GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

Slow Computer, BOO\TDss.m - asw and otl logs

View previous topic View next topic Go down

Slow Computer, BOOTDss.m - asw and otl logs

Post by Malicius on Sun May 08, 2011 2:58 am

Hello everyone.
First of all I'd like to present (first time posting here) and thanking you all for the work you do. It's very difficult to find someone who helps you free with these kinds of think. Smile

Second: my problem.
I've revealed - in these past days - that my computer is acting more slowly. Yesterday I've run a scan with Avira and it found out that I'm infected with two "BOO/TDss.m" files. I couldn't find anything on the web, so I hoped you could help me.

Here I go with the logs of OTL and aswMBR, as asked in the topic.
Thanks.


----------------------------------------------------------------------------------------------------------------------------

aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-05-08 00:34:33
-----------------------------
00:34:33.469 OS Version: Windows x64 6.0.6002 Service Pack 2
00:34:33.469 Number of processors: 2 586 0x170A
00:34:33.485 ComputerName: PC-SIMONE UserName: Simone
00:34:41.706 Initialize success
00:35:01.081 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
00:35:01.081 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
00:35:01.097 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000006c
00:35:01.097 Disk 1 Vendor: RICOH 01 Size: 476940MB BusType: 0
00:35:01.097 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000006d
00:35:01.112 Disk 2 Vendor: RICOH 02 Size: 476940MB BusType: 0
00:35:01.112 Device \Driver\iaStor -> MajorFunction fffffa80083466c0
00:35:01.128 Disk 0 MBR read error 0
00:35:01.128 Disk 0 MBR scan
00:35:01.143 Disk 0 unknown MBR code
00:35:01.143 MBR BIOS signature not found 0
00:35:01.159 Service scanning
00:35:03.702 Disk 0 trace - called modules:
00:35:03.702 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys >>UNKNOWN [0xfffffa80083466c0]<<
00:35:03.717 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008082790]
00:35:03.733 3 CLASSPNP.SYS[fffffa60012a5c33] -> nt!IofCallDriver -> [0xfffffa8006402840]
00:35:03.749 5 acpi.sys[fffffa6000ba6fde] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006461050]
00:35:03.749 \Driver\iaStor[0xfffffa800833a360] -> IRP_MJ_CREATE -> 0xfffffa80083466c0
00:35:03.764 Scan finished successfully
00:35:55.665 Disk 0 MBR has been saved successfully to "C:\Users\Simone\Desktop\MBR.dat"
00:35:55.681 The log file has been saved successfully to "C:\Users\Simone\Desktop\aswMBR.txt"



---------------------------------------------------------------------------------------------------------------------------------------

OTL logfile created on: 08/05/2011 1.31.34 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Simone\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00000410 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 60,00% Memory free
12,00 Gb Paging File | 9,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,05 Gb Total Space | 79,71 Gb Free Space | 17,67% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: PC-SIMONE | User Name: Simone | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/05/08 00.23.48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Simone\Desktop\OTL.com
PRC - [2011/05/07 03.51.46 | 000,383,216 | ---- | M] () -- C:\Users\Simone\AppData\Roaming\cacaoweb\cacaoweb.exe
PRC - [2011/04/30 13.48.13 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/04/14 21.27.20 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/04/06 11.21.04 | 000,310,784 | ---- | M] (POService) -- C:\Users\Public\Documents\PowerOffer\POService.exe
PRC - [2010/12/06 09.48.23 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/11/17 11.28.40 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2010/04/01 11.16.20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009/12/08 21.29.44 | 000,240,992 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
PRC - [2009/07/23 23.25.12 | 002,754,048 | ---- | M] (SpeedBit Ltd.) -- C:\Program Files (x86)\DAP\DAP.exe
PRC - [2009/07/13 23.18.12 | 000,071,096 | ---- | M] () -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
PRC - [2009/05/15 13.18.51 | 000,026,112 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
PRC - [2009/04/10 23.27.30 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\conime.exe
PRC - [2009/01/21 10.07.42 | 000,313,264 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2009/01/21 10.07.42 | 000,192,512 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2009/01/19 12.49.24 | 000,203,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2009/01/19 12.49.24 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2009/01/14 13.38.38 | 005,184,872 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
PRC - [2008/12/18 10.53.50 | 000,317,288 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2008/12/08 15.16.56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/11/04 11.39.20 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008/09/18 10.59.10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2007/03/29 15.41.26 | 000,222,128 | ---- | M] (Macrovision Corporation) -- C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
PRC - [2007/01/04 19.48.50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/03/11 21.49.16 | 000,221,184 | ---- | M] () -- C:\Program Files (x86)\FlashMute\flashmute.exe


========== Modules (SafeList) ==========

MOD - [2011/05/08 00.23.48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Simone\Desktop\OTL.com
MOD - [2010/08/31 17.43.52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2006/03/11 21.49.16 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\FlashMute\mutelib.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/02/26 03.30.19 | 001,038,088 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2009/03/11 22.04.56 | 000,949,248 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2009/01/19 16.43.04 | 000,394,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2009/01/16 21.59.12 | 000,110,376 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2008/12/21 21.55.12 | 000,361,472 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\sony\Network Utility\NSUService.exe -- (NSUService)
SRV:64bit: - [2008/12/19 15.02.10 | 000,411,496 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2008/04/28 02.00.38 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2011/04/30 13.48.13 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirScheduler)
SRV - [2011/04/14 21.27.20 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/02/26 03.29.51 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 14.16.28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11.19.26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/12/16 19.26.00 | 003,453,712 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2009/10/20 20.19.48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2009/07/16 17.04.16 | 000,316,664 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/07/13 23.18.12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2009/03/29 21.42.16 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/05 12.41.46 | 000,091,432 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe -- (SOHPlMgr)
SRV - [2009/02/05 12.41.44 | 000,390,440 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2009/02/05 12.41.44 | 000,120,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2009/02/05 12.41.44 | 000,075,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2009/02/05 12.41.44 | 000,070,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe -- (SOHDBSvr)
SRV - [2009/01/24 12.23.16 | 000,839,720 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programmi\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/01/21 10.07.44 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2009/01/21 10.07.42 | 000,313,264 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2009/01/21 10.07.42 | 000,192,512 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2009/01/19 12.49.24 | 000,203,624 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2009/01/14 13.38.38 | 005,184,872 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2009/01/08 00.10.32 | 000,114,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2009/01/06 04.13.13 | 000,141,344 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Programmi\Realtek\Audio\HDA\RtkAudioService64.exe -- (RtkAudioService)
SRV - [2008/12/08 15.16.56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Disabled | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/11/04 11.39.20 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2008/09/18 10.59.10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Disabled | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2008/08/20 17.16.10 | 001,449,984 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programmi\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/08/20 16.39.28 | 000,826,368 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programmi\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2007/01/04 19.48.50 | 000,112,152 | ---- | M] (InterVideo) [Disabled | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2005/11/17 14.18.52 | 001,527,900 | ---- | M] (MAGIX®) [Disabled | Stopped] -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/12/06 09.48.50 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:64bit: - [2010/12/06 09.48.50 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010/08/04 14.13.53 | 000,502,256 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/04/19 21.47.42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/02/17 16.52.42 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2010/02/17 16.45.32 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/12/30 12.21.24 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\revoflt.sys -- (Revoflt)
DRV:64bit: - [2009/10/20 20.19.54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/10/01 02.51.42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/02 11.26.40 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\atksgt.sys -- (atksgt)
DRV:64bit: - [2009/09/02 11.26.40 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/05/18 15.17.08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/03/11 22.05.02 | 005,171,712 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/03/10 22.44.18 | 000,191,392 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/02/10 22.02.06 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009/02/10 22.02.05 | 000,133,672 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009/02/10 22.02.05 | 000,095,784 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009/02/10 22.01.43 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2008/12/08 17.21.18 | 000,167,424 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbnet.sys -- (ZTEusbnet)
DRV:64bit: - [2008/12/08 17.21.18 | 000,150,784 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2008/12/08 17.21.18 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbvoice.sys -- (ZTEusbvoice)
DRV:64bit: - [2008/12/08 17.21.18 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2008/12/08 17.21.18 | 000,150,656 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2008/12/08 17.21.18 | 000,011,776 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\massfilter.sys -- (massfilter)
DRV:64bit: - [2008/11/19 02.08.46 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SFEP.sys -- (SFEP)
DRV:64bit: - [2008/10/23 02.02.17 | 000,085,504 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rimssn64.sys -- (rimsptsk)
DRV:64bit: - [2008/10/23 02.02.08 | 000,076,288 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\risdsn64.sys -- (risdptsk)
DRV:64bit: - [2008/08/28 23.57.24 | 004,745,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008/07/18 02.05.52 | 000,193,072 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/06/16 03.00.00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008/05/28 12.23.40 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wimfltr.sys -- (WimFltr)
DRV:64bit: - [2008/04/30 02.03.13 | 000,388,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/04/28 02.00.52 | 000,391,680 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008/04/28 02.00.38 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2008/04/28 02.00.35 | 001,511,936 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/04/28 02.00.35 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2008/04/28 02.00.33 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/04/28 02.00.33 | 000,300,032 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2008/04/24 14.06.42 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008/03/17 11.06.14 | 000,115,328 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2008/01/21 04.46.57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/21 04.46.55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2007/04/16 20.51.50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2006/11/30 00.24.49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wanatw64.sys -- (wanatw) WAN Miniport (ATW)
DRV:64bit: - [2006/09/18 23.36.24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV - [2008/11/25 00.41.52 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\DMICall.sys -- (DMICall)
DRV - [2008/08/14 08.57.42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2005/02/01 21.55.40 | 000,037,009 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Gravity\RO\npkcusb.sys -- (npkcusb)
DRV - [2005/01/03 17.43.08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKLM\..\URLSearchHook: {e3393495-8103-46a0-8181-270273eddd60} - C:\Program Files (x86)\Softonic-IT\tbSoft.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://bksly.startya.com/?cfg=2-564-0-0&engine_id=3&provider_id=3&product_id=564&country=IT"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.11
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.1.3
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0.12
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:3.2.1.3
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:0.4
FF - prefs.js..extensions.enabledItems: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:9.2.0.5
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {e3393495-8103-46a0-8181-270273eddd60}:3.2.1.3
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.2
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=VIATDF&PC=VIATDF&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Bing"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://www.bing.com/search?FORM=VIATDF&PC=VIATDF&q="
FF - prefs.js..browser.startup.homepage: "http://search.findeer.it/"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.bing.com/search?FORM=VIATDF&PC=VIATDF&q="


FF - HKLM\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\Firefox [2010/07/11 23.04.10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/07/13 03.01.58 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\powerofferffx@poweroffer.net: C:\Users\Public\Documents\PowerOffer\powerofferffx@poweroffer.net [2011/01/22 21.06.21 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\offerboxffx@offerbox.com: C:\Program Files (x86)\OfferBox\offerboxffx@offerbox.com
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/02/14 02.53.51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.16\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/02/28 13.21.59 | 000,000,000 | ---D | M]

[2009/07/30 18.45.03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simone\AppData\Roaming\mozilla\Extensions
[2011/05/07 20.36.01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Simone\AppData\Roaming\mozilla\Firefox\Profiles\kp6vp8wi.default\extensions
[2009/09/03 20.42.25 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Simone\AppData\Roaming\mozilla\Firefox\Profiles\kp6vp8wi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/12/13 16.01.22 | 000,000,000 | ---D | M] (Softonic-IT Community Toolbar) -- C:\Users\Simone\AppData\Roaming\mozilla\Firefox\Profiles\kp6vp8wi.default\extensions\{e3393495-8103-46a0-8181-270273eddd60}
[2011/01/22 21.14.19 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Simone\AppData\Roaming\mozilla\Firefox\Profiles\kp6vp8wi.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011/05/04 17.33.34 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Simone\AppData\Roaming\mozilla\Firefox\Profiles\kp6vp8wi.default\extensions\cacaoweb@cacaoweb.org
[2011/01/04 00.32.19 | 000,000,000 | ---D | M] ("DetecVideo") -- C:\Users\Simone\AppData\Roaming\mozilla\Firefox\Profiles\kp6vp8wi.default\extensions\delatv@detectvideo.com
[2010/12/13 16.01.21 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Simone\AppData\Roaming\mozilla\Firefox\Profiles\kp6vp8wi.default\extensions\engine@conduit.com
[2011/04/26 14.32.48 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Simone\AppData\Roaming\mozilla\Firefox\Profiles\kp6vp8wi.default\extensions\ffxtlbr@babylon.com
[2011/04/26 14.33.01 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\Simone\AppData\Roaming\mozilla\Firefox\Profiles\kp6vp8wi.default\extensions\support@predictad.com
[2010/07/12 00.46.31 | 000,001,842 | ---- | M] () -- C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\kp6vp8wi.default\searchplugins\bing.xml
[2010/06/08 14.58.12 | 000,000,261 | ---- | M] () -- C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\kp6vp8wi.default\searchplugins\Search.xml
[2011/01/22 21.14.16 | 000,003,915 | ---- | M] () -- C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\kp6vp8wi.default\searchplugins\sweetim.xml
[2011/02/06 05.23.14 | 000,001,058 | ---- | M] () -- C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\kp6vp8wi.default\searchplugins\yahoo-zugo.xml
[2009/07/30 18.39.33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2009/07/23 23.25.15 | 000,000,000 | ---D | M] (Download Accelerator Plus Integration) -- C:\PROGRAM FILES (X86)\DAP\DAPFIREFOX
[2011/01/22 21.06.21 | 000,000,000 | ---D | M] (PowerOffer) -- C:\USERS\PUBLIC\DOCUMENTS\POWEROFFER\POWEROFFERFFX@POWEROFFER.NET
[2009/11/16 14.43.22 | 000,001,412 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\demauro.xml
[2010/11/02 22.25.37 | 000,000,744 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-it.xml
[2010/11/02 22.25.38 | 000,000,825 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\hoepli.xml
[2010/11/02 22.25.38 | 000,001,182 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-it.xml
[2010/11/02 22.25.38 | 000,000,649 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-it.xml

O1 HOSTS File: ([2011/03/29 15.45.59 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmi\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmi\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files (x86)\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (PowerOffer) - {3543619C-D563-43f7-95EA-4DA7E1CC396A} - C:\Users\Public\Documents\PowerOffer\PowerOfferBHO.dll ()
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (MSN Toolbar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Softonic-IT Toolbar) - {e3393495-8103-46a0-8181-270273eddd60} - C:\Program Files (x86)\Softonic-IT\tbSoft.dll (Conduit Ltd.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\PROGRA~2\DAP\DAPIEL~1.DLL (SpeedBit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Softonic-IT Toolbar) - {e3393495-8103-46a0-8181-270273eddd60} - C:\Program Files (x86)\Softonic-IT\tbSoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic-IT Toolbar) - {E3393495-8103-46A0-8181-270273EDDD60} - C:\Program Files (x86)\Softonic-IT\tbSoft.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programmi\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Programmi\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] C:\Programmi\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AML] C:\Program Files (x86)\Sony\VAIO Launcher\AML.exe (Sony)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [MSN Toolbar] C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [cacaoweb] C:\Users\Simone\AppData\Roaming\cacaoweb\cacaoweb.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DownloadAccelerator] C:\Program Files (x86)\DAP\DAP.EXE (SpeedBit Ltd.)
O4 - HKCU..\Run: [FlashMute] C:\Program Files (x86)\FlashMute\FlashMute.exe ()
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [NSUFloatingUI] C:\Program Files\Sony\Network Utility\LANUtil.exe (Sony Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WMPNSCFG] File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm ()
O8:64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8:64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8:64bit: - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm ()
O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Invia immagine alla periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Invia pagina alla periferica &Bluetooth... - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Ricerche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Invia a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Invia a periferica &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmi\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {140E4DF8-9E14-4A34-9577-C77561ED7883} [You must be registered and logged in to see this link.] (SysInfo Class)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} [You must be registered and logged in to see this link.] (Checkers Class)
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} [You must be registered and logged in to see this link.] ()
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_14)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} [You must be registered and logged in to see this link.] (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_14)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_14)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} [You must be registered and logged in to see this link.] (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.101.93.101 83.103.25.250
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\VAIO 08 img6 Wallpaper 1920x1080.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\VAIO 08 img6 Wallpaper 1920x1080.jpg
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


MsConfig:64bit - State: "services" - Reg Error: Key error.


Malicius
Novice
Novice

Status :
Online
Offline

Posts : 5
Joined : 2011-05-07
OS : Windows Vista
Points : 20421
# Likes : 0

View user profile

Back to top Go down

Re: Slow Computer, BOO\TDss.m - asw and otl logs

Post by Malicius on Sun May 08, 2011 2:59 am



SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WudfPf - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {37921974-C0CD-8456-C0EE-3F1406A023F4} - Themes Setup
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {F5DB39C6-F0A8-2C65-95F1-EA073F2D5A90} - Internet Explorer
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5A604D2C-E968-429B-8327-62B5CE52126D} - .NET Framework
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B8BEDD43-9E83-38ED-5899-53F5854FA87C} - Microsoft Windows Media Player
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.bdmpeg - C:\Windows\SysWow64\bdmpega.acm ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.dvsd - C:\Program Files (x86)\Common Files\Sony Shared\VideoLib\sonydv.dll (Sony Corporation)
Drivers32: vidc.mpeg - C:\Windows\SysWow64\bdmpegv.dll ()
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/05/08 00.25.45 | 000,589,632 | ---- | C] (AVAST Software) -- C:\Users\Simone\Desktop\aswMBR.exe
[2011/05/08 00.23.46 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Simone\Desktop\OTL.com
[2011/05/07 04.21.04 | 000,000,000 | ---D | C] -- C:\Users\Simone\AppData\Local\SvchostViewer
[2011/05/07 04.17.50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011/05/04 14.23.35 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011/05/03 14.54.26 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2011/05/03 14.54.26 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2011/05/03 14.54.24 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2011/05/01 22.13.14 | 000,000,000 | ---D | C] -- C:\Users\Simone\AppData\Roaming\cacaoweb
[2011/04/27 11.32.53 | 001,653,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011/04/27 11.32.53 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011/04/27 11.32.49 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2011/04/27 11.32.49 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2011/04/27 11.32.49 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2011/04/27 11.32.48 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2011/04/26 17.57.26 | 000,000,000 | ---D | C] -- C:\Users\Simone\Desktop\Playlist Classica
[2011/04/26 14.32.59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AutocompletePro
[2011/04/26 14.32.57 | 000,000,000 | ---D | C] -- C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free WAV to MP3 Converter
[2011/04/26 14.32.56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free WAV to MP3 Converter
[2011/04/26 14.32.47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabylonToolbar
[2011/04/23 11.52.41 | 000,000,000 | ---D | C] -- C:\Users\Simone\AppData\Roaming\InstallShield
[2011/04/23 11.39.17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firaxis Games
[2011/04/20 01.58.58 | 000,000,000 | ---D | C] -- C:\Users\Simone\Desktop\MP3SkypeRecorder
[2011/04/20 01.55.10 | 000,000,000 | ---D | C] -- C:\Users\Simone\AppData\Roaming\MP3SkypeRecorder
[2011/04/20 01.55.10 | 000,000,000 | ---D | C] -- C:\Users\Simone\AppData\Local\Alexander_Nikiforov
[2011/04/20 01.54.33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MP3 Skype Recorder
[2011/04/18 08.29.04 | 000,000,000 | ---D | C] -- C:\Users\Simone\Desktop\Appunti
[2011/04/17 17.24.48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
[2011/04/17 17.22.48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDex
[2011/04/15 20.46.20 | 000,000,000 | ---D | C] -- C:\Users\Simone\Desktop\SOLO ATTIVATORE
[2011/04/15 06.07.05 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011/04/15 06.07.03 | 000,000,000 | ---D | C] -- C:\Users\Simone\Documents\Electronic Arts
[2011/04/14 22.14.33 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/04/14 22.14.33 | 000,726,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/04/14 22.14.33 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/04/14 22.14.30 | 001,063,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2011/04/14 22.14.30 | 000,991,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2011/04/14 22.14.30 | 000,979,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2011/04/14 22.14.29 | 001,076,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2011/04/14 22.14.29 | 000,020,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdusb.dll
[2011/04/14 22.14.29 | 000,018,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kd1394.dll
[2011/04/14 22.14.29 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kdcom.dll
[2011/04/14 22.12.50 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/04/14 22.12.49 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/04/14 22.12.49 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/04/14 22.12.49 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/04/14 22.12.49 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/04/14 22.12.49 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/04/14 22.12.49 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/04/14 22.12.49 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/04/14 22.12.49 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/04/14 22.12.49 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/04/14 22.12.49 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/04/14 22.12.48 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/04/14 22.12.48 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/04/14 22.12.48 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/04/14 22.12.48 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/04/14 22.12.48 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/04/14 22.12.48 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/04/14 22.12.48 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/04/14 22.12.48 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/04/14 22.12.48 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/04/14 22.12.48 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/04/14 22.12.48 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/04/14 22.12.48 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/04/14 22.12.48 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/04/14 22.12.48 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/04/14 22.12.48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/04/14 22.12.48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/04/14 22.12.48 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/04/14 22.12.41 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2011/04/14 22.12.41 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2011/04/14 22.12.41 | 000,048,128 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2011/04/14 22.12.41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2011/04/14 22.12.37 | 001,398,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42.dll
[2011/04/14 22.12.37 | 001,360,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfc42u.dll
[2011/04/14 22.12.37 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42u.dll
[2011/04/14 22.12.36 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc42.dll
[2011/04/14 22.10.15 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2011/04/14 22.10.15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnscacheugc.exe
[2011/04/14 22.10.15 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dnscacheugc.exe
[54 C:\Users\Simone\Desktop\*.tmp files -> C:\Users\Simone\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Simone\*.tmp files -> C:\Users\Simone\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/05/08 01.38.01 | 000,580,608 | ---- | M] () -- C:\Users\Simone\Desktop\OTL_1.com.dap
[2011/05/08 01.12.04 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/05/08 01.07.16 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 01.07.16 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/08 00.35.55 | 000,000,512 | ---- | M] () -- C:\Users\Simone\Desktop\MBR.dat
[2011/05/08 00.25.46 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Simone\Desktop\aswMBR.exe
[2011/05/08 00.23.48 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Simone\Desktop\OTL.com
[2011/05/07 15.07.24 | 000,001,146 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/05/07 15.06.38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/07 15.06.32 | 2112,905,215 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/07 04.35.29 | 000,001,604 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/05/07 02.47.57 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/05/07 02.34.16 | 000,088,576 | ---- | M] () -- C:\Users\Simone\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/04 14.54.28 | 000,000,774 | ---- | M] () -- C:\Users\Simone\Documents\L.reg
[2011/05/02 01.39.50 | 001,615,564 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/05/02 01.39.50 | 000,711,170 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2011/05/02 01.39.50 | 000,630,824 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/05/02 01.39.50 | 000,140,792 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2011/05/02 01.39.50 | 000,117,588 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/04/28 08.06.45 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/26 14.47.38 | 004,865,077 | ---- | M] () -- C:\Users\Simone\Desktop\Moszkovski - Suite OP. 71 (Molto Vivace).mp3
[2011/04/26 14.30.43 | 016,464,044 | ---- | M] () -- C:\Users\Simone\Desktop\10-AudioTrack 10.wav
[2011/04/26 14.29.58 | 000,002,469 | ---- | M] () -- C:\Users\Public\Desktop\MP3 Skype Recorder.lnk
[2011/04/23 13.48.29 | 000,002,179 | ---- | M] () -- C:\Users\Simone\Desktop\Fall from Heaven 2.lnk
[2011/04/23 12.39.16 | 000,001,404 | ---- | M] () -- C:\Users\Simone\Desktop\Civ4BeyondSword.exe - collegamento.lnk
[2011/04/23 11.55.08 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Avvia Sid Meier's Civilization 4.lnk
[2011/04/22 19.11.49 | 001,702,700 | ---- | M] () -- C:\Users\Simone\Desktop\Composizione3.wav
[2011/04/22 19.10.24 | 006,641,196 | ---- | M] () -- C:\Users\Simone\Desktop\Composizione1.wav
[2011/04/20 00.39.10 | 001,592,938 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/04/17 17.29.26 | 003,497,611 | ---- | M] () -- C:\Users\Simone\Desktop\Claude Debussy - Toccata.mp3
[2011/04/15 22.36.40 | 000,099,026 | ---- | M] () -- C:\Users\Simone\Documents\vlc-record-2011-04-15-22h36m38s-009.part-.asf
[2011/04/15 15.55.47 | 003,322,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/04/15 05.28.37 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\The Sims™ Medieval.lnk
[2011/04/14 21.29.26 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[54 C:\Users\Simone\Desktop\*.tmp files -> C:\Users\Simone\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Simone\*.tmp files -> C:\Users\Simone\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/05/08 00.35.55 | 000,000,512 | ---- | C] () -- C:\Users\Simone\Desktop\MBR.dat
[2011/05/07 04.35.29 | 000,001,604 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2011/05/04 14.54.28 | 000,000,774 | ---- | C] () -- C:\Users\Simone\Documents\L.reg
[2011/04/26 14.47.22 | 004,865,077 | ---- | C] () -- C:\Users\Simone\Desktop\Moszkovski - Suite OP. 71 (Molto Vivace).mp3
[2011/04/26 14.30.23 | 016,464,044 | ---- | C] () -- C:\Users\Simone\Desktop\10-AudioTrack 10.wav
[2011/04/23 13.48.29 | 000,002,179 | ---- | C] () -- C:\Users\Simone\Desktop\Fall from Heaven 2.lnk
[2011/04/23 12.17.44 | 000,001,404 | ---- | C] () -- C:\Users\Simone\Desktop\Civ4BeyondSword.exe - collegamento.lnk
[2011/04/23 11.39.17 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Avvia Sid Meier's Civilization 4.lnk
[2011/04/22 19.11.43 | 001,702,700 | ---- | C] () -- C:\Users\Simone\Desktop\Composizione3.wav
[2011/04/22 19.10.01 | 006,641,196 | ---- | C] () -- C:\Users\Simone\Desktop\Composizione1.wav
[2011/04/20 01.54.34 | 000,002,595 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3 Skype Recorder.lnk
[2011/04/20 01.54.34 | 000,002,469 | ---- | C] () -- C:\Users\Public\Desktop\MP3 Skype Recorder.lnk
[2011/04/17 17.29.16 | 003,497,611 | ---- | C] () -- C:\Users\Simone\Desktop\Claude Debussy - Toccata.mp3
[2011/04/15 22.36.40 | 000,099,026 | ---- | C] () -- C:\Users\Simone\Documents\vlc-record-2011-04-15-22h36m38s-009.part-.asf
[2011/04/15 05.28.37 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\The Sims™ Medieval.lnk
[2011/03/29 15.27.20 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/03/29 15.27.20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/03/29 15.27.20 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/03/29 15.27.20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/03/29 15.27.20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/02/27 23.06.24 | 000,000,298 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2011/01/22 21.11.25 | 000,815,104 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/01/22 21.11.24 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/11/29 01.47.32 | 000,000,600 | ---- | C] () -- C:\Users\Simone\AppData\Roaming\winscp.rnd
[2010/11/27 18.11.20 | 000,004,096 | -H-- | C] () -- C:\Users\Simone\AppData\Local\keyfile3.drm
[2010/10/17 23.59.43 | 000,000,680 | ---- | C] () -- C:\Users\Simone\AppData\Local\d3d9caps.dat
[2010/08/12 13.02.14 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010/05/16 19.59.40 | 000,000,028 | ---- | C] () -- C:\Windows\Robota.INI
[2010/05/16 19.58.41 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2010/05/16 19.57.35 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010/05/16 19.42.52 | 000,006,621 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010/05/16 19.24.48 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2010/04/10 16.42.18 | 000,015,304 | -HS- | C] () -- C:\Users\Simone\AppData\Local\k2IQ0LMb2L
[2010/04/10 16.42.18 | 000,015,304 | -HS- | C] () -- C:\ProgramData\k2IQ0LMb2L
[2010/03/08 20.29.00 | 000,000,680 | ---- | C] () -- C:\Users\Simone\AppData\Roaming\MPQEditor.ini
[2009/11/08 17.20.15 | 000,000,063 | ---- | C] () -- C:\Windows\WININIT.INI
[2009/10/20 20.19.30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/10/17 17.48.52 | 000,175,933 | ---- | C] () -- C:\Windows\hpoins21.dat
[2009/10/17 17.48.52 | 000,007,262 | ---- | C] () -- C:\Windows\hpomdl21.dat
[2009/09/10 12.50.06 | 001,615,564 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/07/30 18.44.58 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/07/28 14.54.42 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2009/07/26 21.27.47 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009/07/24 00.38.03 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/24 00.37.16 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/07/24 00.36.02 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/07/23 01.44.37 | 000,088,576 | ---- | C] () -- C:\Users\Simone\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/20 16.35.29 | 000,000,424 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/07/09 03.03.02 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2009/05/15 13.30.09 | 000,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2009/05/15 13.00.45 | 000,003,871 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
[2009/03/24 04.22.02 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/03/24 03.34.00 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/03/24 03.15.42 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/12/08 17.21.36 | 000,137,196 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2008/08/20 15.45.46 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml
[2008/01/21 04.50.05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 17.37.05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 14.37.14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 14.24.17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 14.18.17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 11.47.54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2003/04/01 11.49.16 | 000,005,360 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2002/09/18 00.45.00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe
[1774/08/29 17.22.32 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2006/11/02 17.06.41 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 17.06.41 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 17.06.41 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/07/24 01.33.12 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 23.35.48 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/21 05.21.59 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/11/10 20.00.14 | 000,000,574 | -HS- | M] () -- C:\Users\Simone\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/05/08 00.25.46 | 000,589,632 | ---- | M] (AVAST Software) -- C:\Users\Simone\Desktop\aswMBR.exe
[54 C:\Users\Simone\Desktop\*.tmp files -> C:\Users\Simone\Desktop\*.tmp -> ]

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2010/01/25 16.51.15 | 122,890,112 | ---- | M] (Acresso Software Inc.) -- C:\Users\Simone\Sims3_1.6.6.002002_from_1.0.631.00002.exe
[2009/09/30 20.37.28 | 005,415,160 | ---- | M] (Haemimont Games) -- C:\Users\Simone\tropico3.exe
[1 C:\Users\Simone\*.tmp files -> C:\Users\Simone\*.tmp -> ]

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/12/12 15.02.10 | 000,122,328 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
[2010/12/12 15.02.11 | 000,910,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
[2010/12/12 15.02.12 | 000,246,744 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/11/15 18.38.12 | 000,000,402 | -HS- | M] () -- C:\Users\Simone\Favorites\desktop.ini
[2011/04/14 21.28.16 | 000,000,468 | ---- | M] () -- C:\Users\Simone\Favorites\NCH Audio and Telephony Software.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2008/08/20 15.45.46 | 000,020,270 | ---- | M] () -- C:\ProgramData\DeviceInstaller.xml
[2008/12/08 17.21.36 | 000,137,196 | R--- | M] () -- C:\ProgramData\DeviceManager.xml.rc4
[2009/10/17 18.15.56 | 000,001,546 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2010/04/10 16.44.07 | 000,015,304 | -HS- | M] () -- C:\ProgramData\k2IQ0LMb2L

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 13.31.42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtmsft.dll
[2009/03/08 13.31.37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\dxtrans.dll
[2011/02/22 08.16.39 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\iepeers.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.sys >
[2005/01/03 17.43.08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWOW64\npptNT2.sys

< %systemroot%\system32\drivers\*.dll >

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %SYSTEMDRIVE%\*.* >
[2009/08/17 19.55.46 | 000,057,344 | ---- | M] () -- C:\1040.MST
[2011/02/23 03.39.58 | 000,000,000 | ---- | M] () -- C:\AdobeDebug.txt
[2009/04/10 23.36.38 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2009/03/24 12.01.45 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/03/29 15.49.38 | 000,030,841 | ---- | M] () -- C:\ComboFix.txt
[2010/09/03 00.34.40 | 000,000,000 | ---- | M] () -- C:\ctapi_out_gr.txt
[2011/02/06 01.10.16 | 000,540,672 | ---- | M] () -- C:\Dance through the war.mp3
[2007/11/07 09.00.40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 09.00.40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 09.00.40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 09.00.40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 09.00.40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 09.00.40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 09.00.40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 09.00.40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 09.00.40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 09.00.40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2011/05/07 15.06.32 | 2112,905,215 | -HS- | M] () -- C:\hiberfil.sys
[2010/07/13 19.51.05 | 000,049,152 | ---- | M] () -- C:\Ilikebigbutts.mp3
[2007/11/07 09.00.40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 09.03.18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 09.03.18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 09.03.18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 09.03.18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 09.03.18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 09.03.18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 09.03.18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 09.03.18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 09.03.18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2009/05/15 12.56.05 | 000,000,187 | ---- | M] () -- C:\Installer_Setup.log
[2010/11/23 20.12.58 | 000,002,522 | -H-- | M] () -- C:\IPH.PH
[2010/11/27 18.55.53 | 000,131,165 | ---- | M] () -- C:\ituneslib.itl
[2004/02/29 17.44.34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
[2011/02/27 23.07.07 | 000,000,589 | -H-- | M] () -- C:\os678647.bin
[2011/05/07 15.06.28 | 2426,519,551 | -HS- | M] () -- C:\pagefile.sys
[2011/03/12 14.40.07 | 000,524,410 | ---- | M] () -- C:\Pokemon Versione Bianca [ITA] By Evilray.dsv
[2009/03/24 04.24.14 | 000,001,929 | ---- | M] () -- C:\RHDSetup.log
[2010/04/10 16.56.15 | 000,000,359 | ---- | M] () -- C:\rkill.log
[2010/07/13 19.45.07 | 000,049,152 | ---- | M] () -- C:\Sir Mix A Lot - Baby Got Back (I Like Big Butts).mp3
[2007/11/07 09.00.40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2009/05/15 12.49.07 | 000,474,654 | ---- | M] () -- C:\vcredist_x86.log
[2007/11/07 09.09.22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 09.12.28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
[2009/08/17 19.55.50 | 011,726,336 | ---- | M] () -- C:\Vodafone Mobile Connect Lite.msi

< %PROGRAMFILES%\*. >
[2010/01/13 14.24.58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\1C Company
[2011/03/12 23.48.01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AbiWord
[2009/10/12 17.43.49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Accessing the MapPoint ActiveX Control in Visual Basic Sample
[2009/07/23 12.25.51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Activision
[2011/02/26 03.40.02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/01/17 18.10.50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe Media Player
[2010/02/24 09.43.02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Allods
[2010/12/13 16.01.18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Amaya
[2010/06/20 01.13.50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\aMSN
[2011/01/23 14.27.23 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Angels Online
[2010/11/06 21.15.18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2009/05/15 13.30.28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ArcSoft
[2010/02/04 15.35.14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Atari
[2010/08/15 15.08.08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ATI Technologies
[2009/07/23 13.06.49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)
[2011/04/26 14.33.00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AutocompletePro
[2011/02/14 14.26.10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Avira
[2011/04/26 14.32.47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BabylonToolbar
[2010/11/21 00.15.11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BandiMPEG1
[2010/10/30 12.39.35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bethesda Softworks
[2010/11/06 21.11.13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Bonjour
[2009/08/05 02.02.19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CCleaner
[2009/07/22 14.44.59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CDBurnerXP
[2011/04/17 17.26.56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CDex
[2011/01/31 10.16.53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cheat Engine
[2009/05/15 13.32.54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Cisco
[2011/03/29 15.40.18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2010/12/13 16.01.35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2010/12/13 16.01.25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ConduitEngine
[2010/08/22 13.19.37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CPUID
[2010/10/30 12.36.37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Lite
[2009/07/22 14.18.09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2009/07/23 23.26.42 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DAP
[2009/10/01 16.55.05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Deep Silver
[2011/03/03 04.49.44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DigiDNA
[2009/07/23 12.14.28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\DivX
[2011/04/15 20.52.18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Dragon Age 2
[2011/04/15 05.08.41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Electronic Arts
[2009/07/21 15.40.32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\eMule AdunanzA
[2010/11/30 20.44.51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Er Finestra
[2009/09/10 13.43.02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FileZilla FTP Client
[2009/09/18 18.20.14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Firaxis Games
[2009/07/30 18.44.36 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FlashMute
[2011/02/27 23.08.15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Flex GIF Animator
[2011/05/07 03.18.45 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Fluendo
[2011/04/26 14.32.57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Free WAV to MP3 Converter
[2011/03/10 18.54.43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\FreshWebmaster
[2010/08/14 01.23.39 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\FX Uninstall Information
[2009/07/23 12.14.46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2009/07/28 12.32.47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Gpotato
[2009/07/30 21.55.03 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Gravity
[2010/05/16 22.40.33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Guitar Pro 5
[2010/10/05 09.11.55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Heroes of Newerth
[2009/10/17 17.53.02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hewlett-Packard
[2010/12/13 15.56.25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Hixus Software
[2009/10/17 17.55.20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\HP
[2011/05/07 04.17.43 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2009/03/24 04.10.10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2011/04/15 08.06.30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2009/05/15 12.53.06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\InterVideo
[2010/02/09 17.28.30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\ITM Updater
[2010/11/06 21.21.25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iTunes
[2009/07/25 16.27.16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Java
[2010/08/15 15.05.01 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Kalypso
[2009/07/23 13.38.15 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lame for Audacity
[2010/05/16 19.24.44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Lugert Europe
[2010/12/23 19.41.32 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Magic Workstation
[2010/05/16 19.58.58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MAGIX
[2011/03/06 14.07.39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/02/14 14.27.22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\McAfee
[2009/08/17 21.21.02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MD-@ HSUPA
[2011/02/05 15.09.52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Messenger Plus! Live
[2009/11/06 14.56.48 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft
[2009/12/27 13.48.30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Games
[2009/07/20 16.33.06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2011/04/22 15.24.20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2009/07/20 16.32.53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010/12/16 04.08.56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Works
[2010/01/25 15.02.40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft WSE
[2010/11/22 14.53.17 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2010/11/26 15.32.13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Monkey's Audio
[2011/05/07 23.38.16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2011/04/20 01.55.22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MP3 Skype Recorder
[2006/11/02 17.07.27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2010/07/11 23.04.10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Toolbar
[2010/07/11 23.04.24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSN Toolbar Installer
[2009/07/21 18.32.51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2009/12/20 19.58.18 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NCH Software
[2009/07/25 18.27.24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NCH Swift Sound
[2011/02/24 15.15.14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NetBus Pro
[2010/12/26 21.00.46 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\NVIDIA Corporation
[2010/02/24 01.49.22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Pando Networks
[2010/11/11 14.33.54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Passware
[2010/11/26 19.49.59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\QuickTime
[2010/08/18 00.40.28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\RAR Password Cracker
[2010/12/26 21.10.54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reality Pump
[2009/03/24 04.22.55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2006/11/02 17.07.27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2010/02/24 00.32.33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Risiko Digital II
[2009/05/15 13.19.27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Roxio
[2010/07/11 23.02.07 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Shockwave.com
[2010/11/08 05.22.51 | 000,000,000 | R--D | M] -- C:\Program Files (x86)\Skype
[2011/02/06 05.23.14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SkypeLauncher
[2009/05/15 12.47.30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SmartSound Software
[2010/12/13 16.01.37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Softonic-IT
[2010/04/07 23.33.22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Software Compress
[2009/05/15 13.30.20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sony
[2009/08/26 00.37.14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SpeedSim
[2011/05/07 15.13.10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Steam
[2011/02/09 15.39.44 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SweetIM
[2009/05/15 13.10.55 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Symantec
[2010/10/24 15.18.47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\SystemRequirementsLab
[2011/01/28 17.37.49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2010/04/25 13.15.28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Teamspeak2_RC2
[2009/03/24 12.28.31 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Temp
[2010/10/07 13.40.00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\The Guild 2 - Renaissance
[2010/09/07 19.38.50 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Tunatic
[2009/09/02 11.14.49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ubisoft
[2011/02/27 23.06.22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Ulead Systems
[2006/11/02 17.36.07 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\Uninstall Information
[2009/09/23 15.20.49 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2010/11/21 00.19.40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Viewpoint
[2009/08/17 19.56.22 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Vodafone
[2009/07/24 02.05.38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Calendar
[2008/01/21 05.09.47 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Collaboration
[2008/01/21 05.09.41 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2009/11/06 14.55.51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2009/05/15 13.31.51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live SkyDrive
[2011/04/15 08.06.31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2010/10/15 11.24.20 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2006/11/02 17.07.27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2009/07/24 02.05.37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Gallery
[2009/11/18 14.18.16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2009/07/24 02.05.38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/03/12 14.45.30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinPcap
[2009/07/22 19.03.19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
[2010/11/29 01.47.30 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinSCP
[2011/02/14 02.21.06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\World of Warcraft - Copia
[2010/02/04 17.27.59 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WorldGate
[2011/01/22 21.11.25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Xvid

< %appdata%\*.* >
[2009/07/23 22.07.13 | 000,000,006 | -HS- | M] () -- C:\Users\Simone\AppData\Roaming\desktop.ini
[2010/03/08 20.29.17 | 000,000,680 | ---- | M] () -- C:\Users\Simone\AppData\Roaming\MPQEditor.ini
[2010/11/29 01.59.47 | 000,000,600 | ---- | M] () -- C:\Users\Simone\AppData\Roaming\winscp.rnd


< MD5 for: AGP440.SYS >
[2008/01/21 04.46.51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008/01/21 04.46.51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008/01/21 04.46.51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/21 04.46.50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\ERDNT\cache64\atapi.sys
[2008/01/21 04.46.50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\SysNative\drivers\atapi.sys
[2008/01/21 04.46.50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009/04/11 00.15.02 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 13.16.48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2006/11/02 13.16.48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006/11/02 13.16.48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006/11/02 11.46.03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2006/11/02 11.46.03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006/11/02 11.46.03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2008/01/21 04.46.53 | 000,068,664 | ---- | M] (Microsoft Corporation) MD5=2DC415FC05FB8A079F896CBBACB19324 -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_55e51d682c89f490\disk.sys
[2009/04/11 00.15.26 | 000,067,032 | ---- | M] (Microsoft Corporation) MD5=B0107E40ECDB5FA692EBF832F295D905 -- C:\Windows\SysNative\drivers\disk.sys
[2009/04/11 00.15.26 | 000,067,032 | ---- | M] (Microsoft Corporation) MD5=B0107E40ECDB5FA692EBF832F295D905 -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_57d0967429abbfdc\disk.sys

< MD5 for: IASTOR.SYS >
[2008/04/30 02.03.13 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Windows\Drivers\INF\SATA Driver (Intel) (Non-RAID)\IaStor.sys
[2008/04/30 02.03.13 | 000,388,120 | ---- | M] (Intel Corporation) MD5=8D58627FEF3F8767665D9F4DC91CBD97 -- C:\Windows\SysNative\drivers\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/21 04.46.59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2008/01/21 04.46.59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2008/01/21 04.51.03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009/04/10 23.28.24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache86\netlogon.dll
[2009/04/10 23.28.24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009/04/10 23.28.24 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009/04/11 00.11.18 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\ERDNT\cache64\netlogon.dll
[2009/04/11 00.11.18 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009/04/11 00.11.18 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008/01/21 04.48.28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2008/01/21 04.46.54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys
[2008/01/21 04.46.54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys


Malicius
Novice
Novice

Status :
Online
Offline

Posts : 5
Joined : 2011-05-07
OS : Windows Vista
Points : 20421
# Likes : 0

View user profile

Back to top Go down

Re: Slow Computer, BOO\TDss.m - asw and otl logs

Post by Malicius on Sun May 08, 2011 3:00 am

< MD5 for: SCECLI.DLL >
[2008/01/21 04.50.28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008/01/21 04.49.49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009/04/10 23.28.26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache86\scecli.dll
[2009/04/10 23.28.26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009/04/10 23.28.26 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009/04/11 00.11.24 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\ERDNT\cache64\scecli.dll
[2009/04/11 00.11.24 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009/04/11 00.11.24 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

< MD5 for: USBSTOR.SYS >
[2008/01/21 04.47.25 | 000,066,048 | ---- | M] (Microsoft Corporation) MD5=586D9876A4945779C8EEA926C0D16889 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_a4a4ea3a50308c79\USBSTOR.SYS
[2009/04/10 22.39.40 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=B854C1558FCA0C269A38663E8B59B581 -- C:\Windows\SysNative\drivers\USBSTOR.SYS
[2009/04/10 22.39.40 | 000,077,824 | ---- | M] (Microsoft Corporation) MD5=B854C1558FCA0C269A38663E8B59B581 -- C:\Windows\winsxs\amd64_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_a69063464d5257c5\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< >

========== Files - Unicode (All) ==========
[2010/11/06 16.43.15 | 000,000,000 | ---D | M](C:\Users\Simone\Documents\?? ???) -- C:\Users\Simone\Documents\넥슨 플러그
[2010/11/06 16.43.15 | 000,000,000 | ---D | C](C:\Users\Simone\Documents\?? ???) -- C:\Users\Simone\Documents\넥슨 플러그

========== Alternate Data Streams ==========

@Alternate Data Stream - 20 bytes -> C:\Users\Simone\Desktop\Appunti:Mac_Metadata
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A9662AE0

< End of report >




And I have also an "extra.txt", lol.

Malicius
Novice
Novice

Status :
Online
Offline

Posts : 5
Joined : 2011-05-07
OS : Windows Vista
Points : 20421
# Likes : 0

View user profile

Back to top Go down

Re: Slow Computer, BOO\TDss.m - asw and otl logs

Post by Belahzur on Mon May 09, 2011 7:28 pm

Hello.

Please download TDSSKiller from [You must be registered and logged in to see this link.] and save it to your Desktop.

  • Doubleclick TDSSKiller.exe to run the tool
  • Click the Start Scan button
  • After the scan has finished, click the Close button
  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

Re: Slow Computer, BOO\TDss.m - asw and otl logs

Post by Malicius on Wed May 11, 2011 2:27 am

2011/05/11 04:26:02.0290 1036 TDSS rootkit removing tool 2.5.0.0 May 1 2011 14:20:16
2011/05/11 04:26:02.0670 1036 ================================================================================
2011/05/11 04:26:02.0670 1036 SystemInfo:
2011/05/11 04:26:02.0670 1036
2011/05/11 04:26:02.0671 1036 OS Version: 6.0.6002 ServicePack: 2.0
2011/05/11 04:26:02.0671 1036 Product type: Workstation
2011/05/11 04:26:02.0671 1036 ComputerName: PC-SIMONE
2011/05/11 04:26:02.0672 1036 UserName: Simone
2011/05/11 04:26:02.0672 1036 Windows directory: C:\Windows
2011/05/11 04:26:02.0672 1036 System windows directory: C:\Windows
2011/05/11 04:26:02.0672 1036 Running under WOW64
2011/05/11 04:26:02.0672 1036 Processor architecture: Intel x64
2011/05/11 04:26:02.0672 1036 Number of processors: 2
2011/05/11 04:26:02.0672 1036 Page size: 0x1000
2011/05/11 04:26:02.0672 1036 Boot type: Normal boot
2011/05/11 04:26:02.0672 1036 ================================================================================
2011/05/11 04:26:02.0818 1036 Initialize success
2011/05/11 04:26:08.0787 6916 ================================================================================
2011/05/11 04:26:08.0787 6916 Scan started
2011/05/11 04:26:08.0787 6916 Mode: Manual;
2011/05/11 04:26:08.0787 6916 ================================================================================
2011/05/11 04:26:10.0388 6916 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
2011/05/11 04:26:10.0581 6916 adfs (2f0683fd2df1d92e891caca14b45a8c1) C:\Windows\system32\drivers\adfs.sys
2011/05/11 04:26:10.0771 6916 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
2011/05/11 04:26:10.0948 6916 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
2011/05/11 04:26:11.0043 6916 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
2011/05/11 04:26:11.0116 6916 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
2011/05/11 04:26:11.0361 6916 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys
2011/05/11 04:26:11.0495 6916 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
2011/05/11 04:26:11.0546 6916 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
2011/05/11 04:26:11.0685 6916 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
2011/05/11 04:26:11.0747 6916 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
2011/05/11 04:26:11.0893 6916 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
2011/05/11 04:26:12.0004 6916 ApfiltrService (22fecb5b3de1eb8b1b2761338922f681) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/05/11 04:26:12.0207 6916 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
2011/05/11 04:26:12.0275 6916 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
2011/05/11 04:26:12.0405 6916 ArcSoftKsUFilter (1ce3822b05a5e229286a15ea39369870) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
2011/05/11 04:26:12.0609 6916 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/05/11 04:26:12.0659 6916 atapi (1898fae8e07d97f2f6c2d5326c633fac) C:\Windows\system32\drivers\atapi.sys
2011/05/11 04:26:12.0964 6916 atikmdag (fca4f8180f3e9be5e678f052602db124) C:\Windows\system32\DRIVERS\atikmdag.sys
2011/05/11 04:26:13.0206 6916 atksgt (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
2011/05/11 04:26:13.0298 6916 avgntflt (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/05/11 04:26:13.0416 6916 avipbb (c98fa6e5ad0e857d22716bd2b8b1f399) C:\Windows\system32\DRIVERS\avipbb.sys
2011/05/11 04:26:13.0757 6916 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
2011/05/11 04:26:13.0879 6916 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
2011/05/11 04:26:13.0988 6916 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
2011/05/11 04:26:14.0046 6916 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
2011/05/11 04:26:14.0168 6916 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
2011/05/11 04:26:14.0298 6916 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
2011/05/11 04:26:14.0421 6916 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
2011/05/11 04:26:14.0492 6916 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
2011/05/11 04:26:14.0627 6916 BthEnum (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/05/11 04:26:14.0726 6916 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
2011/05/11 04:26:14.0928 6916 BthPan (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
2011/05/11 04:26:15.0027 6916 BTHPORT (2ff122eeb3a712feda238fb331f738b9) C:\Windows\system32\Drivers\BTHport.sys
2011/05/11 04:26:15.0181 6916 BTHUSB (2b668e7c1616c0e931714272934c678b) C:\Windows\system32\Drivers\BTHUSB.sys
2011/05/11 04:26:15.0274 6916 btwaudio (4e26c89d8941ae0ad3f12de9c3dddb5a) C:\Windows\system32\drivers\btwaudio.sys
2011/05/11 04:26:15.0397 6916 btwavdt (6b15769244a37b1ff4ca4eba8693c7f3) C:\Windows\system32\drivers\btwavdt.sys
2011/05/11 04:26:15.0568 6916 btwl2cap (0037cb116097e8e0ea77f3b13c50ff1e) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/05/11 04:26:15.0629 6916 btwrchid (651154ee76ea31eee050f3b66e5d086b) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/05/11 04:26:15.0824 6916 CAXHWAZL (fdb53a8d3bc52dc29884587e768e3388) C:\Windows\system32\DRIVERS\CAXHWAZL.sys
2011/05/11 04:26:15.0907 6916 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
2011/05/11 04:26:16.0033 6916 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
2011/05/11 04:26:16.0229 6916 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
2011/05/11 04:26:16.0401 6916 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
2011/05/11 04:26:16.0668 6916 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/05/11 04:26:16.0726 6916 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
2011/05/11 04:26:16.0833 6916 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
2011/05/11 04:26:16.0914 6916 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
2011/05/11 04:26:17.0091 6916 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys
2011/05/11 04:26:17.0218 6916 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
2011/05/11 04:26:17.0474 6916 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
2011/05/11 04:26:17.0546 6916 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/05/11 04:26:17.0619 6916 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/05/11 04:26:17.0716 6916 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
2011/05/11 04:26:17.0935 6916 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
2011/05/11 04:26:18.0067 6916 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
2011/05/11 04:26:18.0158 6916 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
2011/05/11 04:26:18.0399 6916 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
2011/05/11 04:26:18.0549 6916 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
2011/05/11 04:26:18.0778 6916 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
2011/05/11 04:26:18.0852 6916 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
2011/05/11 04:26:18.0997 6916 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
2011/05/11 04:26:19.0142 6916 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
2011/05/11 04:26:19.0287 6916 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
2011/05/11 04:26:19.0533 6916 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/05/11 04:26:19.0652 6916 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
2011/05/11 04:26:19.0807 6916 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
2011/05/11 04:26:19.0968 6916 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
2011/05/11 04:26:20.0125 6916 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/05/11 04:26:20.0392 6916 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
2011/05/11 04:26:20.0632 6916 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/05/11 04:26:20.0755 6916 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
2011/05/11 04:26:20.0817 6916 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
2011/05/11 04:26:20.0974 6916 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
2011/05/11 04:26:21.0062 6916 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
2011/05/11 04:26:21.0203 6916 HSFHWAZL (57ba73b5b321291e5114cb21350e1ea0) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
2011/05/11 04:26:21.0344 6916 HSF_DPV (e90d0e3d9715f3bec7db2d6321dddee8) C:\Windows\system32\DRIVERS\CAX_DPV.sys
2011/05/11 04:26:21.0549 6916 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
2011/05/11 04:26:21.0701 6916 hwdatacard (c8f3119ad72a507d12ef389df4c266ef) C:\Windows\system32\DRIVERS\ewusbmdm.sys
2011/05/11 04:26:21.0917 6916 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
2011/05/11 04:26:21.0988 6916 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/05/11 04:26:22.0085 6916 iaStor (8d58627fef3f8767665d9f4dc91cbd97) C:\Windows\system32\DRIVERS\iaStor.sys
2011/05/11 04:26:22.0169 6916 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
2011/05/11 04:26:22.0294 6916 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
2011/05/11 04:26:22.0525 6916 IntcAzAudAddService (18f7691b18d4a93559d2a998ab2142bd) C:\Windows\system32\drivers\RTKVHD64.sys
2011/05/11 04:26:22.0676 6916 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
2011/05/11 04:26:22.0743 6916 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
2011/05/11 04:26:22.0846 6916 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/05/11 04:26:23.0062 6916 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
2011/05/11 04:26:23.0128 6916 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
2011/05/11 04:26:23.0265 6916 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
2011/05/11 04:26:23.0382 6916 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
2011/05/11 04:26:23.0477 6916 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/05/11 04:26:23.0597 6916 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
2011/05/11 04:26:23.0648 6916 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
2011/05/11 04:26:23.0775 6916 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/05/11 04:26:23.0862 6916 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/05/11 04:26:24.0014 6916 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
2011/05/11 04:26:24.0148 6916 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
2011/05/11 04:26:24.0419 6916 lirsgt (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/05/11 04:26:24.0511 6916 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
2011/05/11 04:26:24.0699 6916 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
2011/05/11 04:26:24.0749 6916 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
2011/05/11 04:26:24.0840 6916 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
2011/05/11 04:26:24.0905 6916 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
2011/05/11 04:26:25.0038 6916 massfilter (b5e86524918ef32b32d1032e0c8e92a3) C:\Windows\system32\DRIVERS\massfilter.sys
2011/05/11 04:26:25.0141 6916 mdmxsdk (e4f44ec214b3e381e1fc844a02926666) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/05/11 04:26:25.0261 6916 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
2011/05/11 04:26:25.0377 6916 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
2011/05/11 04:26:25.0509 6916 mferkdk (624d717b11e5004f68442b5740f17f21) C:\Windows\system32\drivers\mferkdk.sys
2011/05/11 04:26:25.0607 6916 mfesmfk (0cd9de7b96735f33f078c4ea044e8b34) C:\Windows\system32\drivers\mfesmfk.sys
2011/05/11 04:26:25.0717 6916 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
2011/05/11 04:26:25.0818 6916 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
2011/05/11 04:26:25.0909 6916 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
2011/05/11 04:26:25.0985 6916 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
2011/05/11 04:26:26.0061 6916 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
2011/05/11 04:26:26.0158 6916 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
2011/05/11 04:26:26.0276 6916 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
2011/05/11 04:26:26.0466 6916 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
2011/05/11 04:26:26.0598 6916 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
2011/05/11 04:26:26.0726 6916 mrxsmb (dc434b4769e18da09ce1b7755d4c64e9) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/05/11 04:26:26.0798 6916 mrxsmb10 (64713fcfe3de8881d62f8f3f2f794241) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/05/11 04:26:26.0958 6916 mrxsmb20 (0005c599a2abf767a815afcd32e523e3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/05/11 04:26:27.0032 6916 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
2011/05/11 04:26:27.0140 6916 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
2011/05/11 04:26:27.0329 6916 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
2011/05/11 04:26:27.0433 6916 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
2011/05/11 04:26:27.0600 6916 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
2011/05/11 04:26:27.0680 6916 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/05/11 04:26:27.0798 6916 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
2011/05/11 04:26:27.0912 6916 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
2011/05/11 04:26:28.0001 6916 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/05/11 04:26:28.0121 6916 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
2011/05/11 04:26:28.0190 6916 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
2011/05/11 04:26:28.0390 6916 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
2011/05/11 04:26:28.0486 6916 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
2011/05/11 04:26:28.0658 6916 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/05/11 04:26:28.0784 6916 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/05/11 04:26:28.0907 6916 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/05/11 04:26:29.0040 6916 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
2011/05/11 04:26:29.0121 6916 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
2011/05/11 04:26:29.0196 6916 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
2011/05/11 04:26:29.0699 6916 NETw5v64 (bfbd278f8c9bcec693345759ac278e14) C:\Windows\system32\DRIVERS\NETw5v64.sys
2011/05/11 04:26:29.0910 6916 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
2011/05/11 04:26:30.0136 6916 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
2011/05/11 04:26:30.0236 6916 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
2011/05/11 04:26:30.0522 6916 npkcusb (3c956a5513a53e2244f0773104fa6d8f) C:\Program Files (x86)\Gravity\RO\npkcusb.sys
2011/05/11 04:26:30.0766 6916 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
2011/05/11 04:26:31.0071 6916 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
2011/05/11 04:26:31.0266 6916 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
2011/05/11 04:26:31.0411 6916 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
2011/05/11 04:26:31.0553 6916 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
2011/05/11 04:26:31.0632 6916 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
2011/05/11 04:26:31.0906 6916 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/05/11 04:26:32.0184 6916 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
2011/05/11 04:26:32.0272 6916 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
2011/05/11 04:26:32.0473 6916 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
2011/05/11 04:26:32.0671 6916 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
2011/05/11 04:26:32.0737 6916 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
2011/05/11 04:26:32.0833 6916 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
2011/05/11 04:26:33.0406 6916 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
2011/05/11 04:26:33.0532 6916 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
2011/05/11 04:26:33.0759 6916 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
2011/05/11 04:26:33.0884 6916 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/05/11 04:26:34.0019 6916 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
2011/05/11 04:26:34.0184 6916 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
2011/05/11 04:26:34.0272 6916 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
2011/05/11 04:26:34.0402 6916 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
2011/05/11 04:26:34.0512 6916 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/05/11 04:26:34.0679 6916 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/05/11 04:26:34.0773 6916 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
2011/05/11 04:26:34.0964 6916 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
2011/05/11 04:26:35.0073 6916 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/05/11 04:26:35.0181 6916 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
2011/05/11 04:26:35.0282 6916 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
2011/05/11 04:26:35.0426 6916 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
2011/05/11 04:26:35.0530 6916 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
2011/05/11 04:26:35.0718 6916 Revoflt (9c3ac71a9934b884fac567a8807e9c4d) C:\Windows\system32\DRIVERS\revoflt.sys
2011/05/11 04:26:35.0810 6916 RFCOMM (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/05/11 04:26:35.0909 6916 rimsptsk (7eae3999b94a8ce60bfbaa83462b89a1) C:\Windows\system32\DRIVERS\rimssn64.sys
2011/05/11 04:26:35.0983 6916 risdptsk (fa6d7cd63ad08a01d9259f58e0c5c09e) C:\Windows\system32\DRIVERS\risdsn64.sys
2011/05/11 04:26:36.0194 6916 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
2011/05/11 04:26:36.0363 6916 RTHDMIAzAudService (c3cf92f7983477ff305bd1afae411152) C:\Windows\system32\drivers\RtHDMIVX.sys
2011/05/11 04:26:36.0511 6916 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
2011/05/11 04:26:36.0721 6916 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
2011/05/11 04:26:36.0941 6916 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/05/11 04:26:37.0052 6916 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
2011/05/11 04:26:37.0123 6916 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
2011/05/11 04:26:37.0263 6916 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
2011/05/11 04:26:37.0582 6916 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\DRIVERS\SFEP.sys
2011/05/11 04:26:37.0652 6916 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
2011/05/11 04:26:37.0751 6916 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
2011/05/11 04:26:37.0833 6916 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
2011/05/11 04:26:37.0896 6916 sfloppy (40567781f0785c4a69411d1b40da8987) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/05/11 04:26:38.0124 6916 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
2011/05/11 04:26:38.0246 6916 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
2011/05/11 04:26:38.0503 6916 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
2011/05/11 04:26:38.0758 6916 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
2011/05/11 04:26:38.0913 6916 sptd (c1f1e964d5fa733f7a4e641f07d6c8b5) C:\Windows\system32\Drivers\sptd.sys
2011/05/11 04:26:38.0913 6916 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: c1f1e964d5fa733f7a4e641f07d6c8b5
2011/05/11 04:26:38.0956 6916 sptd - detected LockedFile.Multi.Generic (1)
2011/05/11 04:26:39.0156 6916 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
2011/05/11 04:26:39.0310 6916 srv2 (fa36d119249bf27bc4c0079734e1f33b) C:\Windows\system32\DRIVERS\srv2.sys
2011/05/11 04:26:39.0430 6916 srvnet (cfe7bc92d52c7e79427545909a0182f8) C:\Windows\system32\DRIVERS\srvnet.sys
2011/05/11 04:26:39.0655 6916 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
2011/05/11 04:26:39.0743 6916 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
2011/05/11 04:26:39.0811 6916 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
2011/05/11 04:26:39.0987 6916 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
2011/05/11 04:26:40.0193 6916 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys
2011/05/11 04:26:40.0473 6916 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys
2011/05/11 04:26:40.0723 6916 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
2011/05/11 04:26:40.0826 6916 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
2011/05/11 04:26:40.0965 6916 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
2011/05/11 04:26:41.0146 6916 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
2011/05/11 04:26:41.0295 6916 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
2011/05/11 04:26:41.0584 6916 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/05/11 04:26:41.0654 6916 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
2011/05/11 04:26:41.0833 6916 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
2011/05/11 04:26:41.0928 6916 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
2011/05/11 04:26:42.0049 6916 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
2011/05/11 04:26:42.0212 6916 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
2011/05/11 04:26:42.0390 6916 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
2011/05/11 04:26:42.0513 6916 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
2011/05/11 04:26:42.0593 6916 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
2011/05/11 04:26:42.0694 6916 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
2011/05/11 04:26:42.0884 6916 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
2011/05/11 04:26:42.0983 6916 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/05/11 04:26:43.0072 6916 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
2011/05/11 04:26:43.0155 6916 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
2011/05/11 04:26:43.0278 6916 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
2011/05/11 04:26:43.0410 6916 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
2011/05/11 04:26:43.0524 6916 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
2011/05/11 04:26:43.0661 6916 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
2011/05/11 04:26:43.0744 6916 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/05/11 04:26:43.0853 6916 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/05/11 04:26:43.0972 6916 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
2011/05/11 04:26:44.0336 6916 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/05/11 04:26:44.0423 6916 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
2011/05/11 04:26:44.0591 6916 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
2011/05/11 04:26:44.0700 6916 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
2011/05/11 04:26:44.0855 6916 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
2011/05/11 04:26:44.0964 6916 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
2011/05/11 04:26:45.0061 6916 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
2011/05/11 04:26:45.0312 6916 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
2011/05/11 04:26:45.0412 6916 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/11 04:26:45.0464 6916 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2011/05/11 04:26:45.0624 6916 wanatw (eceb715bece47e101ddec06b11126066) C:\Windows\system32\DRIVERS\wanatw64.sys
2011/05/11 04:26:45.0790 6916 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
2011/05/11 04:26:45.0920 6916 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
2011/05/11 04:26:46.0145 6916 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/05/11 04:26:46.0229 6916 winachsf (057b062cf9a11e04db45b8c3afc28b11) C:\Windows\system32\DRIVERS\CAX_CNXT.sys
2011/05/11 04:26:46.0733 6916 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
2011/05/11 04:26:46.0928 6916 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
2011/05/11 04:26:47.0083 6916 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
2011/05/11 04:26:47.0214 6916 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/05/11 04:26:47.0398 6916 XAudio (638c99d993afab0e1fab226e2bbe6d79) C:\Windows\system32\DRIVERS\xaudio64.sys
2011/05/11 04:26:47.0544 6916 yukonx64 (3c5b0410faba5b1014eefeee77e1296a) C:\Windows\system32\DRIVERS\yk60x64.sys
2011/05/11 04:26:47.0725 6916 ZTEusbmdm6k (c5f6b47d291b13e1d259648f6d86d924) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
2011/05/11 04:26:47.0831 6916 ZTEusbnet (551f0f8d2a3c85594192049ef69579d9) C:\Windows\system32\DRIVERS\ZTEusbnet.sys
2011/05/11 04:26:47.0944 6916 ZTEusbnmea (216020e1180b3e51933340a6b1987f38) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
2011/05/11 04:26:48.0037 6916 ZTEusbser6k (c5f6b47d291b13e1d259648f6d86d924) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
2011/05/11 04:26:48.0133 6916 ZTEusbvoice (c5f6b47d291b13e1d259648f6d86d924) C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
2011/05/11 04:26:48.0284 6916 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2011/05/11 04:26:48.0296 6916 ================================================================================
2011/05/11 04:26:48.0296 6916 Scan finished
2011/05/11 04:26:48.0296 6916 ================================================================================
2011/05/11 04:26:48.0375 1204 Detected object count: 2
2011/05/11 04:26:52.0208 1204 LockedFile.Multi.Generic(sptd) - User select action: Skip
2011/05/11 04:26:52.0264 1204 \HardDisk0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot
2011/05/11 04:26:52.0264 1204 \HardDisk0 - ok
2011/05/11 04:26:52.0276 1204 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure

Malicius
Novice
Novice

Status :
Online
Offline

Posts : 5
Joined : 2011-05-07
OS : Windows Vista
Points : 20421
# Likes : 0

View user profile

Back to top Go down

Re: Slow Computer, BOO\TDss.m - asw and otl logs

Post by Belahzur on Wed May 11, 2011 2:21 pm

Hello.

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


Rename ComboFix.exe to commy.exe before you save it to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245039
# Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum