5454083B-1308-4485-BF17-1110000D8302}" = Grand Theft Auto IV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1}" = Nero Vision Help
"{5E08ECD1-C98E-4711-BF65-8FD736B3F969}" = Nero RescueAgent Help
"{60C731FB-C951-41CE-AD41-8E54C8594609}" = Nero Disc Copy Gadget Help
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}" = Mass Effect 2
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{77E33D87-255E-413E-9C8D-EED2A7F9BEBF}" = Nero Live Help
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{79869506-7BDB-4F53-BB40-4883C2AE03E7}_is1" = EmuMovies Download Service Utility version 0.87
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85243696-5E58-4357-9CF8-3498C609941D}" = NeroLiveGadget Help
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare™ 1.6 Patch
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91CB1F7A-3C16-4782-8084-706A04C18CDF}_is1" = Epic 1.2
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98A67610-A3B5-4098-A423-3708040026D3}" = "Nero SoundTrax Help
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D55CEFA-12A6-4328-81ED-209DA3FB2383}" = Silicon Image HBA Wakeup Utility
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9E9FDDE6-2C26-492A-85A0-05646B3F2795}" = NeroLiveGadget
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A5B5B6D8-DE44-44A3-90C4-8C07A1E0FAD4}" = WBFS Manager 2.5
"{A75BC59B-10BF-6B87-DCC7-3501F158ACC6}" = Times Reader
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB95979D-85EF-484A-9805-EB28E676E201}_is1" = Iso2God v1.3.3
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AD6BC5CC-2EF0-49C4-B33D-CDC8B2C4DC80}" = Nero Recode Help
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B70E5793-F912-4C62-AFE2-C4F0B078FD31}" = Reader Library by Sony
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}" = Motorola Phone Tools
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C0AA232E-BD1B-40B5-A176-A2BEB67FFAE1}" = Adobe After Effects CS5 Third Party Content
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CD29B5CA-4727-4114-9AD9-25CCCE6E4014}" = Adobe After Effects CS5 Third Party Royalty Content
"{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72}" = Nero CoverDesigner Help
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D28ED536-CCD0-4F38-987C-A57177371172}" = 3x12-W-I32-R SATARAID
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9DC70B6-BE13-41DD-9053-9E617E72D085}" = MOTOROLA MEDIA LINK
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DA1B174B-4297-467C-9EF8-0AB8D4D5171E}" = Adobe After Effects CS5
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DF6A95F5-ADC1-406A-BDC6-2AA7CC0182AA}" = Nero Live
"{E24A0015-C73F-4B57-B8DF-5EB84D2E9685}" = Adobe Flash Player 10 ActiveX
"{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF2AA69F-67E4-4721-89F9-04F4A177F9C5}" = Motorola Phone Tools
"{EF72E0A5-57E8-471F-837E-82BB19771363}" = Wireless LAN Driver and Utility
"{F1191B7E-84BF-4325-9FFD-80BD8996ED4B}" = MorphVOX Junior
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{f2908152-e994-4f2e-983a-74634569184b}" = Nero 9
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F6BDD7C5-89ED-4569-9318-469AA9732572}" = Nero BurnRights Help
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1489-3350-5074-6281" = JDownloader 0.9
"abgx360" = abgx360 v1.0.4
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Any Video Converter Professional_is1" = Any Video Converter Professional 3.2.5
"Atari800Win PLus" = Atari800Win PLus 4.0
"AudioCS" = Creative Audio Control Panel
"AutoHotkey" = AutoHotkey 1.0.91.05
"AutoItv3" = AutoIt v3.3.6.1
"BrotherSoft_Extreme Toolbar" = BrotherSoft Extreme Toolbar
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"clrmamepro" = clrmamepro
"Collectorz.com Movie Collector" = Collectorz.com Movie Collector
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1" = Times Reader
"conduitEngine" = Conduit Engine
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Creative Media Toolbox" = Creative Media Toolbox
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DOSPromptHere" = DOS Prompt Here
"EASEUS Partition Master Unlimited Edition_is1" = EASEUS Partition Master 3.5 Unlimited Edition
"EasyBCD" = EasyBCD 2.0
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]
"FileBoss V2_is1" = FileBoss 2.002
"FileZilla Client" = FileZilla Client 3.3.5.1
"Fotosizer" = Fotosizer 1.29
"Fraps" = Fraps
"FTP Now" = FTP Now
"HaaliMkx" = Haali Media Splitter
"Hoyle Card Games 2011" = Hoyle Card Games 2011 (remove only)
"Hoyle Puzzle and Board Games 2011" = Hoyle Puzzle and Board Games 2011 (remove only)
"ImgBurn" = ImgBurn
"InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty® 4 - Modern Warfare™ 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty® 4 - Modern Warfare™ 1.7 Patch
"InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare™
"IsoBuster_is1" = IsoBuster 2.5
"kat5200_is1" = kat5200 version 0.6.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"MotoHelper" = MotoHelper 2.0.44 Driver 4.9.0
"Mozilla Firefox (3.6.23)" = Mozilla Firefox (3.6.23)
"mv61xxMRU" = Marvell 61xx MRU
"MyScribe" = MyScribe
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenAL" = OpenAL
"Project Blackout" = Project Blackout
"Project64 1.7" = Project64 1.7
"ProxyShell Hide IP_is1" = ProxyShell Hide IP 2.4.1
"PunkBusterSvc" = PunkBuster Services
"RivaTuner" = RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition
"SmartFTP Client 4.0 (x64) Setup Files" = SmartFTP Client Setup Files 4.0 (x64) (remove only)
"ST606_2011_0111_1248_is1" = Uninstall Dual Mode Camera (ST606)
"Steam App 102800" = Darkspore Beta
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 42720" = Call of Duty Black Ops - Remote Console
"Steam App 47770" = Medal of Honor Beta
"Steam App 8980" = Borderlands
"Steam App 99850" = Crysis 2 Demo
"SysInfo" = Creative System Information
"TrafficEmulator_is1" = TrafficEmulator 1.4
"Vivitar Experience Image Manager" = Vivitar Experience Image Manager
"VLC media player" = VLC media player 1.1.10
"WinGimp-2.0_is1" = Gimp 2.6.2 Debug
"Winkawaks 1.61" = Winkawaks 1.61
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
"WinSTon" = WinSTon Emulator v0.5
"Wireshark" = Wireshark 1.4.3
"Wubi" = Ubuntu
"WWW File Share Pro_is1" = WWW File Share Pro 5.0
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"XPort 360_is1" = XPort 360
"Yabause" = Yabause

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
"NetAssistant" = NetAssistant for Firefox
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

Advertisements

Register to Remove

#2 mowman

SuperMember

Malware Team
2,669 posts

Posted 14 October 2011 - 03:23 AM

Hello,
Welcome to WhatTheTech. My name is mowman, and I will be helping you fix your problems.

If you do not make a reply in 3 days, we will have to close your topic.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the Options button at the top bar of this topic and Track this topic. The topics you are tracking can be found by clicking on My Topics at the top of any page.

Please take note of some guidelines for this fix:

•Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
•If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
•Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
•Please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply.
Only attach them if requested or if they do not fit into the post

This looks a bit nasty.

Download Combofix from either of the links below, and save it to your desktop.

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the C:\ComboFix.txt for further review.

#3 ngarrett111

New Member

New Member
3 posts

Posted 14 October 2011 - 01:30 PM

I appreciate you taking the time to help me. Here is Combofix.txt: ComboFix 11-10-14.02 - Pimp 10/14/2011 8:55.1.4 - x64 Microsoft Windows 7 Professional 6.1.7600.0.1252.1.1033.18.8190.5014 [GMT -4:00] Running from: c:\users\Pimp\Downloads\ComboFix.exe AV: ESET Smart Security 4.2 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1} FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA} SP: ESET Smart Security 4.2 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Tarma Installer c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico c:\users\Pimp\AppData\Local\.# c:\users\Pimp\AppData\Local\.#\MBX@12D4@2F1B58.### c:\users\Pimp\AppData\Local\.#\MBX@14CC@3C1B58.### c:\users\Pimp\AppData\Local\.#\MBX@1548@6B1B58.### c:\users\Pimp\AppData\Local\.#\MBX@34D8@2081B58.### c:\users\Pimp\AppData\Local\.#\MBX@77F4@7A1B58.### c:\users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{d269ca94-3f4e-4da4-a78f-d72e73390365} c:\users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{d269ca94-3f4e-4da4-a78f-d72e73390365}\chrome\xulcache.jar c:\users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{d269ca94-3f4e-4da4-a78f-d72e73390365}\defaults\preferences\xulcache.js c:\users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{d269ca94-3f4e-4da4-a78f-d72e73390365}\install.rdf c:\users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{ef5ddf7e-b108-4478-a49f-5184a59569c8} c:\users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{ef5ddf7e-b108-4478-a49f-5184a59569c8}\chrome\xulcache.jar c:\users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{ef5ddf7e-b108-4478-a49f-5184a59569c8}\defaults\preferences\xulcache.js c:\users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\extensions\{ef5ddf7e-b108-4478-a49f-5184a59569c8}\install.rdf c:\users\Pimp\Error.log c:\windows\assembly\tmp\U c:\windows\assembly\tmp\U\00000001.@ c:\windows\assembly\tmp\U\00000002.@ c:\windows\assembly\tmp\U\000000c0.@ c:\windows\assembly\tmp\U\000000cb.@ c:\windows\assembly\tmp\U\000000cf.@ c:\windows\assembly\tmp\U\80000000.@ c:\windows\assembly\tmp\U\80000064.@ c:\windows\assembly\tmp\U\800000c0.@ c:\windows\assembly\tmp\U\800000cb.@ c:\windows\assembly\tmp\U\800000cf.@ c:\windows\system32\consrv.dll c:\windows\System64 c:\windows\SysWow64\drivers\hwinterface.sys c:\windows\SysWow64\hJ7fEL9gTqYeIrO.exe c:\windows\XSxS . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_Dhcp32 -------\Service_Netman32 -------\Service_PolicyAgent32 . . ((((((((((((((((((((((((( Files Created from 2011-09-14 to 2011-10-14 ))))))))))))))))))))))))))))))) . . 2011-10-14 13:01 . 2011-10-14 13:01 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-10-04 20:27 . 2011-10-04 20:27 -------- d-----w- C:\Open Cloud AV 2011-10-02 21:32 . 2011-10-02 21:32 1920000 ----a-w- c:\windows\SysWow64\VaQQHH6sWK7fL9T.exe 2011-09-28 23:37 . 2011-09-28 23:37 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-09-28 01:38 . 2011-09-28 01:38 -------- d-----w- c:\users\Pimp\AppData\Roaming\nNyxA1uvSoFpGsJ 2011-09-28 01:38 . 2011-09-28 01:38 -------- d-----w- c:\users\Pimp\AppData\Roaming\eWK7fEL9gXjCkBz 2011-09-28 01:38 . 2011-09-28 11:52 -------- d-----w- c:\users\Pimp\AppData\Roaming\Retiu 2011-09-28 01:38 . 2011-09-28 01:38 -------- d-----w- c:\users\Pimp\AppData\Roaming\Tofye 2011-09-27 18:10 . 2011-09-27 18:10 -------- d-----w- c:\users\Pimp\AppData\Roaming\CKcZ3Us08v909c 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\JwWF1NwhHuBCZLh 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\XhH2yrhR4xeq87R 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\Y1xtIYXwjhh9dGD 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\Xlq88WmnmGpnDSt 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\nStCZRfaasQ5GDS 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\nzK3Bd2C5t83BR4 2011-09-27 18:09 . 2011-09-27 18:09 -------- d-----w- c:\users\Pimp\AppData\Roaming\IOYaAOUgEKdW 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\sBEoV7Dw6Aq3BfF 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\cFeJvws1haNgieW 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\mXoY6cqGxTpOR 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\xV5OWyKxKNhW4vl 2011-09-27 18:09 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\R0Jkb9AgSdlnVE3 2011-09-27 17:59 . 2011-09-27 17:59 2368000 ----a-w- c:\windows\SysWow64\jvoFa5W7EgjwI.exe 2011-09-27 17:58 . 2011-09-27 17:58 -------- d-----w- c:\users\Pimp\AppData\Roaming\eHbcOwqRdaFD1PP 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\KpxX5uj7pPITGve 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\NkaBsO6t6yEufA 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\HT8HFcPkLJpiOk 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\YoLzpqP6NfAZDkd 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\ce37BFRtGwc5 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\Rb5E9UtS3H9eAF8 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\klNv4sLjItSpdZ 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\tu2Fms6KR9 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\pjVyxu2Fms6KR9X 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\peynJqNiQfU0 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\oWf9XUeBzy1vo4 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\ny0So3GQd 2011-09-27 17:57 . 2011-09-27 17:57 -------- d-----w- c:\users\Pimp\AppData\Roaming\CP1bHdqUtS3aW9j 2011-09-27 17:52 . 2011-09-27 20:23 -------- d-----w- c:\users\Pimp\AppData\Roaming\UooonF4pmH5sJ7E 2011-09-27 17:52 . 2011-09-27 17:52 -------- d-----w- c:\users\Pimp\AppData\Roaming\aXqqjUUCel 2011-09-27 17:52 . 2011-09-27 17:52 -------- d-----w- c:\users\Pimp\AppData\Roaming\N33pnnG5a6dW8f 2011-09-27 17:52 . 2011-09-27 17:52 -------- d-----w- c:\users\Pimp\AppData\Roaming\BammH6sWfELgZjY 2011-09-27 17:52 . 2011-09-27 17:52 -------- d-----w- c:\users\Pimp\AppData\Roaming\WkkUUVelO 2011-09-27 17:52 . 2011-09-27 17:52 -------- d-----w- c:\users\Pimp\AppData\Roaming\Z5aaQQH6d 2011-09-27 17:52 . 2011-09-27 17:52 -------- d-----w- c:\users\Pimp\AppData\Roaming\dfRZ9hYXwUeOtPy 2011-09-27 17:52 . 2011-09-27 17:52 -------- d-----w- c:\users\Pimp\AppData\Roaming\KOBtxP0uc1 2011-09-27 17:52 . 2011-09-27 17:52 -------- d-----w- c:\users\Pimp\AppData\Roaming\PA0ucS2ib3n5Q6 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\jjYCekIVrOyAuSo 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\bIBrzPNyx1v 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\lonF4amH5W7E8Tq 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\hS2obF4pm5Q7E8R 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\fucS2ibF3n 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\OlOBtxP0ySiDoGa 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\VK8fRL9hTwUeItP 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\X1ivD3onGaHsKfL 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\LqjUCelIBzNc1v2 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\KamH6sWJ7E9TqYe 2011-09-27 17:51 . 2011-09-27 17:51 -------- d-----w- c:\users\Pimp\AppData\Roaming\GF4pmH5sQ7E8RqY 2011-09-27 17:50 . 2011-09-27 17:50 -------- d-----w- c:\users\Pimp\AppData\Roaming\TxA0uvS2iFpGaJd 2011-09-27 17:50 . 2011-09-27 17:50 -------- d-----w- c:\users\Pimp\AppData\Roaming\WpnG4aQH6 2011-09-27 17:50 . 2011-09-27 17:50 -------- d-----w- c:\users\Pimp\AppData\Roaming\ovD3onF4aHsJfLg 2011-09-27 17:50 . 2011-09-27 17:50 -------- d-----w- c:\users\Pimp\AppData\Roaming\fF4pmH5sQ7E8RqY 2011-09-27 17:50 . 2011-09-27 17:50 -------- d-----w- c:\users\Pimp\AppData\Roaming\iONtxA0uv2b3m5Q 2011-09-27 17:50 . 2011-09-27 17:50 -------- d-----w- c:\users\Pimp\AppData\Roaming\jtxP0ucS1b3n4Q6 2011-09-27 17:50 . 2011-09-27 17:50 -------- d-----w- c:\users\Pimp\AppData\Roaming\eUVelIBtz0c1v3n 2011-09-27 17:50 . 2011-09-27 17:50 -------- d-----w- c:\users\Pimp\AppData\Roaming\NqjUCekIBzNx1v2 2011-09-27 17:50 . 2011-09-27 17:50 -------- d-----w- c:\users\Pimp\AppData\Roaming\tkIVrzONtAuSiFp 2011-09-27 17:50 . 2011-09-27 17:50 -------- d-----w- c:\users\Pimp\AppData\Roaming\LlOBtxP0uSiDpG 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\TXwjUVelItPyAiD 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\oXqjUCekIrPyAuD 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\AZqjYCwkIrOt 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\aYXwkUVrlB 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\aIBtzP0yc1 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\oekIBrzPNx1v2b4 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\RgTZqjYCwIr 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\OYXwkUVrlB 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\relIBtzP0 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\CkkIBrzPNyA1v2b 2011-09-27 17:49 . 2011-09-27 17:49 -------- d-----w- c:\users\Pimp\AppData\Roaming\ZCwkIVrzOtAuSiF 2011-09-27 17:48 . 2011-09-27 17:48 -------- d-----w- c:\users\Pimp\AppData\Roaming\u00ucS1ibDpn4Q6 2011-09-27 17:48 . 2011-09-27 17:48 -------- d-----w- c:\users\Pimp\AppData\Roaming\QvvD3onF4aH6W7E 2011-09-27 17:48 . 2011-09-27 17:48 -------- d-----w- c:\users\Pimp\AppData\Roaming\hbbF4pmH5sJ7E8R 2011-09-27 17:48 . 2011-09-27 17:48 -------- d-----w- c:\users\Pimp\AppData\Roaming\C66dEK8fRZhYwUe 2011-09-27 17:48 . 2011-09-27 17:48 -------- d-----w- c:\users\Pimp\AppData\Roaming\CzzzPNNycA1 2011-09-27 17:48 . 2011-09-27 17:48 -------- d-----w- c:\users\Pimp\AppData\Roaming\SqjYCekIVzNx0v2 2011-09-27 17:48 . 2011-09-27 17:48 -------- d-----w- c:\users\Pimp\AppData\Roaming\qmH5sQJ7dLgZhCk 2011-09-27 17:48 . 2011-09-27 17:48 -------- d-----w- c:\users\Pimp\AppData\Roaming\GQJ6dEK8fZhXjVl 2011-09-27 17:48 . 2011-09-27 17:48 -------- d-----w- c:\users\Pimp\AppData\Roaming\TibD3pnG4Q6W7R9 2011-09-27 17:48 . 2011-09-27 17:48 -------- d-----w- c:\users\Pimp\AppData\Roaming\SZ9hTXwjUeItPyA 2011-09-27 17:47 . 2011-09-27 17:47 -------- d-----w- c:\users\Pimp\AppData\Roaming\DWK7fRL9gXj 2011-09-27 17:47 . 2011-09-27 17:47 -------- d-----w- c:\users\Pimp\AppData\Roaming\h3pnG5aQHdKfLhX 2011-09-27 17:47 . 2011-09-27 17:47 -------- d-----w- c:\users\Pimp\AppData\Roaming\T8fRZ9hYXjVlBz0 2011-09-27 17:47 . 2011-09-27 17:47 -------- d-----w- c:\users\Pimp\AppData\Roaming\sF4pmG5sQ7E8RqY 2011-09-27 17:47 . 2011-09-27 17:47 -------- d-----w- c:\users\Pimp\AppData\Roaming\oPNycA1uv2n4m5W 2011-09-27 17:47 . 2011-09-27 17:47 -------- d-----w- c:\users\Pimp\AppData\Roaming\w6dWK8fRZhXjVlB 2011-09-27 17:47 . 2011-09-27 17:47 -------- d-----w- c:\users\Pimp\AppData\Roaming\NIVrzONyx0v2b3m 2011-09-27 17:47 . 2011-09-27 17:47 -------- d-----w- c:\users\Pimp\AppData\Roaming\w5sQJ7dELgZhCkV 2011-09-27 17:47 . 2011-09-27 17:47 -------- d-----w- c:\users\Pimp\AppData\Roaming\suvS2ibF3m5Q6E8 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\ywkUVrlOBx0 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\XK8fRZ9hTwUeItP 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\KsWK7fRL9T 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\BonF4amH5W7E8Tq 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\XS2obFpmGs 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\uEL8gTZqhCkVlNx 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\GvS2obF3pGsJdKg 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\iqhYCwkUVlNx0c2 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\tRZ9hYXwjVlBz0c 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\gG4aQH6dW7R9TqU 2011-09-27 17:46 . 2011-09-27 17:46 -------- d-----w- c:\users\Pimp\AppData\Roaming\RZZ9hhTXwjUVlI 2011-09-27 17:45 . 2011-09-27 17:45 -------- d-----w- c:\users\Pimp\AppData\Roaming\uL99ggTXq 2011-09-27 17:45 . 2011-09-27 17:45 -------- d-----w- c:\users\Pimp\AppData\Roaming\iCCCwkkIVr 2011-09-27 17:45 . 2011-09-27 17:45 -------- d-----w- c:\users\Pimp\AppData\Roaming\v1uuvSS2obFpm5s 2011-09-27 17:45 . 2011-09-27 17:45 -------- d-----w- c:\users\Pimp\AppData\Roaming\nggTTZqhYCwkVrO 2011-09-27 17:45 . 2011-09-27 17:45 -------- d-----w- c:\users\Pimp\AppData\Roaming\PZqqjYYCekIrzNy 2011-09-27 17:45 . 2011-09-27 17:45 -------- d-----w- c:\users\Pimp\AppData\Roaming\NNNyyxA11vD2oF 2011-09-27 17:45 . 2011-09-27 17:45 -------- d-----w- c:\users\Pimp\AppData\Roaming\TaaamH55s 2011-09-27 17:45 . 2011-09-27 17:45 -------- d-----w- c:\users\Pimp\AppData\Roaming\tK88fRRZ9hYwjVe 2011-09-27 17:45 . 2011-09-27 17:45 -------- d-----w- c:\users\Pimp\AppData\Roaming\rUUUVrlOOtxP 2011-09-27 17:44 . 2011-09-27 17:44 -------- d-----w- c:\users\Pimp\AppData\Roaming\TFF3ppnG5 2011-09-27 17:44 . 2011-09-27 17:44 -------- d-----w- c:\users\Pimp\AppData\Roaming\x99hhYXwkUVeOBx 2011-09-27 17:44 . 2011-09-27 17:44 -------- d-----w- c:\users\Pimp\AppData\Roaming\hPP00ucS2ibDpn5 2011-09-27 17:44 . 2011-09-27 17:44 -------- d-----w- c:\users\Pimp\AppData\Roaming\JJ66dEEK8fR9 2011-09-27 17:44 . 2011-09-27 17:44 -------- d-----w- c:\users\Pimp\AppData\Roaming\wUUVVrlOBtxPuc1 2011-09-27 17:44 . 2011-09-27 17:44 -------- d-----w- c:\users\Pimp\AppData\Roaming\ZgggTZqqhYwkIrO 2011-09-27 17:44 . 2011-09-27 17:44 -------- d-----w- c:\users\Pimp\AppData\Roaming\szPP0yycA1vD3F4 2011-09-27 17:44 . 2011-09-27 17:44 -------- d-----w- c:\users\Pimp\AppData\Roaming\p55sQQJ6dEK8R9h 2011-09-27 17:44 . 2011-09-27 17:44 -------- d-----w- c:\users\Pimp\AppData\Roaming\tD33oonG4aQHsW7 . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-08-31 21:00 . 2010-10-05 05:49 25416 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-19 03:25 . 2010-09-30 23:54 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2011-07-19 03:25 . 2010-09-30 21:30 271200 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2011-07-19 03:24 . 2010-09-30 21:30 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0 . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{51a86bb3-6602-4c85-92a5-130ee4864f13}"= "c:\program files (x86)\BrotherSoft_Extreme\prxtbBro0.dll" [2011-01-17 175912] . [HKEY_CLASSES_ROOT\clsid\{51a86bb3-6602-4c85-92a5-130ee4864f13}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\ConduitEngine\prxConduitEngine.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{51a86bb3-6602-4c85-92a5-130ee4864f13}] 2011-01-17 14:54 175912 ----a-w- c:\program files (x86)\BrotherSoft_Extreme\prxtbBro0.dll . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2009-07-10 21:28 1174920 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2009-07-10 1174920] "{51a86bb3-6602-4c85-92a5-130ee4864f13}"= "c:\program files (x86)\BrotherSoft_Extreme\prxtbBro0.dll" [2011-01-17 175912] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files (x86)\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{51a86bb3-6602-4c85-92a5-130ee4864f13}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-24 39408] . c:\users\Pimp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ IMVU.lnk - [N/A] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . R2 AeLookupSvc323232;Application Experience ;c:\programdata\softkbd32.exe [x] R2 AeLookupSvc32323232;Application Experience ;c:\programdata\msihnd32.exe [x] R2 AeLookupSvc3232323232;Application Experience ;c:\programdata\xactengine3_232.exe [x] R2 AeLookupSvc323232323232;Application Experience ;c:\programdata\PresentationHostProxy32.exe [x] R2 AeLookupSvc32323232323232;Application Experience ;c:\programdata\AuxiliaryDisplayApi32.exe [x] R2 AeLookupSvc323232323232323232;Application Experience ;c:\programdata\ncsi32.exe [x] R2 ALG323232;Application Layer Gateway Service ;c:\programdata\KBDSYR132.exe [x] R2 ALG323232323232;Application Layer Gateway Service ;c:\programdata\iTVData32.exe [x] R2 ALG32323232323232;Application Layer Gateway Service ;c:\programdata\wmploc32.exe [x] R2 AppIDSvc3232;Application Identity ;c:\programdata\connect32.exe [x] R2 AppIDSvc32323232;Application Identity ;c:\programdata\cmipnpinstall32.exe [x] R2 Appinfo32;Application Information ;c:\programdata\dmime32.exe [x] R2 Appinfo3232;Application Information ;c:\programdata\CSVer32.exe [x] R2 AppMgmt3232;Application Management ;c:\programdata\mfc10032.exe [x] R2 AppMgmt323232323232;Application Management ;c:\programdata\pthreadGC232.exe [x] R2 AppMgmt32323232323232;Application Management ;c:\programdata\api-ms-win-core-threadpool-l1-1-032.exe [x] R2 AppMgmt3232323232323232;Application Management ;c:\programdata\odbcconf32.exe [x] R2 AudioEndpointBuilder32;Windows Audio Endpoint Builder ;c:\programdata\mscoree32.exe [x] R2 AudioEndpointBuilder3232;Windows Audio Endpoint Builder ;c:\programdata\adprovider32.exe [x] R2 AudioEndpointBuilder323232;Windows Audio Endpoint Builder ;c:\programdata\winrssrv32.exe [x] R2 AudioEndpointBuilder32323232;Windows Audio Endpoint Builder ;c:\programdata\NlsLexicons002732.exe [x] R2 AudioEndpointBuilder3232323232323232323232;Windows Audio Endpoint Builder ;c:\programdata\KBDINORI32.exe [x] R2 AudioEndpointBuilder323232323232323232323232;Windows Audio Endpoint Builder ;c:\programdata\NcdProp32.exe [x] R2 AudioEndpointBuilder32323232323232323232323232;Windows Audio Endpoint Builder ;c:\programdata\themeui32.exe [x] R2 AudioEndpointBuilder3232323232323232323232323232;Windows Audio Endpoint Builder ;c:\programdata\txflog32.exe [x] R2 AudioEndpointBuilder32323232323232323232323232323232;Windows Audio Endpoint Builder ;c:\programdata\MSSTDFMT32.exe [x] R2 AudioEndpointBuilder3232323232323232323232323232323232;Windows Audio Endpoint Builder ;c:\programdata\dmdskres232.exe [x] R2 AudioSrv32;Windows Audio ;c:\programdata\sppcc32.exe [x] R2 AudioSrv3232;Windows Audio ;c:\programdata\hnetmon32.exe [x] R2 AxInstSV32;ActiveX Installer (AxInstSV) ;c:\programdata\objsel32.exe [x] R2 BDESVC323232;BitLocker Drive Encryption Service ;c:\programdata\dsdmo32.exe [x] R2 BDESVC32323232;BitLocker Drive Encryption Service ;c:\programdata\lxbcins32.exe [x] R2 BDESVC3232323232;BitLocker Drive Encryption Service ;c:\programdata\XAPOFX1_332.exe [x] R2 BITS323232;Background Intelligent Transfer Service ;c:\programdata\SyncCenter32.exe [x] R2 BITS32323232;Background Intelligent Transfer Service ;c:\programdata\miguiresource32.exe [x] R2 BITS3232323232;Background Intelligent Transfer Service ;c:\programdata\slwga32.exe [x] R2 BITS323232323232;Background Intelligent Transfer Service ;c:\programdata\comres32.exe [x] R2 BITS32323232323232;Background Intelligent Transfer Service ;c:\programdata\wmdmlog32.exe [x] R2 BITS3232323232323232;Background Intelligent Transfer Service ;c:\programdata\mstext4032.exe [x] R2 Browser32;Computer Browser ;c:\programdata\amstream32.exe [x] R2 Browser3232;Computer Browser ;c:\programdata\msimtf32.exe [x] R2 Browser323232;Computer Browser ;c:\programdata\wlanutil32.exe [x] R2 Browser3232323232323232;Computer Browser ;c:\programdata\url32.exe [x] R2 Browser323232323232323232;Computer Browser ;c:\programdata\sxproxy32.exe [x] R2 Browser32323232323232323232;Computer Browser ;c:\programdata\mfc100ita32.exe [x] R2 bthserv32;Bluetooth Support Service ;c:\programdata\packager32.exe [x] R2 bthserv3232;Bluetooth Support Service ;c:\programdata\ncryptui32.exe [x] R2 bthserv3232323232;Bluetooth Support Service ;c:\programdata\wmdrmnet32.exe [x] R2 bthserv323232323232;Bluetooth Support Service ;c:\programdata\d3dx9_2432.exe [x] R2 bthserv323232323232323232;Bluetooth Support Service ;c:\programdata\X3DAudio1_232.exe [x] R2 bthserv32323232323232323232;Bluetooth Support Service ;c:\programdata\nddeapi32.exe [x] R2 bthserv3232323232323232323232;Bluetooth Support Service ;c:\programdata\netshell32.exe [x] R2 CertPropSvc32;Certificate Propagation ;c:\programdata\NlsLexicons001d32.exe [x] R2 CertPropSvc3232;Certificate Propagation ;c:\programdata\iassdo32.exe [x] R2 CertPropSvc323232;Certificate Propagation ;c:\programdata\msdmo32.exe [x] R2 CertPropSvc32323232;Certificate Propagation ;c:\programdata\gdi3232.exe [x] R2 CertPropSvc3232323232;Certificate Propagation ;c:\programdata\TaskSchdPS32.exe [x] R2 clr_optimization_v2.0.50727_323232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\expsrv32.exe [x] R2 clr_optimization_v2.0.50727_3232323232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\KBDUZB32.exe [x] R2 clr_optimization_v2.0.50727_3232323232323232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\KBDNO32.exe [x] R2 clr_optimization_v2.0.50727_6432;Microsoft .NET Framework NGEN v2.0.50727_X64 ;c:\programdata\NlsData001332.exe [x] R2 clr_optimization_v2.0.50727_643232;Microsoft .NET Framework NGEN v2.0.50727_X64 ;c:\programdata\iscsidsc32.exe [x] R2 clr_optimization_v2.0.50727_64323232;Microsoft .NET Framework NGEN v2.0.50727_X64 ;c:\programdata\cfgmgr3232.exe [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_3232;Microsoft .NET Framework NGEN v4.0.30319_X86 ;c:\programdata\xwtpw3232.exe [x] R2 clr_optimization_v4.0.30319_32323232323232323232;Microsoft .NET Framework NGEN v4.0.30319_X86 ;c:\programdata\msvbvm6032.exe [x] R2 clr_optimization_v4.0.30319_3232323232323232323232;Microsoft .NET Framework NGEN v4.0.30319_X86 ;c:\programdata\wiadss32.exe [x] R2 clr_optimization_v4.0.30319_323232323232323232323232;Microsoft .NET Framework NGEN v4.0.30319_X86 ;c:\programdata\ifmon32.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 COMSysApp32;COM+ System Application ;c:\programdata\aclui32.exe [x] R2 COMSysApp3232;COM+ System Application ;c:\programdata\X3DAudio1_332.exe [x] R2 COMSysApp32323232;COM+ System Application ;c:\programdata\wevtfwd32.exe [x] R2 COMSysApp323232323232;COM+ System Application ;c:\programdata\ctasio32.exe [x] R2 COMSysApp3232323232323232;COM+ System Application ;c:\programdata\KBDINMAL32.exe [x] R2 COMSysApp323232323232323232;COM+ System Application ;c:\programdata\oddbse3232.exe [x] R2 COMSysApp32323232323232323232;COM+ System Application ;c:\programdata\rgb9rast32.exe [x] R2 Creative Audio Engine Licensing Service32;Creative Audio Engine Licensing Service ;c:\programdata\DDOIProxy32.exe [x] R2 Creative Audio Engine Licensing Service3232;Creative Audio Engine Licensing Service ;c:\programdata\KBDRU32.exe [x] R2 Creative Audio Engine Licensing Service323232;Creative Audio Engine Licensing Service ;c:\programdata\CddbLangFR32.exe [x] R2 Creative Audio Engine Licensing Service32323232;Creative Audio Engine Licensing Service ;c:\programdata\inetmib132.exe [x] R2 Creative Service for CDROM Access32323232;Creative Service for CDROM Access ;c:\programdata\wscproxystub32.exe [x] R2 Creative Service for CDROM Access3232323232;Creative Service for CDROM Access ;c:\programdata\KBDFR32.exe [x] R2 Creative Service for CDROM Access32323232323232;Creative Service for CDROM Access ;c:\programdata\UDAAPO3232.exe [x] R2 Creative Service for CDROM Access3232323232323232;Creative Service for CDROM Access ;c:\programdata\WmpDui32.exe [x] R2 Creative Service for CDROM Access323232323232323232;Creative Service for CDROM Access ;c:\programdata\spp32.exe [x] R2 Creative Service for CDROM Access323232323232323232323232;Creative Service for CDROM Access ;c:\programdata\rpcrt432.exe [x] R2 Creative Service for CDROM Access32323232323232323232323232;Creative Service for CDROM Access ;c:\programdata\mscat3232.exe [x] R2 Creative Service for CDROM Access3232323232323232323232323232;Creative Service for CDROM Access ;c:\programdata\uicom32.exe [x] R2 Creative Service for CDROM Access323232323232323232323232323232;Creative Service for CDROM Access ;c:\programdata\kbdlk41a32.exe [x] R2 Creative Service for CDROM Access32323232323232323232323232323232;Creative Service for CDROM Access ;c:\programdata\radarrs32.exe [x] R2 CryptSvc32;Cryptographic Services ;c:\programdata\KBDCA32.exe [x] R2 CryptSvc3232;Cryptographic Services ;c:\programdata\KBDUSX32.exe [x] R2 CryptSvc32323232;Cryptographic Services ;c:\programdata\odbcbcp32.exe [x] R2 CscService32;Offline Files ;c:\programdata\KBDPL132.exe [x] R2 CscService3232;Offline Files ;c:\programdata\evr32.exe [x] R2 CscService32323232;Offline Files ;c:\programdata\cliconfg32.exe [x] R2 CscService3232323232;Offline Files ;c:\programdata\adsldp32.exe [x] R2 CTAudSvcService32;Creative Audio Service ;c:\programdata\NlsLexicons000232.exe [x] R2 CTAudSvcService32323232323232;Creative Audio Service ;c:\programdata\PSHED32.exe [x] R2 CTAudSvcService3232323232323232;Creative Audio Service ;c:\programdata\sud32.exe [x] R2 DcomLaunch32;DCOM Server Process Launcher ;c:\programdata\npmproxy32.exe [x] R2 DcomLaunch3232;DCOM Server Process Launcher ;c:\programdata\NlsData001932.exe [x] R2 DcomLaunch323232;DCOM Server Process Launcher ;c:\programdata\odbctrac32.exe [x] R2 DcomLaunch32323232;DCOM Server Process Launcher ;c:\programdata\sppcommdlg32.exe [x] R2 DcomLaunch3232323232;DCOM Server Process Launcher ;c:\programdata\BioCredProv32.exe [x] R2 DcomLaunch32323232323232;DCOM Server Process Launcher ;c:\programdata\networkexplorer32.exe [x] R2 defragsvc32;Disk Defragmenter ;c:\programdata\mfcm100u32.exe [x] R2 defragsvc3232;Disk Defragmenter ;c:\programdata\AuditNativeSnapIn32.exe [x] R2 defragsvc3232323232323232;Disk Defragmenter ;c:\programdata\api-ms-win-core-namedpipe-l1-1-032.exe [x] R2 defragsvc323232323232323232;Disk Defragmenter ;c:\programdata\davhlpr32.exe [x] R2 defragsvc32323232323232323232;Disk Defragmenter ;c:\programdata\rdprefdrvapi32.exe [x] R2 DeviceMonitorService323232;DeviceMonitorService ;c:\programdata\umdmxfrm32.exe [x] R2 DeviceMonitorService32323232;DeviceMonitorService ;c:\programdata\mssph32.exe [x] R2 DeviceMonitorService3232323232;DeviceMonitorService ;c:\programdata\mmcshext32.exe [x] R2 DeviceMonitorService323232323232;DeviceMonitorService ;c:\programdata\KBDA332.exe [x] R2 Dhcp323232323232;DHCP Client ;c:\programdata\rdpcore32.exe [x] R2 Dhcp3232323232323232;DHCP Client ;c:\programdata\efsutil32.exe [x] R2 Dhcp323232323232323232;DHCP Client ;c:\programdata\KBDAZEL32.exe [x] R2 Dnscache3232;DNS Client ;c:\programdata\mf321632.exe [x] R2 Dnscache323232;DNS Client ;c:\programdata\MFPlay32.exe [x] R2 Dnscache32323232;DNS Client ;c:\programdata\dxmasf32.exe [x] R2 Dnscache3232323232;DNS Client ;c:\programdata\SensApi32.exe [x] R2 dot3svc3232;Wired AutoConfig ;c:\programdata\WlS0WndH32.exe [x] R2 dot3svc32323232;Wired AutoConfig ;c:\programdata\pid32.exe [x] R2 dot3svc3232323232;Wired AutoConfig ;c:\programdata\rascfg32.exe [x] R2 dot3svc323232323232;Wired AutoConfig ;c:\programdata\wshbth32.exe [x] R2 dot3svc32323232323232;Wired AutoConfig ;c:\programdata\xinput1_332.exe [x] R2 dot3svc323232323232323232;Wired AutoConfig ;c:\programdata\xwtpdui32.exe [x] R2 DPS32;Diagnostic Policy Service ;c:\programdata\d3dx10_4332.exe [x] R2 EapHost32;Extensible Authentication Protocol ;c:\programdata\osuninst32.exe [x] R2 EapHost3232;Extensible Authentication Protocol ;c:\programdata\KBDHELA332.exe [x] R2 EapHost32323232;Extensible Authentication Protocol ;c:\programdata\gcdef32.exe [x] R2 EapHost32323232323232;Extensible Authentication Protocol ;c:\programdata\WcnApi32.exe [x] R2 EapHost3232323232323232;Extensible Authentication Protocol ;c:\programdata\NlsData000332.exe [x] R2 EapHost323232323232323232;Extensible Authentication Protocol ;c:\programdata\dmdskmgr32.exe [x] R2 EFS32;Encrypting File System (EFS) ;c:\programdata\traffic32.exe [x] R2 EFS323232323232;Encrypting File System (EFS) ;c:\programdata\esent32.exe [x] R2 EFS32323232323232;Encrypting File System (EFS) ;c:\programdata\ct_oal32.exe [x] R2 EFS3232323232323232;Encrypting File System (EFS) ;c:\programdata\winusb32.exe [x] R2 ehRecvr32;Windows Media Center Receiver Service ;c:\programdata\kbd101b32.exe [x] R2 ehRecvr323232;Windows Media Center Receiver Service ;c:\programdata\mssphtb32.exe [x] R2 ehRecvr323232323232;Windows Media Center Receiver Service ;c:\programdata\qedit32.exe [x] R2 ehRecvr32323232323232;Windows Media Center Receiver Service ;c:\programdata\d3dx10_3732.exe [x] R2 ehRecvr32323232323232323232323232323232;Windows Media Center Receiver Service ;c:\programdata\DfsShlEx32.exe [x] R2 ehRecvr3232323232323232323232323232323232;Windows Media Center Receiver Service ;c:\programdata\XAPOFX1_532.exe [x] R2 ehRecvr323232323232323232323232323232323232;Windows Media Center Receiver Service ;c:\programdata\mtxclu32.exe [x] R2 ehRecvr32323232323232323232323232323232323232;Windows Media Center Receiver Service ;c:\programdata\gpscript32.exe [x] R2 ehSched32;Windows Media Center Scheduler Service ;c:\programdata\ctl3d3232.exe [x] R2 ehSched323232;Windows Media Center Scheduler Service ;c:\programdata\sti32.exe [x] R2 ehSched32323232;Windows Media Center Scheduler Service ;c:\programdata\KBDTURME32.exe [x] R2 ehSched3232323232;Windows Media Center Scheduler Service ;c:\programdata\Storprop32.exe [x] R2 ehSched323232323232;Windows Media Center Scheduler Service ;c:\programdata\iedkcs3232.exe [x] R2 ehSched323232323232323232323232;Windows Media Center Scheduler Service ;c:\programdata\wscinterop32.exe [x] R2 ehSched32323232323232323232323232;Windows Media Center Scheduler Service ;c:\programdata\clbcatq32.exe [x] R2 EHttpSrv323232;ESET HTTP Server ;c:\programdata\d3dx1032.exe [x] R2 EHttpSrv32323232;ESET HTTP Server ;c:\programdata\xactengine2_1032.exe [x] R2 ekrn3232;ESET Service ;c:\programdata\rastls32.exe [x] R2 ekrn323232;ESET Service ;c:\programdata\KBDJPN32.exe [x] R2 ekrn32323232;ESET Service ;c:\programdata\azroleui32.exe [x] R2 ekrn32323232323232323232;ESET Service ;c:\programdata\aecache32.exe [x] R2 ekrn3232323232323232323232323232;ESET Service ;c:\programdata\ole2disp32.exe [x] R2 ekrn323232323232323232323232323232;ESET Service ;c:\programdata\wksprtPS32.exe [x] R2 eventlog32;Windows Event Log ;c:\programdata\d3dx9_2532.exe [x] R2 eventlog3232;Windows Event Log ;c:\programdata\xolehlp32.exe [x] R2 eventlog323232;Windows Event Log ;c:\programdata\Faultrep32.exe [x] R2 EventSystem32;COM+ Event System ;c:\programdata\D3DCompiler_3532.exe [x] R2 EventSystem323232;COM+ Event System ;c:\programdata\whealogr32.exe [x] R2 EventSystem32323232;COM+ Event System ;c:\programdata\ntlanui232.exe [x] R2 EventSystem32323232323232;COM+ Event System ;c:\programdata\PortableDeviceWiaCompat32.exe [x] R2 EventSystem323232323232323232323232;COM+ Event System ;c:\programdata\ELSCore32.exe [x] R2 EventSystem32323232323232323232323232;COM+ Event System ;c:\programdata\WWanAPI32.exe [x] R2 EventSystem3232323232323232323232323232;COM+ Event System ;c:\programdata\dhcpcore32.exe [x] R2 EventSystem323232323232323232323232323232;COM+ Event System ;c:\programdata\nvcompiler32.exe [x] R2 EventSystem32323232323232323232323232323232;COM+ Event System ;c:\programdata\pnpsetup32.exe [x] R2 EventSystem3232323232323232323232323232323232;COM+ Event System ;c:\programdata\KBDLT132.exe [x] R2 Fax32;Fax ;c:\programdata\irclass32.exe [x] R2 fdPHost32;Function Discovery Provider Host ;c:\programdata\wiashext32.exe [x] R2 fdPHost32323232323232323232;Function Discovery Provider Host ;c:\programdata\CddbLangIT32.exe [x] R2 FDResPub3232323232;Function Discovery Resource Publication ;c:\programdata\WebClnt32.exe [x] R2 FDResPub323232323232;Function Discovery Resource Publication ;c:\programdata\perfnet32.exe [x] R2 FDResPub3232323232323232;Function Discovery Resource Publication ;c:\programdata\ac3api32.exe [x] R2 FontCache3.0.0.032;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\d3dxof32.exe [x] R2 FontCache3.0.0.0323232;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\netprofm32.exe [x] R2 FontCache323232;Windows Font Cache Service ;c:\programdata\mprddm32.exe [x] R2 gpsvc32;Group Policy Client ;c:\programdata\WinSCard32.exe [x] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-24 136176] R2 gupdate32323232;Google Update Service (gupdate) ;c:\programdata\iyuv_3232.exe [x] R2 gupdate3232323232;Google Update Service (gupdate) ;c:\programdata\DeviceCenter32.exe [x] R2 gupdate323232323232;Google Update Service (gupdate) ;c:\programdata\NlsLexicons004932.exe [x] R2 gupdate32323232323232323232;Google Update Service (gupdate) ;c:\programdata\D3DX9_4132.exe [x] R2 gupdate3232323232323232323232;Google Update Service (gupdate) ;c:\programdata\srvcli32.exe [x] R2 gupdate323232323232323232323232;Google Update Service (gupdate) ;c:\programdata\powercpl32.exe [x] R2 gupdate32323232323232323232323232;Google Update Service (gupdate) ;c:\programdata\mswsock32.exe [x] R2 gupdatem3232;Google Update Service (gupdatem) ;c:\programdata\wmpshell32.exe [x] R2 gupdatem323232;Google Update Service (gupdatem) ;c:\programdata\catsrvps32.exe [x] R2 gusvc32;Google Software Updater ;c:\programdata\FirewallControlPanel32.exe [x] R2 gusvc3232;Google Software Updater ;c:\programdata\RASMM32.exe [x] R2 gusvc323232;Google Software Updater ;c:\programdata\tpmcompc32.exe [x] R2 gusvc32323232;Google Software Updater ;c:\programdata\NlsData002132.exe [x] R2 hidserv323232;Human Interface Device Access ;c:\programdata\wininet32.exe [x] R2 hidserv32323232;Human Interface Device Access ;c:\programdata\mf32.exe [x] R2 hidserv3232323232;Human Interface Device Access ;c:\programdata\prgiso32.exe [x] R2 hkmsvc32323232323232323232323232;Health Key and Certificate Management ;c:\programdata\msmpeg2adec32.exe [x] R2 hkmsvc3232323232323232323232323232;Health Key and Certificate Management ;c:\programdata\Magnification32.exe [x] R2 hkmsvc32323232323232323232323232323232;Health Key and Certificate Management ;c:\programdata\wscmisetup32.exe [x] R2 hkmsvc3232323232323232323232323232323232;Health Key and Certificate Management ;c:\programdata\NlsLexicons002a32.exe [x] R2 hkmsvc323232323232323232323232323232323232;Health Key and Certificate Management ;c:\programdata\INETRES32.exe [x] R2 hkmsvc3232323232323232323232323232323232323232;Health Key and Certificate Management ;c:\programdata\gpapi32.exe [x] R2 hkmsvc323232323232323232323232323232323232323232;Health Key and Certificate Management ;c:\programdata\msutb32.exe [x] R2 hkmsvc32323232323232323232323232323232323232323232;Health Key and Certificate Management ;c:\programdata\dpnaddr32.exe [x] R2 hkmsvc3232323232323232323232323232323232323232323232;Health Key and Certificate Management ;c:\programdata\CTEDASIO32.exe [x] R2 HomeGroupListener32;HomeGroup Listener ;c:\programdata\batmeter32.exe [x] R2 HomeGroupListener3232;HomeGroup Listener ;c:\programdata\bcryptprimitives32.exe [x] R2 HomeGroupListener323232;HomeGroup Listener ;c:\programdata\NlsLexicons003932.exe [x] R2 HomeGroupListener32323232;HomeGroup Listener ;c:\programdata\kbd10632.exe [x] R2 HomeGroupProvider32;HomeGroup Provider ;c:\programdata\dui7032.exe [x] R2 HomeGroupProvider3232;HomeGroup Provider ;c:\programdata\adtschema32.exe [x] R2 idsvc32;Windows CardSpace ;c:\programdata\txfw3232.exe [x] R2 idsvc3232;Windows CardSpace ;c:\programdata\d2d132.exe [x] R2 IKEEXT32323232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\dot3gpui32.exe [x] R2 IKEEXT3232323232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\AUDIOKSE32.exe [x] R2 iphlpsvc32;IP Helper ;c:\programdata\winshfhc32.exe [x] R2 KeyIso32;CNG Key Isolation ;c:\programdata\sqlceqp3032.exe [x] R2 KeyIso3232;CNG Key Isolation ;c:\programdata\C_ISCII32.exe [x] R2 KeyIso323232;CNG Key Isolation ;c:\programdata\wscapi32.exe [x] R2 KeyIso3232323232;CNG Key Isolation ;c:\programdata\sdiageng32.exe [x] R2 KeyIso32323232323232323232;CNG Key Isolation ;c:\programdata\msjava32.exe [x] R2 KeyIso3232323232323232323232;CNG Key Isolation ;c:\programdata\netprof32.exe [x] R2 KeyIso323232323232323232323232;CNG Key Isolation ;c:\programdata\WcnEapPeerProxy32.exe [x] R2 KeyIso32323232323232323232323232;CNG Key Isolation ;c:\programdata\d3d932.exe [x] R2 KeyIso3232323232323232323232323232;CNG Key Isolation ;c:\programdata\devrtl32.exe [x] R2 KtmRm3232323232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\DWrite32.exe [x] R2 KtmRm323232323232323232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\Apphlpdm32.exe [x] R2 KtmRm32323232323232323232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\mfps32.exe [x] R2 LanmanWorkstation32;Workstation ;c:\programdata\msshavmsg32.exe [x] R2 LanmanWorkstation3232;Workstation ;c:\programdata\msshooks32.exe [x] R2 LanmanWorkstation323232;Workstation ;c:\programdata\KBDMAC32.exe [x] R2 LanmanWorkstation32323232;Workstation ;c:\programdata\mfds32.exe [x] R2 LanmanWorkstation32323232323232;Workstation ;c:\programdata\spopk32.exe [x] R2 LanmanWorkstation3232323232323232;Workstation ;c:\programdata\rasman32.exe [x] R2 LightScribeService32323232;LightScribeService Direct Disc Labeling Service ;c:\programdata\dsprop32.exe [x] R2 LightScribeService3232323232;LightScribeService Direct Disc Labeling Service ;c:\programdata\KBDLV132.exe [x] R2 LightScribeService323232323232;LightScribeService Direct Disc Labeling Service ;c:\programdata\KBDUSA32.exe [x] R2 LightScribeService3232323232323232;LightScribeService Direct Disc Labeling Service ;c:\programdata\NlsLexicons000d32.exe [x] R2 LightScribeService323232323232323232;LightScribeService Direct Disc Labeling Service ;c:\programdata\msorc32r32.exe [x] R2 LightScribeService32323232323232323232;LightScribeService Direct Disc Labeling Service ;c:\programdata\EncDec32.exe [x] R2 LightScribeService323232323232323232323232;LightScribeService Direct Disc Labeling Service ;c:\programdata\KBDLT32.exe [x] R2 lltdsvc32;Link-Layer Topology Discovery Mapper ;c:\programdata\qasf32.exe [x] R2 lltdsvc3232323232;Link-Layer Topology Discovery Mapper ;c:\programdata\XAudio2_532.exe [x] R2 lltdsvc32323232323232;Link-Layer Topology Discovery Mapper ;c:\programdata\msxml3r32.exe [x] R2 lmhosts32;TCP/IP NetBIOS Helper ;c:\programdata\EhStorPwdMgr32.exe [x] R2 lmhosts3232;TCP/IP NetBIOS Helper ;c:\programdata\CddbLangDE32.exe [x] R2 lmhosts323232;TCP/IP NetBIOS Helper ;c:\programdata\winsta32.exe [x] R2 lmhosts32323232;TCP/IP NetBIOS Helper ;c:\programdata\msident32.exe [x] R2 lmhosts3232323232;TCP/IP NetBIOS Helper ;c:\programdata\IMJP10K32.exe [x] R2 lxbc_device32;lxbc_device ;c:\programdata\bidispl32.exe [x] R2 lxbc_device323232323232;lxbc_device ;c:\programdata\wmpsrcwp32.exe [x] R2 Marvell RAID3232323232323232;Marvell RAID Event Agent ;c:\programdata\avicap3232.exe [x] R2 Marvell RAID3232323232323232323232;Marvell RAID Event Agent ;c:\programdata\mssvp32.exe [x] R2 Marvell RAID323232323232323232323232;Marvell RAID Event Agent ;c:\programdata\KBDTUF32.exe [x] R2 Marvell RAID32323232323232323232323232;Marvell RAID Event Agent ;c:\programdata\D3DCompiler_3432.exe [x] R2 Marvell RAID3232323232323232323232323232;Marvell RAID Event Agent ;c:\programdata\dinput32.exe [x] R2 Mcx2Svc32;Media Center Extender Service ;c:\programdata\autoplay32.exe [x] R2 Mcx2Svc3232323232;Media Center Extender Service ;c:\programdata\cngprovider32.exe [x] R2 Mcx2Svc323232323232;Media Center Extender Service ;c:\programdata\VBAME32.exe [x] R2 Mcx2Svc32323232323232;Media Center Extender Service ;c:\programdata\iashlpr32.exe [x] R2 Mcx2Svc3232323232323232;Media Center Extender Service ;c:\programdata\msidcrl3032.exe [x] R2 Mcx2Svc323232323232323232;Media Center Extender Service ;c:\programdata\XAPOFX1_032.exe [x] R2 Microsoft Office Groove Audit Service32;Microsoft Office Groove Audit Service ;c:\programdata\WMPhoto32.exe [x] R2 Microsoft Office Groove Audit Service3232;Microsoft Office Groove Audit Service ;c:\programdata\SortWindows6Compat32.exe [x] R2 Microsoft Office Groove Audit Service323232;Microsoft Office Groove Audit Service ;c:\programdata\DDACLSys32.exe [x] R2 MMCSS32;Multimedia Class Scheduler ;c:\programdata\FWPUCLNT32.exe [x] R2 MMCSS323232;Multimedia Class Scheduler ;c:\programdata\riched3232.exe [x] R2 MMCSS323232323232;Multimedia Class Scheduler ;c:\programdata\mfc100enu32.exe [x] R2 MotoHelper32;MotoHelper Service ;c:\programdata\CTxfiSpk32.exe [x] R2 MotoHelper323232323232;MotoHelper Service ;c:\programdata\appidapi32.exe [x] R2 MotoHelper3232323232323232;MotoHelper Service ;c:\programdata\XpsRasterService32.exe [x] R2 MotoHelper32323232323232323232;MotoHelper Service ;c:\programdata\mscms32.exe [x] R2 MpsSvc3232;Windows Firewall ;c:\programdata\KBDBHC32.exe [x] R2 MpsSvc323232;Windows Firewall ;c:\programdata\napipsec32.exe [x] R2 MpsSvc32323232;Windows Firewall ;c:\programdata\srrstr32.exe [x] R2 MpsSvc3232323232;Windows Firewall ;c:\programdata\CddbLangNL32.exe [x] R2 MpsSvc323232323232;Windows Firewall ;c:\programdata\dhcpcsvc632.exe [x] R2 MpsSvc32323232323232;Windows Firewall ;c:\programdata\msscp32.exe [x] R2 MpsSvc323232323232323232;Windows Firewall ;c:\programdata\mfc40u32.exe [x] R2 MpsSvc32323232323232323232;Windows Firewall ;c:\programdata\X3DAudio1_432.exe [x] R2 MpsSvc3232323232323232323232;Windows Firewall ;c:\programdata\msvcp10032.exe [x] R2 MpsSvc323232323232323232323232;Windows Firewall ;c:\programdata\fdPnp32.exe [x] R2 MpsSvc32323232323232323232323232;Windows Firewall ;c:\programdata\INRES32.exe [x] R2 MRUWebService3232;MRU Web Service ;c:\programdata\lxbccomc32.exe [x] R2 MRUWebService3232323232;MRU Web Service ;c:\programdata\KBDBGPH132.exe [x] R2 MRUWebService32323232323232;MRU Web Service ;c:\programdata\els32.exe [x] R2 MRUWebService3232323232323232;MRU Web Service ;c:\programdata\tcpipcfg32.exe [x] R2 MRUWebService323232323232323232;MRU Web Service ;c:\programdata\ntdsapi32.exe [x] R2 MRUWebService32323232323232323232;MRU Web Service ;c:\programdata\KBDUR32.exe [x] R2 MSDTC32;Distributed Transaction Coordinator ;c:\programdata\iologmsg32.exe [x] R2 MSDTC32323232;Distributed Transaction Coordinator ;c:\programdata\shell3232.exe [x] R2 MSDTC3232323232;Distributed Transaction Coordinator ;c:\programdata\NlsData004a32.exe [x] R2 MSDTC323232323232;Distributed Transaction Coordinator ;c:\programdata\dataclen32.exe [x] R2 MSDTC32323232323232;Distributed Transaction Coordinator ;c:\programdata\icardie32.exe [x] R2 MSiSCSI3232;Microsoft iSCSI Initiator Service ;c:\programdata\NlsData002632.exe [x] R2 MSiSCSI323232;Microsoft iSCSI Initiator Service ;c:\programdata\uniplat32.exe [x] R2 MSiSCSI32323232;Microsoft iSCSI Initiator Service ;c:\programdata\deskperf32.exe [x] R2 MSiSCSI32323232323232;Microsoft iSCSI Initiator Service ;c:\programdata\icmui32.exe [x] R2 MSiSCSI3232323232323232;Microsoft iSCSI Initiator Service ;c:\programdata\browcli32.exe [x] R2 msiserver323232;Windows Installer ;c:\programdata\lxbchbn332.exe [x] R2 msiserver32323232;Windows Installer ;c:\programdata\WPDShServiceObj32.exe [x] R2 napagent32;Network Access Protection Agent ;c:\programdata\sfms3232.exe [x] R2 napagent3232;Network Access Protection Agent ;c:\programdata\dmdlgs32.exe [x] R2 napagent323232;Network Access Protection Agent ;c:\programdata\CTDC000032.exe [x] R2 napagent32323232;Network Access Protection Agent ;c:\programdata\iassam32.exe [x] R2 napagent3232323232;Network Access Protection Agent ;c:\programdata\KBDBLR32.exe [x] R2 napagent32323232323232323232;Network Access Protection Agent ;c:\programdata\wpdshext32.exe [x] R2 napagent32323232323232323232323232;Network Access Protection Agent ;c:\programdata\WSHTCPIP32.exe [x] R2 Nero BackItUp Scheduler 4.032;Nero BackItUp Scheduler 4.0 ;c:\programdata\NlsData003e32.exe [x] R2 Nero BackItUp Scheduler 4.03232;Nero BackItUp Scheduler 4.0 ;c:\programdata\apisetschema32.exe [x] R2 Nero BackItUp Scheduler 4.03232323232323232;Nero BackItUp Scheduler 4.0 ;c:\programdata\D3DCompiler_3832.exe [x] R2 Nero BackItUp Scheduler 4.0323232323232323232;Nero BackItUp Scheduler 4.0 ;c:\programdata\FM2032.exe [x] R2 Nero BackItUp Scheduler 4.032323232323232323232;Nero BackItUp Scheduler 4.0 ;c:\programdata\fwcfg32.exe [x] R2 Nero BackItUp Scheduler 4.03232323232323232323232;Nero BackItUp Scheduler 4.0 ;c:\programdata\ocsetapi32.exe [x] R2 Netlogon32;Netlogon ;c:\programdata\wavemsp32.exe [x] R2 Netlogon3232;Netlogon ;c:\programdata\ir41_qcx32.exe [x] R2 Netlogon323232;Netlogon ;c:\programdata\fdWNet32.exe [x] R2 Netman3232;Network Connections ;c:\programdata\api-ms-win-core-memory-l1-1-032.exe [x] R2 Netman3232323232;Network Connections ;c:\programdata\rasmontr32.exe [x] R2 Netman323232323232;Network Connections ;c:\programdata\fdBth32.exe [x] R2 Netman32323232323232;Network Connections ;c:\programdata\netcenter32.exe [x] R2 Netman323232323232323232;Network Connections ;c:\programdata\d3d10core32.exe [x] R2 netprofm32;Network List Service ;c:\programdata\mapi3232.exe [x] R2 NetTcpPortSharing32323232;Net.Tcp Port Sharing Service ;c:\programdata\win32spl32.exe [x] R2 NlaSvc323232;Network Location Awareness ;c:\programdata\Wpc32.exe [x] R2 NlaSvc323232323232;Network Location Awareness ;c:\programdata\samlib32.exe [x] R2 nsi32;Network Store Interface Service ;c:\programdata\WinSyncMetastore32.exe [x] R2 nsi3232;Network Store Interface Service ;c:\programdata\tapi332.exe [x] R2 nsi323232;Network Store Interface Service ;c:\programdata\NlsData002032.exe [x] R2 nsi32323232;Network Store Interface Service ;c:\programdata\olecli3232.exe [x] R2 nvsvc32;NVIDIA Display Driver Service ;c:\programdata\d3dx9_2732.exe [x] R2 nvsvc3232;NVIDIA Display Driver Service ;c:\programdata\KBDGR32.exe [x] R2 odserv3232;Microsoft Office Diagnostics Service ;c:\programdata\ieframe32.exe [x] R2 odserv323232;Microsoft Office Diagnostics Service ;c:\programdata\dswave32.exe [x] R2 odserv32323232;Microsoft Office Diagnostics Service ;c:\programdata\eqossnap32.exe [x] R2 odserv323232323232323232;Microsoft Office Diagnostics Service ;c:\programdata\IasMigPlugin32.exe [x] R2 odserv32323232323232323232;Microsoft Office Diagnostics Service ;c:\programdata\modemui32.exe [x] R2 ose32;Office Source Engine ;c:\programdata\lxbcjswr32.exe [x] R2 ose3232;Office Source Engine ;c:\programdata\ir50_qcx32.exe [x] R2 p2pimsvc32;Peer Networking Identity Manager ;c:\programdata\regapi32.exe [x] R2 p2psvc32;Peer Networking Grouping ;c:\programdata\PortableDeviceTypes32.exe [x] R2 p2psvc3232;Peer Networking Grouping ;c:\programdata\panmap32.exe [x] R2 p2psvc323232;Peer Networking Grouping ;c:\programdata\whhelper32.exe [x] R2 PcaSvc3232;Program Compatibility Assistant Service ;c:\programdata\dmocx32.exe [x] R2 PcaSvc323232;Program Compatibility Assistant Service ;c:\programdata\davclnt32.exe [x] R2 PcaSvc32323232;Program Compatibility Assistant Service ;c:\programdata\hid32.exe [x] R2 PeerDistSvc3232;BranchCache ;c:\programdata\d3dx10_3632.exe [x] R2 PeerDistSvc323232;BranchCache ;c:\programdata\wlandlg32.exe [x] R2 PeerDistSvc32323232;BranchCache ;c:\programdata\CddbLangES32.exe [x] R2 PerfHost32;Performance Counter DLL Host ;c:\programdata\sfc32.exe [x] R2 PerfHost3232;Performance Counter DLL Host ;c:\programdata\SrpUxNativeSnapIn32.exe [x] R2 PerfHost32323232;Performance Counter DLL Host ;c:\programdata\amxread32.exe [x] R2 PerfHost3232323232;Performance Counter DLL Host ;c:\programdata\icm3232.exe [x] R2 PerfHost323232323232;Performance Counter DLL Host ;c:\programdata\sberes32.exe [x] R2 pla32;Performance Logs & Alerts ;c:\programdata\msnetobj32.exe [x] R2 pla3232;Performance Logs & Alerts ;c:\programdata\KBDINMAR32.exe [x] R2 pla323232;Performance Logs & Alerts ;c:\programdata\ExplorerFrame32.exe [x] R2 pla323232323232;Performance Logs & Alerts ;c:\programdata\msxml332.exe [x] R2 pla32323232323232;Performance Logs & Alerts ;c:\programdata\KBDDIV132.exe [x] R2 pla3232323232323232;Performance Logs & Alerts ;c:\programdata\DXPTaskRingtone32.exe [x] R2 PlugPlay32;Plug and Play ;c:\programdata\muifontsetup32.exe [x] R2 PlugPlay3232;Plug and Play ;c:\programdata\KBDTH132.exe [x] R2 PlugPlay323232;Plug and Play ;c:\programdata\odbc32gt32.exe [x] R2 PlugPlay3232323232;Plug and Play ;c:\programdata\mfc100cht32.exe [x] R2 PlugPlay32323232323232;Plug and Play ;c:\programdata\rasdlg32.exe [x] R2 PnkBstrA32323232;PnkBstrA ;c:\programdata\iscsied32.exe [x] R2 PnkBstrA323232323232;PnkBstrA ;c:\programdata\KBDFA32.exe [x] R2 PnkBstrA32323232323232;PnkBstrA ;c:\programdata\apds32.exe [x] R2 PnkBstrA3232323232323232;PnkBstrA ;c:\programdata\api-ms-win-core-rtlsupport-l1-1-032.exe [x] R2 PnkBstrA323232323232323232;PnkBstrA ;c:\programdata\KBDBASH32.exe [x] R2 PNRPAutoReg32;PNRP Machine Name Publication Service ;c:\programdata\cscapi32.exe [x] R2 PNRPAutoReg3232;PNRP Machine Name Publication Service ;c:\programdata\rasmxs32.exe [x] R2 PNRPAutoReg323232;PNRP Machine Name Publication Service ;c:\programdata\CTSCAL32.exe [x] R2 PNRPsvc32;Peer Name Resolution Protocol ;c:\programdata\CTTHXCAL32.exe [x] R2 PNRPsvc323232;Peer Name Resolution Protocol ;c:\programdata\nvdecodemft32.exe [x] R2 PNRPsvc323232323232;Peer Name Resolution Protocol ;c:\programdata\NlsLexicons000132.exe [x] R2 PNRPsvc32323232323232;Peer Name Resolution Protocol ;c:\programdata\usbui32.exe [x] R2 PNRPsvc3232323232323232;Peer Name Resolution Protocol ;c:\programdata\EhStorAPI32.exe [x] R2 PolicyAgent3232;IPsec Policy Agent ;c:\programdata\odpdx3232.exe [x] R2 PolicyAgent323232;IPsec Policy Agent ;c:\programdata\d3d10_132.exe [x] R2 Power32;Power ;c:\programdata\netfxperf32.exe [x] R2 Power3232;Power ;c:\programdata\winmm32.exe [x] R2 Power323232;Power ;c:\programdata\dot3msm32.exe [x] R2 Power3232323232323232323232;Power ;c:\programdata\MsCtfMonitor32.exe [x] R2 Power323232323232323232323232;Power ;c:\programdata\snmpapi32.exe [x] R2 Power32323232323232323232323232;Power ;c:\programdata\fde32.exe [x] R2 Power3232323232323232323232323232;Power ;c:\programdata\webservices32.exe [x] R2 ProfSvc32;User Profile Service ;c:\programdata\msclmd32.exe [x] R2 ProfSvc3232;User Profile Service ;c:\programdata\WlanMM32.exe [x] R2 ProfSvc323232;User Profile Service ;c:\programdata\kbdibm0232.exe [x] R2 ProtectedStorage32;Protected Storage ;c:\programdata\networkitemfactory32.exe [x] R2 ProtectedStorage3232;Protected Storage ;c:\programdata\KBDSYR232.exe [x] R2 ProtectedStorage3232323232;Protected Storage ;c:\programdata\PlaySndSrv32.exe [x] R2 ProtectedStorage32323232323232;Protected Storage ;c:\programdata\mydocs32.exe [x] R2 QWAVE32;Quality Windows Audio Video Experience ;c:\programdata\RstrtMgr32.exe [x] R2 RasMan32;Remote Access Connection Manager ;c:\programdata\dplayx32.exe [x] R2 Realtek818532;Realtek8185 ;c:\programdata\KBDLAO32.exe [x] R2 Realtek81853232;Realtek8185 ;c:\programdata\WMADMOE32.exe [x] R2 Realtek8185323232;Realtek8185 ;c:\programdata\dmintf32.exe [x] R2 Realtek818532323232;Realtek8185 ;c:\programdata\NlsLexicons000932.exe [x] R2 RemoteAccess32;Routing and Remote Access ;c:\programdata\BOOTVID32.exe [x] R2 RemoteAccess3232;Routing and Remote Access ;c:\programdata\comdlg3232.exe [x] R2 RemoteRegistry323232323232;Remote Registry ;c:\programdata\WSManMigrationPlugin32.exe [x] R2 RemoteRegistry323232323232323232;Remote Registry ;c:\programdata\iprop32.exe [x] R2 rpcapd323232;Remote Packet Capture Protocol v.0 (experimental) ;c:\programdata\KBDTH332.exe [x] R2 rpcapd32323232;Remote Packet Capture Protocol v.0 (experimental) ;c:\programdata\sendmail32.exe [x] R2 rpcapd3232323232;Remote Packet Capture Protocol v.0 (experimental) ;c:\programdata\wmdrmsdk32.exe [x] R2 rpcapd323232323232;Remote Packet Capture Protocol v.0 (experimental) ;c:\programdata\xpsservices32.exe [x] R2 rpcapd32323232323232;Remote Packet Capture Protocol v.0 (experimental) ;c:\programdata\KBDHELA232.exe [x] R2 rpcapd3232323232323232323232323232;Remote Packet Capture Protocol v.0 (experimental) ;c:\programdata\hhsetup32.exe [x] R2 rpcapd323232323232323232323232323232;Remote Packet Capture Protocol v.0 (experimental) ;c:\programdata\DevicePairingProxy32.exe [x] R2 rpcapd32323232323232323232323232323232;Remote Packet Capture Protocol v.0 (experimental) ;c:\programdata\msdtcprx32.exe [x] R2 rpcapd3232323232323232323232323232323232;Remote Packet Capture Protocol v.0 (experimental) ;c:\programdata\xactengine3_632.exe [x] R2 RpcEptMapper3232;RPC Endpoint Mapper ;c:\programdata\KBDTH032.exe [x] R2 RpcEptMapper323232;RPC Endpoint Mapper ;c:\programdata\D3DCompiler_4232.exe [x] R2 RpcEptMapper32323232;RPC Endpoint Mapper ;c:\programdata\ifsutilx32.exe [x] R2 RpcEptMapper323232323232;RPC Endpoint Mapper ;c:\programdata\NlsLexicons004a32.exe [x] R2 RpcEptMapper32323232323232;RPC Endpoint Mapper ;c:\programdata\sxsstore32.exe [x] R2 RpcEptMapper3232323232323232;RPC Endpoint Mapper ;c:\programdata\racpldlg32.exe [x] R2 RpcEptMapper32323232323232323232;RPC Endpoint Mapper ;c:\programdata\spwmp32.exe [x] R2 RpcEptMapper32323232323232323232323232;RPC Endpoint Mapper ;c:\programdata\kbdax232.exe [x] R2 RpcLocator323232;Remote Procedure Call (RPC) Locator ;c:\programdata\WMSPDMOE32.exe [x] R2 RpcLocator32323232;Remote Procedure Call (RPC) Locator ;c:\programdata\wsdchngr32.exe [x] R2 RpcSs3232323232;Remote Procedure Call (RPC) ;c:\programdata\mstask32.exe [x] R2 RpcSs323232323232;Remote Procedure Call (RPC) ;c:\programdata\itss32.exe [x] R2 RpcSs32323232323232;Remote Procedure Call (RPC) ;c:\programdata\XAudio2_332.exe [x] R2 SamSs32;Security Accounts Manager ;c:\programdata\bitsprx332.exe [x] R2 SamSs3232;Security Accounts Manager ;c:\programdata\KBDFI32.exe [x] R2 SamSs323232323232;Security Accounts Manager ;c:\programdata\dbghelp32.exe [x] R2 SamSs32323232323232;Security Accounts Manager ;c:\programdata\msexch4032.exe [x] R2 SamSs3232323232323232;Security Accounts Manager ;c:\programdata\wdigest32.exe [x] R2 SamSs323232323232323232;Security Accounts Manager ;c:\programdata\wuwebv32.exe [x] R2 SCardSvr32;Smart Card ;c:\programdata\CTDCIFCE32.exe [x] R2 SCardSvr3232;Smart Card ;c:\programdata\WMNetMgr32.exe [x] R2 SCardSvr323232;Smart Card ;c:\programdata\pdh32.exe [x] R2 SDRSVC323232323232323232;Windows Backup ;c:\programdata\dpx32.exe [x] R2 SDRSVC32323232323232323232;Windows Backup ;c:\programdata\RacEngn32.exe [x] R2 SENS3232;System Event Notification Service ;c:\programdata\TRAPI32.exe [x] R2 SensrSvc323232323232;Adaptive Brightness ;c:\programdata\sppcomapi32.exe [x] R2 SensrSvc3232323232323232323232;Adaptive Brightness ;c:\programdata\vpnikeapi32.exe [x] R2 SensrSvc32323232323232323232323232;Adaptive Brightness ;c:\programdata\mtxex32.exe [x] R2 SensrSvc3232323232323232323232323232;Adaptive Brightness ;c:\programdata\d3dx10_4232.exe [x] R2 SessionEnv32;Remote Desktop Configuration ;c:\programdata\avrt32.exe [x] R2 SessionEnv323232;Remote Desktop Configuration ;c:\programdata\xactengine2_132.exe [x] R2 SessionEnv32323232;Remote Desktop Configuration ;c:\programdata\PresentationNative_v030032.exe [x] R2 SessionEnv3232323232;Remote Desktop Configuration ;c:\programdata\d3dx9_3632.exe [x] R2 SessionEnv323232323232;Remote Desktop Configuration ;c:\programdata\xactengine2_532.exe [x] R2 SharedAccess3232;Internet Connection Sharing (ICS) ;c:\programdata\KBDDV32.exe [x] R2 ShellHWDetection3232;Shell Hardware Detection ;c:\programdata\lxbcserv32.exe [x] R2 ShellHWDetection32323232323232;Shell Hardware Detection ;c:\programdata\RpcRtRemote32.exe [x] R2 SiHbaWakeupService32;Silicon Image HBA Wakeup Utility ;c:\programdata\ndishc32.exe [x] R2 SiHbaWakeupService3232;Silicon Image HBA Wakeup Utility ;c:\programdata\kbdnecnt32.exe [x] R2 SiHbaWakeupService323232;Silicon Image HBA Wakeup Utility ;c:\programdata\KBDPL32.exe [x] R2 SiHbaWakeupService3232323232;Silicon Image HBA Wakeup Utility ;c:\programdata\themecpl32.exe [x] R2 SiHbaWakeupService323232323232;Silicon Image HBA Wakeup Utility ;c:\programdata\KBDKAZ32.exe [x] R2 SiHbaWakeupService32323232323232;Silicon Image HBA Wakeup Utility ;c:\programdata\wmvdspa32.exe [x] R2 SNMPTRAP32;SNMP Trap ;c:\programdata\AudioEng32.exe [x] R2 Sony SCSI Helper Service32;Sony SCSI Helper Service ;c:\programdata\imgutil32.exe [x] R2 Spooler32;Print Spooler ;c:\programdata\dxtmsft32.exe [x] R2 Spooler3232;Print Spooler ;c:\programdata\onex32.exe [x] R2 Spooler323232;Print Spooler ;c:\programdata\XAudio2_632.exe [x] R2 Spooler32323232;Print Spooler ;c:\programdata\netcfgx32.exe [x] R2 Spooler3232323232;Print Spooler ;c:\programdata\ndfhcdiscovery32.exe [x] R2 Spooler323232323232;Print Spooler ;c:\programdata\d3dx11_4232.exe [x] R2 Spooler32323232323232;Print Spooler ;c:\programdata\rtm32.exe [x] R2 Spooler3232323232323232;Print Spooler ;c:\programdata\D3DX9_3832.exe [x] R2 Spooler323232323232323232;Print Spooler ;c:\programdata\msports32.exe [x] R2 Spooler323232323232323232323232;Print Spooler ;c:\programdata\wmpps32.exe [x] R2 sppsvc32;Software Protection ;c:\programdata\KBDUK32.exe [x] R2 sppsvc3232;Software Protection ;c:\programdata\FXSEXT3232.exe [x] R2 sppsvc323232;Software Protection ;c:\programdata\NlsLexicons004632.exe [x] R2 sppsvc32323232;Software Protection ;c:\programdata\msfeeds32.exe [x] R2 sppuinotify32;SPP Notification Service ;c:\programdata\KBDSW0932.exe [x] R2 sppuinotify323232;SPP Notification Service ;c:\programdata\WiaExtensionHost6432.exe [x] R2 sppuinotify32323232;SPP Notification Service ;c:\programdata\perfos32.exe [x] R2 sppuinotify32323232323232323232323232;SPP Notification Service ;c:\programdata\nlsbres32.exe [x] R2 SSDPSRV3232323232323232;SSDP Discovery ;c:\programdata\iaspolcy32.exe [x] R2 SSDPSRV32323232323232323232;SSDP Discovery ;c:\programdata\rasadhlp32.exe [x] R2 SstpSvc32;Secure Socket Tunneling Protocol Service ;c:\programdata\cca32.exe [x] R2 SstpSvc3232;Secure Socket Tunneling Protocol Service ;c:\programdata\dispex32.exe [x] R2 SstpSvc32323232;Secure Socket Tunneling Protocol Service ;c:\programdata\msvbvm5032.exe [x] R2 SstpSvc3232323232;Secure Socket Tunneling Protocol Service ;c:\programdata\ieakui32.exe [x] R2 SstpSvc323232323232;Secure Socket Tunneling Protocol Service ;c:\programdata\iscsicpl32.exe [x] R2 SstpSvc32323232323232;Secure Socket Tunneling Protocol Service ;c:\programdata\D3DCompiler_4032.exe [x] R2 SstpSvc3232323232323232;Secure Socket Tunneling Protocol Service ;c:\programdata\KBDA232.exe [x] R2 Steam Client Service32;Steam Client Service ;c:\programdata\olesvr3232.exe [x] R2 Steam Client Service3232323232;Steam Client Service ;c:\programdata\wecapi32.exe [x] R2 Steam Client Service323232323232;Steam Client Service ;c:\programdata\KBDFC32.exe [x] R2 Stereo Service3232;NVIDIA Stereoscopic 3D Driver Service ;c:\programdata\msjter4032.exe [x] R2 Stereo Service323232;NVIDIA Stereoscopic 3D Driver Service ;c:\programdata\mfvdsp32.exe [x] R2 Stereo Service32323232;NVIDIA Stereoscopic 3D Driver Service ;c:\programdata\dmusic32.exe [x] R2 Stereo Service3232323232;NVIDIA Stereoscopic 3D Driver Service ;c:\programdata\vssapi32.exe [x] R2 Stereo Service323232323232;NVIDIA Stereoscopic 3D Driver Service ;c:\programdata\dtsh32.exe [x] R2 Stereo Service32323232323232;NVIDIA Stereoscopic 3D Driver Service ;c:\programdata\thawbrkr32.exe [x] R2 Stereo Service323232323232323232;NVIDIA Stereoscopic 3D Driver Service ;c:\programdata\lxbcgf32.exe [x] R2 stisvc32;Windows Image Acquisition (WIA) ;c:\programdata\pngfilt32.exe [x] R2 stisvc3232;Windows Image Acquisition (WIA) ;c:\programdata\CmdRtr32.exe [x] R2 stisvc3232323232;Windows Image Acquisition (WIA) ;c:\programdata\puiobj32.exe [x] R2 stisvc323232323232;Windows Image Acquisition (WIA) ;c:\programdata\KBDBR32.exe [x] R2 stisvc3232323232323232;Windows Image Acquisition (WIA) ;c:\programdata\wlangpui32.exe [x] R2 StorSvc32;Storage Service ;c:\programdata\KBDHU132.exe [x] R2 StorSvc3232;Storage Service ;c:\programdata\msorcl3232.exe [x] R2 StorSvc323232;Storage Service ;c:\programdata\KBDMAORI32.exe [x] R2 StorSvc32323232323232;Storage Service ;c:\programdata\polstore32.exe [x] R2 StorSvc323232323232323232;Storage Service ;c:\programdata\pifmgr32.exe [x] R2 StorSvc32323232323232323232;Storage Service ;c:\programdata\KBDTAT32.exe [x] R2 StorSvc3232323232323232323232;Storage Service ;c:\programdata\sxshared32.exe [x] R2 SwitchBoard32;Adobe SwitchBoard ;c:\programdata\odbccp3232.exe [x] R2 SwitchBoard32323232;Adobe SwitchBoard ;c:\programdata\VAN32.exe [x] R2 SwitchBoard3232323232;Adobe SwitchBoard ;c:\programdata\es32.exe [x] R2 swprv32;Microsoft Software Shadow Copy Provider ;c:\programdata\FM20ENU32.exe [x] R2 swprv3232;Microsoft Software Shadow Copy Provider ;c:\programdata\fdWCN32.exe [x] R2 swprv323232;Microsoft Software Shadow Copy Provider ;c:\programdata\qcap32.exe [x] R2 swprv32323232;Microsoft Software Shadow Copy Provider ;c:\programdata\ddrawex32.exe [x] R2 SysMain32;Superfetch ;c:\programdata\deskmon32.exe [x] R2 SysMain32323232323232323232;Superfetch ;c:\programdata\xactengine2_232.exe [x] R2 SysMain32323232323232323232323232323232;Superfetch ;c:\programdata\NlsData002432.exe [x] R2 SysMain3232323232323232323232323232323232;Superfetch ;c:\programdata\D3DX9_4232.exe [x] R2 TabletInputService32323232323232;Tablet PC Input Service ;c:\programdata\KBDYAK32.exe [x] R2 TabletInputService3232323232323232;Tablet PC Input Service ;c:\programdata\api-ms-win-core-handle-l1-1-032.exe [x] R2 TabletInputService32323232323232323232;Tablet PC Input Service ;c:\programdata\sxs32.exe [x] R2 TapiSrv32;Telephony ;c:\programdata\wdc32.exe [x] R2 TapiSrv3232;Telephony ;c:\programdata\capiprovider32.exe [x] R2 TapiSrv323232;Telephony ;c:\programdata\wmpcm32.exe [x] R2 TapiSrv32323232;Telephony ;c:\programdata\KBDLA32.exe [x] R2 TapiSrv323232323232;Telephony ;c:\programdata\nvcuvid32.exe [x] R2 TapiSrv3232323232323232;Telephony ;c:\programdata\KBDARME32.exe [x] R2 TapiSrv3232323232323232323232323232;Telephony ;c:\programdata\PeerDistSh32.exe [x] R2 TapiSrv323232323232323232323232323232;Telephony ;c:\programdata\ufat32.exe [x] R2 TBS32;TPM Base Services ;c:\programdata\KBDRO32.exe [x] R2 TBS3232;TPM Base Services ;c:\programdata\apircl32.exe [x] R2 TBS32323232;TPM Base Services ;c:\programdata\mfdvdec32.exe [x] R2 TermService3232;Remote Desktop Services ;c:\programdata\wsock3232.exe [x] R2 TermService323232;Remote Desktop Services ;c:\programdata\sppcext32.exe [x] R2 Themes3232;Themes ;c:\programdata\d3dx9_3232.exe [x] R2 Themes323232323232;Themes ;c:\programdata\vdsdyn32.exe [x] R2 Themes32323232323232;Themes ;c:\programdata\vdsbas32.exe [x] R2 Themes323232323232323232323232;Themes ;c:\programdata\msoert232.exe [x] R2 Themes3232323232323232323232323232;Themes ;c:\programdata\nvcuda32.exe [x] R2 Themes323232323232323232323232323232;Themes ;c:\programdata\api-ms-win-core-synch-l1-1-032.exe [x] R2 THREADORDER32323232;Thread Ordering Server ;c:\programdata\netplwiz32.exe [x] R2 THREADORDER3232323232;Thread Ordering Server ;c:\programdata\wcncsvc32.exe [x] R2 THREADORDER323232323232;Thread Ordering Server ;c:\programdata\WcsPlugInService32.exe [x] R2 TrkWks32;Distributed Link Tracking Client ;c:\programdata\piaproxy32.exe [x] R2 TrkWks3232;Distributed Link Tracking Client ;c:\programdata\KBDROST32.exe [x] R2 TrkWks323232;Distributed Link Tracking Client ;c:\programdata\wzcdlg32.exe [x] R2 TrkWks32323232;Distributed Link Tracking Client ;c:\programdata\kernel3232.exe [x] R2 TrkWks32323232323232;Distributed Link Tracking Client ;c:\programdata\setupcln32.exe [x] R2 TrustedInstaller32;Windows Modules Installer ;c:\programdata\NlsData081632.exe [x] R2 TrustedInstaller32323232323232;Windows Modules Installer ;c:\programdata\CTDC000132.exe [x] R2 TrustedInstaller3232323232323232;Windows Modules Installer ;c:\programdata\usbperf32.exe [x] R2 TrustedInstaller323232323232323232;Windows Modules Installer ;c:\programdata\CDDBControl32.exe [x] R2 TrustedInstaller32323232323232323232;Windows Modules Installer ;c:\programdata\console32.exe [x] R2 TrustedInstaller3232323232323232323232;Windows Modules Installer ;c:\programdata\NlsData004e32.exe [x] R2 TrustedInstaller323232323232323232323232;Windows Modules Installer ;c:\programdata\wlanhlp32.exe [x] R2 TrustedInstaller32323232323232323232323232;Windows Modules Installer ;c:\programdata\SensorsApi32.exe [x] R2 UI0Detect32;Interactive Services Detection ;c:\programdata\eapphost32.exe [x] R2 UI0Detect32323232;Interactive Services Detection ;c:\programdata\P2PGraph32.exe [x] R2 UI0Detect3232323232;Interactive Services Detection ;c:\programdata\api-ms-win-core-xstate-l1-1-032.exe [x] R2 UI0Detect32323232323232;Interactive Services Detection ;c:\programdata\ssdpapi32.exe [x] R2 UmRdpService32;Remote Desktop Services UserMode Port Redirector ;c:\programdata\rastapi32.exe [x] R2 UmRdpService3232;Remote Desktop Services UserMode Port Redirector ;c:\programdata\ws2help32.exe [x] R2 UmRdpService323232323232;Remote Desktop Services UserMode Port Redirector ;c:\programdata\dxva232.exe [x] R2 upnphost32;UPnP Device Host ;c:\programdata\shsetup32.exe [x] R2 upnphost3232;UPnP Device Host ;c:\programdata\cabview32.exe [x] R2 upnphost323232;UPnP Device Host ;c:\programdata\d3d8thk32.exe [x] R2 UxSms32;Desktop Window Manager Session Manager ;c:\programdata\fdWSD32.exe [x] R2 UxSms3232;Desktop Window Manager Session Manager ;c:\programdata\rmoc326032.exe [x] R2 UxSms3232323232323232;Desktop Window Manager Session Manager ;c:\programdata\midimap32.exe [x] R2 VaultSvc3232;Credential Manager ;c:\programdata\iasrecst32.exe [x] R2 VaultSvc323232;Credential Manager ;c:\programdata\efsadu32.exe [x] R2 VaultSvc32323232;Credential Manager ;c:\programdata\rdpendp32.exe [x] R2 VaultSvc3232323232;Credential Manager ;c:\programdata\KBDAZE32.exe [x] R2 vds323232;Virtual Disk ;c:\programdata\scksp32.exe [x] R2 VSS32;Volume Shadow Copy ;c:\programdata\wsnmp3232.exe [x] R2 VSS3232;Volume Shadow Copy ;c:\programdata\mswdat1032.exe [x] R2 VSS3232323232;Volume Shadow Copy ;c:\programdata\admparse32.exe [x] R2 VSS323232323232;Volume Shadow Copy ;c:\programdata\xactengine3_132.exe [x] R2 VSS32323232323232;Volume Shadow Copy ;c:\programdata\dot3api32.exe [x] R2 VSS3232323232323232;Volume Shadow Copy ;c:\programdata\tapi3232.exe [x] R2 VSS323232323232323232;Volume Shadow Copy ;c:\programdata\NlsLexicons004b32.exe [x] R2 VSS3232323232323232323232323232323232;Volume Shadow Copy ;c:\programdata\KBDYBA32.exe [x] R2 VSS323232323232323232323232323232323232;Volume Shadow Copy ;c:\programdata\AppIdPolicyEngineApi32.exe [x] R2 VSS32323232323232323232323232323232323232;Volume Shadow Copy ;c:\programdata\acppage32.exe [x] R2 VSS3232323232323232323232323232323232323232;Volume Shadow Copy ;c:\programdata\usbceip32.exe [x] R2 VSS323232323232323232323232323232323232323232;Volume Shadow Copy ;c:\programdata\mtxdm32.exe [x] R2 VSS32323232323232323232323232323232323232323232;Volume Shadow Copy ;c:\programdata\IPBusEnumProxy32.exe [x] R2 W32Time32;Windows Time ;c:\programdata\mfc100deu32.exe [x] R2 W32Time3232;Windows Time ;c:\programdata\ws2_3232.exe [x] R2 W32Time323232;Windows Time ;c:\programdata\KBDGRLND32.exe [x] R2 W32Time32323232;Windows Time ;c:\programdata\raschap32.exe [x] R2 WatAdminSvc32;Windows Activation Technologies Service ;c:\programdata\ACCTRES32.exe [x] R2 WatAdminSvc3232;Windows Activation Technologies Service ;c:\programdata\msvcrt32.exe [x] R2 WatAdminSvc323232;Windows Activation Technologies Service ;c:\programdata\ncobjapi32.exe [x] R2 WatAdminSvc32323232;Windows Activation Technologies Service ;c:\programdata\jscript32.exe [x] R2 WatAdminSvc3232323232;Windows Activation Technologies Service ;c:\programdata\CTXFIRES32.exe [x] R2 WatAdminSvc32323232323232;Windows Activation Technologies Service ;c:\programdata\mlang32.exe [x] R2 WatAdminSvc3232323232323232;Windows Activation Technologies Service ;c:\programdata\msxbde4032.exe [x] R2 WatAdminSvc323232323232323232;Windows Activation Technologies Service ;c:\programdata\mv_api32.exe [x] R2 WatAdminSvc32323232323232323232;Windows Activation Technologies Service ;c:\programdata\WinSyncProviders32.exe [x] R2 WatAdminSvc323232323232323232323232;Windows Activation Technologies Service ;c:\programdata\d3dx9_3432.exe [x] R2 WatAdminSvc32323232323232323232323232;Windows Activation Technologies Service ;c:\programdata\KBDINBEN32.exe [x] R2 wbengine32;Block Level Backup Engine Service ;c:\programdata\WsmAuto32.exe [x] R2 wbengine3232323232;Block Level Backup Engine Service ;c:\programdata\NlsLexicons001132.exe [x] R2 wbengine32323232323232;Block Level Backup Engine Service ;c:\programdata\xactengine3_732.exe [x] R2 WbioSrvc32;Windows Biometric Service ;c:\programdata\nvapi32.exe [x] R2 WbioSrvc32323232323232323232;Windows Biometric Service ;c:\programdata\sspicli32.exe [x] R2 WbioSrvc3232323232323232323232;Windows Biometric Service ;c:\programdata\uxlibres32.exe [x] R2 WbioSrvc323232323232323232323232;Windows Biometric Service ;c:\programdata\WinFax32.exe [x] R2 WbioSrvc32323232323232323232323232;Windows Biometric Service ;c:\programdata\Query32.exe [x] R2 wcncsvc32;Windows Connect Now - Config Registrar ;c:\programdata\cryptdll32.exe [x] R2 wcncsvc3232;Windows Connect Now - Config Registrar ;c:\programdata\migisol32.exe [x] R2 wcncsvc323232;Windows Connect Now - Config Registrar ;c:\programdata\mssrch32.exe [x] R2 WcsPlugInService32;Windows Color System ;c:\programdata\CTSPKHLP32.exe [x] R2 WcsPlugInService323232323232;Windows Color System ;c:\programdata\D3DCompiler_3932.exe [x] R2 WcsPlugInService32323232323232;Windows Color System ;c:\programdata\kbdgeoer32.exe [x] R2 WdiServiceHost32;Diagnostic Service Host ;c:\programdata\sqlsrv3232.exe [x] R2 WdiServiceHost3232;Diagnostic Service Host ;c:\programdata\ncrypt32.exe [x] R2 WdiServiceHost32323232323232323232;Diagnostic Service Host ;c:\programdata\mssitlb32.exe [x] R2 WdiServiceHost3232323232323232323232;Diagnostic Service Host ;c:\programdata\XpsGdiConverter32.exe [x] R2 WdiServiceHost323232323232323232323232;Diagnostic Service Host ;c:\programdata\security32.exe [x] R2 WdiSystemHost3232;Diagnostic System Host ;c:\programdata\spwinsat32.exe [x] R2 WdiSystemHost323232323232323232323232;Diagnostic System Host ;c:\programdata\secproc_ssp32.exe [x] R2 WebClient32;WebClient ;c:\programdata\neth32.exe [x] R2 WebClient3232;WebClient ;c:\programdata\fdBthProxy32.exe [x] R2 WebClient323232;WebClient ;c:\programdata\colbact32.exe [x] R2 WebClient32323232;WebClient ;c:\programdata\XPSSHHDR32.exe [x] R2 Wecsvc32;Windows Event Collector ;c:\programdata\mfc42u32.exe [x] R2 wercplsupport32;Problem Reports and Solutions Control Panel Support ;c:\programdata\LocationApi32.exe [x] R2 wercplsupport3232;Problem Reports and Solutions Control Panel Support ;c:\programdata\dot3ui32.exe [x] R2 wercplsupport32323232;Problem Reports and Solutions Control Panel Support ;c:\programdata\KBDHE22032.exe [x] R2 wercplsupport3232323232;Problem Reports and Solutions Control Panel Support ;c:\programdata\MP4SDECD32.exe [x] R2 wercplsupport323232323232;Problem Reports and Solutions Control Panel Support ;c:\programdata\sqlceoledb3032.exe [x] R2 wercplsupport32323232323232;Problem Reports and Solutions Control Panel Support ;c:\programdata\imagX732.exe [x] R2 wercplsupport3232323232323232;Problem Reports and Solutions Control Panel Support ;c:\programdata\d3dcsx_4232.exe [x] R2 wercplsupport323232323232323232;Problem Reports and Solutions Control Panel Support ;c:\programdata\negoexts32.exe [x] R2 WerSvc3232;Windows Error Reporting Service ;c:\programdata\osbaseln32.exe [x] R2 WinDefend32;Windows Defender ;c:\programdata\srclient32.exe [x] R2 WinHttpAutoProxySvc32;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\mprdim32.exe [x] R2 WinHttpAutoProxySvc32323232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\advapi3232.exe [x] R2 Winmgmt32;Windows Management Instrumentation ;c:\programdata\shimgvw32.exe [x] R2 Winmgmt32323232;Windows Management Instrumentation ;c:\programdata\mfcsubs32.exe [x] R2 Winmgmt323232323232;Windows Management Instrumentation ;c:\programdata\api-ms-win-core-debug-l1-1-032.exe [x] R2 WinRM32;Windows Remote Management (WS-Management) ;c:\programdata\tquery32.exe [x] R2 WinRM32323232;Windows Remote Management (WS-Management) ;c:\programdata\KBDMLT4832.exe [x] R2 WinRM323232323232;Windows Remote Management (WS-Management) ;c:\programdata\oleprn32.exe [x] R2 WinRM32323232323232;Windows Remote Management (WS-Management) ;c:\programdata\bitsprx432.exe [x] R2 WinRM32323232323232323232;Windows Remote Management (WS-Management) ;c:\programdata\pdhui32.exe [x] R2 WinRM3232323232323232323232;Windows Remote Management (WS-Management) ;c:\programdata\KBDMLT4732.exe [x] R2 WinRM32323232323232323232323232;Windows Remote Management (WS-Management) ;c:\programdata\PeerDist32.exe [x] R2 WinRM3232323232323232323232323232;Windows Remote Management (WS-Management) ;c:\programdata\catsrvut32.exe [x] R2 WMPNetworkSvc32;Windows Media Player Network Sharing Service ;c:\programdata\sppwmi32.exe [x] R2 WMPNetworkSvc3232;Windows Media Player Network Sharing Service ;c:\programdata\wlaninst32.exe [x] R2 WMPNetworkSvc323232;Windows Media Player Network Sharing Service ;c:\programdata\xactengine2_032.exe [x] R2 WMPNetworkSvc32323232;Windows Media Player Network Sharing Service ;c:\programdata\lxbcprox32.exe [x] R2 WMPNetworkSvc32323232323232323232;Windows Media Player Network Sharing Service ;c:\programdata\KBDES32.exe [x] R2 WMPNetworkSvc3232323232323232323232;Windows Media Player Network Sharing Service ;c:\programdata\pidgenx32.exe [x] R2 WMPNetworkSvc323232323232323232323232;Windows Media Player Network Sharing Service ;c:\programdata\EAXAC332.exe [x] R2 WPCSvc3232323232;Parental Controls ;c:\programdata\wlanapi32.exe [x] R2 WPCSvc323232323232;Parental Controls ;c:\programdata\EAPQEC32.exe [x] R2 WPDBusEnum32;Portable Device Enumerator Service ;c:\programdata\KBDYCL32.exe [x] R2 WSearch32323232;Windows Search ;c:\programdata\UXInit32.exe [x] R2 WSearch3232323232;Windows Search ;c:\programdata\mssprxy32.exe [x] R2 WSearch323232323232;Windows Search ;c:\programdata\NlsModels001132.exe [x] R2 WSearch3232323232323232;Windows Search ;c:\programdata\KBDHEPT32.exe [x] R2 WSearch3232323232323232323232;Windows Search ;c:\programdata\tapisrv32.exe [x] R2 WSearch323232323232323232323232;Windows Search ;c:\programdata\SSShim32.exe [x] R2 wuauserv3232;Windows Update ;c:\programdata\setupapi32.exe [x] R2 wuauserv323232;Windows Update ;c:\programdata\d3dx9_3532.exe [x] R2 wudfsvc32;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\loadperf32.exe [x] R2 wudfsvc32323232;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\kbd101c32.exe [x] R2 wudfsvc3232323232;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\schedcli32.exe [x] R2 wudfsvc323232323232;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\shacct32.exe [x] R2 wudfsvc3232323232323232;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\MediaMetadataHandler32.exe [x] R2 wudfsvc3232323232323232323232323232323232;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\d3dim70032.exe [x] R2 wudfsvc32323232323232323232323232323232323232;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\KBDHAU32.exe [x] R2 wudfsvc323232323232323232323232323232323232323232;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\dpnlobby32.exe [x] R2 WwanSvc32;WWAN AutoConfig ;c:\programdata\api-ms-win-core-interlocked-l1-1-032.exe [x] R2 WwanSvc3232;WWAN AutoConfig ;c:\programdata\api-ms-win-core-io-l1-1-032.exe [x] R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-09-10 79360] R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x] R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x] R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x] R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x] R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x] R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x] R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2009-02-26 16776] R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2009-02-26 9096] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-24 136176] R3 JLTECH0227;Dual Mode Camera;c:\windows\system32\Drivers\jl2005c.sys [x] R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x] R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x] R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys [x] R3 PsSdk41;PsSdk41;c:\windows\system32\Drivers\pssdk41.sys [x] R3 RivaTuner64;RivaTuner64;c:\program files (x86)\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTuner64.sys [2011-02-17 19952] R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 hotcore3;hc3ServiceName;c:\windows\system32\DRIVERS\hotcore3.sys [x] S0 mv61xx;mv61xx;c:\windows\system32\DRIVERS\mv61xx.sys [x] S0 SI3112r;ATI 436E SATARaid Controller;c:\windows\system32\DRIVERS\SI3112r.sys [x] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\NServiceEntry.exe [2011-02-25 87344] S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-11-04 810144] S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x] S2 lxbc_device;lxbc_device;c:\windows\system32\lxbccoms.exe [2007-03-16 566704] S2 Marvell RAID;Marvell RAID Event Agent;c:\program files (x86)\Marvell\raid\svc\mvraidsvc.exe [2008-05-22 147456] S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-01-27 226624] S2 MRUWebService;MRU Web Service;c:\program files (x86)\Marvell\raid\Apache2\bin\httpd.exe [2008-04-17 20539] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [x] S2 Realtek8185;Realtek8185;c:\program files (x86)\OEM\Wireless LAN Utility\RtlService.exe [2009-07-10 36864] S2 SiHbaWakeupService;Silicon Image HBA Wakeup Utility;c:\program files (x86)\Silicon Image\Silicon Image HBA Wakeup Utility\SiHbaWakeupService.exe [2009-07-28 62464] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256] S3 RTL8187B;NETGEAR WG111v3 Wireless-G USB Adapter Win7 Driver;c:\windows\system32\DRIVERS\wg111v3.sys [x] S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2009-08-20 17:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2011-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-24 15:38] . 2011-10-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-24 15:38] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-28 2919168] "combofix"="c:\combofix\CF4986.3XE" [2009-07-14 344576] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com/ mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\users\Pimp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk TCP: DhcpNameServer = 209.18.47.61 209.18.47.62 FF - ProfilePath - c:\users\Pimp\AppData\Roaming\Mozilla\Firefox\Profiles\qx37y8c5.default\ FF - prefs.js: browser.startup.homepage - hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 49939 FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: XUL Cache: {4fc741b6-c922-4d03-b8b7-dea86b2d4b13} - %profile%\extensions\{4fc741b6-c922-4d03-b8b7-dea86b2d4b13} FF - Ext: XUL Cache: {c58450c4-dffd-4f71-b2db-0f64b3c201a4} - %profile%\extensions\{c58450c4-dffd-4f71-b2db-0f64b3c201a4} FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS REMOVED - - - - . BHO-{13738661-61DE-4EAD-9D5E-0CAB644E03B7} - (no file) BHO-{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file) Wow6432Node-HKCU-Run-AdobeBridge - (no file) Wow6432Node-HKCU-Run-{0A8EA412-E054-C2AF-E02B-F339611C836D} - c:\users\Pimp\AppData\Roaming\Zosiu\oqdaelo.exe WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{51A86BB3-6602-4C85-92A5-130EE4864F13} - (no file) AddRemove-Atari800Win PLus - k:\5200\Atari800WinPLus\Uninstall.exe AddRemove-kat5200_is1 - k:\5200\KAT\kat5200\unins000.exe AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe AddRemove-Wubi - c:\ubuntu\uninstall-wubi.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1093729757-1913430965-4176635864-1000\Software\SecuROM\License information*] "datasecu"=hex:00,9e,ae,2a,0c,97,3c,27,7f,cb,f5,a5,eb,f4,c5,fb,73,79,dc,c3,d4, c4,7f,10,8a,6b,84,21,10,1a,90,bf,82,33,0e,5a,2d,03,28,06,ed,13,94,95,d9,f7,\ "rkeysecu"=hex:94,d0,ca,c2,58,8c,bc,b5,5c,21,59,0a,1a,f2,08,da . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10x_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10x.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\ESET\ESET Security\CurrentVersion\Info] @Denied: (2) (LocalSystem) "AppDataDir"="c:\\ProgramData\\ESET\\ESET Smart Security\\" "DataDir"="ESET\\ESET Smart Security\\" "EditionName"=" " "InstallDir"="c:\\Program Files\\ESET\\ESET Smart Security\\" "LanguageId"=dword:00000409 "PackageTag"=dword:00000000 "ProductBase"=dword:00000001 "ProductCode"="{57A55288-6BA7-47F4-9F6D-9E4086463471}" "ProductName"="ESET Smart Security" "ProductType"="ess" "ProductVersion"="4.2.67.10" "UniqueId"="00400B824E831B1C" "ScannerBuild"=dword:00001dd3 "ScannerVersionId"=dword:000015fe "ScannerVersion"="ready" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe c:\windows\SysWOW64\CTsvcCDA.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\OEM\Wireless LAN Utility\RtWlan.exe . ************************************************************************** . Completion time: 2011-10-14 15:22:53 - machine was rebooted ComboFix-quarantined-files.txt 2011-10-14 19:22 . Pre-Run: 140,558,336 bytes free Post-Run: 2,306,555,904 bytes free . - - End Of File - - CE7F8F3A66884B16D6D9A05115576E14

#4 mowman

SuperMember

Malware Team
2,669 posts

Posted 14 October 2011 - 06:27 PM

You have a backdoor infection.

Posted Image

Backdoor Threat

IMPORTANT NOTE: Unfortunatly One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?
When Should I Format, How Should I Reinstall

This looks pretty grim,the computer is really infected and I would suggest a reformat of your OS.

It is possible that it could still be cleaned but I cannot guarantee anything,let me know what you decide to do.

#5 ngarrett111

New Member

New Member
3 posts

Posted 16 October 2011 - 08:55 AM

I will go ahead and reformat it. I was rather hoping to avoid it, and posting here was my last attempt to fix it before reformat. Alas, it needed it anyways. I disconnected the wireless card on it, and am using my laptop with Ubuntu to post this. This is the computer I have been using to do anything important anyways. By the way, since you know what the infection is, is there a specific way to avoid it? I think I know the website it came from, but cannot be entirely sure. Is there any way to confirm it? Thanks again for looking into my issue, it is greatly appreciated. You're the greatest!

#6 mowman

SuperMember

Malware Team
2,669 posts

Posted 16 October 2011 - 10:05 AM

By the way, since you know what the infection is

You have/had

Tdl4 rootkit
ZeroAcess rootkit
Opencloud infection
Some sort of file infecter

As I said,we could have a go at cleaning it but I could not guarantee anything,we could spend hours on this and in the end still get nowhere.Reformat is the best route to take in my opinion.

#7 mowman

SuperMember

Malware Team
2,669 posts

Posted 19 October 2011 - 01:46 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatth...ed_t106388.html
and start a New Topic.

Body Background

skin color theme