***** NORMAL SCAN FOR ACTIVE MALWARE *****

Trojan Remover Ver 6.7.6.2565. For information, email support@simplysup.com

[Unregistered version]
Scan started at: 8:55:28 PM 04 Dec 2011
Using Database v7291
Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED.
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************
The following Anti-Malware program(s) are loaded:
Avira AntiVir
************************************************************
************************************************************
8:55:29 PM: ----- SCANNING FOR ROOTKIT SERVICES ----No hidden Services were detected.
************************************************************
8:55:30 PM: Scanning -----WINDOWS REGISTRY-----------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: explorer.exe
C:\Windows\explorer.exe
2613248 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
26112 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
----------------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
-------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: USB Antivirus
Value Data: C:\Program Files\USB Disk Security\USBGuard.exe

C:\Program Files\USB Disk Security\USBGuard.exe

798720 bytes
Created: 10/14/2011 8:59 AM
Modified: 3/27/2008 11:35 AM
Company: http://www.zbshareware.com
-------------------Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
C:\Program Files\QuickTime\QTTask.exe
421888 bytes
Created: 7/5/2011 6:36 PM
Modified: 7/5/2011 6:36 PM
Company: Apple Inc.
-------------------Value Name: SunJavaUpdateSched
Value Data: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
C:\Program Files\Common Files\Java\Java Update\jusched.exe
254696 bytes
Created: 6/9/2011 1:06 PM
Modified: 6/9/2011 1:06 PM
Company: Sun Microsystems, Inc.
-------------------Value Name: MSC
Value Data: "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runk
ey
c:\Program Files\Microsoft Security Client\msseces.exe
997920 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
-------------------Value Name: Corel Graphics Suite 1117
Value Data: C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /
title="Corel Graphics Suite 11" /date=112611 serial=DR11CRD-0012082-DGW
C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe [file not fou
nd to scan]
-------------------Value Name:
Value Data:
Blank entry: []
-------------------Value Name: ApnUpdater
Value Data: "C:\Program Files\Ask.com\Updater\Updater.exe"
C:\Program Files\Ask.com\Updater\Updater.exe
901800 bytes
Created: 11/21/2011 2:18 AM
Modified: 11/21/2011 2:18 AM
Company: {StringFileInfo_CompanyName}
-------------------Value Name: avgnt
Value Data: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
258512 bytes
Created: 12/31/2011 8:57 AM
Modified: 10/11/2011 3:00 PM
Company: Avira Operations GmbH & Co. KG
-------------------Value Name: IMMON
Value Data: "C:\Program Files\IM Magician\Vicamon.exe"
C:\Program Files\IM Magician\Vicamon.exe

143360 bytes
Created: 1/1/2012 11:16 AM
Modified: 5/7/2009 10:58 AM
Company: Vimisoft Studio
--------------------------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
-------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: Facebook Update
Value Data: "C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe"
/c /nocrashserver
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
-------------------Value Name: DownloadAccelerator
Value Data: "C:\Program Files\DAP\DAP.EXE" /STARTUP
C:\Program Files\DAP\DAP.EXE
2975920 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/29/2011 6:30 AM
Company: SpeedBit Ltd.
-------------------Value Name: Mobile Partner
Value Data: "C:\Program Files\Broadband\Broadband.exe"
C:\Program Files\Broadband\Broadband.exe
536576 bytes
Created: 12/23/2011 6:20 AM
Modified: 12/23/2011 6:20 AM
Company: TODO: <???>
--------------------------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
************************************************************
8:55:33 PM: Scanning -----SHELLEXECUTEHOOKS----ShellExecuteHooks key is empty
************************************************************
8:55:33 PM: Scanning -----HIDDEN REGISTRY ENTRIES----Taskdir check completed
---------No Hidden File-loading Registry Entries found
---------************************************************************
8:55:34 PM: Scanning -----ACTIVE SCREENSAVER----ScreenSaver: C:\Windows\system32\scrnsave.scr
C:\Windows\system32\scrnsave.scr
10240 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
--------------------

************************************************************
8:55:34 PM: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----Key: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}
Path: "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",Bran
dIEActiveSetup SIGNUP
C:\Windows\System32\rundll32.exe
44544 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------************************************************************
8:55:41 PM: Scanning ----- SERVICEDLL REGISTRY KEYS ----Key: AppIDSvc
Path: %SystemRoot%\System32\appidsvc.dll
C:\Windows\System32\appidsvc.dll
27648 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: AxInstSV
Path: %SystemRoot%\System32\AxInstSV.dll
C:\Windows\System32\AxInstSV.dll
88064 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: BDESVC
Path: %SystemRoot%\System32\bdesvc.dll
C:\Windows\System32\bdesvc.dll
76800 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: bthserv
Path: %SystemRoot%\system32\bthserv.dll
C:\Windows\system32\bthserv.dll
64512 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: defragsvc
Path: %Systemroot%\System32\defragsvc.dll
C:\Windows\System32\defragsvc.dll
218624 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: Dhcp
Path: %SystemRoot%\system32\dhcpcore.dll
C:\Windows\system32\dhcpcore.dll
253440 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:15 AM

Company: Microsoft Corporation

-------------------Key: FontCache
Path: %SystemRoot%\system32\FntCache.dll
C:\Windows\system32\FntCache.dll
797696 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupListener
Path: %SystemRoot%\system32\ListSvc.dll
C:\Windows\system32\ListSvc.dll
194560 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupProvider
Path: %SystemRoot%\system32\provsvc.dll
C:\Windows\system32\provsvc.dll
165376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: p2pimsvc
Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PeerDistSvc
Path: %SystemRoot%\system32\peerdistsvc.dll
C:\Windows\system32\peerdistsvc.dll
1004544 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPAutoReg
Path: %SystemRoot%\system32\pnrpauto.dll
C:\Windows\system32\pnrpauto.dll
20480 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPsvc
Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: Power
Path: %SystemRoot%\system32\umpo.dll

C:\Windows\system32\umpo.dll
119808 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: RpcEptMapper
Path: %SystemRoot%\System32\RpcEpMap.dll
C:\Windows\System32\RpcEpMap.dll
43520 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: SensrSvc
Path: %SystemRoot%\system32\sensrsvc.dll
C:\Windows\system32\sensrsvc.dll
25088 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: sppuinotify
Path: %SystemRoot%\system32\sppuinotify.dll
C:\Windows\system32\sppuinotify.dll
53760 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: Themes
Path: %SystemRoot%\system32\themeservice.dll
C:\Windows\system32\themeservice.dll
37376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WbioSrvc
Path: %SystemRoot%\System32\wbiosrvc.dll
C:\Windows\System32\wbiosrvc.dll
151552 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WwanSvc
Path: %SystemRoot%\System32\wwansvc.dll
C:\Windows\System32\wwansvc.dll
185856 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------************************************************************
8:56:01 PM: Scanning ----- SERVICES REGISTRY KEYS ----Key:
1394ohci
ImagePath: \SystemRoot\system32\DRIVERS\1394ohci.sys
C:\Windows\system32\DRIVERS\1394ohci.sys

163328 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
AcpiPmi
ImagePath: \SystemRoot\system32\DRIVERS\acpipmi.sys
C:\Windows\system32\DRIVERS\acpipmi.sys
9728 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 4:16 AM
Company: Microsoft Corporation
---------Key:
ALCXWDM
ImagePath: system32\drivers\RTKVAC.SYS
C:\Windows\system32\drivers\RTKVAC.SYS
4172832 bytes
Created: 6/18/2009 7:45 PM
Modified: 6/18/2009 7:45 PM
Company: Realtek Semiconductor Corp.
---------Key:
AmdPPM
ImagePath: \SystemRoot\system32\DRIVERS\amdppm.sys
C:\Windows\system32\DRIVERS\amdppm.sys
52736 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
amdsata
ImagePath: \SystemRoot\system32\DRIVERS\amdsata.sys
C:\Windows\system32\DRIVERS\amdsata.sys
79952 bytes
Created: 6/11/2009 2:19 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
amdsbs
ImagePath: \SystemRoot\system32\DRIVERS\amdsbs.sys
C:\Windows\system32\DRIVERS\amdsbs.sys
159312 bytes
Created: 6/11/2009 2:20 AM
Modified: 7/14/2009 6:26 AM
Company: AMD Technologies Inc.
---------Key:
amdxata
ImagePath: system32\DRIVERS\amdxata.sys
C:\Windows\system32\DRIVERS\amdxata.sys
23616 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
AntiVirSchedulerService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\sched.exe"
C:\Program Files\Avira\AntiVir Desktop\sched.exe
86224 bytes
Created: 12/31/2011 8:57 AM
Modified: 10/11/2011 3:00 PM
Company: Avira Operations GmbH & Co. KG

---------Key:
AntiVirService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avguard.exe"
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
110032 bytes
Created: 12/31/2011 8:57 AM
Modified: 10/11/2011 3:00 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirWebService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
463824 bytes
Created: 12/31/2011 8:57 AM
Modified: 10/11/2011 3:00 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AppID
ImagePath: \SystemRoot\system32\drivers\appid.sys
C:\Windows\system32\drivers\appid.sys
50176 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 4:36 AM
Company: Microsoft Corporation
---------Key:
avgntflt
ImagePath: system32\DRIVERS\avgntflt.sys
C:\Windows\system32\DRIVERS\avgntflt.sys
74640 bytes
Created: 12/31/2011 8:57 AM
Modified: 10/11/2011 3:00 PM
Company: Avira GmbH
---------Key:
avipbb
ImagePath: system32\DRIVERS\avipbb.sys
C:\Windows\system32\DRIVERS\avipbb.sys
134856 bytes
Created: 12/31/2011 8:57 AM
Modified: 1/1/2012 9:00 AM
Company: Avira GmbH
---------Key:
avkmgr
ImagePath: system32\DRIVERS\avkmgr.sys
C:\Windows\system32\DRIVERS\avkmgr.sys
36000 bytes
Created: 12/31/2011 8:57 AM
Modified: 10/11/2011 3:00 PM
Company: Avira GmbH
---------Key:
awhfxjhi
ImagePath: \??\C:\Windows\system32\drivers\awhfxjhi.sys
C:\Windows\system32\drivers\awhfxjhi.sys [file not found to scan]
---------Key:
b06bdrv
ImagePath: \SystemRoot\system32\DRIVERS\bxvbdx.sys
C:\Windows\system32\DRIVERS\bxvbdx.sys
430080 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation

---------Key:
b57nd60x
ImagePath: system32\DRIVERS\b57nd60x.sys
C:\Windows\system32\DRIVERS\b57nd60x.sys
229888 bytes
Created: 7/14/2009 3:02 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
blbdrive
ImagePath: system32\DRIVERS\blbdrive.sys
C:\Windows\system32\DRIVERS\blbdrive.sys
35328 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 4:23 AM
Company: Microsoft Corporation
---------Key:
CmBatt
ImagePath: \SystemRoot\system32\DRIVERS\CmBatt.sys
C:\Windows\system32\DRIVERS\CmBatt.sys
14080 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
CNG
ImagePath: System32\Drivers\cng.sys
C:\Windows\System32\Drivers\cng.sys
369568 bytes
Created: 7/14/2009 4:32 AM
Modified: 7/14/2009 6:17 AM
Company: Microsoft Corporation
---------Key:
CompositeBus
ImagePath: system32\DRIVERS\CompositeBus.sys
C:\Windows\system32\DRIVERS\CompositeBus.sys
31232 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
crcdisk
ImagePath: \SystemRoot\system32\DRIVERS\crcdisk.sys
C:\Windows\system32\DRIVERS\crcdisk.sys
22096 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
discache
ImagePath: System32\drivers\discache.sys
C:\Windows\System32\drivers\discache.sys
32256 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 4:24 AM
Company: Microsoft Corporation
---------Key:
djjxwasc
ImagePath: \??\C:\Windows\system32\drivers\djjxwasc.sys
C:\Windows\system32\drivers\djjxwasc.sys [file not found to scan]

---------Key:
ebdrv
ImagePath: \SystemRoot\system32\DRIVERS\evbdx.sys
C:\Windows\system32\DRIVERS\evbdx.sys
3100160 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
exvcfxgw
ImagePath: \??\C:\Windows\system32\drivers\exvcfxgw.sys
C:\Windows\system32\drivers\exvcfxgw.sys [file not found to scan]
---------Key:
flpydisk
ImagePath: \SystemRoot\system32\DRIVERS\flpydisk.sys
C:\Windows\system32\DRIVERS\flpydisk.sys
19968 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
FsDepends
ImagePath: System32\drivers\FsDepends.sys
C:\Windows\System32\drivers\FsDepends.sys
46160 bytes
Created: 7/14/2009 4:15 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
gupdate
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
gupdatem
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
hcw85cir
ImagePath: \SystemRoot\system32\drivers\hcw85cir.sys
C:\Windows\system32\drivers\hcw85cir.sys
26624 bytes
Created: 7/14/2009 3:54 AM
Modified: 7/14/2009 3:54 AM
Company: Hauppauge Computer Works, Inc.
---------Key:
HidBatt
ImagePath: \SystemRoot\system32\DRIVERS\HidBatt.sys
C:\Windows\system32\DRIVERS\HidBatt.sys
21504 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation

---------Key:
HpSAMD
ImagePath: \SystemRoot\system32\DRIVERS\HpSAMD.sys
C:\Windows\system32\DRIVERS\HpSAMD.sys
67152 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: Hewlett-Packard Company
---------Key:
hwdatacard
ImagePath: system32\DRIVERS\ewusbmdm.sys
C:\Windows\system32\DRIVERS\ewusbmdm.sys
102912 bytes
Created: 12/23/2011 6:21 AM
Modified: 9/10/2009 3:31 PM
Company: Huawei Technologies Co., Ltd.
---------Key:
hwpolicy
ImagePath: System32\drivers\hwpolicy.sys
C:\Windows\System32\drivers\hwpolicy.sys
13904 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
hwusbdev
ImagePath: system32\DRIVERS\ewusbdev.sys
C:\Windows\system32\DRIVERS\ewusbdev.sys
101120 bytes
Created: 12/23/2011 6:21 AM
Modified: 10/12/2009 3:22 PM
Company: Huawei Technologies Co., Ltd.
---------Key:
intelppm
ImagePath: \SystemRoot\system32\DRIVERS\intelppm.sys
C:\Windows\system32\DRIVERS\intelppm.sys
53760 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
iScsiPrt
ImagePath: \SystemRoot\system32\DRIVERS\msiscsi.sys
C:\Windows\system32\DRIVERS\msiscsi.sys
186960 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
kbdhid
ImagePath: \SystemRoot\system32\DRIVERS\kbdhid.sys
C:\Windows\system32\DRIVERS\kbdhid.sys
28160 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
KSecPkg
ImagePath: System32\Drivers\ksecpkg.sys
C:\Windows\System32\Drivers\ksecpkg.sys

133200 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
LSI_FC
ImagePath: \SystemRoot\system32\DRIVERS\lsi_fc.sys
C:\Windows\system32\DRIVERS\lsi_fc.sys
95824 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas.sys
C:\Windows\system32\DRIVERS\lsi_sas.sys
89168 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS2
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas2.sys
C:\Windows\system32\DRIVERS\lsi_sas2.sys
54864 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SCSI
ImagePath: \SystemRoot\system32\DRIVERS\lsi_scsi.sys
C:\Windows\system32\DRIVERS\lsi_scsi.sys
96848 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
MpFilter
ImagePath: system32\DRIVERS\MpFilter.sys
C:\Windows\system32\DRIVERS\MpFilter.sys
165648 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation
---------Key:
MpKsl175ac0df
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{5CE904C5-2D9B-420D-A218-479DDDAF1220}\MpKsl175ac0df.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5CE904C5-2D9B
-420D-A218-479DDDAF1220}\MpKsl175ac0df.sys [file not found to scan]
---------Key:
MpKsl19b7cb5c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{63FC53AE-0C80-4781-A0F2-D285951B5C1C}\MpKsl19b7cb5c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63FC53AE-0C80
-4781-A0F2-D285951B5C1C}\MpKsl19b7cb5c.sys [file not found to scan]
---------Key:
MpKsl292c9fc4
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{C2E8B41D-8A3B-440A-94E5-ADC0E3405A30}\MpKsl292c9fc4.sys

c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C2E8B41D-8A3B

-440A-94E5-ADC0E3405A30}\MpKsl292c9fc4.sys [file not found to scan]
---------Key:
MpKsl2ed2d473
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FEDAB18A-7B52-47C7-8216-D8E2B3F38CB6}\MpKsl2ed2d473.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDAB18A-7B52
-47C7-8216-D8E2B3F38CB6}\MpKsl2ed2d473.sys [file not found to scan]
---------Key:
MpKsl41b47353
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl41b47353.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsl41b47353.sys [file not found to scan]
---------Key:
MpKsl42564376
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{A1890F5B-444C-4721-85E5-2D8B0E3D7118}\MpKsl42564376.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A1890F5B-444C
-4721-85E5-2D8B0E3D7118}\MpKsl42564376.sys [file not found to scan]
---------Key:
MpKsl43dec7fa
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKsl43dec7fa.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKsl43dec7fa.sys [file not found to scan]
---------Key:
MpKsl4827cce2
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA200FC3-0ACF-4696-B54F-C617A393F3F2}\MpKsl4827cce2.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA200FC3-0ACF
-4696-B54F-C617A393F3F2}\MpKsl4827cce2.sys [file not found to scan]
---------Key:
MpKsl4af71ab5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{125D1778-DD71-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{125D1778-DD71
-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys [file not found to scan]
---------Key:
MpKsl5ac8e01c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{EC9E497F-B5E8-44D0-B086-3AF9A4221A07}\MpKsl5ac8e01c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC9E497F-B5E8
-44D0-B086-3AF9A4221A07}\MpKsl5ac8e01c.sys [file not found to scan]
---------Key:
MpKsl5cc2f1c0
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{5CE904C5-2D9B-420D-A218-479DDDAF1220}\MpKsl5cc2f1c0.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5CE904C5-2D9B
-420D-A218-479DDDAF1220}\MpKsl5cc2f1c0.sys [file not found to scan]
---------Key:
MpKsl611ac31f
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E4A015ED-FE16-4385-96B4-862985D2FFFC}\MpKsl611ac31f.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A015ED-FE16
-4385-96B4-862985D2FFFC}\MpKsl611ac31f.sys [file not found to scan]
---------Key:
MpKsl65972984
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{89274BDA-1166-4961-AA83-49BE6A9B35DC}\MpKsl65972984.sys

c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89274BDA-1166

-4961-AA83-49BE6A9B35DC}\MpKsl65972984.sys [file not found to scan]
---------Key:
MpKsl6780b090
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E7D97244-3332-48C5-AEEF-555B63449487}\MpKsl6780b090.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D97244-3332
-48C5-AEEF-555B63449487}\MpKsl6780b090.sys [file not found to scan]
---------Key:
MpKsl6ce2c32c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F04B1274-39FA-497F-96A1-1113653CD37C}\MpKsl6ce2c32c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F04B1274-39FA
-497F-96A1-1113653CD37C}\MpKsl6ce2c32c.sys [file not found to scan]
---------Key:
MpKsl6d167de1
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKsl6d167de1.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKsl6d167de1.sys [file not found to scan]
---------Key:
MpKsl6ddfbb59
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FB066597-4A54-40D8-8EFE-5AC154F5D4A7}\MpKsl6ddfbb59.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FB066597-4A54
-40D8-8EFE-5AC154F5D4A7}\MpKsl6ddfbb59.sys [file not found to scan]
---------Key:
MpKsl6e9cc13c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{5ADD0A21-979F-4C7F-A9B5-479DBC12613F}\MpKsl6e9cc13c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5ADD0A21-979F
-4C7F-A9B5-479DBC12613F}\MpKsl6e9cc13c.sys [file not found to scan]
---------Key:
MpKsl732c6e5b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E6FFDF5F-3F32-4295-A28B-415DB46AD9BA}\MpKsl732c6e5b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E6FFDF5F-3F32
-4295-A28B-415DB46AD9BA}\MpKsl732c6e5b.sys [file not found to scan]
---------Key:
MpKsl77164ad8
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{AE29A31E-1183-4CB2-9700-B161DDDB0700}\MpKsl77164ad8.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE29A31E-1183
-4CB2-9700-B161DDDB0700}\MpKsl77164ad8.sys [file not found to scan]
---------Key:
MpKsl7a7ef606
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F9F948D5-68FF-4642-8AE8-44F93EDF9F61}\MpKsl7a7ef606.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F9F948D5-68FF
-4642-8AE8-44F93EDF9F61}\MpKsl7a7ef606.sys [file not found to scan]
---------Key:
MpKsl7e18e2f1
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FEDAB18A-7B52-47C7-8216-D8E2B3F38CB6}\MpKsl7e18e2f1.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDAB18A-7B52
-47C7-8216-D8E2B3F38CB6}\MpKsl7e18e2f1.sys [file not found to scan]
---------Key:
MpKsl7ef1c63a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl7ef1c63a.sys

c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692

-4C80-A00B-FB2A4A817156}\MpKsl7ef1c63a.sys [file not found to scan]
---------Key:
MpKsl835cd987
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E6FFDF5F-3F32-4295-A28B-415DB46AD9BA}\MpKsl835cd987.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E6FFDF5F-3F32
-4295-A28B-415DB46AD9BA}\MpKsl835cd987.sys [file not found to scan]
---------Key:
MpKsl86faea71
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{1801E2FC-6C49-4AB0-B29A-D5513E9AB219}\MpKsl86faea71.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1801E2FC-6C49
-4AB0-B29A-D5513E9AB219}\MpKsl86faea71.sys [file not found to scan]
---------Key:
MpKsl887ded04
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl887ded04.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsl887ded04.sys [file not found to scan]
---------Key:
MpKsl96f50f1a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA200FC3-0ACF-4696-B54F-C617A393F3F2}\MpKsl96f50f1a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA200FC3-0ACF
-4696-B54F-C617A393F3F2}\MpKsl96f50f1a.sys [file not found to scan]
---------Key:
MpKsl9834e373
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKsl9834e373.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKsl9834e373.sys [file not found to scan]
---------Key:
MpKsl9b9925f7
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{87A2B06F-AEDB-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87A2B06F-AEDB
-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys [file not found to scan]
---------Key:
MpKsla40f86f2
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{D93F9AEA-0FB3-43DE-BC08-4D52ADDC31C3}\MpKsla40f86f2.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D93F9AEA-0FB3
-43DE-BC08-4D52ADDC31C3}\MpKsla40f86f2.sys [file not found to scan]
---------Key:
MpKsla4270d7e
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{A8F1F9E2-A163-4A96-986C-DBB1BEFCFB45}\MpKsla4270d7e.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A8F1F9E2-A163
-4A96-986C-DBB1BEFCFB45}\MpKsla4270d7e.sys [file not found to scan]
---------Key:
MpKsla90dfa44
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F04B1274-39FA-497F-96A1-1113653CD37C}\MpKsla90dfa44.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F04B1274-39FA
-497F-96A1-1113653CD37C}\MpKsla90dfa44.sys [file not found to scan]
---------Key:
MpKslaed93a83
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E6FFDF5F-3F32-4295-A28B-415DB46AD9BA}\MpKslaed93a83.sys

c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E6FFDF5F-3F32

-4295-A28B-415DB46AD9BA}\MpKslaed93a83.sys [file not found to scan]
---------Key:
MpKslb3ec5bfc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{89274BDA-1166-4961-AA83-49BE6A9B35DC}\MpKslb3ec5bfc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89274BDA-1166
-4961-AA83-49BE6A9B35DC}\MpKslb3ec5bfc.sys [file not found to scan]
---------Key:
MpKslba40cab8
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKslba40cab8.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKslba40cab8.sys [file not found to scan]
---------Key:
MpKslbab8d99a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E7C2127-2E95-4952-B1E6-230052398D9B}\MpKslbab8d99a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E7C2127-2E95
-4952-B1E6-230052398D9B}\MpKslbab8d99a.sys
29904 bytes
Created: 1/6/2012 1:35 PM
Modified: 1/6/2012 1:35 PM
Company: Microsoft Corporation
---------Key:
MpKslc726619e
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E7D97244-3332-48C5-AEEF-555B63449487}\MpKslc726619e.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D97244-3332
-48C5-AEEF-555B63449487}\MpKslc726619e.sys [file not found to scan]
---------Key:
MpKslc812cda5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys [file not found to scan]
---------Key:
MpKslcd559a54
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E7C2127-2E95-4952-B1E6-230052398D9B}\MpKslcd559a54.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E7C2127-2E95
-4952-B1E6-230052398D9B}\MpKslcd559a54.sys
29904 bytes
Created: 1/6/2012 8:44 PM
Modified: 1/6/2012 8:44 PM
Company: Microsoft Corporation
---------Key:
MpKsld1a9a4bd
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsld1a9a4bd.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsld1a9a4bd.sys [file not found to scan]
---------Key:
MpKsld5011512
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E7C2127-2E95-4952-B1E6-230052398D9B}\MpKsld5011512.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E7C2127-2E95
-4952-B1E6-230052398D9B}\MpKsld5011512.sys
29904 bytes
Created: 1/6/2012 8:29 PM

Modified: 1/6/2012 8:29 PM

Company: Microsoft Corporation
---------Key:
MpKsld6bc2ace
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{41075F48-D9B6-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{41075F48-D9B6
-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys [file not found to scan]
---------Key:
MpKsldab91f44
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{A1890F5B-444C-4721-85E5-2D8B0E3D7118}\MpKsldab91f44.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A1890F5B-444C
-4721-85E5-2D8B0E3D7118}\MpKsldab91f44.sys [file not found to scan]
---------Key:
MpKsldb078f3b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{18376A16-6A89-4431-9AAE-7757B1860F0B}\MpKsldb078f3b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18376A16-6A89
-4431-9AAE-7757B1860F0B}\MpKsldb078f3b.sys [file not found to scan]
---------Key:
MpKslde1c2bee
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E7C2127-2E95-4952-B1E6-230052398D9B}\MpKslde1c2bee.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E7C2127-2E95
-4952-B1E6-230052398D9B}\MpKslde1c2bee.sys
29904 bytes
Created: 1/6/2012 8:12 AM
Modified: 1/6/2012 8:12 AM
Company: Microsoft Corporation
---------Key:
MpKsle40809dc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{BBDC0D42-7802-440D-A612-6A7B59ED49B6}\MpKsle40809dc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BBDC0D42-7802
-440D-A612-6A7B59ED49B6}\MpKsle40809dc.sys [file not found to scan]
---------Key:
MpKsle6b3f7f6
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F82BC6C4-990C-4822-A000-19C5D52A07F5}\MpKsle6b3f7f6.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F82BC6C4-990C
-4822-A000-19C5D52A07F5}\MpKsle6b3f7f6.sys [file not found to scan]
---------Key:
MpKsled7ad05b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4B60937A-DEE2-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B60937A-DEE2
-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys [file not found to scan]
---------Key:
MpKslf8aafc7a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKslf8aafc7a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKslf8aafc7a.sys [file not found to scan]
---------Key:
MpNWMon
ImagePath: system32\DRIVERS\MpNWMon.sys
C:\Windows\system32\DRIVERS\MpNWMon.sys
43392 bytes
Created: 4/18/2011 1:18 PM

Modified: 4/18/2011 1:18 PM

Company: Microsoft Corporation
---------Key:
mshidkmdf
ImagePath: \SystemRoot\System32\drivers\mshidkmdf.sys
C:\Windows\System32\drivers\mshidkmdf.sys
4096 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
MsMpSvc
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
11736 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
MTConfig
ImagePath: \SystemRoot\system32\DRIVERS\MTConfig.sys
C:\Windows\system32\DRIVERS\MTConfig.sys
12288 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 4:46 AM
Company: Microsoft Corporation
---------Key:
NdisCap
ImagePath: system32\DRIVERS\ndiscap.sys
C:\Windows\system32\DRIVERS\ndiscap.sys
27136 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
Nero BackItUp Scheduler 4.0
ImagePath: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
935208 bytes
Created: 7/20/2009 11:51 AM
Modified: 7/20/2009 11:51 AM
Company: Nero AG
---------Key:
nhdlxgxv
ImagePath: \??\C:\Windows\system32\drivers\nhdlxgxv.sys
C:\Windows\system32\drivers\nhdlxgxv.sys [file not found to scan]
---------Key:
NisDrv
ImagePath: system32\DRIVERS\NisDrvWFP.sys
C:\Windows\system32\DRIVERS\NisDrvWFP.sys
65024 bytes
Created: 4/27/2011 3:25 PM
Modified: 4/27/2011 3:25 PM
Company: Microsoft Corporation
---------Key:
NisSrv
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
208944 bytes
Created: 4/27/2011 3:39 PM

Modified: 4/27/2011 3:39 PM

Company: Microsoft Corporation
---------Key:
nlsX86cc
ImagePath: C:\Windows\system32\NLSSRV32.EXE
C:\Windows\system32\NLSSRV32.EXE
68928 bytes
Created: 9/24/2011 3:03 PM
Modified: 9/24/2011 3:03 PM
Company: Nalpeiron Ltd.
---------Key:
pcw
ImagePath: System32\drivers\pcw.sys
C:\Windows\System32\drivers\pcw.sys
43088 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
pfc
ImagePath: system32\drivers\pfc.sys
C:\Windows\system32\drivers\pfc.sys
10368 bytes
Created: 1/1/2012 1:04 PM
Modified: 1/1/2012 1:04 PM
Company: Padus, Inc.
---------Key:
pnfaiizi
ImagePath: \??\C:\Windows\system32\drivers\pnfaiizi.sys
C:\Windows\system32\drivers\pnfaiizi.sys [file not found to scan]
---------Key:
qagrlmyw
ImagePath: \??\C:\Windows\system32\drivers\qagrlmyw.sys
C:\Windows\system32\drivers\qagrlmyw.sys [file not found to scan]
---------Key:
qrneyrxl
ImagePath: \??\C:\Windows\system32\drivers\qrneyrxl.sys
C:\Windows\system32\drivers\qrneyrxl.sys [file not found to scan]
---------Key:
RasAgileVpn
ImagePath: system32\DRIVERS\AgileVpn.sys
C:\Windows\system32\DRIVERS\AgileVpn.sys
49152 bytes
Created: 7/14/2009 4:55 AM
Modified: 7/14/2009 4:55 AM
Company: Microsoft Corporation
---------Key:
rdpbus
ImagePath: system32\DRIVERS\rdpbus.sys
C:\Windows\system32\DRIVERS\rdpbus.sys
18944 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 5:02 AM
Company: Microsoft Corporation
---------Key:
RDPREFMP
ImagePath: system32\drivers\rdprefmp.sys
C:\Windows\system32\drivers\rdprefmp.sys
7168 bytes
Created: 7/14/2009 5:01 AM

Modified: 7/14/2009 5:01 AM

Company: Microsoft Corporation
---------Key:
rdyboost
ImagePath: System32\drivers\rdyboost.sys
C:\Windows\System32\drivers\rdyboost.sys
173648 bytes
Created: 7/14/2009 4:22 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
s3cap
ImagePath: \SystemRoot\system32\DRIVERS\vms3cap.sys
C:\Windows\system32\DRIVERS\vms3cap.sys
5632 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
scfilter
ImagePath: System32\DRIVERS\scfilter.sys
C:\Windows\System32\DRIVERS\scfilter.sys
26624 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 4:33 AM
Company: Microsoft Corporation
---------Key:
sppsvc
ImagePath: %SystemRoot%\system32\sppsvc.exe
C:\Windows\system32\sppsvc.exe
3179520 bytes
Created: 7/14/2009 5:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------Key:
srijevoz
ImagePath: \??\C:\Windows\system32\drivers\srijevoz.sys
C:\Windows\system32\drivers\srijevoz.sys [file not found to scan]
---------Key:
ssmdrv
ImagePath: system32\DRIVERS\ssmdrv.sys
C:\Windows\system32\DRIVERS\ssmdrv.sys
28520 bytes
Created: 12/31/2011 8:57 AM
Modified: 6/17/2010 3:14 PM
Company: Avira GmbH
---------Key:
stexstor
ImagePath: \SystemRoot\system32\DRIVERS\stexstor.sys
C:\Windows\system32\DRIVERS\stexstor.sys
21072 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:19 AM
Company: Promise Technology
---------Key:
storflt
ImagePath: system32\DRIVERS\vmstorfl.sys
C:\Windows\system32\DRIVERS\vmstorfl.sys
40896 bytes
Created: 7/14/2009 12:47 PM

Modified: 7/14/2009 6:19 AM

Company: Microsoft Corporation
---------Key:
storvsc
ImagePath: \SystemRoot\system32\DRIVERS\storvsc.sys
C:\Windows\system32\DRIVERS\storvsc.sys
28224 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
taphss
ImagePath: system32\DRIVERS\taphss.sys
C:\Windows\system32\DRIVERS\taphss.sys
32768 bytes
Created: 7/26/2011 10:49 PM
Modified: 7/26/2011 10:49 PM
Company: AnchorFree Inc
---------Key:
UmPass
ImagePath: \SystemRoot\system32\DRIVERS\umpass.sys
C:\Windows\system32\DRIVERS\umpass.sys
8192 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbuhci
ImagePath: \SystemRoot\system32\DRIVERS\usbuhci.sys
C:\Windows\system32\DRIVERS\usbuhci.sys
24064 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbvideo
ImagePath: System32\Drivers\usbvideo.sys
C:\Windows\System32\Drivers\usbvideo.sys
146176 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
vdrvroot
ImagePath: system32\DRIVERS\vdrvroot.sys
C:\Windows\system32\DRIVERS\vdrvroot.sys
32832 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vhdmp
ImagePath: \SystemRoot\system32\DRIVERS\vhdmp.sys
C:\Windows\system32\DRIVERS\vhdmp.sys
159824 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vmbus

ImagePath: \SystemRoot\system32\DRIVERS\vmbus.sys
C:\Windows\system32\DRIVERS\vmbus.sys
175824 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
VMBusHID
ImagePath: \SystemRoot\system32\DRIVERS\VMBusHID.sys
C:\Windows\system32\DRIVERS\VMBusHID.sys
17920 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
vwifibus
ImagePath: \SystemRoot\System32\drivers\vwifibus.sys
C:\Windows\System32\drivers\vwifibus.sys
19968 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
WfpLwf
ImagePath: system32\DRIVERS\wfplwf.sys
C:\Windows\system32\DRIVERS\wfplwf.sys
9728 bytes
Created: 7/14/2009 4:53 AM
Modified: 7/14/2009 4:53 AM
Company: Microsoft Corporation
---------Key:
WIMMount
ImagePath: system32\drivers\wimmount.sys
C:\Windows\system32\drivers\wimmount.sys
19008 bytes
Created: 7/14/2009 4:17 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------************************************************************
8:56:52 PM: Scanning -----VXD ENTRIES----************************************************************
8:56:52 PM: Scanning ----- WINLOGON\NOTIFY DLLS ----No WINLOGON\NOTIFY DLLs found to scan
************************************************************
8:56:53 PM: Scanning ----- CONTEXTMENUHANDLERS ----Key: BriefcaseMenu
CLSID: {85BBD920-42A0-1069-A2E4-08002B30309D}
Path: %SystemRoot%\system32\syncui.dll
C:\Windows\system32\syncui.dll
158720 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: DAP_ShredMenu
CLSID: {BED4C38B-F765-45AC-8C56-613F76BBF43E}

Path: C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
55472 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/14/2011 8:58 AM
Company: Speedbit Ltd.
---------Key: EPP
CLSID: {09A47860-11B0-4DA5-AFA5-26D86198A780}
Path: c:\PROGRA~1\MICROS~4\shellext.dll
c:\PROGRA~1\MICROS~4\shellext.dll
301128 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
---------Key: Sharing
CLSID: {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Path: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll
442880 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: Shell Extension for Malware scanning
CLSID: {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
Path: C:\Program Files\Avira\AntiVir Desktop\shlext.dll
C:\Program Files\Avira\AntiVir Desktop\shlext.dll
150480 bytes
Created: 12/31/2011 8:57 AM
Modified: 10/11/2011 3:00 PM
Company: Avira Operations GmbH & Co. KG
---------************************************************************
8:56:56 PM: Scanning ----- FOLDER\COLUMNHANDLERS ----Key: {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A}
File: C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
5972760 bytes
Created: 10/29/2011 4:30 PM
Modified: 1/11/2011 12:18 PM
Company: Tracker Software Products Ltd.
---------************************************************************
8:56:58 PM: Scanning ----- BROWSER HELPER OBJECTS ----Key: {02478D38-C3F9-4EFB-9B51-7695ECA05670}
BHO: C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
439872 bytes
Created: 1/1/2012 1:06 PM
Modified: 6/6/2006 9:28 AM
Company: Yahoo! Inc.
---------Key: {389943B0-C3A2-4E69-82CB-8596A84CB3DC}
BHO: C:\Program Files\SearchPredict\SearchPredict.dll
C:\Program Files\SearchPredict\SearchPredict.dll
498840 bytes

Created: 10/14/2011 8:58 AM

Modified: 6/28/2011 5:41 PM
Company: SpeedBit Ltd.
---------Key: {92A9ACF4-9333-43AE-9698-DB283326F87F}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
2660016 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/15/2011 8:25 PM
Company:
---------Key: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
BHO: C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
3844768 bytes
Created: 11/29/2011 6:22 AM
Modified: 11/29/2011 6:22 AM
Company: Skype Technologies S.A.
---------Key: {D4027C7F-154A-4066-A1AD-4243D8127440}
BHO: C:\Program Files\Ask.com\GenericAskToolbar.dll
C:\Program Files\Ask.com\GenericAskToolbar.dll
1515688 bytes
Created: 11/21/2011 2:18 AM
Modified: 11/21/2011 2:18 AM
Company: Ask
---------Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files\Java\jre6\bin\jp2ssv.dll
C:\Program Files\Java\jre6\bin\jp2ssv.dll
42272 bytes
Created: 10/7/2011 11:23 AM
Modified: 10/7/2011 11:23 AM
Company: Sun Microsystems, Inc.
---------Key: {FF6C3CF0-4B15-11D1-ABED-709549C10000}
BHO: C:\PROGRA~1\DAP\DAPIEL~1.DLL
C:\PROGRA~1\DAP\DAPIEL~1.DLL
141568 bytes
Created: 10/14/2011 11:31 AM
Modified: 10/14/2011 11:31 AM
Company: SpeedBit Ltd.
---------Key: {FF7C3CF0-4B15-11D1-ABED-709549C10000}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
356024 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/15/2011 8:25 PM
Company: SpeedBit
---------************************************************************
8:57:01 PM: Scanning ----- SHELLSERVICEOBJECTS ----************************************************************
8:57:02 PM: Scanning ----- SHAREDTASKSCHEDULER ENTRIES ----No SharedTaskScheduler entries found to scan

************************************************************
8:57:02 PM: Scanning ----- IMAGEFILE DEBUGGERS ----No "Debugger" entries found.
************************************************************
8:57:02 PM: Scanning ----- APPINIT_DLLS ----The following AppInitDLLs entry is hidden/stealthed:
AppInitDLLs entry = [
]
************************************************************
8:57:03 PM: Scanning ----- SECURITY PROVIDER DLLS ----************************************************************
8:57:03 PM: Scanning ------ COMMON STARTUP GROUP -----[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 7/14/2009 9:41 AM
Modified: 7/14/2009 9:41 AM
Company: [no info]
-------------------************************************************************
8:57:04 PM: Scanning ----- USER STARTUP GROUPS ----Checking Startup Group for: PAKISTAN
[C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
]
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
desktop.ini
-HS- 174 bytes
Created: 10/14/2011 8:50 AM
Modified: 10/14/2011 8:50 AM
Company: [no info]
----------------------------************************************************************
8:57:04 PM: Scanning ----- SCHEDULED TASKS ----Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00Core.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/c /nocrashserver
Next Run Time: 12/5/2011 4:53:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00UA.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex

e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/ua /installsource scheduler
Next Run Time: 12/4/2011 10:54:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
GoogleUpdateTaskMachineCore.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
Parameters:
/c
Next Run Time: 12/5/2011 11:48:00 AM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------Taskname:
GoogleUpdateTaskMachineUA.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
Parameters:
/ua /installsource scheduler
Next Run Time: 12/4/2011 9:48:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------************************************************************
8:57:06 PM: Scanning ----- SHELLICONOVERLAYIDENTIFIERS ----Key: EnhancedStorageShell
CLSID: {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}
File: %SystemRoot%\system32\EhStorShell.dll
C:\Windows\system32\EhStorShell.dll
189952 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
---------Key: SharingPrivate

CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235}
File: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll - file already scanned
---------************************************************************
8:57:08 PM: ----- ADDITIONAL CHECKS ----Heuristic checks for hidden files/drivers completed
---------Layered Service Provider entries checks completed
---------Windows Explorer Policies checks completed
---------Desktop Wallpaper: C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\Tr
anscodedWallpaper.jpg
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.j
pg
1149968 bytes
Created: 2/20/2011 3:24 PM
Modified: 12/25/2011 9:05 AM
Company: [no info]
---------Web Desktop Wallpaper entry is blank
---------DNS Server information:
Interface:
NameServers: 119.159.255.36 203.99.163.240
Checks for rogue DNS NameServers completed
------------------Additional checks completed
************************************************************
8:57:09 PM: Scanning ----- RUNNING PROCESSES ----C:\Windows\System32\smss.exe
69632 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe
6144 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\wininit.exe
96256 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe - file already scanned
-------------------C:\Windows\system32\services.exe
259072 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation

-------------------C:\Windows\system32\lsass.exe
22528 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\lsm.exe
261120 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\winlogon.exe
285696 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe
20992 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe - file alread
y scanned
-------------------C:\Windows\system32\Ati2evxx.exe
684032 bytes
Created: 6/3/2008 3:33 AM
Modified: 6/3/2008 3:33 AM
Company: ATI Technologies Inc.
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\Ati2evxx.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\System32\spoolsv.exe
316416 bytes
Created: 7/14/2009 5:18 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\sched.exe - file already scanned
-------------------C:\Windows\system32\Dwm.exe
92672 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 6:14 AM

Company: Microsoft Corporation

-------------------C:\Windows\Explorer.EXE - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Program Files\USB Disk Security\USBGuard.exe - file already scanned
-------------------C:\Program Files\Common Files\Java\Java Update\jusched.exe - file already scanne
d
-------------------C:\Program Files\Microsoft Security Client\msseces.exe - file already scanned
-------------------C:\Program Files\Ask.com\Updater\Updater.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - file already scanned
-------------------C:\Windows\system32\taskhost.exe
49152 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\avguard.exe - file already scanned
-------------------C:\Program Files\IM Magician\vicamon.exe - file already scanned
-------------------C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe - file already
scanned
-------------------C:\Program Files\DAP\DAP.exe - file already scanned
-------------------C:\Windows\system32\NLSSRV32.EXE - file already scanned
-------------------C:\Program Files\Broadband\Broadband.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
80336 bytes
Created: 12/31/2011 8:57 AM
Modified: 10/11/2011 3:00 PM
Company: Avira Operations GmbH & Co. KG
-------------------C:\Windows\system32\conhost.exe
271360 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE - file already scanned
-------------------C:\Windows\system32\SearchIndexer.exe
428032 bytes
Created: 7/14/2009 5:14 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe - file already
scanned

-------------------C:\Windows\system32\wbem\wmiprvse.exe
254976 bytes
Created: 7/14/2009 4:30 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Program Files\Trojan Remover\Rmvtrjan.exe
FileSize:
2933624
[This is a Trojan Remover component]
-------------------C:\Windows\system32\SearchProtocolHost.exe
164352 bytes
Created: 7/14/2009 5:14 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\SearchFilterHost.exe
86528 bytes
Created: 7/14/2009 5:13 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------************************************************************
8:57:22 PM: Checking HOSTS file
No malicious entries were found in the HOSTS file
************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS -----HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://home.allgameshome.com/
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.ask.com/?l=dis&o=APN10023&gct=hp
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 8:57:23 PM 04 Dec 2011
Total Scan time: 00:01:53
************************************************************
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.6.2565. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 11:07:52 PM 15 Nov 2011

Using Database v7291

Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED.
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************
The following Anti-Malware program(s) are loaded:
Avast! Antivirus
Avira AntiVir
************************************************************
************************************************************
11:07:53 PM: ----- SCANNING FOR ROOTKIT SERVICES ----No hidden Services were detected.
************************************************************
11:07:56 PM: Scanning -----WINDOWS REGISTRY-----------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: explorer.exe
C:\Windows\explorer.exe
2613248 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
26112 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
----------------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
-------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: USB Antivirus
Value Data: C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\USB Disk Security\USBGuard.exe
798720 bytes
Created: 10/14/2011 8:59 AM

Modified: 3/27/2008 11:35 AM

Company: http://www.zbshareware.com
-------------------Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
C:\Program Files\QuickTime\QTTask.exe
421888 bytes
Created: 7/5/2011 6:36 PM
Modified: 7/5/2011 6:36 PM
Company: Apple Inc.
-------------------Value Name: SunJavaUpdateSched
Value Data: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
C:\Program Files\Common Files\Java\Java Update\jusched.exe
254696 bytes
Created: 6/9/2011 1:06 PM
Modified: 6/9/2011 1:06 PM
Company: Sun Microsystems, Inc.
-------------------Value Name: MSC
Value Data: "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runk
ey
c:\Program Files\Microsoft Security Client\msseces.exe
997920 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
-------------------Value Name: avgnt
Value Data: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
258512 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------Value Name: Corel Graphics Suite 1117
Value Data: C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /
title="Corel Graphics Suite 11" /date=112611 serial=DR11CRD-0012082-DGW
C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe [file not fou
nd to scan]
-------------------Value Name: avast!
Value Data: "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
81000 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
--------------------------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
-------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: Facebook Update
Value Data: "C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe"
/c /nocrashserver
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes

Created: 10/21/2011 4:48 PM

Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
-------------------Value Name: DownloadAccelerator
Value Data: "C:\Program Files\DAP\DAP.EXE" /STARTUP
C:\Program Files\DAP\DAP.EXE
2975920 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/29/2011 6:30 AM
Company: SpeedBit Ltd.
-------------------Value Name: Sidebar
Value Data: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
C:\Program Files\Windows Sidebar\sidebar.exe
1173504 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Value Name: IDMan
Value Data: C:\Program Files\Internet Download Manager\IDMan.exe /onboot
C:\Program Files\Internet Download Manager\IDMan.exe
3437976 bytes
Created: 11/14/2011 6:39 PM
Modified: 11/14/2011 4:52 PM
Company: Tonec Inc.
-------------------Value Name: Mobile Partner
Value Data: "C:\Program Files\Broadband\Broadband.exe"
C:\Program Files\Broadband\Broadband.exe
536576 bytes
Created: 12/23/2011 6:20 AM
Modified: 12/23/2011 6:20 AM
Company: TODO: <???>
--------------------------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
************************************************************
11:07:59 PM: Scanning -----SHELLEXECUTEHOOKS----ShellExecuteHooks key is empty
************************************************************
11:07:59 PM: Scanning -----HIDDEN REGISTRY ENTRIES----Taskdir check completed
---------No Hidden File-loading Registry Entries found
---------************************************************************
11:08:00 PM: Scanning -----ACTIVE SCREENSAVER----ScreenSaver: C:\Windows\system32\scrnsave.scr
C:\Windows\system32\scrnsave.scr
10240 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
--------------------

************************************************************
11:08:00 PM: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----Key: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}
Path: "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",Bran
dIEActiveSetup SIGNUP
C:\Windows\System32\rundll32.exe
44544 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------************************************************************
11:08:01 PM: Scanning ----- SERVICEDLL REGISTRY KEYS ----Key: AppIDSvc
Path: %SystemRoot%\System32\appidsvc.dll
C:\Windows\System32\appidsvc.dll
27648 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: AxInstSV
Path: %SystemRoot%\System32\AxInstSV.dll
C:\Windows\System32\AxInstSV.dll
88064 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: BDESVC
Path: %SystemRoot%\System32\bdesvc.dll
C:\Windows\System32\bdesvc.dll
76800 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: bthserv
Path: %SystemRoot%\system32\bthserv.dll
C:\Windows\system32\bthserv.dll
64512 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: defragsvc
Path: %Systemroot%\System32\defragsvc.dll
C:\Windows\System32\defragsvc.dll
218624 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: Dhcp
Path: %SystemRoot%\system32\dhcpcore.dll
C:\Windows\system32\dhcpcore.dll
253440 bytes
Created: 7/14/2009 4:12 AM

Modified: 7/14/2009 6:15 AM

Company: Microsoft Corporation
-------------------Key: FontCache
Path: %SystemRoot%\system32\FntCache.dll
C:\Windows\system32\FntCache.dll
797696 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupListener
Path: %SystemRoot%\system32\ListSvc.dll
C:\Windows\system32\ListSvc.dll
194560 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupProvider
Path: %SystemRoot%\system32\provsvc.dll
C:\Windows\system32\provsvc.dll
165376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: p2pimsvc
Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PeerDistSvc
Path: %SystemRoot%\system32\peerdistsvc.dll
C:\Windows\system32\peerdistsvc.dll
1004544 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPAutoReg
Path: %SystemRoot%\system32\pnrpauto.dll
C:\Windows\system32\pnrpauto.dll
20480 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPsvc
Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: Power

Path: %SystemRoot%\system32\umpo.dll
C:\Windows\system32\umpo.dll
119808 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: RpcEptMapper
Path: %SystemRoot%\System32\RpcEpMap.dll
C:\Windows\System32\RpcEpMap.dll
43520 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: SensrSvc
Path: %SystemRoot%\system32\sensrsvc.dll
C:\Windows\system32\sensrsvc.dll
25088 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: sppuinotify
Path: %SystemRoot%\system32\sppuinotify.dll
C:\Windows\system32\sppuinotify.dll
53760 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: Themes
Path: %SystemRoot%\system32\themeservice.dll
C:\Windows\system32\themeservice.dll
37376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WbioSrvc
Path: %SystemRoot%\System32\wbiosrvc.dll
C:\Windows\System32\wbiosrvc.dll
151552 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WwanSvc
Path: %SystemRoot%\System32\wwansvc.dll
C:\Windows\System32\wwansvc.dll
185856 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------************************************************************
11:08:10 PM: Scanning ----- SERVICES REGISTRY KEYS ----Key:
1394ohci
ImagePath: \SystemRoot\system32\DRIVERS\1394ohci.sys

C:\Windows\system32\DRIVERS\1394ohci.sys
163328 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
AcpiPmi
ImagePath: \SystemRoot\system32\DRIVERS\acpipmi.sys
C:\Windows\system32\DRIVERS\acpipmi.sys
9728 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 4:16 AM
Company: Microsoft Corporation
---------Key:
ALCXWDM
ImagePath: system32\drivers\RTKVAC.SYS
C:\Windows\system32\drivers\RTKVAC.SYS
4172832 bytes
Created: 6/18/2009 7:45 PM
Modified: 6/18/2009 7:45 PM
Company: Realtek Semiconductor Corp.
---------Key:
AmdPPM
ImagePath: \SystemRoot\system32\DRIVERS\amdppm.sys
C:\Windows\system32\DRIVERS\amdppm.sys
52736 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
amdsata
ImagePath: \SystemRoot\system32\DRIVERS\amdsata.sys
C:\Windows\system32\DRIVERS\amdsata.sys
79952 bytes
Created: 6/11/2009 2:19 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
amdsbs
ImagePath: \SystemRoot\system32\DRIVERS\amdsbs.sys
C:\Windows\system32\DRIVERS\amdsbs.sys
159312 bytes
Created: 6/11/2009 2:20 AM
Modified: 7/14/2009 6:26 AM
Company: AMD Technologies Inc.
---------Key:
amdxata
ImagePath: system32\DRIVERS\amdxata.sys
C:\Windows\system32\DRIVERS\amdxata.sys
23616 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
AntiVirMailService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avmailc.exe"
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
342480 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM

Company: Avira Operations GmbH & Co. KG

---------Key:
AntiVirSchedulerService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\sched.exe"
C:\Program Files\Avira\AntiVir Desktop\sched.exe
86224 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avguard.exe"
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
110032 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirWebService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
463824 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AppID
ImagePath: \SystemRoot\system32\drivers\appid.sys
C:\Windows\system32\drivers\appid.sys
50176 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 4:36 AM
Company: Microsoft Corporation
---------Key:
aswFsBlk
ImagePath: system32\DRIVERS\aswFsBlk.sys
C:\Windows\system32\DRIVERS\aswFsBlk.sys
20560 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:50 AM
Company: ALWIL Software
---------Key:
aswMonFlt
ImagePath: system32\DRIVERS\aswMonFlt.sys
C:\Windows\system32\DRIVERS\aswMonFlt.sys
53328 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:49 AM
Company: ALWIL Software
---------Key:
aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
18752 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:43 AM
Company: ALWIL Software
---------Key:
avast! Antivirus
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"

C:\Program Files\Alwil Software\Avast4\ashServ.exe

138680 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
---------Key:
avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
254040 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
---------Key:
avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
352920 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:48 AM
Company: ALWIL Software
---------Key:
avgntflt
ImagePath: system32\DRIVERS\avgntflt.sys
C:\Windows\system32\DRIVERS\avgntflt.sys
74640 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
avipbb
ImagePath: system32\DRIVERS\avipbb.sys
C:\Windows\system32\DRIVERS\avipbb.sys
134344 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
avkmgr
ImagePath: system32\DRIVERS\avkmgr.sys
C:\Windows\system32\DRIVERS\avkmgr.sys
36000 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
b06bdrv
ImagePath: \SystemRoot\system32\DRIVERS\bxvbdx.sys
C:\Windows\system32\DRIVERS\bxvbdx.sys
430080 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
b57nd60x
ImagePath: system32\DRIVERS\b57nd60x.sys
C:\Windows\system32\DRIVERS\b57nd60x.sys
229888 bytes
Created: 7/14/2009 3:02 AM
Modified: 7/14/2009 3:02 AM

Company: Broadcom Corporation

---------Key:
blbdrive
ImagePath: system32\DRIVERS\blbdrive.sys
C:\Windows\system32\DRIVERS\blbdrive.sys
35328 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 4:23 AM
Company: Microsoft Corporation
---------Key:
CmBatt
ImagePath: \SystemRoot\system32\DRIVERS\CmBatt.sys
C:\Windows\system32\DRIVERS\CmBatt.sys
14080 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
CNG
ImagePath: System32\Drivers\cng.sys
C:\Windows\System32\Drivers\cng.sys
369568 bytes
Created: 7/14/2009 4:32 AM
Modified: 7/14/2009 6:17 AM
Company: Microsoft Corporation
---------Key:
CompositeBus
ImagePath: system32\DRIVERS\CompositeBus.sys
C:\Windows\system32\DRIVERS\CompositeBus.sys
31232 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
crcdisk
ImagePath: \SystemRoot\system32\DRIVERS\crcdisk.sys
C:\Windows\system32\DRIVERS\crcdisk.sys
22096 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
discache
ImagePath: System32\drivers\discache.sys
C:\Windows\System32\drivers\discache.sys
32256 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 4:24 AM
Company: Microsoft Corporation
---------Key:
ebdrv
ImagePath: \SystemRoot\system32\DRIVERS\evbdx.sys
C:\Windows\system32\DRIVERS\evbdx.sys
3100160 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
flpydisk
ImagePath: \SystemRoot\system32\DRIVERS\flpydisk.sys

C:\Windows\system32\DRIVERS\flpydisk.sys
19968 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
FsDepends
ImagePath: System32\drivers\FsDepends.sys
C:\Windows\System32\drivers\FsDepends.sys
46160 bytes
Created: 7/14/2009 4:15 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
gupdate
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
gupdatem
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
hcw85cir
ImagePath: \SystemRoot\system32\drivers\hcw85cir.sys
C:\Windows\system32\drivers\hcw85cir.sys
26624 bytes
Created: 7/14/2009 3:54 AM
Modified: 7/14/2009 3:54 AM
Company: Hauppauge Computer Works, Inc.
---------Key:
HidBatt
ImagePath: \SystemRoot\system32\DRIVERS\HidBatt.sys
C:\Windows\system32\DRIVERS\HidBatt.sys
21504 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
HpSAMD
ImagePath: \SystemRoot\system32\DRIVERS\HpSAMD.sys
C:\Windows\system32\DRIVERS\HpSAMD.sys
67152 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: Hewlett-Packard Company
---------Key:
hwdatacard
ImagePath: system32\DRIVERS\ewusbmdm.sys
C:\Windows\system32\DRIVERS\ewusbmdm.sys
102912 bytes
Created: 12/23/2011 6:21 AM
Modified: 9/10/2009 3:31 PM

Company: Huawei Technologies Co., Ltd.

---------Key:
hwpolicy
ImagePath: System32\drivers\hwpolicy.sys
C:\Windows\System32\drivers\hwpolicy.sys
13904 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
hwusbdev
ImagePath: system32\DRIVERS\ewusbdev.sys
C:\Windows\system32\DRIVERS\ewusbdev.sys
101120 bytes
Created: 12/23/2011 6:21 AM
Modified: 10/12/2009 3:22 PM
Company: Huawei Technologies Co., Ltd.
---------Key:
IDMWFP
ImagePath: system32\DRIVERS\idmwfp.sys
C:\Windows\system32\DRIVERS\idmwfp.sys
89376 bytes
Created: 11/14/2011 6:39 PM
Modified: 7/6/2011 6:14 PM
Company: Tonec Inc.
---------Key:
intelppm
ImagePath: \SystemRoot\system32\DRIVERS\intelppm.sys
C:\Windows\system32\DRIVERS\intelppm.sys
53760 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
iScsiPrt
ImagePath: \SystemRoot\system32\DRIVERS\msiscsi.sys
C:\Windows\system32\DRIVERS\msiscsi.sys
186960 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
kbdhid
ImagePath: \SystemRoot\system32\DRIVERS\kbdhid.sys
C:\Windows\system32\DRIVERS\kbdhid.sys
28160 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
KSecPkg
ImagePath: System32\Drivers\ksecpkg.sys
C:\Windows\System32\Drivers\ksecpkg.sys
133200 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
LSI_FC
ImagePath: \SystemRoot\system32\DRIVERS\lsi_fc.sys

C:\Windows\system32\DRIVERS\lsi_fc.sys
95824 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas.sys
C:\Windows\system32\DRIVERS\lsi_sas.sys
89168 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS2
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas2.sys
C:\Windows\system32\DRIVERS\lsi_sas2.sys
54864 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SCSI
ImagePath: \SystemRoot\system32\DRIVERS\lsi_scsi.sys
C:\Windows\system32\DRIVERS\lsi_scsi.sys
96848 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
MpFilter
ImagePath: system32\DRIVERS\MpFilter.sys
C:\Windows\system32\DRIVERS\MpFilter.sys
165648 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation
---------Key:
MpKsl0219da24
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl0219da24.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsl0219da24.sys
29904 bytes
Created: 11/15/2011 5:36 PM
Modified: 11/15/2011 5:36 PM
Company: Microsoft Corporation
---------Key:
MpKsl19b7cb5c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{63FC53AE-0C80-4781-A0F2-D285951B5C1C}\MpKsl19b7cb5c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63FC53AE-0C80
-4781-A0F2-D285951B5C1C}\MpKsl19b7cb5c.sys [file not found to scan]
---------Key:
MpKsl292c9fc4
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{C2E8B41D-8A3B-440A-94E5-ADC0E3405A30}\MpKsl292c9fc4.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C2E8B41D-8A3B
-440A-94E5-ADC0E3405A30}\MpKsl292c9fc4.sys [file not found to scan]
----------

Key:
MpKsl2ed2d473
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FEDAB18A-7B52-47C7-8216-D8E2B3F38CB6}\MpKsl2ed2d473.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDAB18A-7B52
-47C7-8216-D8E2B3F38CB6}\MpKsl2ed2d473.sys [file not found to scan]
---------Key:
MpKsl43dec7fa
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKsl43dec7fa.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKsl43dec7fa.sys [file not found to scan]
---------Key:
MpKsl4827cce2
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA200FC3-0ACF-4696-B54F-C617A393F3F2}\MpKsl4827cce2.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA200FC3-0ACF
-4696-B54F-C617A393F3F2}\MpKsl4827cce2.sys [file not found to scan]
---------Key:
MpKsl4af71ab5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{125D1778-DD71-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{125D1778-DD71
-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys [file not found to scan]
---------Key:
MpKsl526b47b7
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl526b47b7.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsl526b47b7.sys
29904 bytes
Created: 11/15/2011 11:00 PM
Modified: 11/15/2011 11:00 PM
Company: Microsoft Corporation
---------Key:
MpKsl5ac8e01c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{EC9E497F-B5E8-44D0-B086-3AF9A4221A07}\MpKsl5ac8e01c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC9E497F-B5E8
-44D0-B086-3AF9A4221A07}\MpKsl5ac8e01c.sys [file not found to scan]
---------Key:
MpKsl611ac31f
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E4A015ED-FE16-4385-96B4-862985D2FFFC}\MpKsl611ac31f.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A015ED-FE16
-4385-96B4-862985D2FFFC}\MpKsl611ac31f.sys [file not found to scan]
---------Key:
MpKsl65972984
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{89274BDA-1166-4961-AA83-49BE6A9B35DC}\MpKsl65972984.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89274BDA-1166
-4961-AA83-49BE6A9B35DC}\MpKsl65972984.sys [file not found to scan]
---------Key:
MpKsl6780b090
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E7D97244-3332-48C5-AEEF-555B63449487}\MpKsl6780b090.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D97244-3332
-48C5-AEEF-555B63449487}\MpKsl6780b090.sys [file not found to scan]
---------Key:
MpKsl6ce2c32c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates

\{F04B1274-39FA-497F-96A1-1113653CD37C}\MpKsl6ce2c32c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F04B1274-39FA
-497F-96A1-1113653CD37C}\MpKsl6ce2c32c.sys [file not found to scan]
---------Key:
MpKsl6d167de1
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKsl6d167de1.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKsl6d167de1.sys [file not found to scan]
---------Key:
MpKsl6ddfbb59
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FB066597-4A54-40D8-8EFE-5AC154F5D4A7}\MpKsl6ddfbb59.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FB066597-4A54
-40D8-8EFE-5AC154F5D4A7}\MpKsl6ddfbb59.sys [file not found to scan]
---------Key:
MpKsl77164ad8
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{AE29A31E-1183-4CB2-9700-B161DDDB0700}\MpKsl77164ad8.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE29A31E-1183
-4CB2-9700-B161DDDB0700}\MpKsl77164ad8.sys [file not found to scan]
---------Key:
MpKsl7a7ef606
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F9F948D5-68FF-4642-8AE8-44F93EDF9F61}\MpKsl7a7ef606.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F9F948D5-68FF
-4642-8AE8-44F93EDF9F61}\MpKsl7a7ef606.sys [file not found to scan]
---------Key:
MpKsl7e18e2f1
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FEDAB18A-7B52-47C7-8216-D8E2B3F38CB6}\MpKsl7e18e2f1.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDAB18A-7B52
-47C7-8216-D8E2B3F38CB6}\MpKsl7e18e2f1.sys [file not found to scan]
---------Key:
MpKsl7ef1c63a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl7ef1c63a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsl7ef1c63a.sys
29904 bytes
Created: 12/21/2011 5:49 AM
Modified: 12/21/2011 5:49 AM
Company: Microsoft Corporation
---------Key:
MpKsl86faea71
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{1801E2FC-6C49-4AB0-B29A-D5513E9AB219}\MpKsl86faea71.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1801E2FC-6C49
-4AB0-B29A-D5513E9AB219}\MpKsl86faea71.sys [file not found to scan]
---------Key:
MpKsl96f50f1a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA200FC3-0ACF-4696-B54F-C617A393F3F2}\MpKsl96f50f1a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA200FC3-0ACF
-4696-B54F-C617A393F3F2}\MpKsl96f50f1a.sys [file not found to scan]
---------Key:
MpKsl9834e373
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKsl9834e373.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB

-4621-AB03-331336B8C789}\MpKsl9834e373.sys [file not found to scan]

---------Key:
MpKsl9b9925f7
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{87A2B06F-AEDB-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87A2B06F-AEDB
-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys [file not found to scan]
---------Key:
MpKsla40f86f2
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{D93F9AEA-0FB3-43DE-BC08-4D52ADDC31C3}\MpKsla40f86f2.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D93F9AEA-0FB3
-43DE-BC08-4D52ADDC31C3}\MpKsla40f86f2.sys [file not found to scan]
---------Key:
MpKsla4270d7e
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{A8F1F9E2-A163-4A96-986C-DBB1BEFCFB45}\MpKsla4270d7e.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A8F1F9E2-A163
-4A96-986C-DBB1BEFCFB45}\MpKsla4270d7e.sys [file not found to scan]
---------Key:
MpKsla90dfa44
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F04B1274-39FA-497F-96A1-1113653CD37C}\MpKsla90dfa44.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F04B1274-39FA
-497F-96A1-1113653CD37C}\MpKsla90dfa44.sys [file not found to scan]
---------Key:
MpKslb3ec5bfc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{89274BDA-1166-4961-AA83-49BE6A9B35DC}\MpKslb3ec5bfc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89274BDA-1166
-4961-AA83-49BE6A9B35DC}\MpKslb3ec5bfc.sys [file not found to scan]
---------Key:
MpKslba40cab8
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKslba40cab8.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKslba40cab8.sys [file not found to scan]
---------Key:
MpKslc726619e
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E7D97244-3332-48C5-AEEF-555B63449487}\MpKslc726619e.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D97244-3332
-48C5-AEEF-555B63449487}\MpKslc726619e.sys [file not found to scan]
---------Key:
MpKslc812cda5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys [file not found to scan]
---------Key:
MpKsld1a9a4bd
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsld1a9a4bd.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsld1a9a4bd.sys [file not found to scan]
---------Key:
MpKsld6bc2ace
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{41075F48-D9B6-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{41075F48-D9B6

-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys [file not found to scan]

---------Key:
MpKsldb078f3b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{18376A16-6A89-4431-9AAE-7757B1860F0B}\MpKsldb078f3b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18376A16-6A89
-4431-9AAE-7757B1860F0B}\MpKsldb078f3b.sys [file not found to scan]
---------Key:
MpKsldd7c505c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsldd7c505c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsldd7c505c.sys
29904 bytes
Created: 11/15/2011 11:24 AM
Modified: 11/15/2011 11:24 AM
Company: Microsoft Corporation
---------Key:
MpKsle40809dc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{BBDC0D42-7802-440D-A612-6A7B59ED49B6}\MpKsle40809dc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BBDC0D42-7802
-440D-A612-6A7B59ED49B6}\MpKsle40809dc.sys [file not found to scan]
---------Key:
MpKsle6b3f7f6
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F82BC6C4-990C-4822-A000-19C5D52A07F5}\MpKsle6b3f7f6.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F82BC6C4-990C
-4822-A000-19C5D52A07F5}\MpKsle6b3f7f6.sys [file not found to scan]
---------Key:
MpKsled7ad05b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4B60937A-DEE2-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B60937A-DEE2
-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys [file not found to scan]
---------Key:
MpKslf8aafc7a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKslf8aafc7a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKslf8aafc7a.sys [file not found to scan]
---------Key:
MpNWMon
ImagePath: system32\DRIVERS\MpNWMon.sys
C:\Windows\system32\DRIVERS\MpNWMon.sys
43392 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation
---------Key:
mshidkmdf
ImagePath: \SystemRoot\System32\drivers\mshidkmdf.sys
C:\Windows\System32\drivers\mshidkmdf.sys
4096 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
MsMpSvc
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

11736 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
MTConfig
ImagePath: \SystemRoot\system32\DRIVERS\MTConfig.sys
C:\Windows\system32\DRIVERS\MTConfig.sys
12288 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 4:46 AM
Company: Microsoft Corporation
---------Key:
NdisCap
ImagePath: system32\DRIVERS\ndiscap.sys
C:\Windows\system32\DRIVERS\ndiscap.sys
27136 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
Nero BackItUp Scheduler 4.0
ImagePath: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
935208 bytes
Created: 7/20/2009 11:51 AM
Modified: 7/20/2009 11:51 AM
Company: Nero AG
---------Key:
NisDrv
ImagePath: system32\DRIVERS\NisDrvWFP.sys
C:\Windows\system32\DRIVERS\NisDrvWFP.sys
65024 bytes
Created: 4/27/2011 3:25 PM
Modified: 4/27/2011 3:25 PM
Company: Microsoft Corporation
---------Key:
NisSrv
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
208944 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
nlsX86cc
ImagePath: C:\Windows\system32\NLSSRV32.EXE
C:\Windows\system32\NLSSRV32.EXE
68928 bytes
Created: 9/24/2011 3:03 PM
Modified: 9/24/2011 3:03 PM
Company: Nalpeiron Ltd.
---------Key:
pcw
ImagePath: System32\drivers\pcw.sys
C:\Windows\System32\drivers\pcw.sys
43088 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:19 AM

Company: Microsoft Corporation

---------Key:
RasAgileVpn
ImagePath: system32\DRIVERS\AgileVpn.sys
C:\Windows\system32\DRIVERS\AgileVpn.sys
49152 bytes
Created: 7/14/2009 4:55 AM
Modified: 7/14/2009 4:55 AM
Company: Microsoft Corporation
---------Key:
rdpbus
ImagePath: system32\DRIVERS\rdpbus.sys
C:\Windows\system32\DRIVERS\rdpbus.sys
18944 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 5:02 AM
Company: Microsoft Corporation
---------Key:
RDPREFMP
ImagePath: system32\drivers\rdprefmp.sys
C:\Windows\system32\drivers\rdprefmp.sys
7168 bytes
Created: 7/14/2009 5:01 AM
Modified: 7/14/2009 5:01 AM
Company: Microsoft Corporation
---------Key:
rdyboost
ImagePath: System32\drivers\rdyboost.sys
C:\Windows\System32\drivers\rdyboost.sys
173648 bytes
Created: 7/14/2009 4:22 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
s3cap
ImagePath: \SystemRoot\system32\DRIVERS\vms3cap.sys
C:\Windows\system32\DRIVERS\vms3cap.sys
5632 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
scfilter
ImagePath: System32\DRIVERS\scfilter.sys
C:\Windows\System32\DRIVERS\scfilter.sys
26624 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 4:33 AM
Company: Microsoft Corporation
---------Key:
sppsvc
ImagePath: %SystemRoot%\system32\sppsvc.exe
C:\Windows\system32\sppsvc.exe
3179520 bytes
Created: 7/14/2009 5:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------Key:
ssmdrv
ImagePath: system32\DRIVERS\ssmdrv.sys

C:\Windows\system32\DRIVERS\ssmdrv.sys
28520 bytes
Created: 11/1/2011 10:59 AM
Modified: 6/17/2010 3:14 PM
Company: Avira GmbH
---------Key:
stexstor
ImagePath: \SystemRoot\system32\DRIVERS\stexstor.sys
C:\Windows\system32\DRIVERS\stexstor.sys
21072 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:19 AM
Company: Promise Technology
---------Key:
storflt
ImagePath: system32\DRIVERS\vmstorfl.sys
C:\Windows\system32\DRIVERS\vmstorfl.sys
40896 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
storvsc
ImagePath: \SystemRoot\system32\DRIVERS\storvsc.sys
C:\Windows\system32\DRIVERS\storvsc.sys
28224 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
taphss
ImagePath: system32\DRIVERS\taphss.sys
C:\Windows\system32\DRIVERS\taphss.sys
32768 bytes
Created: 7/26/2011 10:49 PM
Modified: 7/26/2011 10:49 PM
Company: AnchorFree Inc
---------Key:
UmPass
ImagePath: \SystemRoot\system32\DRIVERS\umpass.sys
C:\Windows\system32\DRIVERS\umpass.sys
8192 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbuhci
ImagePath: \SystemRoot\system32\DRIVERS\usbuhci.sys
C:\Windows\system32\DRIVERS\usbuhci.sys
24064 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbvideo
ImagePath: System32\Drivers\usbvideo.sys
C:\Windows\System32\Drivers\usbvideo.sys
146176 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM

Company: Microsoft Corporation

---------Key:
vdrvroot
ImagePath: system32\DRIVERS\vdrvroot.sys
C:\Windows\system32\DRIVERS\vdrvroot.sys
32832 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vhdmp
ImagePath: \SystemRoot\system32\DRIVERS\vhdmp.sys
C:\Windows\system32\DRIVERS\vhdmp.sys
159824 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vmbus
ImagePath: \SystemRoot\system32\DRIVERS\vmbus.sys
C:\Windows\system32\DRIVERS\vmbus.sys
175824 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
VMBusHID
ImagePath: \SystemRoot\system32\DRIVERS\VMBusHID.sys
C:\Windows\system32\DRIVERS\VMBusHID.sys
17920 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
vwifibus
ImagePath: \SystemRoot\System32\drivers\vwifibus.sys
C:\Windows\System32\drivers\vwifibus.sys
19968 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
WfpLwf
ImagePath: system32\DRIVERS\wfplwf.sys
C:\Windows\system32\DRIVERS\wfplwf.sys
9728 bytes
Created: 7/14/2009 4:53 AM
Modified: 7/14/2009 4:53 AM
Company: Microsoft Corporation
---------Key:
WIMMount
ImagePath: system32\drivers\wimmount.sys
C:\Windows\system32\drivers\wimmount.sys
19008 bytes
Created: 7/14/2009 4:17 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------************************************************************

11:08:39 PM: Scanning -----VXD ENTRIES----************************************************************

11:08:39 PM: Scanning ----- WINLOGON\NOTIFY DLLS ----No WINLOGON\NOTIFY DLLs found to scan
************************************************************
11:08:40 PM: Scanning ----- CONTEXTMENUHANDLERS ----Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
76880 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:47 AM
Company: ALWIL Software
---------Key: BriefcaseMenu
CLSID: {85BBD920-42A0-1069-A2E4-08002B30309D}
Path: %SystemRoot%\system32\syncui.dll
C:\Windows\system32\syncui.dll
158720 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: DAP_ShredMenu
CLSID: {BED4C38B-F765-45AC-8C56-613F76BBF43E}
Path: C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
55472 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/14/2011 8:58 AM
Company: Speedbit Ltd.
---------Key: EPP
CLSID: {09A47860-11B0-4DA5-AFA5-26D86198A780}
Path: c:\PROGRA~1\MICROS~4\shellext.dll
c:\PROGRA~1\MICROS~4\shellext.dll
301128 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
---------Key: Sharing
CLSID: {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Path: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll
442880 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: Shell Extension for Malware scanning
CLSID: {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
Path: C:\Program Files\Avira\AntiVir Desktop\shlext.dll
C:\Program Files\Avira\AntiVir Desktop\shlext.dll
150480 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM

Company: Avira Operations GmbH & Co. KG

---------************************************************************
11:08:42 PM: Scanning ----- FOLDER\COLUMNHANDLERS ----Key: {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A}
File: C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
5972760 bytes
Created: 10/29/2011 4:30 PM
Modified: 1/11/2011 12:18 PM
Company: Tracker Software Products Ltd.
---------************************************************************
11:08:42 PM: Scanning ----- BROWSER HELPER OBJECTS ----Key: {389943B0-C3A2-4E69-82CB-8596A84CB3DC}
BHO: C:\Program Files\SearchPredict\SearchPredict.dll
C:\Program Files\SearchPredict\SearchPredict.dll
498840 bytes
Created: 10/14/2011 8:58 AM
Modified: 6/28/2011 5:41 PM
Company: SpeedBit Ltd.
---------Key: {92A9ACF4-9333-43AE-9698-DB283326F87F}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
2660016 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/15/2011 8:25 PM
Company:
---------Key: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
BHO: C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
3844768 bytes
Created: 11/29/2011 6:22 AM
Modified: 11/29/2011 6:22 AM
Company: Skype Technologies S.A.
---------Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files\Java\jre6\bin\jp2ssv.dll
C:\Program Files\Java\jre6\bin\jp2ssv.dll
42272 bytes
Created: 10/7/2011 11:23 AM
Modified: 10/7/2011 11:23 AM
Company: Sun Microsystems, Inc.
---------Key: {FF6C3CF0-4B15-11D1-ABED-709549C10000}
BHO: C:\PROGRA~1\DAP\DAPIEL~1.DLL
C:\PROGRA~1\DAP\DAPIEL~1.DLL
141568 bytes
Created: 10/14/2011 11:31 AM
Modified: 10/14/2011 11:31 AM
Company: SpeedBit Ltd.
---------Key: {FF7C3CF0-4B15-11D1-ABED-709549C10000}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
356024 bytes

Created: 10/14/2011 8:58 AM

Modified: 10/15/2011 8:25 PM
Company: SpeedBit
---------************************************************************
11:08:44 PM: Scanning ----- SHELLSERVICEOBJECTS ----************************************************************
11:08:44 PM: Scanning ----- SHAREDTASKSCHEDULER ENTRIES ----No SharedTaskScheduler entries found to scan
************************************************************
11:08:44 PM: Scanning ----- IMAGEFILE DEBUGGERS ----No "Debugger" entries found.
************************************************************
11:08:44 PM: Scanning ----- APPINIT_DLLS ----The following AppInitDLLs entry is hidden/stealthed:
AppInitDLLs entry = [
]
************************************************************
11:08:45 PM: Scanning ----- SECURITY PROVIDER DLLS ----************************************************************
11:08:45 PM: Scanning ------ COMMON STARTUP GROUP -----[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 7/14/2009 9:41 AM
Modified: 7/14/2009 9:41 AM
Company: [no info]
-------------------************************************************************
11:08:45 PM: Scanning ----- USER STARTUP GROUPS ----Checking Startup Group for: PAKISTAN
[C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
]
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
desktop.ini
-HS- 174 bytes
Created: 10/14/2011 8:50 AM
Modified: 10/14/2011 8:50 AM
Company: [no info]
----------------------------************************************************************
11:08:46 PM: Scanning ----- SCHEDULED TASKS ----Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00Core.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.

Parameters:
/c /nocrashserver
Next Run Time: 11/16/2011 4:53:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00UA.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/ua /installsource scheduler
Next Run Time: 11/16/2011 1:54:00 AM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
GoogleUpdateTaskMachineCore.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
Parameters:
/c
Next Run Time: 11/16/2011 11:48:00 AM
Status:
The task is currently running
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------Taskname:
GoogleUpdateTaskMachineUA.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
Parameters:
/ua /installsource scheduler
Next Run Time: 11/15/2011 11:48:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
----------

************************************************************
11:08:47 PM: Scanning ----- SHELLICONOVERLAYIDENTIFIERS ----Key: EnhancedStorageShell
CLSID: {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}
File: %SystemRoot%\system32\EhStorShell.dll
C:\Windows\system32\EhStorShell.dll
189952 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
---------Key: IDM Shell Extension
CLSID: {CDC95B92-E27C-4745-A8C5-64A52A78855D}
File: C:\Program Files\Internet Download Manager\IDMShellExt.dll
C:\Program Files\Internet Download Manager\IDMShellExt.dll
21864 bytes
Created: 11/14/2011 6:39 PM
Modified: 5/30/2011 7:50 PM
Company: Tonec Inc.
---------Key: SharingPrivate
CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235}
File: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll - file already scanned
---------************************************************************
11:08:48 PM: ----- ADDITIONAL CHECKS ----Heuristic checks for hidden files/drivers completed
---------Layered Service Provider entries checks completed
---------Windows Explorer Policies checks completed
---------Desktop Wallpaper: C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\Tr
anscodedWallpaper.jpg
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.j
pg
1149968 bytes
Created: 2/20/2011 3:24 PM
Modified: 12/25/2011 9:05 AM
Company: [no info]
---------Web Desktop Wallpaper entry is blank
---------Checks for rogue DNS NameServers completed
------------------Additional checks completed
************************************************************
11:08:49 PM: Scanning ----- RUNNING PROCESSES ----C:\Windows\System32\smss.exe
69632 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe

6144 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\wininit.exe
96256 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe - file already scanned
-------------------C:\Windows\system32\services.exe
259072 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\lsass.exe
22528 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\lsm.exe
261120 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\winlogon.exe
285696 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe
20992 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe - file alread
y scanned
-------------------C:\Windows\system32\Ati2evxx.exe
684032 bytes
Created: 6/3/2008 3:33 AM
Modified: 6/3/2008 3:33 AM
Company: ATI Technologies Inc.
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
--------------------

C:\Windows\system32\svchost.exe - file already scanned

-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe - file already scanned
-------------------C:\Windows\system32\Ati2evxx.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashServ.exe - file already scanned
-------------------C:\Windows\system32\Dwm.exe
92672 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\System32\spoolsv.exe
316416 bytes
Created: 7/14/2009 5:18 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\sched.exe - file already scanned
-------------------C:\Windows\system32\taskhost.exe
49152 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avguard.exe - file already scanned
-------------------C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe - file already
scanned
-------------------C:\Windows\Explorer.EXE - file already scanned
-------------------C:\Windows\system32\NLSSRV32.EXE - file already scanned
-------------------C:\Windows\system32\taskeng.exe
190464 bytes
Created: 7/14/2009 4:30 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Google\Update\GoogleUpdate.exe - file already scanned
-------------------C:\Program Files\Common Files\Java\Java Update\jusched.exe - file already scanne
d
-------------------C:\Program Files\Microsoft Security Client\msseces.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashDisp.exe - file already scanned
-------------------C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe - file alread
y scanned

-------------------C:\Program Files\Windows Sidebar\sidebar.exe - file already scanned

-------------------C:\Program Files\Internet Download Manager\IEMonitor.exe
263600 bytes
Created: 11/14/2011 6:39 PM
Modified: 5/25/2010 5:28 PM
Company: Tonec Inc.
-------------------C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
80336 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------C:\Windows\system32\conhost.exe
271360 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\avmailc.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE - file already scanned
-------------------C:\Windows\system32\SearchIndexer.exe
428032 bytes
Created: 7/14/2009 5:14 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Alwil Software\Avast4\ashWebSv.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe - file already
scanned
-------------------C:\Windows\system32\wbem\wmiprvse.exe
254976 bytes
Created: 7/14/2009 4:30 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Trojan Remover\Rmvtrjan.exe
FileSize:
2933624
[This is a Trojan Remover component]
-------------------C:\Program Files\Mozilla Firefox\firefox.exe
924632 bytes
Created: 11/18/2011 5:16 PM
Modified: 11/21/2011 9:04 AM
Company: Mozilla Corporation
-------------------************************************************************
11:08:55 PM: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS -----HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://home.allgameshome.com/
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.searchqu.com/406
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 11:08:56 PM 15 Nov 2011
Total Scan time: 00:01:03
************************************************************
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.6.2565. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 11:03:01 AM 15 Nov 2011
Using Database v7291
Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED.
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************
The following Anti-Malware program(s) are loaded:
Avast! Antivirus
Avira AntiVir
************************************************************
************************************************************
11:03:02 AM: ----- SCANNING FOR ROOTKIT SERVICES ----No hidden Services were detected.
************************************************************
11:03:03 AM: Scanning -----WINDOWS REGISTRY-----------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------

Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon

This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: explorer.exe
C:\Windows\explorer.exe
2613248 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
26112 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
----------------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
-------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: USB Antivirus
Value Data: C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\USB Disk Security\USBGuard.exe
798720 bytes
Created: 10/14/2011 8:59 AM
Modified: 3/27/2008 11:35 AM
Company: http://www.zbshareware.com
-------------------Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
C:\Program Files\QuickTime\QTTask.exe
421888 bytes
Created: 7/5/2011 6:36 PM
Modified: 7/5/2011 6:36 PM
Company: Apple Inc.
-------------------Value Name: SunJavaUpdateSched
Value Data: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
C:\Program Files\Common Files\Java\Java Update\jusched.exe
254696 bytes
Created: 6/9/2011 1:06 PM
Modified: 6/9/2011 1:06 PM
Company: Sun Microsystems, Inc.
-------------------Value Name: MSC
Value Data: "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runk
ey
c:\Program Files\Microsoft Security Client\msseces.exe
997920 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
-------------------Value Name: avgnt

Value Data: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
258512 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------Value Name: Corel Graphics Suite 1117
Value Data: C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /
title="Corel Graphics Suite 11" /date=112611 serial=DR11CRD-0012082-DGW
C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe [file not fou
nd to scan]
-------------------Value Name: avast!
Value Data: "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
81000 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
--------------------------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
-------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: Facebook Update
Value Data: "C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe"
/c /nocrashserver
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
-------------------Value Name: DownloadAccelerator
Value Data: "C:\Program Files\DAP\DAP.EXE" /STARTUP
C:\Program Files\DAP\DAP.EXE
2975920 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/29/2011 6:30 AM
Company: SpeedBit Ltd.
-------------------Value Name: Sidebar
Value Data: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
C:\Program Files\Windows Sidebar\sidebar.exe
1173504 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Value Name: IDMan
Value Data: C:\Program Files\Internet Download Manager\IDMan.exe /onboot
C:\Program Files\Internet Download Manager\IDMan.exe
3437976 bytes
Created: 11/14/2011 6:39 PM
Modified: 11/14/2011 4:52 PM
Company: Tonec Inc.
-------------------Value Name: Mobile Partner

Value Data: "C:\Program Files\Broadband\Broadband.exe"

C:\Program Files\Broadband\Broadband.exe
536576 bytes
Created: 12/23/2011 6:20 AM
Modified: 12/23/2011 6:20 AM
Company: TODO: <???>
--------------------------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
************************************************************
11:03:07 AM: Scanning -----SHELLEXECUTEHOOKS----ShellExecuteHooks key is empty
************************************************************
11:03:07 AM: Scanning -----HIDDEN REGISTRY ENTRIES----Taskdir check completed
---------No Hidden File-loading Registry Entries found
---------************************************************************
11:03:08 AM: Scanning -----ACTIVE SCREENSAVER----ScreenSaver: C:\Windows\system32\scrnsave.scr
C:\Windows\system32\scrnsave.scr
10240 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------************************************************************
11:03:08 AM: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----Key: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}
Path: "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",Bran
dIEActiveSetup SIGNUP
C:\Windows\System32\rundll32.exe
44544 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------************************************************************
11:03:09 AM: Scanning ----- SERVICEDLL REGISTRY KEYS ----Key: AppIDSvc
Path: %SystemRoot%\System32\appidsvc.dll
C:\Windows\System32\appidsvc.dll
27648 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: AxInstSV
Path: %SystemRoot%\System32\AxInstSV.dll
C:\Windows\System32\AxInstSV.dll
88064 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 6:14 AM

Company: Microsoft Corporation

-------------------Key: BDESVC
Path: %SystemRoot%\System32\bdesvc.dll
C:\Windows\System32\bdesvc.dll
76800 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: bthserv
Path: %SystemRoot%\system32\bthserv.dll
C:\Windows\system32\bthserv.dll
64512 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: defragsvc
Path: %Systemroot%\System32\defragsvc.dll
C:\Windows\System32\defragsvc.dll
218624 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: Dhcp
Path: %SystemRoot%\system32\dhcpcore.dll
C:\Windows\system32\dhcpcore.dll
253440 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: FontCache
Path: %SystemRoot%\system32\FntCache.dll
C:\Windows\system32\FntCache.dll
797696 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupListener
Path: %SystemRoot%\system32\ListSvc.dll
C:\Windows\system32\ListSvc.dll
194560 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupProvider
Path: %SystemRoot%\system32\provsvc.dll
C:\Windows\system32\provsvc.dll
165376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: p2pimsvc
Path: %SystemRoot%\system32\pnrpsvc.dll

C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PeerDistSvc
Path: %SystemRoot%\system32\peerdistsvc.dll
C:\Windows\system32\peerdistsvc.dll
1004544 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPAutoReg
Path: %SystemRoot%\system32\pnrpauto.dll
C:\Windows\system32\pnrpauto.dll
20480 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPsvc
Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: Power
Path: %SystemRoot%\system32\umpo.dll
C:\Windows\system32\umpo.dll
119808 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: RpcEptMapper
Path: %SystemRoot%\System32\RpcEpMap.dll
C:\Windows\System32\RpcEpMap.dll
43520 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: SensrSvc
Path: %SystemRoot%\system32\sensrsvc.dll
C:\Windows\system32\sensrsvc.dll
25088 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: sppuinotify
Path: %SystemRoot%\system32\sppuinotify.dll
C:\Windows\system32\sppuinotify.dll
53760 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:16 AM

Company: Microsoft Corporation

-------------------Key: Themes
Path: %SystemRoot%\system32\themeservice.dll
C:\Windows\system32\themeservice.dll
37376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WbioSrvc
Path: %SystemRoot%\System32\wbiosrvc.dll
C:\Windows\System32\wbiosrvc.dll
151552 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WwanSvc
Path: %SystemRoot%\System32\wwansvc.dll
C:\Windows\System32\wwansvc.dll
185856 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------************************************************************
11:03:18 AM: Scanning ----- SERVICES REGISTRY KEYS ----Key:
1394ohci
ImagePath: \SystemRoot\system32\DRIVERS\1394ohci.sys
C:\Windows\system32\DRIVERS\1394ohci.sys
163328 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
AcpiPmi
ImagePath: \SystemRoot\system32\DRIVERS\acpipmi.sys
C:\Windows\system32\DRIVERS\acpipmi.sys
9728 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 4:16 AM
Company: Microsoft Corporation
---------Key:
ALCXWDM
ImagePath: system32\drivers\RTKVAC.SYS
C:\Windows\system32\drivers\RTKVAC.SYS
4172832 bytes
Created: 6/18/2009 7:45 PM
Modified: 6/18/2009 7:45 PM
Company: Realtek Semiconductor Corp.
---------Key:
AmdPPM
ImagePath: \SystemRoot\system32\DRIVERS\amdppm.sys
C:\Windows\system32\DRIVERS\amdppm.sys
52736 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation

---------Key:
amdsata
ImagePath: \SystemRoot\system32\DRIVERS\amdsata.sys
C:\Windows\system32\DRIVERS\amdsata.sys
79952 bytes
Created: 6/11/2009 2:19 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
amdsbs
ImagePath: \SystemRoot\system32\DRIVERS\amdsbs.sys
C:\Windows\system32\DRIVERS\amdsbs.sys
159312 bytes
Created: 6/11/2009 2:20 AM
Modified: 7/14/2009 6:26 AM
Company: AMD Technologies Inc.
---------Key:
amdxata
ImagePath: system32\DRIVERS\amdxata.sys
C:\Windows\system32\DRIVERS\amdxata.sys
23616 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
AntiVirMailService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avmailc.exe"
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
342480 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirSchedulerService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\sched.exe"
C:\Program Files\Avira\AntiVir Desktop\sched.exe
86224 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avguard.exe"
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
110032 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirWebService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
463824 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AppID
ImagePath: \SystemRoot\system32\drivers\appid.sys
C:\Windows\system32\drivers\appid.sys

50176 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 4:36 AM
Company: Microsoft Corporation
---------Key:
aswFsBlk
ImagePath: system32\DRIVERS\aswFsBlk.sys
C:\Windows\system32\DRIVERS\aswFsBlk.sys
20560 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:50 AM
Company: ALWIL Software
---------Key:
aswMonFlt
ImagePath: system32\DRIVERS\aswMonFlt.sys
C:\Windows\system32\DRIVERS\aswMonFlt.sys
53328 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:49 AM
Company: ALWIL Software
---------Key:
aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
18752 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:43 AM
Company: ALWIL Software
---------Key:
avast! Antivirus
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Program Files\Alwil Software\Avast4\ashServ.exe
138680 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
---------Key:
avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
254040 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
---------Key:
avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
352920 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:48 AM
Company: ALWIL Software
---------Key:
avgntflt
ImagePath: system32\DRIVERS\avgntflt.sys
C:\Windows\system32\DRIVERS\avgntflt.sys
74640 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH

---------Key:
avipbb
ImagePath: system32\DRIVERS\avipbb.sys
C:\Windows\system32\DRIVERS\avipbb.sys
134344 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
avkmgr
ImagePath: system32\DRIVERS\avkmgr.sys
C:\Windows\system32\DRIVERS\avkmgr.sys
36000 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
b06bdrv
ImagePath: \SystemRoot\system32\DRIVERS\bxvbdx.sys
C:\Windows\system32\DRIVERS\bxvbdx.sys
430080 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
b57nd60x
ImagePath: system32\DRIVERS\b57nd60x.sys
C:\Windows\system32\DRIVERS\b57nd60x.sys
229888 bytes
Created: 7/14/2009 3:02 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
blbdrive
ImagePath: system32\DRIVERS\blbdrive.sys
C:\Windows\system32\DRIVERS\blbdrive.sys
35328 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 4:23 AM
Company: Microsoft Corporation
---------Key:
CmBatt
ImagePath: \SystemRoot\system32\DRIVERS\CmBatt.sys
C:\Windows\system32\DRIVERS\CmBatt.sys
14080 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
CNG
ImagePath: System32\Drivers\cng.sys
C:\Windows\System32\Drivers\cng.sys
369568 bytes
Created: 7/14/2009 4:32 AM
Modified: 7/14/2009 6:17 AM
Company: Microsoft Corporation
---------Key:
CompositeBus
ImagePath: system32\DRIVERS\CompositeBus.sys
C:\Windows\system32\DRIVERS\CompositeBus.sys

31232 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
crcdisk
ImagePath: \SystemRoot\system32\DRIVERS\crcdisk.sys
C:\Windows\system32\DRIVERS\crcdisk.sys
22096 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
discache
ImagePath: System32\drivers\discache.sys
C:\Windows\System32\drivers\discache.sys
32256 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 4:24 AM
Company: Microsoft Corporation
---------Key:
ebdrv
ImagePath: \SystemRoot\system32\DRIVERS\evbdx.sys
C:\Windows\system32\DRIVERS\evbdx.sys
3100160 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
flpydisk
ImagePath: \SystemRoot\system32\DRIVERS\flpydisk.sys
C:\Windows\system32\DRIVERS\flpydisk.sys
19968 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
FsDepends
ImagePath: System32\drivers\FsDepends.sys
C:\Windows\System32\drivers\FsDepends.sys
46160 bytes
Created: 7/14/2009 4:15 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
gupdate
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
gupdatem
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.

---------Key:
hcw85cir
ImagePath: \SystemRoot\system32\drivers\hcw85cir.sys
C:\Windows\system32\drivers\hcw85cir.sys
26624 bytes
Created: 7/14/2009 3:54 AM
Modified: 7/14/2009 3:54 AM
Company: Hauppauge Computer Works, Inc.
---------Key:
HidBatt
ImagePath: \SystemRoot\system32\DRIVERS\HidBatt.sys
C:\Windows\system32\DRIVERS\HidBatt.sys
21504 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
HpSAMD
ImagePath: \SystemRoot\system32\DRIVERS\HpSAMD.sys
C:\Windows\system32\DRIVERS\HpSAMD.sys
67152 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: Hewlett-Packard Company
---------Key:
hwdatacard
ImagePath: system32\DRIVERS\ewusbmdm.sys
C:\Windows\system32\DRIVERS\ewusbmdm.sys
102912 bytes
Created: 12/23/2011 6:21 AM
Modified: 9/10/2009 3:31 PM
Company: Huawei Technologies Co., Ltd.
---------Key:
hwpolicy
ImagePath: System32\drivers\hwpolicy.sys
C:\Windows\System32\drivers\hwpolicy.sys
13904 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
hwusbdev
ImagePath: system32\DRIVERS\ewusbdev.sys
C:\Windows\system32\DRIVERS\ewusbdev.sys
101120 bytes
Created: 12/23/2011 6:21 AM
Modified: 10/12/2009 3:22 PM
Company: Huawei Technologies Co., Ltd.
---------Key:
IDMWFP
ImagePath: system32\DRIVERS\idmwfp.sys
C:\Windows\system32\DRIVERS\idmwfp.sys
89376 bytes
Created: 11/14/2011 6:39 PM
Modified: 7/6/2011 6:14 PM
Company: Tonec Inc.
---------Key:
intelppm
ImagePath: \SystemRoot\system32\DRIVERS\intelppm.sys
C:\Windows\system32\DRIVERS\intelppm.sys

53760 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
iScsiPrt
ImagePath: \SystemRoot\system32\DRIVERS\msiscsi.sys
C:\Windows\system32\DRIVERS\msiscsi.sys
186960 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
kbdhid
ImagePath: \SystemRoot\system32\DRIVERS\kbdhid.sys
C:\Windows\system32\DRIVERS\kbdhid.sys
28160 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
KSecPkg
ImagePath: System32\Drivers\ksecpkg.sys
C:\Windows\System32\Drivers\ksecpkg.sys
133200 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
LSI_FC
ImagePath: \SystemRoot\system32\DRIVERS\lsi_fc.sys
C:\Windows\system32\DRIVERS\lsi_fc.sys
95824 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas.sys
C:\Windows\system32\DRIVERS\lsi_sas.sys
89168 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS2
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas2.sys
C:\Windows\system32\DRIVERS\lsi_sas2.sys
54864 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SCSI
ImagePath: \SystemRoot\system32\DRIVERS\lsi_scsi.sys
C:\Windows\system32\DRIVERS\lsi_scsi.sys
96848 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation

---------Key:
MpFilter
ImagePath: system32\DRIVERS\MpFilter.sys
C:\Windows\system32\DRIVERS\MpFilter.sys
165648 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation
---------Key:
MpKsl182320cc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl182320cc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsl182320cc.sys
29904 bytes
Created: 11/15/2011 9:48 AM
Modified: 11/15/2011 9:48 AM
Company: Microsoft Corporation
---------Key:
MpKsl19b7cb5c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{63FC53AE-0C80-4781-A0F2-D285951B5C1C}\MpKsl19b7cb5c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63FC53AE-0C80
-4781-A0F2-D285951B5C1C}\MpKsl19b7cb5c.sys [file not found to scan]
---------Key:
MpKsl292c9fc4
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{C2E8B41D-8A3B-440A-94E5-ADC0E3405A30}\MpKsl292c9fc4.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C2E8B41D-8A3B
-440A-94E5-ADC0E3405A30}\MpKsl292c9fc4.sys [file not found to scan]
---------Key:
MpKsl2ed2d473
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FEDAB18A-7B52-47C7-8216-D8E2B3F38CB6}\MpKsl2ed2d473.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDAB18A-7B52
-47C7-8216-D8E2B3F38CB6}\MpKsl2ed2d473.sys [file not found to scan]
---------Key:
MpKsl43dec7fa
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKsl43dec7fa.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKsl43dec7fa.sys [file not found to scan]
---------Key:
MpKsl4827cce2
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA200FC3-0ACF-4696-B54F-C617A393F3F2}\MpKsl4827cce2.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA200FC3-0ACF
-4696-B54F-C617A393F3F2}\MpKsl4827cce2.sys [file not found to scan]
---------Key:
MpKsl4af71ab5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{125D1778-DD71-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{125D1778-DD71
-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys [file not found to scan]
---------Key:
MpKsl5ac8e01c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{EC9E497F-B5E8-44D0-B086-3AF9A4221A07}\MpKsl5ac8e01c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC9E497F-B5E8
-44D0-B086-3AF9A4221A07}\MpKsl5ac8e01c.sys [file not found to scan]

---------Key:
MpKsl611ac31f
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E4A015ED-FE16-4385-96B4-862985D2FFFC}\MpKsl611ac31f.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A015ED-FE16
-4385-96B4-862985D2FFFC}\MpKsl611ac31f.sys [file not found to scan]
---------Key:
MpKsl65972984
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{89274BDA-1166-4961-AA83-49BE6A9B35DC}\MpKsl65972984.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89274BDA-1166
-4961-AA83-49BE6A9B35DC}\MpKsl65972984.sys [file not found to scan]
---------Key:
MpKsl6780b090
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E7D97244-3332-48C5-AEEF-555B63449487}\MpKsl6780b090.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D97244-3332
-48C5-AEEF-555B63449487}\MpKsl6780b090.sys [file not found to scan]
---------Key:
MpKsl6ce2c32c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F04B1274-39FA-497F-96A1-1113653CD37C}\MpKsl6ce2c32c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F04B1274-39FA
-497F-96A1-1113653CD37C}\MpKsl6ce2c32c.sys [file not found to scan]
---------Key:
MpKsl6d167de1
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKsl6d167de1.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKsl6d167de1.sys [file not found to scan]
---------Key:
MpKsl6ddfbb59
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FB066597-4A54-40D8-8EFE-5AC154F5D4A7}\MpKsl6ddfbb59.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FB066597-4A54
-40D8-8EFE-5AC154F5D4A7}\MpKsl6ddfbb59.sys [file not found to scan]
---------Key:
MpKsl77164ad8
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{AE29A31E-1183-4CB2-9700-B161DDDB0700}\MpKsl77164ad8.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE29A31E-1183
-4CB2-9700-B161DDDB0700}\MpKsl77164ad8.sys [file not found to scan]
---------Key:
MpKsl7a7ef606
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F9F948D5-68FF-4642-8AE8-44F93EDF9F61}\MpKsl7a7ef606.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F9F948D5-68FF
-4642-8AE8-44F93EDF9F61}\MpKsl7a7ef606.sys [file not found to scan]
---------Key:
MpKsl7e18e2f1
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FEDAB18A-7B52-47C7-8216-D8E2B3F38CB6}\MpKsl7e18e2f1.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDAB18A-7B52
-47C7-8216-D8E2B3F38CB6}\MpKsl7e18e2f1.sys [file not found to scan]
---------Key:
MpKsl7ef1c63a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl7ef1c63a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsl7ef1c63a.sys

29904 bytes
Created: 12/21/2011 5:49 AM
Modified: 12/21/2011 5:49 AM
Company: Microsoft Corporation
---------Key:
MpKsl86faea71
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{1801E2FC-6C49-4AB0-B29A-D5513E9AB219}\MpKsl86faea71.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1801E2FC-6C49
-4AB0-B29A-D5513E9AB219}\MpKsl86faea71.sys [file not found to scan]
---------Key:
MpKsl96f50f1a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA200FC3-0ACF-4696-B54F-C617A393F3F2}\MpKsl96f50f1a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA200FC3-0ACF
-4696-B54F-C617A393F3F2}\MpKsl96f50f1a.sys [file not found to scan]
---------Key:
MpKsl9834e373
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKsl9834e373.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKsl9834e373.sys [file not found to scan]
---------Key:
MpKsl9b9925f7
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{87A2B06F-AEDB-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87A2B06F-AEDB
-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys [file not found to scan]
---------Key:
MpKsla40f86f2
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{D93F9AEA-0FB3-43DE-BC08-4D52ADDC31C3}\MpKsla40f86f2.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D93F9AEA-0FB3
-43DE-BC08-4D52ADDC31C3}\MpKsla40f86f2.sys [file not found to scan]
---------Key:
MpKsla4270d7e
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{A8F1F9E2-A163-4A96-986C-DBB1BEFCFB45}\MpKsla4270d7e.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A8F1F9E2-A163
-4A96-986C-DBB1BEFCFB45}\MpKsla4270d7e.sys [file not found to scan]
---------Key:
MpKsla90dfa44
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F04B1274-39FA-497F-96A1-1113653CD37C}\MpKsla90dfa44.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F04B1274-39FA
-497F-96A1-1113653CD37C}\MpKsla90dfa44.sys [file not found to scan]
---------Key:
MpKslb3ec5bfc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{89274BDA-1166-4961-AA83-49BE6A9B35DC}\MpKslb3ec5bfc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89274BDA-1166
-4961-AA83-49BE6A9B35DC}\MpKslb3ec5bfc.sys [file not found to scan]
---------Key:
MpKslba40cab8
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKslba40cab8.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKslba40cab8.sys [file not found to scan]
---------Key:
MpKslc726619e

ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates

\{E7D97244-3332-48C5-AEEF-555B63449487}\MpKslc726619e.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D97244-3332
-48C5-AEEF-555B63449487}\MpKslc726619e.sys [file not found to scan]
---------Key:
MpKslc812cda5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys [file not found to scan]
---------Key:
MpKsld1a9a4bd
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsld1a9a4bd.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsld1a9a4bd.sys [file not found to scan]
---------Key:
MpKsld6bc2ace
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{41075F48-D9B6-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{41075F48-D9B6
-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys [file not found to scan]
---------Key:
MpKsldb078f3b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{18376A16-6A89-4431-9AAE-7757B1860F0B}\MpKsldb078f3b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18376A16-6A89
-4431-9AAE-7757B1860F0B}\MpKsldb078f3b.sys [file not found to scan]
---------Key:
MpKsle40809dc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{BBDC0D42-7802-440D-A612-6A7B59ED49B6}\MpKsle40809dc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BBDC0D42-7802
-440D-A612-6A7B59ED49B6}\MpKsle40809dc.sys [file not found to scan]
---------Key:
MpKsle6b3f7f6
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F82BC6C4-990C-4822-A000-19C5D52A07F5}\MpKsle6b3f7f6.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F82BC6C4-990C
-4822-A000-19C5D52A07F5}\MpKsle6b3f7f6.sys [file not found to scan]
---------Key:
MpKsled7ad05b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4B60937A-DEE2-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B60937A-DEE2
-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys [file not found to scan]
---------Key:
MpKslf8aafc7a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKslf8aafc7a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKslf8aafc7a.sys [file not found to scan]
---------Key:
MpNWMon
ImagePath: system32\DRIVERS\MpNWMon.sys
C:\Windows\system32\DRIVERS\MpNWMon.sys
43392 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation

---------Key:
mshidkmdf
ImagePath: \SystemRoot\System32\drivers\mshidkmdf.sys
C:\Windows\System32\drivers\mshidkmdf.sys
4096 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
MsMpSvc
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
11736 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
MTConfig
ImagePath: \SystemRoot\system32\DRIVERS\MTConfig.sys
C:\Windows\system32\DRIVERS\MTConfig.sys
12288 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 4:46 AM
Company: Microsoft Corporation
---------Key:
NdisCap
ImagePath: system32\DRIVERS\ndiscap.sys
C:\Windows\system32\DRIVERS\ndiscap.sys
27136 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
Nero BackItUp Scheduler 4.0
ImagePath: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
935208 bytes
Created: 7/20/2009 11:51 AM
Modified: 7/20/2009 11:51 AM
Company: Nero AG
---------Key:
NisDrv
ImagePath: system32\DRIVERS\NisDrvWFP.sys
C:\Windows\system32\DRIVERS\NisDrvWFP.sys
65024 bytes
Created: 4/27/2011 3:25 PM
Modified: 4/27/2011 3:25 PM
Company: Microsoft Corporation
---------Key:
NisSrv
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
208944 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
nlsX86cc
ImagePath: C:\Windows\system32\NLSSRV32.EXE
C:\Windows\system32\NLSSRV32.EXE

68928 bytes
Created: 9/24/2011 3:03 PM
Modified: 9/24/2011 3:03 PM
Company: Nalpeiron Ltd.
---------Key:
pcw
ImagePath: System32\drivers\pcw.sys
C:\Windows\System32\drivers\pcw.sys
43088 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
RasAgileVpn
ImagePath: system32\DRIVERS\AgileVpn.sys
C:\Windows\system32\DRIVERS\AgileVpn.sys
49152 bytes
Created: 7/14/2009 4:55 AM
Modified: 7/14/2009 4:55 AM
Company: Microsoft Corporation
---------Key:
rdpbus
ImagePath: system32\DRIVERS\rdpbus.sys
C:\Windows\system32\DRIVERS\rdpbus.sys
18944 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 5:02 AM
Company: Microsoft Corporation
---------Key:
RDPREFMP
ImagePath: system32\drivers\rdprefmp.sys
C:\Windows\system32\drivers\rdprefmp.sys
7168 bytes
Created: 7/14/2009 5:01 AM
Modified: 7/14/2009 5:01 AM
Company: Microsoft Corporation
---------Key:
rdyboost
ImagePath: System32\drivers\rdyboost.sys
C:\Windows\System32\drivers\rdyboost.sys
173648 bytes
Created: 7/14/2009 4:22 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
s3cap
ImagePath: \SystemRoot\system32\DRIVERS\vms3cap.sys
C:\Windows\system32\DRIVERS\vms3cap.sys
5632 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
scfilter
ImagePath: System32\DRIVERS\scfilter.sys
C:\Windows\System32\DRIVERS\scfilter.sys
26624 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 4:33 AM
Company: Microsoft Corporation

---------Key:
sppsvc
ImagePath: %SystemRoot%\system32\sppsvc.exe
C:\Windows\system32\sppsvc.exe
3179520 bytes
Created: 7/14/2009 5:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------Key:
ssmdrv
ImagePath: system32\DRIVERS\ssmdrv.sys
C:\Windows\system32\DRIVERS\ssmdrv.sys
28520 bytes
Created: 11/1/2011 10:59 AM
Modified: 6/17/2010 3:14 PM
Company: Avira GmbH
---------Key:
stexstor
ImagePath: \SystemRoot\system32\DRIVERS\stexstor.sys
C:\Windows\system32\DRIVERS\stexstor.sys
21072 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:19 AM
Company: Promise Technology
---------Key:
storflt
ImagePath: system32\DRIVERS\vmstorfl.sys
C:\Windows\system32\DRIVERS\vmstorfl.sys
40896 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
storvsc
ImagePath: \SystemRoot\system32\DRIVERS\storvsc.sys
C:\Windows\system32\DRIVERS\storvsc.sys
28224 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
taphss
ImagePath: system32\DRIVERS\taphss.sys
C:\Windows\system32\DRIVERS\taphss.sys
32768 bytes
Created: 7/26/2011 10:49 PM
Modified: 7/26/2011 10:49 PM
Company: AnchorFree Inc
---------Key:
UmPass
ImagePath: \SystemRoot\system32\DRIVERS\umpass.sys
C:\Windows\system32\DRIVERS\umpass.sys
8192 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbuhci
ImagePath: \SystemRoot\system32\DRIVERS\usbuhci.sys
C:\Windows\system32\DRIVERS\usbuhci.sys

24064 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbvideo
ImagePath: System32\Drivers\usbvideo.sys
C:\Windows\System32\Drivers\usbvideo.sys
146176 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
vdrvroot
ImagePath: system32\DRIVERS\vdrvroot.sys
C:\Windows\system32\DRIVERS\vdrvroot.sys
32832 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vhdmp
ImagePath: \SystemRoot\system32\DRIVERS\vhdmp.sys
C:\Windows\system32\DRIVERS\vhdmp.sys
159824 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vmbus
ImagePath: \SystemRoot\system32\DRIVERS\vmbus.sys
C:\Windows\system32\DRIVERS\vmbus.sys
175824 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
VMBusHID
ImagePath: \SystemRoot\system32\DRIVERS\VMBusHID.sys
C:\Windows\system32\DRIVERS\VMBusHID.sys
17920 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
vwifibus
ImagePath: \SystemRoot\System32\drivers\vwifibus.sys
C:\Windows\System32\drivers\vwifibus.sys
19968 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
WfpLwf
ImagePath: system32\DRIVERS\wfplwf.sys
C:\Windows\system32\DRIVERS\wfplwf.sys
9728 bytes
Created: 7/14/2009 4:53 AM
Modified: 7/14/2009 4:53 AM
Company: Microsoft Corporation

---------Key:
WIMMount
ImagePath: system32\drivers\wimmount.sys
C:\Windows\system32\drivers\wimmount.sys
19008 bytes
Created: 7/14/2009 4:17 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------************************************************************
11:03:46 AM: Scanning -----VXD ENTRIES----************************************************************
11:03:46 AM: Scanning ----- WINLOGON\NOTIFY DLLS ----No WINLOGON\NOTIFY DLLs found to scan
************************************************************
11:03:46 AM: Scanning ----- CONTEXTMENUHANDLERS ----Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
76880 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:47 AM
Company: ALWIL Software
---------Key: BriefcaseMenu
CLSID: {85BBD920-42A0-1069-A2E4-08002B30309D}
Path: %SystemRoot%\system32\syncui.dll
C:\Windows\system32\syncui.dll
158720 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: DAP_ShredMenu
CLSID: {BED4C38B-F765-45AC-8C56-613F76BBF43E}
Path: C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
55472 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/14/2011 8:58 AM
Company: Speedbit Ltd.
---------Key: EPP
CLSID: {09A47860-11B0-4DA5-AFA5-26D86198A780}
Path: c:\PROGRA~1\MICROS~4\shellext.dll
c:\PROGRA~1\MICROS~4\shellext.dll
301128 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
---------Key: Sharing
CLSID: {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Path: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll
442880 bytes

Created: 7/14/2009 4:41 AM

Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: Shell Extension for Malware scanning
CLSID: {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
Path: C:\Program Files\Avira\AntiVir Desktop\shlext.dll
C:\Program Files\Avira\AntiVir Desktop\shlext.dll
150480 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------************************************************************
11:03:48 AM: Scanning ----- FOLDER\COLUMNHANDLERS ----Key: {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A}
File: C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
5972760 bytes
Created: 10/29/2011 4:30 PM
Modified: 1/11/2011 12:18 PM
Company: Tracker Software Products Ltd.
---------************************************************************
11:03:48 AM: Scanning ----- BROWSER HELPER OBJECTS ----Key: {389943B0-C3A2-4E69-82CB-8596A84CB3DC}
BHO: C:\Program Files\SearchPredict\SearchPredict.dll
C:\Program Files\SearchPredict\SearchPredict.dll
498840 bytes
Created: 10/14/2011 8:58 AM
Modified: 6/28/2011 5:41 PM
Company: SpeedBit Ltd.
---------Key: {92A9ACF4-9333-43AE-9698-DB283326F87F}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
2660016 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/15/2011 8:25 PM
Company:
---------Key: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
BHO: C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
3844768 bytes
Created: 11/29/2011 6:22 AM
Modified: 11/29/2011 6:22 AM
Company: Skype Technologies S.A.
---------Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files\Java\jre6\bin\jp2ssv.dll
C:\Program Files\Java\jre6\bin\jp2ssv.dll
42272 bytes
Created: 10/7/2011 11:23 AM
Modified: 10/7/2011 11:23 AM
Company: Sun Microsystems, Inc.
---------Key: {FF6C3CF0-4B15-11D1-ABED-709549C10000}

BHO: C:\PROGRA~1\DAP\DAPIEL~1.DLL
C:\PROGRA~1\DAP\DAPIEL~1.DLL
141568 bytes
Created: 10/14/2011 11:31 AM
Modified: 10/14/2011 11:31 AM
Company: SpeedBit Ltd.
---------Key: {FF7C3CF0-4B15-11D1-ABED-709549C10000}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
356024 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/15/2011 8:25 PM
Company: SpeedBit
---------************************************************************
11:03:50 AM: Scanning ----- SHELLSERVICEOBJECTS ----************************************************************
11:03:50 AM: Scanning ----- SHAREDTASKSCHEDULER ENTRIES ----No SharedTaskScheduler entries found to scan
************************************************************
11:03:50 AM: Scanning ----- IMAGEFILE DEBUGGERS ----No "Debugger" entries found.
************************************************************
11:03:50 AM: Scanning ----- APPINIT_DLLS ----The following AppInitDLLs entry is hidden/stealthed:
AppInitDLLs entry = [
]
************************************************************
11:03:51 AM: Scanning ----- SECURITY PROVIDER DLLS ----************************************************************
11:03:51 AM: Scanning ------ COMMON STARTUP GROUP -----[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 7/14/2009 9:41 AM
Modified: 7/14/2009 9:41 AM
Company: [no info]
-------------------************************************************************
11:03:51 AM: Scanning ----- USER STARTUP GROUPS ----Checking Startup Group for: PAKISTAN
[C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
]
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
desktop.ini
-HS- 174 bytes
Created: 10/14/2011 8:50 AM
Modified: 10/14/2011 8:50 AM
Company: [no info]
-----------------------------

************************************************************
11:03:52 AM: Scanning ----- SCHEDULED TASKS ----Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00Core.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/c /nocrashserver
Next Run Time: 11/15/2011 4:53:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00UA.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/ua /installsource scheduler
Next Run Time: 11/15/2011 1:54:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
GoogleUpdateTaskMachineCore.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
Parameters:
/c
Next Run Time: 11/15/2011 11:48:00 AM
Status:
The task is currently running
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------Taskname:
GoogleUpdateTaskMachineUA.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM

Company: Google Inc.

Parameters:
/ua /installsource scheduler
Next Run Time: 11/15/2011 11:48:00 AM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------************************************************************
11:03:53 AM: Scanning ----- SHELLICONOVERLAYIDENTIFIERS ----Key: EnhancedStorageShell
CLSID: {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}
File: %SystemRoot%\system32\EhStorShell.dll
C:\Windows\system32\EhStorShell.dll
189952 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
---------Key: IDM Shell Extension
CLSID: {CDC95B92-E27C-4745-A8C5-64A52A78855D}
File: C:\Program Files\Internet Download Manager\IDMShellExt.dll
C:\Program Files\Internet Download Manager\IDMShellExt.dll
21864 bytes
Created: 11/14/2011 6:39 PM
Modified: 5/30/2011 7:50 PM
Company: Tonec Inc.
---------Key: SharingPrivate
CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235}
File: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll - file already scanned
---------************************************************************
11:03:54 AM: ----- ADDITIONAL CHECKS ----Heuristic checks for hidden files/drivers completed
---------Layered Service Provider entries checks completed
---------Windows Explorer Policies checks completed
---------Checking autorun.inf in J:\
J:\autorun.inf
-RHS- 144 bytes
Created: 12/12/2011 5:41 PM
Modified: 12/24/2011 3:48 PM
Company: [no info]
J:\autorun.inf: Access Error
----------------------------Desktop Wallpaper: C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\Tr
anscodedWallpaper.jpg
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.j
pg
1149968 bytes
Created: 2/20/2011 3:24 PM

Modified: 12/25/2011 9:05 AM

Company: [no info]
---------Web Desktop Wallpaper entry is blank
---------Checks for rogue DNS NameServers completed
------------------Additional checks completed
************************************************************
11:03:55 AM: Scanning ----- RUNNING PROCESSES ----C:\Windows\System32\smss.exe
69632 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe
6144 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\wininit.exe
96256 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe - file already scanned
-------------------C:\Windows\system32\services.exe
259072 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\lsass.exe
22528 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\lsm.exe
261120 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\winlogon.exe
285696 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe
20992 bytes
Created: 7/14/2009 4:19 AM

Modified: 7/14/2009 6:14 AM

Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe - file alread
y scanned
-------------------C:\Windows\system32\Ati2evxx.exe
684032 bytes
Created: 6/3/2008 3:33 AM
Modified: 6/3/2008 3:33 AM
Company: ATI Technologies Inc.
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\Ati2evxx.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashServ.exe - file already scanned
-------------------C:\Windows\system32\Dwm.exe
92672 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\Explorer.EXE - file already scanned
-------------------C:\Windows\System32\spoolsv.exe
316416 bytes
Created: 7/14/2009 5:18 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\sched.exe - file already scanned
-------------------C:\Windows\system32\taskhost.exe
49152 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\taskeng.exe
190464 bytes
Created: 7/14/2009 4:30 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
--------------------

C:\Program Files\Avira\AntiVir Desktop\avguard.exe - file already scanned

-------------------C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe - file already
scanned
-------------------C:\Program Files\Google\Update\GoogleUpdate.exe - file already scanned
-------------------C:\Windows\system32\NLSSRV32.EXE - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
80336 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------C:\Windows\system32\conhost.exe
271360 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\avmailc.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashWebSv.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe - file already
scanned
-------------------C:\Program Files\USB Disk Security\USBGuard.exe - file already scanned
-------------------C:\Program Files\Common Files\Java\Java Update\jusched.exe - file already scanne
d
-------------------C:\Program Files\Microsoft Security Client\msseces.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashDisp.exe - file already scanned
-------------------C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe - file alread
y scanned
-------------------C:\Windows\system32\SearchIndexer.exe
428032 bytes
Created: 7/14/2009 5:14 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Windows Sidebar\sidebar.exe - file already scanned
-------------------C:\Program Files\Internet Download Manager\IEMonitor.exe
263600 bytes
Created: 11/14/2011 6:39 PM
Modified: 5/25/2010 5:28 PM

Company: Tonec Inc.

-------------------C:\Program Files\XP Codec Pack\mpc\mplayerc.exe
4308992 bytes
Created: 12/4/2007 4:53 AM
Modified: 12/4/2007 4:53 AM
Company: Gabest
-------------------C:\Program Files\Trojan Remover\Rmvtrjan.exe
FileSize:
2933624
[This is a Trojan Remover component]
-------------------************************************************************
11:04:02 AM: Checking HOSTS file
No malicious entries were found in the HOSTS file
************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS -----HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://home.allgameshome.com/
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.searchqu.com/406
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 11:04:03 AM 15 Nov 2011
Total Scan time: 00:01:00
************************************************************
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.6.2565. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 9:50:32 AM 15 Nov 2011
Using Database v7291
Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED.
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************

The following Anti-Malware program(s) are loaded:

Avast! Antivirus
Avira AntiVir
************************************************************
************************************************************
9:50:33 AM: ----- SCANNING FOR ROOTKIT SERVICES ----No hidden Services were detected.
************************************************************
9:50:36 AM: Scanning -----WINDOWS REGISTRY-----------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: explorer.exe
C:\Windows\explorer.exe
2613248 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
26112 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
----------------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
-------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: USB Antivirus
Value Data: C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\USB Disk Security\USBGuard.exe
798720 bytes
Created: 10/14/2011 8:59 AM
Modified: 3/27/2008 11:35 AM
Company: http://www.zbshareware.com
-------------------Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
C:\Program Files\QuickTime\QTTask.exe
421888 bytes
Created: 7/5/2011 6:36 PM
Modified: 7/5/2011 6:36 PM
Company: Apple Inc.
-------------------Value Name: SunJavaUpdateSched
Value Data: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

C:\Program Files\Common Files\Java\Java Update\jusched.exe

254696 bytes
Created: 6/9/2011 1:06 PM
Modified: 6/9/2011 1:06 PM
Company: Sun Microsystems, Inc.
-------------------Value Name: MSC
Value Data: "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runk
ey
c:\Program Files\Microsoft Security Client\msseces.exe
997920 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
-------------------Value Name: avgnt
Value Data: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
258512 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------Value Name: Corel Graphics Suite 1117
Value Data: C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /
title="Corel Graphics Suite 11" /date=112611 serial=DR11CRD-0012082-DGW
C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe [file not fou
nd to scan]
-------------------Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot
C:\Program Files\Trojan Remover\Trjscan.exe
1211784 bytes
Created: 11/5/2011 11:56 AM
Modified: 2/21/2009 6:30 PM
Company: Simply Super Software
-------------------Value Name: avast!
Value Data: "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
81000 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
--------------------------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
-------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: Facebook Update
Value Data: "C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe"
/c /nocrashserver
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
-------------------Value Name: DownloadAccelerator

Value Data: "C:\Program Files\DAP\DAP.EXE" /STARTUP

C:\Program Files\DAP\DAP.EXE
2975920 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/29/2011 6:30 AM
Company: SpeedBit Ltd.
-------------------Value Name: Sidebar
Value Data: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
C:\Program Files\Windows Sidebar\sidebar.exe
1173504 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Value Name: IDMan
Value Data: C:\Program Files\Internet Download Manager\IDMan.exe /onboot
C:\Program Files\Internet Download Manager\IDMan.exe
3437976 bytes
Created: 11/14/2011 6:39 PM
Modified: 11/14/2011 4:52 PM
Company: Tonec Inc.
-------------------Value Name: Mobile Partner
Value Data: "C:\Program Files\Broadband\Broadband.exe"
C:\Program Files\Broadband\Broadband.exe
536576 bytes
Created: 12/23/2011 6:20 AM
Modified: 12/23/2011 6:20 AM
Company: TODO: <???>
--------------------------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
************************************************************
9:50:40 AM: Scanning -----SHELLEXECUTEHOOKS----ShellExecuteHooks key is empty
************************************************************
9:50:40 AM: Scanning -----HIDDEN REGISTRY ENTRIES----Taskdir check completed
---------No Hidden File-loading Registry Entries found
---------************************************************************
9:50:40 AM: Scanning -----ACTIVE SCREENSAVER----ScreenSaver: C:\Windows\system32\scrnsave.scr
C:\Windows\system32\scrnsave.scr
10240 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------************************************************************
9:50:41 AM: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----Key: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}
Path: "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",Bran

dIEActiveSetup SIGNUP
C:\Windows\System32\rundll32.exe
44544 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------************************************************************
9:50:42 AM: Scanning ----- SERVICEDLL REGISTRY KEYS ----Key: AppIDSvc
Path: %SystemRoot%\System32\appidsvc.dll
C:\Windows\System32\appidsvc.dll
27648 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: AxInstSV
Path: %SystemRoot%\System32\AxInstSV.dll
C:\Windows\System32\AxInstSV.dll
88064 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: BDESVC
Path: %SystemRoot%\System32\bdesvc.dll
C:\Windows\System32\bdesvc.dll
76800 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: bthserv
Path: %SystemRoot%\system32\bthserv.dll
C:\Windows\system32\bthserv.dll
64512 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: defragsvc
Path: %Systemroot%\System32\defragsvc.dll
C:\Windows\System32\defragsvc.dll
218624 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: Dhcp
Path: %SystemRoot%\system32\dhcpcore.dll
C:\Windows\system32\dhcpcore.dll
253440 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: FontCache
Path: %SystemRoot%\system32\FntCache.dll

C:\Windows\system32\FntCache.dll
797696 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupListener
Path: %SystemRoot%\system32\ListSvc.dll
C:\Windows\system32\ListSvc.dll
194560 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupProvider
Path: %SystemRoot%\system32\provsvc.dll
C:\Windows\system32\provsvc.dll
165376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: p2pimsvc
Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PeerDistSvc
Path: %SystemRoot%\system32\peerdistsvc.dll
C:\Windows\system32\peerdistsvc.dll
1004544 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPAutoReg
Path: %SystemRoot%\system32\pnrpauto.dll
C:\Windows\system32\pnrpauto.dll
20480 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPsvc
Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: Power
Path: %SystemRoot%\system32\umpo.dll
C:\Windows\system32\umpo.dll
119808 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 6:16 AM

Company: Microsoft Corporation

-------------------Key: RpcEptMapper
Path: %SystemRoot%\System32\RpcEpMap.dll
C:\Windows\System32\RpcEpMap.dll
43520 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: SensrSvc
Path: %SystemRoot%\system32\sensrsvc.dll
C:\Windows\system32\sensrsvc.dll
25088 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: sppuinotify
Path: %SystemRoot%\system32\sppuinotify.dll
C:\Windows\system32\sppuinotify.dll
53760 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: Themes
Path: %SystemRoot%\system32\themeservice.dll
C:\Windows\system32\themeservice.dll
37376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WbioSrvc
Path: %SystemRoot%\System32\wbiosrvc.dll
C:\Windows\System32\wbiosrvc.dll
151552 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WwanSvc
Path: %SystemRoot%\System32\wwansvc.dll
C:\Windows\System32\wwansvc.dll
185856 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------************************************************************
9:50:57 AM: Scanning ----- SERVICES REGISTRY KEYS ----Key:
1394ohci
ImagePath: \SystemRoot\system32\DRIVERS\1394ohci.sys
C:\Windows\system32\DRIVERS\1394ohci.sys
163328 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation

---------Key:
AcpiPmi
ImagePath: \SystemRoot\system32\DRIVERS\acpipmi.sys
C:\Windows\system32\DRIVERS\acpipmi.sys
9728 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 4:16 AM
Company: Microsoft Corporation
---------Key:
ALCXWDM
ImagePath: system32\drivers\RTKVAC.SYS
C:\Windows\system32\drivers\RTKVAC.SYS
4172832 bytes
Created: 6/18/2009 7:45 PM
Modified: 6/18/2009 7:45 PM
Company: Realtek Semiconductor Corp.
---------Key:
AmdPPM
ImagePath: \SystemRoot\system32\DRIVERS\amdppm.sys
C:\Windows\system32\DRIVERS\amdppm.sys
52736 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
amdsata
ImagePath: \SystemRoot\system32\DRIVERS\amdsata.sys
C:\Windows\system32\DRIVERS\amdsata.sys
79952 bytes
Created: 6/11/2009 2:19 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
amdsbs
ImagePath: \SystemRoot\system32\DRIVERS\amdsbs.sys
C:\Windows\system32\DRIVERS\amdsbs.sys
159312 bytes
Created: 6/11/2009 2:20 AM
Modified: 7/14/2009 6:26 AM
Company: AMD Technologies Inc.
---------Key:
amdxata
ImagePath: system32\DRIVERS\amdxata.sys
C:\Windows\system32\DRIVERS\amdxata.sys
23616 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
AntiVirMailService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avmailc.exe"
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
342480 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirSchedulerService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\sched.exe"
C:\Program Files\Avira\AntiVir Desktop\sched.exe

86224 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avguard.exe"
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
110032 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirWebService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
463824 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AppID
ImagePath: \SystemRoot\system32\drivers\appid.sys
C:\Windows\system32\drivers\appid.sys
50176 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 4:36 AM
Company: Microsoft Corporation
---------Key:
aswFsBlk
ImagePath: system32\DRIVERS\aswFsBlk.sys
C:\Windows\system32\DRIVERS\aswFsBlk.sys
20560 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:50 AM
Company: ALWIL Software
---------Key:
aswMonFlt
ImagePath: system32\DRIVERS\aswMonFlt.sys
C:\Windows\system32\DRIVERS\aswMonFlt.sys
53328 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:49 AM
Company: ALWIL Software
---------Key:
aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
18752 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:43 AM
Company: ALWIL Software
---------Key:
avast! Antivirus
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
C:\Program Files\Alwil Software\Avast4\ashServ.exe
138680 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software

---------Key:
avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
254040 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
---------Key:
avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
352920 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:48 AM
Company: ALWIL Software
---------Key:
avgntflt
ImagePath: system32\DRIVERS\avgntflt.sys
C:\Windows\system32\DRIVERS\avgntflt.sys
74640 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
avipbb
ImagePath: system32\DRIVERS\avipbb.sys
C:\Windows\system32\DRIVERS\avipbb.sys
134344 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
avkmgr
ImagePath: system32\DRIVERS\avkmgr.sys
C:\Windows\system32\DRIVERS\avkmgr.sys
36000 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
b06bdrv
ImagePath: \SystemRoot\system32\DRIVERS\bxvbdx.sys
C:\Windows\system32\DRIVERS\bxvbdx.sys
430080 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
b57nd60x
ImagePath: system32\DRIVERS\b57nd60x.sys
C:\Windows\system32\DRIVERS\b57nd60x.sys
229888 bytes
Created: 7/14/2009 3:02 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
blbdrive
ImagePath: system32\DRIVERS\blbdrive.sys
C:\Windows\system32\DRIVERS\blbdrive.sys

35328 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 4:23 AM
Company: Microsoft Corporation
---------Key:
CmBatt
ImagePath: \SystemRoot\system32\DRIVERS\CmBatt.sys
C:\Windows\system32\DRIVERS\CmBatt.sys
14080 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
CNG
ImagePath: System32\Drivers\cng.sys
C:\Windows\System32\Drivers\cng.sys
369568 bytes
Created: 7/14/2009 4:32 AM
Modified: 7/14/2009 6:17 AM
Company: Microsoft Corporation
---------Key:
CompositeBus
ImagePath: system32\DRIVERS\CompositeBus.sys
C:\Windows\system32\DRIVERS\CompositeBus.sys
31232 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
crcdisk
ImagePath: \SystemRoot\system32\DRIVERS\crcdisk.sys
C:\Windows\system32\DRIVERS\crcdisk.sys
22096 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
discache
ImagePath: System32\drivers\discache.sys
C:\Windows\System32\drivers\discache.sys
32256 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 4:24 AM
Company: Microsoft Corporation
---------Key:
ebdrv
ImagePath: \SystemRoot\system32\DRIVERS\evbdx.sys
C:\Windows\system32\DRIVERS\evbdx.sys
3100160 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
flpydisk
ImagePath: \SystemRoot\system32\DRIVERS\flpydisk.sys
C:\Windows\system32\DRIVERS\flpydisk.sys
19968 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation

---------Key:
FsDepends
ImagePath: System32\drivers\FsDepends.sys
C:\Windows\System32\drivers\FsDepends.sys
46160 bytes
Created: 7/14/2009 4:15 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
gupdate
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
gupdatem
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
hcw85cir
ImagePath: \SystemRoot\system32\drivers\hcw85cir.sys
C:\Windows\system32\drivers\hcw85cir.sys
26624 bytes
Created: 7/14/2009 3:54 AM
Modified: 7/14/2009 3:54 AM
Company: Hauppauge Computer Works, Inc.
---------Key:
HidBatt
ImagePath: \SystemRoot\system32\DRIVERS\HidBatt.sys
C:\Windows\system32\DRIVERS\HidBatt.sys
21504 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
HpSAMD
ImagePath: \SystemRoot\system32\DRIVERS\HpSAMD.sys
C:\Windows\system32\DRIVERS\HpSAMD.sys
67152 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: Hewlett-Packard Company
---------Key:
hwdatacard
ImagePath: system32\DRIVERS\ewusbmdm.sys
C:\Windows\system32\DRIVERS\ewusbmdm.sys
102912 bytes
Created: 12/23/2011 6:21 AM
Modified: 9/10/2009 3:31 PM
Company: Huawei Technologies Co., Ltd.
---------Key:
hwpolicy
ImagePath: System32\drivers\hwpolicy.sys
C:\Windows\System32\drivers\hwpolicy.sys

13904 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
hwusbdev
ImagePath: system32\DRIVERS\ewusbdev.sys
C:\Windows\system32\DRIVERS\ewusbdev.sys
101120 bytes
Created: 12/23/2011 6:21 AM
Modified: 10/12/2009 3:22 PM
Company: Huawei Technologies Co., Ltd.
---------Key:
IDMWFP
ImagePath: system32\DRIVERS\idmwfp.sys
C:\Windows\system32\DRIVERS\idmwfp.sys
89376 bytes
Created: 11/14/2011 6:39 PM
Modified: 7/6/2011 6:14 PM
Company: Tonec Inc.
---------Key:
intelppm
ImagePath: \SystemRoot\system32\DRIVERS\intelppm.sys
C:\Windows\system32\DRIVERS\intelppm.sys
53760 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
iScsiPrt
ImagePath: \SystemRoot\system32\DRIVERS\msiscsi.sys
C:\Windows\system32\DRIVERS\msiscsi.sys
186960 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
kbdhid
ImagePath: \SystemRoot\system32\DRIVERS\kbdhid.sys
C:\Windows\system32\DRIVERS\kbdhid.sys
28160 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
KSecPkg
ImagePath: System32\Drivers\ksecpkg.sys
C:\Windows\System32\Drivers\ksecpkg.sys
133200 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
LSI_FC
ImagePath: \SystemRoot\system32\DRIVERS\lsi_fc.sys
C:\Windows\system32\DRIVERS\lsi_fc.sys
95824 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation

---------Key:
LSI_SAS
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas.sys
C:\Windows\system32\DRIVERS\lsi_sas.sys
89168 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS2
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas2.sys
C:\Windows\system32\DRIVERS\lsi_sas2.sys
54864 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SCSI
ImagePath: \SystemRoot\system32\DRIVERS\lsi_scsi.sys
C:\Windows\system32\DRIVERS\lsi_scsi.sys
96848 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
MpFilter
ImagePath: system32\DRIVERS\MpFilter.sys
C:\Windows\system32\DRIVERS\MpFilter.sys
165648 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation
---------Key:
MpKsl182320cc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl182320cc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsl182320cc.sys
29904 bytes
Created: 11/15/2011 9:48 AM
Modified: 11/15/2011 9:48 AM
Company: Microsoft Corporation
---------Key:
MpKsl19b7cb5c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{63FC53AE-0C80-4781-A0F2-D285951B5C1C}\MpKsl19b7cb5c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63FC53AE-0C80
-4781-A0F2-D285951B5C1C}\MpKsl19b7cb5c.sys [file not found to scan]
---------Key:
MpKsl292c9fc4
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{C2E8B41D-8A3B-440A-94E5-ADC0E3405A30}\MpKsl292c9fc4.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C2E8B41D-8A3B
-440A-94E5-ADC0E3405A30}\MpKsl292c9fc4.sys [file not found to scan]
---------Key:
MpKsl2ed2d473
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FEDAB18A-7B52-47C7-8216-D8E2B3F38CB6}\MpKsl2ed2d473.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDAB18A-7B52
-47C7-8216-D8E2B3F38CB6}\MpKsl2ed2d473.sys [file not found to scan]

---------Key:
MpKsl43dec7fa
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKsl43dec7fa.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKsl43dec7fa.sys [file not found to scan]
---------Key:
MpKsl4827cce2
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA200FC3-0ACF-4696-B54F-C617A393F3F2}\MpKsl4827cce2.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA200FC3-0ACF
-4696-B54F-C617A393F3F2}\MpKsl4827cce2.sys [file not found to scan]
---------Key:
MpKsl4af71ab5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{125D1778-DD71-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{125D1778-DD71
-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys [file not found to scan]
---------Key:
MpKsl5ac8e01c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{EC9E497F-B5E8-44D0-B086-3AF9A4221A07}\MpKsl5ac8e01c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC9E497F-B5E8
-44D0-B086-3AF9A4221A07}\MpKsl5ac8e01c.sys [file not found to scan]
---------Key:
MpKsl611ac31f
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E4A015ED-FE16-4385-96B4-862985D2FFFC}\MpKsl611ac31f.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A015ED-FE16
-4385-96B4-862985D2FFFC}\MpKsl611ac31f.sys [file not found to scan]
---------Key:
MpKsl65972984
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{89274BDA-1166-4961-AA83-49BE6A9B35DC}\MpKsl65972984.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89274BDA-1166
-4961-AA83-49BE6A9B35DC}\MpKsl65972984.sys [file not found to scan]
---------Key:
MpKsl6780b090
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E7D97244-3332-48C5-AEEF-555B63449487}\MpKsl6780b090.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D97244-3332
-48C5-AEEF-555B63449487}\MpKsl6780b090.sys [file not found to scan]
---------Key:
MpKsl6ce2c32c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F04B1274-39FA-497F-96A1-1113653CD37C}\MpKsl6ce2c32c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F04B1274-39FA
-497F-96A1-1113653CD37C}\MpKsl6ce2c32c.sys [file not found to scan]
---------Key:
MpKsl6d167de1
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKsl6d167de1.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKsl6d167de1.sys [file not found to scan]
---------Key:
MpKsl6ddfbb59
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FB066597-4A54-40D8-8EFE-5AC154F5D4A7}\MpKsl6ddfbb59.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FB066597-4A54
-40D8-8EFE-5AC154F5D4A7}\MpKsl6ddfbb59.sys [file not found to scan]

---------Key:
MpKsl77164ad8
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{AE29A31E-1183-4CB2-9700-B161DDDB0700}\MpKsl77164ad8.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE29A31E-1183
-4CB2-9700-B161DDDB0700}\MpKsl77164ad8.sys [file not found to scan]
---------Key:
MpKsl7a7ef606
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F9F948D5-68FF-4642-8AE8-44F93EDF9F61}\MpKsl7a7ef606.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F9F948D5-68FF
-4642-8AE8-44F93EDF9F61}\MpKsl7a7ef606.sys [file not found to scan]
---------Key:
MpKsl7e18e2f1
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FEDAB18A-7B52-47C7-8216-D8E2B3F38CB6}\MpKsl7e18e2f1.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDAB18A-7B52
-47C7-8216-D8E2B3F38CB6}\MpKsl7e18e2f1.sys [file not found to scan]
---------Key:
MpKsl7ef1c63a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl7ef1c63a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsl7ef1c63a.sys
29904 bytes
Created: 12/21/2011 5:49 AM
Modified: 12/21/2011 5:49 AM
Company: Microsoft Corporation
---------Key:
MpKsl86faea71
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{1801E2FC-6C49-4AB0-B29A-D5513E9AB219}\MpKsl86faea71.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1801E2FC-6C49
-4AB0-B29A-D5513E9AB219}\MpKsl86faea71.sys [file not found to scan]
---------Key:
MpKsl96f50f1a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA200FC3-0ACF-4696-B54F-C617A393F3F2}\MpKsl96f50f1a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA200FC3-0ACF
-4696-B54F-C617A393F3F2}\MpKsl96f50f1a.sys [file not found to scan]
---------Key:
MpKsl9834e373
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKsl9834e373.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKsl9834e373.sys [file not found to scan]
---------Key:
MpKsl9b9925f7
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{87A2B06F-AEDB-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87A2B06F-AEDB
-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys [file not found to scan]
---------Key:
MpKsla40f86f2
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{D93F9AEA-0FB3-43DE-BC08-4D52ADDC31C3}\MpKsla40f86f2.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D93F9AEA-0FB3
-43DE-BC08-4D52ADDC31C3}\MpKsla40f86f2.sys [file not found to scan]
---------Key:
MpKsla4270d7e

ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates

\{A8F1F9E2-A163-4A96-986C-DBB1BEFCFB45}\MpKsla4270d7e.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A8F1F9E2-A163
-4A96-986C-DBB1BEFCFB45}\MpKsla4270d7e.sys [file not found to scan]
---------Key:
MpKsla90dfa44
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F04B1274-39FA-497F-96A1-1113653CD37C}\MpKsla90dfa44.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F04B1274-39FA
-497F-96A1-1113653CD37C}\MpKsla90dfa44.sys [file not found to scan]
---------Key:
MpKslb3ec5bfc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{89274BDA-1166-4961-AA83-49BE6A9B35DC}\MpKslb3ec5bfc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89274BDA-1166
-4961-AA83-49BE6A9B35DC}\MpKslb3ec5bfc.sys [file not found to scan]
---------Key:
MpKslba40cab8
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKslba40cab8.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKslba40cab8.sys [file not found to scan]
---------Key:
MpKslc726619e
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E7D97244-3332-48C5-AEEF-555B63449487}\MpKslc726619e.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D97244-3332
-48C5-AEEF-555B63449487}\MpKslc726619e.sys [file not found to scan]
---------Key:
MpKslc812cda5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys [file not found to scan]
---------Key:
MpKsld1a9a4bd
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsld1a9a4bd.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsld1a9a4bd.sys [file not found to scan]
---------Key:
MpKsld6bc2ace
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{41075F48-D9B6-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{41075F48-D9B6
-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys [file not found to scan]
---------Key:
MpKsldb078f3b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{18376A16-6A89-4431-9AAE-7757B1860F0B}\MpKsldb078f3b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18376A16-6A89
-4431-9AAE-7757B1860F0B}\MpKsldb078f3b.sys [file not found to scan]
---------Key:
MpKsle40809dc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{BBDC0D42-7802-440D-A612-6A7B59ED49B6}\MpKsle40809dc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BBDC0D42-7802
-440D-A612-6A7B59ED49B6}\MpKsle40809dc.sys [file not found to scan]
---------Key:
MpKsle6b3f7f6

ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates

\{F82BC6C4-990C-4822-A000-19C5D52A07F5}\MpKsle6b3f7f6.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F82BC6C4-990C
-4822-A000-19C5D52A07F5}\MpKsle6b3f7f6.sys [file not found to scan]
---------Key:
MpKsled7ad05b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4B60937A-DEE2-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B60937A-DEE2
-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys [file not found to scan]
---------Key:
MpKslf8aafc7a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKslf8aafc7a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKslf8aafc7a.sys [file not found to scan]
---------Key:
MpNWMon
ImagePath: system32\DRIVERS\MpNWMon.sys
C:\Windows\system32\DRIVERS\MpNWMon.sys
43392 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation
---------Key:
mshidkmdf
ImagePath: \SystemRoot\System32\drivers\mshidkmdf.sys
C:\Windows\System32\drivers\mshidkmdf.sys
4096 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
MsMpSvc
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
11736 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
MTConfig
ImagePath: \SystemRoot\system32\DRIVERS\MTConfig.sys
C:\Windows\system32\DRIVERS\MTConfig.sys
12288 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 4:46 AM
Company: Microsoft Corporation
---------Key:
NdisCap
ImagePath: system32\DRIVERS\ndiscap.sys
C:\Windows\system32\DRIVERS\ndiscap.sys
27136 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
Nero BackItUp Scheduler 4.0
ImagePath: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

935208 bytes
Created: 7/20/2009 11:51 AM
Modified: 7/20/2009 11:51 AM
Company: Nero AG
---------Key:
NisDrv
ImagePath: system32\DRIVERS\NisDrvWFP.sys
C:\Windows\system32\DRIVERS\NisDrvWFP.sys
65024 bytes
Created: 4/27/2011 3:25 PM
Modified: 4/27/2011 3:25 PM
Company: Microsoft Corporation
---------Key:
NisSrv
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
208944 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
nlsX86cc
ImagePath: C:\Windows\system32\NLSSRV32.EXE
C:\Windows\system32\NLSSRV32.EXE
68928 bytes
Created: 9/24/2011 3:03 PM
Modified: 9/24/2011 3:03 PM
Company: Nalpeiron Ltd.
---------Key:
pcw
ImagePath: System32\drivers\pcw.sys
C:\Windows\System32\drivers\pcw.sys
43088 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
RasAgileVpn
ImagePath: system32\DRIVERS\AgileVpn.sys
C:\Windows\system32\DRIVERS\AgileVpn.sys
49152 bytes
Created: 7/14/2009 4:55 AM
Modified: 7/14/2009 4:55 AM
Company: Microsoft Corporation
---------Key:
rdpbus
ImagePath: system32\DRIVERS\rdpbus.sys
C:\Windows\system32\DRIVERS\rdpbus.sys
18944 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 5:02 AM
Company: Microsoft Corporation
---------Key:
RDPREFMP
ImagePath: system32\drivers\rdprefmp.sys
C:\Windows\system32\drivers\rdprefmp.sys
7168 bytes
Created: 7/14/2009 5:01 AM
Modified: 7/14/2009 5:01 AM
Company: Microsoft Corporation

---------Key:
rdyboost
ImagePath: System32\drivers\rdyboost.sys
C:\Windows\System32\drivers\rdyboost.sys
173648 bytes
Created: 7/14/2009 4:22 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
s3cap
ImagePath: \SystemRoot\system32\DRIVERS\vms3cap.sys
C:\Windows\system32\DRIVERS\vms3cap.sys
5632 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
scfilter
ImagePath: System32\DRIVERS\scfilter.sys
C:\Windows\System32\DRIVERS\scfilter.sys
26624 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 4:33 AM
Company: Microsoft Corporation
---------Key:
sppsvc
ImagePath: %SystemRoot%\system32\sppsvc.exe
C:\Windows\system32\sppsvc.exe
3179520 bytes
Created: 7/14/2009 5:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------Key:
ssmdrv
ImagePath: system32\DRIVERS\ssmdrv.sys
C:\Windows\system32\DRIVERS\ssmdrv.sys
28520 bytes
Created: 11/1/2011 10:59 AM
Modified: 6/17/2010 3:14 PM
Company: Avira GmbH
---------Key:
stexstor
ImagePath: \SystemRoot\system32\DRIVERS\stexstor.sys
C:\Windows\system32\DRIVERS\stexstor.sys
21072 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:19 AM
Company: Promise Technology
---------Key:
storflt
ImagePath: system32\DRIVERS\vmstorfl.sys
C:\Windows\system32\DRIVERS\vmstorfl.sys
40896 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
storvsc
ImagePath: \SystemRoot\system32\DRIVERS\storvsc.sys
C:\Windows\system32\DRIVERS\storvsc.sys

28224 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
taphss
ImagePath: system32\DRIVERS\taphss.sys
C:\Windows\system32\DRIVERS\taphss.sys
32768 bytes
Created: 7/26/2011 10:49 PM
Modified: 7/26/2011 10:49 PM
Company: AnchorFree Inc
---------Key:
UmPass
ImagePath: \SystemRoot\system32\DRIVERS\umpass.sys
C:\Windows\system32\DRIVERS\umpass.sys
8192 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbuhci
ImagePath: \SystemRoot\system32\DRIVERS\usbuhci.sys
C:\Windows\system32\DRIVERS\usbuhci.sys
24064 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbvideo
ImagePath: System32\Drivers\usbvideo.sys
C:\Windows\System32\Drivers\usbvideo.sys
146176 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
vdrvroot
ImagePath: system32\DRIVERS\vdrvroot.sys
C:\Windows\system32\DRIVERS\vdrvroot.sys
32832 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vhdmp
ImagePath: \SystemRoot\system32\DRIVERS\vhdmp.sys
C:\Windows\system32\DRIVERS\vhdmp.sys
159824 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vmbus
ImagePath: \SystemRoot\system32\DRIVERS\vmbus.sys
C:\Windows\system32\DRIVERS\vmbus.sys
175824 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation

---------Key:
VMBusHID
ImagePath: \SystemRoot\system32\DRIVERS\VMBusHID.sys
C:\Windows\system32\DRIVERS\VMBusHID.sys
17920 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
vwifibus
ImagePath: \SystemRoot\System32\drivers\vwifibus.sys
C:\Windows\System32\drivers\vwifibus.sys
19968 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
WfpLwf
ImagePath: system32\DRIVERS\wfplwf.sys
C:\Windows\system32\DRIVERS\wfplwf.sys
9728 bytes
Created: 7/14/2009 4:53 AM
Modified: 7/14/2009 4:53 AM
Company: Microsoft Corporation
---------Key:
WIMMount
ImagePath: system32\drivers\wimmount.sys
C:\Windows\system32\drivers\wimmount.sys
19008 bytes
Created: 7/14/2009 4:17 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------************************************************************
9:51:45 AM: Scanning -----VXD ENTRIES----************************************************************
9:51:45 AM: Scanning ----- WINLOGON\NOTIFY DLLS ----No WINLOGON\NOTIFY DLLs found to scan
************************************************************
9:51:45 AM: Scanning ----- CONTEXTMENUHANDLERS ----Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
76880 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:47 AM
Company: ALWIL Software
---------Key: BriefcaseMenu
CLSID: {85BBD920-42A0-1069-A2E4-08002B30309D}
Path: %SystemRoot%\system32\syncui.dll
C:\Windows\system32\syncui.dll
158720 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation

---------Key: DAP_ShredMenu
CLSID: {BED4C38B-F765-45AC-8C56-613F76BBF43E}
Path: C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
55472 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/14/2011 8:58 AM
Company: Speedbit Ltd.
---------Key: EPP
CLSID: {09A47860-11B0-4DA5-AFA5-26D86198A780}
Path: c:\PROGRA~1\MICROS~4\shellext.dll
c:\PROGRA~1\MICROS~4\shellext.dll
301128 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
---------Key: Sharing
CLSID: {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Path: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll
442880 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: Shell Extension for Malware scanning
CLSID: {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
Path: C:\Program Files\Avira\AntiVir Desktop\shlext.dll
C:\Program Files\Avira\AntiVir Desktop\shlext.dll
150480 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------************************************************************
9:51:47 AM: Scanning ----- FOLDER\COLUMNHANDLERS ----Key: {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A}
File: C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
5972760 bytes
Created: 10/29/2011 4:30 PM
Modified: 1/11/2011 12:18 PM
Company: Tracker Software Products Ltd.
---------************************************************************
9:51:48 AM: Scanning ----- BROWSER HELPER OBJECTS ----Key: {389943B0-C3A2-4E69-82CB-8596A84CB3DC}
BHO: C:\Program Files\SearchPredict\SearchPredict.dll
C:\Program Files\SearchPredict\SearchPredict.dll
498840 bytes
Created: 10/14/2011 8:58 AM
Modified: 6/28/2011 5:41 PM
Company: SpeedBit Ltd.
---------Key: {92A9ACF4-9333-43AE-9698-DB283326F87F}

BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll

C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
2660016 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/15/2011 8:25 PM
Company:
---------Key: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
BHO: C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
3844768 bytes
Created: 11/29/2011 6:22 AM
Modified: 11/29/2011 6:22 AM
Company: Skype Technologies S.A.
---------Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files\Java\jre6\bin\jp2ssv.dll
C:\Program Files\Java\jre6\bin\jp2ssv.dll
42272 bytes
Created: 10/7/2011 11:23 AM
Modified: 10/7/2011 11:23 AM
Company: Sun Microsystems, Inc.
---------Key: {FF6C3CF0-4B15-11D1-ABED-709549C10000}
BHO: C:\PROGRA~1\DAP\DAPIEL~1.DLL
C:\PROGRA~1\DAP\DAPIEL~1.DLL
141568 bytes
Created: 10/14/2011 11:31 AM
Modified: 10/14/2011 11:31 AM
Company: SpeedBit Ltd.
---------Key: {FF7C3CF0-4B15-11D1-ABED-709549C10000}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
356024 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/15/2011 8:25 PM
Company: SpeedBit
---------************************************************************
9:51:50 AM: Scanning ----- SHELLSERVICEOBJECTS ----************************************************************
9:51:50 AM: Scanning ----- SHAREDTASKSCHEDULER ENTRIES ----No SharedTaskScheduler entries found to scan
************************************************************
9:51:50 AM: Scanning ----- IMAGEFILE DEBUGGERS ----No "Debugger" entries found.
************************************************************
9:51:50 AM: Scanning ----- APPINIT_DLLS ----The following AppInitDLLs entry is hidden/stealthed:
AppInitDLLs entry = [
]
************************************************************
9:51:51 AM: Scanning ----- SECURITY PROVIDER DLLS ----************************************************************

9:51:51 AM: Scanning ------ COMMON STARTUP GROUP -----[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]

The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 7/14/2009 9:41 AM
Modified: 7/14/2009 9:41 AM
Company: [no info]
-------------------************************************************************
9:51:51 AM: Scanning ----- USER STARTUP GROUPS ----Checking Startup Group for: PAKISTAN
[C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
]
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
desktop.ini
-HS- 174 bytes
Created: 10/14/2011 8:50 AM
Modified: 10/14/2011 8:50 AM
Company: [no info]
----------------------------************************************************************
9:51:52 AM: Scanning ----- SCHEDULED TASKS ----Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00Core.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/c /nocrashserver
Next Run Time: 11/15/2011 4:53:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00UA.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/ua /installsource scheduler
Next Run Time: 11/15/2011 10:54:00 AM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This

task uninstalls itself when there is no Facebook software using it.

---------Taskname:
GoogleUpdateTaskMachineCore.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
Parameters:
/c
Next Run Time: 11/15/2011 11:48:00 AM
Status:
The task is currently running
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------Taskname:
GoogleUpdateTaskMachineUA.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
Parameters:
/ua /installsource scheduler
Next Run Time: 11/15/2011 10:48:00 AM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------************************************************************
9:51:53 AM: Scanning ----- SHELLICONOVERLAYIDENTIFIERS ----Key: EnhancedStorageShell
CLSID: {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}
File: %SystemRoot%\system32\EhStorShell.dll
C:\Windows\system32\EhStorShell.dll
189952 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
---------Key: IDM Shell Extension
CLSID: {CDC95B92-E27C-4745-A8C5-64A52A78855D}
File: C:\Program Files\Internet Download Manager\IDMShellExt.dll
C:\Program Files\Internet Download Manager\IDMShellExt.dll
21864 bytes
Created: 11/14/2011 6:39 PM
Modified: 5/30/2011 7:50 PM
Company: Tonec Inc.
---------Key: SharingPrivate
CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235}
File: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll - file already scanned
----------

************************************************************
9:51:54 AM: ----- ADDITIONAL CHECKS ----Heuristic checks for hidden files/drivers completed
---------Layered Service Provider entries checks completed
---------Windows Explorer Policies checks completed
---------Checking autorun.inf in J:\
J:\autorun.inf
-RHS- 144 bytes
Created: 12/12/2011 5:41 PM
Modified: 12/24/2011 3:48 PM
Company: [no info]
J:\autorun.inf: Access Error
----------------------------Desktop Wallpaper: C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\Tr
anscodedWallpaper.jpg
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.j
pg
1149968 bytes
Created: 2/20/2011 3:24 PM
Modified: 12/25/2011 9:05 AM
Company: [no info]
---------Web Desktop Wallpaper entry is blank
---------Checks for rogue DNS NameServers completed
------------------Additional checks completed
************************************************************
9:51:58 AM: Scanning ----- RUNNING PROCESSES ----C:\Windows\System32\smss.exe
69632 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe
6144 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\wininit.exe
96256 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe - file already scanned
-------------------C:\Windows\system32\services.exe
259072 bytes
Created: 7/14/2009 4:11 AM

Modified: 7/14/2009 6:14 AM

Company: Microsoft Corporation
-------------------C:\Windows\system32\lsass.exe
22528 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\lsm.exe
261120 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\winlogon.exe
285696 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe
20992 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe - file alread
y scanned
-------------------C:\Windows\system32\Ati2evxx.exe
684032 bytes
Created: 6/3/2008 3:33 AM
Modified: 6/3/2008 3:33 AM
Company: ATI Technologies Inc.
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\Ati2evxx.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashServ.exe - file already scanned
-------------------C:\Windows\system32\Dwm.exe
92672 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
--------------------

C:\Windows\Explorer.EXE - file already scanned

-------------------C:\Windows\System32\spoolsv.exe
316416 bytes
Created: 7/14/2009 5:18 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\sched.exe - file already scanned
-------------------C:\Windows\system32\taskhost.exe
49152 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\taskeng.exe
190464 bytes
Created: 7/14/2009 4:30 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\avguard.exe - file already scanned
-------------------C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe - file already
scanned
-------------------C:\Program Files\Google\Update\GoogleUpdate.exe - file already scanned
-------------------C:\Windows\system32\taskeng.exe - file already scanned
-------------------C:\Windows\system32\NLSSRV32.EXE - file already scanned
-------------------C:\Windows\system32\sppsvc.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
80336 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------C:\Windows\system32\conhost.exe
271360 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\avmailc.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashWebSv.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe - file already

scanned
-------------------C:\Program Files\USB Disk Security\USBGuard.exe - file already scanned
-------------------C:\Program Files\Common Files\Java\Java Update\jusched.exe - file already scanne
d
-------------------C:\Program Files\Microsoft Security Client\msseces.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - file already scanned
-------------------C:\Program Files\Trojan Remover\Trjscan.exe - file already scanned
-------------------C:\Program Files\Alwil Software\Avast4\ashDisp.exe - file already scanned
-------------------C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe - file alread
y scanned
-------------------C:\Program Files\DAP\DAP.exe - file already scanned
-------------------C:\Windows\system32\SearchIndexer.exe
428032 bytes
Created: 7/14/2009 5:14 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Windows Sidebar\sidebar.exe - file already scanned
-------------------C:\Program Files\Internet Download Manager\IDMan.exe - file already scanned
-------------------C:\Program Files\Broadband\Broadband.exe - file already scanned
-------------------C:\Program Files\Internet Download Manager\IEMonitor.exe
263600 bytes
Created: 11/14/2011 6:39 PM
Modified: 5/25/2010 5:28 PM
Company: Tonec Inc.
-------------------C:\PROGRA~1\ALWILS~1\Avast4\ashQuick.exe
262280 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:47 AM
Company: ALWIL Software
-------------------C:\Program Files\Trojan Remover\Rmvtrjan.exe
FileSize:
2933624
[This is a Trojan Remover component]
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\system32\wbem\wmiprvse.exe
254976 bytes
Created: 7/14/2009 4:30 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------************************************************************
9:52:05 AM: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS -----HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://home.allgameshome.com/
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.searchqu.com/406
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 9:52:06 AM 15 Nov 2011
Total Scan time: 00:01:32
************************************************************
***** THE SYSTEM HAS BEEN RESTARTED *****
11/15/2011 9:48:56 AM: Trojan Remover has been restarted
=======================================================
Removing the following registry keys:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{
99079a25-328f-4bd4-be04-00955acaa0a7} - already removed (or did not exist)
HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} - already removed (or did not
exist)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{
D4027C7F-154A-4066-A1AD-4243D8127440} - already removed (or did not exist)
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} - already removed (or did not
exist)
=======================================================
Unable to rename C:\PROGRA~1\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll to C:\PRO
GRA~1\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll.vir
(C:\PROGRA~1\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll does not appear to exist)
Unable to rename C:\Program Files\Ask.com\GenericAskToolbar.dll to C:\Program Fi
les\Ask.com\GenericAskToolbar.dll.vir
(C:\Program Files\Ask.com\GenericAskToolbar.dll does not appear to exist)
11/15/2011 9:48:57 AM: Trojan Remover closed
************************************************************
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.6.2565. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 9:44:12 AM 15 Nov 2011
Using Database v7291
Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED.
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\

Database directory: C:\Program Files\Trojan Remover\

Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************
The following Anti-Malware program(s) are loaded:
Avira AntiVir
************************************************************
************************************************************
9:44:12 AM: ----- SCANNING FOR ROOTKIT SERVICES ----No hidden Services were detected.
************************************************************
9:44:14 AM: Scanning -----WINDOWS REGISTRY-----------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: explorer.exe
C:\Windows\explorer.exe
2613248 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
26112 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
----------------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
-------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: USB Antivirus
Value Data: C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\USB Disk Security\USBGuard.exe
798720 bytes
Created: 10/14/2011 8:59 AM
Modified: 3/27/2008 11:35 AM
Company: http://www.zbshareware.com
-------------------Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
C:\Program Files\QuickTime\QTTask.exe
421888 bytes

Created: 7/5/2011 6:36 PM

Modified: 7/5/2011 6:36 PM
Company: Apple Inc.
-------------------Value Name: SunJavaUpdateSched
Value Data: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
C:\Program Files\Common Files\Java\Java Update\jusched.exe
254696 bytes
Created: 6/9/2011 1:06 PM
Modified: 6/9/2011 1:06 PM
Company: Sun Microsystems, Inc.
-------------------Value Name: MSC
Value Data: "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runk
ey
c:\Program Files\Microsoft Security Client\msseces.exe
997920 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
-------------------Value Name: avgnt
Value Data: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
258512 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------Value Name: Corel Graphics Suite 1117
Value Data: C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /
title="Corel Graphics Suite 11" /date=112611 serial=DR11CRD-0012082-DGW
C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe [file not fou
nd to scan]
-------------------Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot
C:\Program Files\Trojan Remover\Trjscan.exe
1211784 bytes
Created: 11/5/2011 11:56 AM
Modified: 2/21/2009 6:30 PM
Company: Simply Super Software
-------------------Value Name: avast!
Value Data: "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
81000 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
--------------------------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
-------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: Facebook Update
Value Data: "C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe"
/c /nocrashserver
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe

137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
-------------------Value Name: DownloadAccelerator
Value Data: "C:\Program Files\DAP\DAP.EXE" /STARTUP
C:\Program Files\DAP\DAP.EXE
2975920 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/29/2011 6:30 AM
Company: SpeedBit Ltd.
-------------------Value Name: Sidebar
Value Data: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
C:\Program Files\Windows Sidebar\sidebar.exe
1173504 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Value Name: IDMan
Value Data: C:\Program Files\Internet Download Manager\IDMan.exe /onboot
C:\Program Files\Internet Download Manager\IDMan.exe
3437976 bytes
Created: 11/14/2011 6:39 PM
Modified: 11/14/2011 4:52 PM
Company: Tonec Inc.
-------------------Value Name: Mobile Partner
Value Data: "C:\Program Files\Broadband\Broadband.exe"
C:\Program Files\Broadband\Broadband.exe
536576 bytes
Created: 12/23/2011 6:20 AM
Modified: 12/23/2011 6:20 AM
Company: TODO: <???>
--------------------------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
************************************************************
9:44:21 AM: Scanning -----SHELLEXECUTEHOOKS----ShellExecuteHooks key is empty
************************************************************
9:44:21 AM: Scanning -----HIDDEN REGISTRY ENTRIES----Taskdir check completed
---------No Hidden File-loading Registry Entries found
---------************************************************************
9:44:21 AM: Scanning -----ACTIVE SCREENSAVER----ScreenSaver: C:\Windows\system32\scrnsave.scr
C:\Windows\system32\scrnsave.scr
10240 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation

-------------------************************************************************
9:44:22 AM: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----Key: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}
Path: "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",Bran
dIEActiveSetup SIGNUP
C:\Windows\System32\rundll32.exe
44544 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------************************************************************
9:44:22 AM: Scanning ----- SERVICEDLL REGISTRY KEYS ----Key: AppIDSvc
Path: %SystemRoot%\System32\appidsvc.dll
C:\Windows\System32\appidsvc.dll
27648 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: AxInstSV
Path: %SystemRoot%\System32\AxInstSV.dll
C:\Windows\System32\AxInstSV.dll
88064 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: BDESVC
Path: %SystemRoot%\System32\bdesvc.dll
C:\Windows\System32\bdesvc.dll
76800 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: bthserv
Path: %SystemRoot%\system32\bthserv.dll
C:\Windows\system32\bthserv.dll
64512 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: defragsvc
Path: %Systemroot%\System32\defragsvc.dll
C:\Windows\System32\defragsvc.dll
218624 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: Dhcp
Path: %SystemRoot%\system32\dhcpcore.dll
C:\Windows\system32\dhcpcore.dll
253440 bytes

Created: 7/14/2009 4:12 AM

Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: FontCache
Path: %SystemRoot%\system32\FntCache.dll
C:\Windows\system32\FntCache.dll
797696 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupListener
Path: %SystemRoot%\system32\ListSvc.dll
C:\Windows\system32\ListSvc.dll
194560 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupProvider
Path: %SystemRoot%\system32\provsvc.dll
C:\Windows\system32\provsvc.dll
165376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: p2pimsvc
Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PeerDistSvc
Path: %SystemRoot%\system32\peerdistsvc.dll
C:\Windows\system32\peerdistsvc.dll
1004544 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPAutoReg
Path: %SystemRoot%\system32\pnrpauto.dll
C:\Windows\system32\pnrpauto.dll
20480 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPsvc
Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
--------------------

Key: Power
Path: %SystemRoot%\system32\umpo.dll
C:\Windows\system32\umpo.dll
119808 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: RpcEptMapper
Path: %SystemRoot%\System32\RpcEpMap.dll
C:\Windows\System32\RpcEpMap.dll
43520 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: SensrSvc
Path: %SystemRoot%\system32\sensrsvc.dll
C:\Windows\system32\sensrsvc.dll
25088 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: sppuinotify
Path: %SystemRoot%\system32\sppuinotify.dll
C:\Windows\system32\sppuinotify.dll
53760 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: Themes
Path: %SystemRoot%\system32\themeservice.dll
C:\Windows\system32\themeservice.dll
37376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WbioSrvc
Path: %SystemRoot%\System32\wbiosrvc.dll
C:\Windows\System32\wbiosrvc.dll
151552 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WwanSvc
Path: %SystemRoot%\System32\wwansvc.dll
C:\Windows\System32\wwansvc.dll
185856 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------************************************************************
9:44:34 AM: Scanning ----- SERVICES REGISTRY KEYS ----Key:
1394ohci

ImagePath: \SystemRoot\system32\DRIVERS\1394ohci.sys
C:\Windows\system32\DRIVERS\1394ohci.sys
163328 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
AcpiPmi
ImagePath: \SystemRoot\system32\DRIVERS\acpipmi.sys
C:\Windows\system32\DRIVERS\acpipmi.sys
9728 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 4:16 AM
Company: Microsoft Corporation
---------Key:
ALCXWDM
ImagePath: system32\drivers\RTKVAC.SYS
C:\Windows\system32\drivers\RTKVAC.SYS
4172832 bytes
Created: 6/18/2009 7:45 PM
Modified: 6/18/2009 7:45 PM
Company: Realtek Semiconductor Corp.
---------Key:
AmdPPM
ImagePath: \SystemRoot\system32\DRIVERS\amdppm.sys
C:\Windows\system32\DRIVERS\amdppm.sys
52736 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
amdsata
ImagePath: \SystemRoot\system32\DRIVERS\amdsata.sys
C:\Windows\system32\DRIVERS\amdsata.sys
79952 bytes
Created: 6/11/2009 2:19 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
amdsbs
ImagePath: \SystemRoot\system32\DRIVERS\amdsbs.sys
C:\Windows\system32\DRIVERS\amdsbs.sys
159312 bytes
Created: 6/11/2009 2:20 AM
Modified: 7/14/2009 6:26 AM
Company: AMD Technologies Inc.
---------Key:
amdxata
ImagePath: system32\DRIVERS\amdxata.sys
C:\Windows\system32\DRIVERS\amdxata.sys
23616 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
AntiVirMailService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avmailc.exe"
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
342480 bytes
Created: 11/1/2011 10:59 AM

Modified: 10/19/2011 5:03 PM

Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirSchedulerService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\sched.exe"
C:\Program Files\Avira\AntiVir Desktop\sched.exe
86224 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avguard.exe"
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
110032 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirWebService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
463824 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AppID
ImagePath: \SystemRoot\system32\drivers\appid.sys
C:\Windows\system32\drivers\appid.sys
50176 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 4:36 AM
Company: Microsoft Corporation
---------Key:
aswFsBlk
ImagePath: system32\DRIVERS\aswFsBlk.sys
C:\Windows\system32\DRIVERS\aswFsBlk.sys
20560 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:50 AM
Company: ALWIL Software
---------Key:
aswMonFlt
ImagePath: system32\DRIVERS\aswMonFlt.sys
C:\Windows\system32\DRIVERS\aswMonFlt.sys
53328 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:49 AM
Company: ALWIL Software
---------Key:
aswUpdSv
ImagePath: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
18752 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:43 AM
Company: ALWIL Software
---------Key:
avast! Antivirus

ImagePath: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"

C:\Program Files\Alwil Software\Avast4\ashServ.exe
138680 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
---------Key:
avast! Mail Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
254040 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:51 AM
Company: ALWIL Software
---------Key:
avast! Web Scanner
ImagePath: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
352920 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:48 AM
Company: ALWIL Software
---------Key:
avgntflt
ImagePath: system32\DRIVERS\avgntflt.sys
C:\Windows\system32\DRIVERS\avgntflt.sys
74640 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
avipbb
ImagePath: system32\DRIVERS\avipbb.sys
C:\Windows\system32\DRIVERS\avipbb.sys
134344 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
avkmgr
ImagePath: system32\DRIVERS\avkmgr.sys
C:\Windows\system32\DRIVERS\avkmgr.sys
36000 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
b06bdrv
ImagePath: \SystemRoot\system32\DRIVERS\bxvbdx.sys
C:\Windows\system32\DRIVERS\bxvbdx.sys
430080 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
b57nd60x
ImagePath: system32\DRIVERS\b57nd60x.sys
C:\Windows\system32\DRIVERS\b57nd60x.sys
229888 bytes
Created: 7/14/2009 3:02 AM

Modified: 7/14/2009 3:02 AM

Company: Broadcom Corporation
---------Key:
blbdrive
ImagePath: system32\DRIVERS\blbdrive.sys
C:\Windows\system32\DRIVERS\blbdrive.sys
35328 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 4:23 AM
Company: Microsoft Corporation
---------Key:
CmBatt
ImagePath: \SystemRoot\system32\DRIVERS\CmBatt.sys
C:\Windows\system32\DRIVERS\CmBatt.sys
14080 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
CNG
ImagePath: System32\Drivers\cng.sys
C:\Windows\System32\Drivers\cng.sys
369568 bytes
Created: 7/14/2009 4:32 AM
Modified: 7/14/2009 6:17 AM
Company: Microsoft Corporation
---------Key:
CompositeBus
ImagePath: system32\DRIVERS\CompositeBus.sys
C:\Windows\system32\DRIVERS\CompositeBus.sys
31232 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
crcdisk
ImagePath: \SystemRoot\system32\DRIVERS\crcdisk.sys
C:\Windows\system32\DRIVERS\crcdisk.sys
22096 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
discache
ImagePath: System32\drivers\discache.sys
C:\Windows\System32\drivers\discache.sys
32256 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 4:24 AM
Company: Microsoft Corporation
---------Key:
ebdrv
ImagePath: \SystemRoot\system32\DRIVERS\evbdx.sys
C:\Windows\system32\DRIVERS\evbdx.sys
3100160 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
flpydisk

ImagePath: \SystemRoot\system32\DRIVERS\flpydisk.sys
C:\Windows\system32\DRIVERS\flpydisk.sys
19968 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
FsDepends
ImagePath: System32\drivers\FsDepends.sys
C:\Windows\System32\drivers\FsDepends.sys
46160 bytes
Created: 7/14/2009 4:15 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
gupdate
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
gupdatem
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
hcw85cir
ImagePath: \SystemRoot\system32\drivers\hcw85cir.sys
C:\Windows\system32\drivers\hcw85cir.sys
26624 bytes
Created: 7/14/2009 3:54 AM
Modified: 7/14/2009 3:54 AM
Company: Hauppauge Computer Works, Inc.
---------Key:
HidBatt
ImagePath: \SystemRoot\system32\DRIVERS\HidBatt.sys
C:\Windows\system32\DRIVERS\HidBatt.sys
21504 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
HpSAMD
ImagePath: \SystemRoot\system32\DRIVERS\HpSAMD.sys
C:\Windows\system32\DRIVERS\HpSAMD.sys
67152 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: Hewlett-Packard Company
---------Key:
hwdatacard
ImagePath: system32\DRIVERS\ewusbmdm.sys
C:\Windows\system32\DRIVERS\ewusbmdm.sys
102912 bytes
Created: 12/23/2011 6:21 AM

Modified: 9/10/2009 3:31 PM

Company: Huawei Technologies Co., Ltd.
---------Key:
hwpolicy
ImagePath: System32\drivers\hwpolicy.sys
C:\Windows\System32\drivers\hwpolicy.sys
13904 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
hwusbdev
ImagePath: system32\DRIVERS\ewusbdev.sys
C:\Windows\system32\DRIVERS\ewusbdev.sys
101120 bytes
Created: 12/23/2011 6:21 AM
Modified: 10/12/2009 3:22 PM
Company: Huawei Technologies Co., Ltd.
---------Key:
IDMWFP
ImagePath: system32\DRIVERS\idmwfp.sys
C:\Windows\system32\DRIVERS\idmwfp.sys
89376 bytes
Created: 11/14/2011 6:39 PM
Modified: 7/6/2011 6:14 PM
Company: Tonec Inc.
---------Key:
intelppm
ImagePath: \SystemRoot\system32\DRIVERS\intelppm.sys
C:\Windows\system32\DRIVERS\intelppm.sys
53760 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
iScsiPrt
ImagePath: \SystemRoot\system32\DRIVERS\msiscsi.sys
C:\Windows\system32\DRIVERS\msiscsi.sys
186960 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
kbdhid
ImagePath: \SystemRoot\system32\DRIVERS\kbdhid.sys
C:\Windows\system32\DRIVERS\kbdhid.sys
28160 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
KSecPkg
ImagePath: System32\Drivers\ksecpkg.sys
C:\Windows\System32\Drivers\ksecpkg.sys
133200 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
LSI_FC

ImagePath: \SystemRoot\system32\DRIVERS\lsi_fc.sys
C:\Windows\system32\DRIVERS\lsi_fc.sys
95824 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas.sys
C:\Windows\system32\DRIVERS\lsi_sas.sys
89168 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS2
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas2.sys
C:\Windows\system32\DRIVERS\lsi_sas2.sys
54864 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SCSI
ImagePath: \SystemRoot\system32\DRIVERS\lsi_scsi.sys
C:\Windows\system32\DRIVERS\lsi_scsi.sys
96848 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
MpFilter
ImagePath: system32\DRIVERS\MpFilter.sys
C:\Windows\system32\DRIVERS\MpFilter.sys
165648 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation
---------Key:
MpKsl19b7cb5c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{63FC53AE-0C80-4781-A0F2-D285951B5C1C}\MpKsl19b7cb5c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{63FC53AE-0C80
-4781-A0F2-D285951B5C1C}\MpKsl19b7cb5c.sys [file not found to scan]
---------Key:
MpKsl292c9fc4
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{C2E8B41D-8A3B-440A-94E5-ADC0E3405A30}\MpKsl292c9fc4.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C2E8B41D-8A3B
-440A-94E5-ADC0E3405A30}\MpKsl292c9fc4.sys [file not found to scan]
---------Key:
MpKsl2ed2d473
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FEDAB18A-7B52-47C7-8216-D8E2B3F38CB6}\MpKsl2ed2d473.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDAB18A-7B52
-47C7-8216-D8E2B3F38CB6}\MpKsl2ed2d473.sys [file not found to scan]
---------Key:
MpKsl43dec7fa
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKsl43dec7fa.sys

c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB

-4621-AB03-331336B8C789}\MpKsl43dec7fa.sys [file not found to scan]
---------Key:
MpKsl4827cce2
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA200FC3-0ACF-4696-B54F-C617A393F3F2}\MpKsl4827cce2.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA200FC3-0ACF
-4696-B54F-C617A393F3F2}\MpKsl4827cce2.sys [file not found to scan]
---------Key:
MpKsl4af71ab5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{125D1778-DD71-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{125D1778-DD71
-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys [file not found to scan]
---------Key:
MpKsl5ac8e01c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{EC9E497F-B5E8-44D0-B086-3AF9A4221A07}\MpKsl5ac8e01c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EC9E497F-B5E8
-44D0-B086-3AF9A4221A07}\MpKsl5ac8e01c.sys [file not found to scan]
---------Key:
MpKsl611ac31f
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E4A015ED-FE16-4385-96B4-862985D2FFFC}\MpKsl611ac31f.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4A015ED-FE16
-4385-96B4-862985D2FFFC}\MpKsl611ac31f.sys [file not found to scan]
---------Key:
MpKsl65972984
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{89274BDA-1166-4961-AA83-49BE6A9B35DC}\MpKsl65972984.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89274BDA-1166
-4961-AA83-49BE6A9B35DC}\MpKsl65972984.sys [file not found to scan]
---------Key:
MpKsl6780b090
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E7D97244-3332-48C5-AEEF-555B63449487}\MpKsl6780b090.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D97244-3332
-48C5-AEEF-555B63449487}\MpKsl6780b090.sys [file not found to scan]
---------Key:
MpKsl6ce2c32c
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F04B1274-39FA-497F-96A1-1113653CD37C}\MpKsl6ce2c32c.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F04B1274-39FA
-497F-96A1-1113653CD37C}\MpKsl6ce2c32c.sys [file not found to scan]
---------Key:
MpKsl6d167de1
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKsl6d167de1.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKsl6d167de1.sys [file not found to scan]
---------Key:
MpKsl6ddfbb59
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FB066597-4A54-40D8-8EFE-5AC154F5D4A7}\MpKsl6ddfbb59.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FB066597-4A54
-40D8-8EFE-5AC154F5D4A7}\MpKsl6ddfbb59.sys [file not found to scan]
---------Key:
MpKsl77164ad8
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{AE29A31E-1183-4CB2-9700-B161DDDB0700}\MpKsl77164ad8.sys

c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AE29A31E-1183

-4CB2-9700-B161DDDB0700}\MpKsl77164ad8.sys [file not found to scan]
---------Key:
MpKsl7a7ef606
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F9F948D5-68FF-4642-8AE8-44F93EDF9F61}\MpKsl7a7ef606.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F9F948D5-68FF
-4642-8AE8-44F93EDF9F61}\MpKsl7a7ef606.sys [file not found to scan]
---------Key:
MpKsl7e18e2f1
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FEDAB18A-7B52-47C7-8216-D8E2B3F38CB6}\MpKsl7e18e2f1.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FEDAB18A-7B52
-47C7-8216-D8E2B3F38CB6}\MpKsl7e18e2f1.sys [file not found to scan]
---------Key:
MpKsl7ef1c63a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsl7ef1c63a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsl7ef1c63a.sys
29904 bytes
Created: 12/21/2011 5:49 AM
Modified: 12/21/2011 5:49 AM
Company: Microsoft Corporation
---------Key:
MpKsl86faea71
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{1801E2FC-6C49-4AB0-B29A-D5513E9AB219}\MpKsl86faea71.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1801E2FC-6C49
-4AB0-B29A-D5513E9AB219}\MpKsl86faea71.sys [file not found to scan]
---------Key:
MpKsl96f50f1a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA200FC3-0ACF-4696-B54F-C617A393F3F2}\MpKsl96f50f1a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA200FC3-0ACF
-4696-B54F-C617A393F3F2}\MpKsl96f50f1a.sys [file not found to scan]
---------Key:
MpKsl9834e373
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKsl9834e373.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKsl9834e373.sys [file not found to scan]
---------Key:
MpKsl9b9925f7
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{87A2B06F-AEDB-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87A2B06F-AEDB
-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys [file not found to scan]
---------Key:
MpKsla40f86f2
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{D93F9AEA-0FB3-43DE-BC08-4D52ADDC31C3}\MpKsla40f86f2.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D93F9AEA-0FB3
-43DE-BC08-4D52ADDC31C3}\MpKsla40f86f2.sys [file not found to scan]
---------Key:
MpKsla4270d7e
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{A8F1F9E2-A163-4A96-986C-DBB1BEFCFB45}\MpKsla4270d7e.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{A8F1F9E2-A163
-4A96-986C-DBB1BEFCFB45}\MpKsla4270d7e.sys [file not found to scan]

---------Key:
MpKsla90dfa44
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F04B1274-39FA-497F-96A1-1113653CD37C}\MpKsla90dfa44.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F04B1274-39FA
-497F-96A1-1113653CD37C}\MpKsla90dfa44.sys [file not found to scan]
---------Key:
MpKslb3ec5bfc
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{89274BDA-1166-4961-AA83-49BE6A9B35DC}\MpKslb3ec5bfc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89274BDA-1166
-4961-AA83-49BE6A9B35DC}\MpKslb3ec5bfc.sys [file not found to scan]
---------Key:
MpKslba40cab8
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKslba40cab8.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKslba40cab8.sys [file not found to scan]
---------Key:
MpKslc726619e
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{E7D97244-3332-48C5-AEEF-555B63449487}\MpKslc726619e.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D97244-3332
-48C5-AEEF-555B63449487}\MpKslc726619e.sys [file not found to scan]
---------Key:
MpKslc812cda5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys [file not found to scan]
---------Key:
MpKsld1a9a4bd
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsld1a9a4bd.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsld1a9a4bd.sys [file not found to scan]
---------Key:
MpKsld3a59ca7
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4E6B76EC-3692-4C80-A00B-FB2A4A817156}\MpKsld3a59ca7.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4E6B76EC-3692
-4C80-A00B-FB2A4A817156}\MpKsld3a59ca7.sys
29904 bytes
Created: 12/25/2011 9:27 AM
Modified: 12/25/2011 9:27 AM
Company: Microsoft Corporation
---------Key:
MpKsld6bc2ace
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{41075F48-D9B6-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{41075F48-D9B6
-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys [file not found to scan]
---------Key:
MpKsldb078f3b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{18376A16-6A89-4431-9AAE-7757B1860F0B}\MpKsldb078f3b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{18376A16-6A89
-4431-9AAE-7757B1860F0B}\MpKsldb078f3b.sys [file not found to scan]
---------Key:
MpKsle40809dc

ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates

\{BBDC0D42-7802-440D-A612-6A7B59ED49B6}\MpKsle40809dc.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BBDC0D42-7802
-440D-A612-6A7B59ED49B6}\MpKsle40809dc.sys [file not found to scan]
---------Key:
MpKsle6b3f7f6
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{F82BC6C4-990C-4822-A000-19C5D52A07F5}\MpKsle6b3f7f6.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F82BC6C4-990C
-4822-A000-19C5D52A07F5}\MpKsle6b3f7f6.sys [file not found to scan]
---------Key:
MpKsled7ad05b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4B60937A-DEE2-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B60937A-DEE2
-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys [file not found to scan]
---------Key:
MpKslf8aafc7a
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{0BA28B78-A5AB-4621-AB03-331336B8C789}\MpKslf8aafc7a.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{0BA28B78-A5AB
-4621-AB03-331336B8C789}\MpKslf8aafc7a.sys [file not found to scan]
---------Key:
MpNWMon
ImagePath: system32\DRIVERS\MpNWMon.sys
C:\Windows\system32\DRIVERS\MpNWMon.sys
43392 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation
---------Key:
mshidkmdf
ImagePath: \SystemRoot\System32\drivers\mshidkmdf.sys
C:\Windows\System32\drivers\mshidkmdf.sys
4096 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
MsMpSvc
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
11736 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
MTConfig
ImagePath: \SystemRoot\system32\DRIVERS\MTConfig.sys
C:\Windows\system32\DRIVERS\MTConfig.sys
12288 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 4:46 AM
Company: Microsoft Corporation
---------Key:
NdisCap
ImagePath: system32\DRIVERS\ndiscap.sys
C:\Windows\system32\DRIVERS\ndiscap.sys
27136 bytes
Created: 7/14/2009 4:52 AM

Modified: 7/14/2009 4:52 AM

Company: Microsoft Corporation
---------Key:
Nero BackItUp Scheduler 4.0
ImagePath: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
935208 bytes
Created: 7/20/2009 11:51 AM
Modified: 7/20/2009 11:51 AM
Company: Nero AG
---------Key:
NisDrv
ImagePath: system32\DRIVERS\NisDrvWFP.sys
C:\Windows\system32\DRIVERS\NisDrvWFP.sys
65024 bytes
Created: 4/27/2011 3:25 PM
Modified: 4/27/2011 3:25 PM
Company: Microsoft Corporation
---------Key:
NisSrv
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
208944 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
nlsX86cc
ImagePath: C:\Windows\system32\NLSSRV32.EXE
C:\Windows\system32\NLSSRV32.EXE
68928 bytes
Created: 9/24/2011 3:03 PM
Modified: 9/24/2011 3:03 PM
Company: Nalpeiron Ltd.
---------Key:
pcw
ImagePath: System32\drivers\pcw.sys
C:\Windows\System32\drivers\pcw.sys
43088 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
RasAgileVpn
ImagePath: system32\DRIVERS\AgileVpn.sys
C:\Windows\system32\DRIVERS\AgileVpn.sys
49152 bytes
Created: 7/14/2009 4:55 AM
Modified: 7/14/2009 4:55 AM
Company: Microsoft Corporation
---------Key:
rdpbus
ImagePath: system32\DRIVERS\rdpbus.sys
C:\Windows\system32\DRIVERS\rdpbus.sys
18944 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 5:02 AM
Company: Microsoft Corporation
---------Key:
RDPREFMP

ImagePath: system32\drivers\rdprefmp.sys
C:\Windows\system32\drivers\rdprefmp.sys
7168 bytes
Created: 7/14/2009 5:01 AM
Modified: 7/14/2009 5:01 AM
Company: Microsoft Corporation
---------Key:
rdyboost
ImagePath: System32\drivers\rdyboost.sys
C:\Windows\System32\drivers\rdyboost.sys
173648 bytes
Created: 7/14/2009 4:22 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
s3cap
ImagePath: \SystemRoot\system32\DRIVERS\vms3cap.sys
C:\Windows\system32\DRIVERS\vms3cap.sys
5632 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
scfilter
ImagePath: System32\DRIVERS\scfilter.sys
C:\Windows\System32\DRIVERS\scfilter.sys
26624 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 4:33 AM
Company: Microsoft Corporation
---------Key:
sppsvc
ImagePath: %SystemRoot%\system32\sppsvc.exe
C:\Windows\system32\sppsvc.exe
3179520 bytes
Created: 7/14/2009 5:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------Key:
ssmdrv
ImagePath: system32\DRIVERS\ssmdrv.sys
C:\Windows\system32\DRIVERS\ssmdrv.sys
28520 bytes
Created: 11/1/2011 10:59 AM
Modified: 6/17/2010 3:14 PM
Company: Avira GmbH
---------Key:
stexstor
ImagePath: \SystemRoot\system32\DRIVERS\stexstor.sys
C:\Windows\system32\DRIVERS\stexstor.sys
21072 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:19 AM
Company: Promise Technology
---------Key:
storflt
ImagePath: system32\DRIVERS\vmstorfl.sys
C:\Windows\system32\DRIVERS\vmstorfl.sys
40896 bytes
Created: 7/14/2009 12:47 PM

Modified: 7/14/2009 6:19 AM

Company: Microsoft Corporation
---------Key:
storvsc
ImagePath: \SystemRoot\system32\DRIVERS\storvsc.sys
C:\Windows\system32\DRIVERS\storvsc.sys
28224 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
taphss
ImagePath: system32\DRIVERS\taphss.sys
C:\Windows\system32\DRIVERS\taphss.sys
32768 bytes
Created: 7/26/2011 10:49 PM
Modified: 7/26/2011 10:49 PM
Company: AnchorFree Inc
---------Key:
UmPass
ImagePath: \SystemRoot\system32\DRIVERS\umpass.sys
C:\Windows\system32\DRIVERS\umpass.sys
8192 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbuhci
ImagePath: \SystemRoot\system32\DRIVERS\usbuhci.sys
C:\Windows\system32\DRIVERS\usbuhci.sys
24064 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbvideo
ImagePath: System32\Drivers\usbvideo.sys
C:\Windows\System32\Drivers\usbvideo.sys
146176 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
vdrvroot
ImagePath: system32\DRIVERS\vdrvroot.sys
C:\Windows\system32\DRIVERS\vdrvroot.sys
32832 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vhdmp
ImagePath: \SystemRoot\system32\DRIVERS\vhdmp.sys
C:\Windows\system32\DRIVERS\vhdmp.sys
159824 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vmbus

ImagePath: \SystemRoot\system32\DRIVERS\vmbus.sys
C:\Windows\system32\DRIVERS\vmbus.sys
175824 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
VMBusHID
ImagePath: \SystemRoot\system32\DRIVERS\VMBusHID.sys
C:\Windows\system32\DRIVERS\VMBusHID.sys
17920 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
vwifibus
ImagePath: \SystemRoot\System32\drivers\vwifibus.sys
C:\Windows\System32\drivers\vwifibus.sys
19968 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
WfpLwf
ImagePath: system32\DRIVERS\wfplwf.sys
C:\Windows\system32\DRIVERS\wfplwf.sys
9728 bytes
Created: 7/14/2009 4:53 AM
Modified: 7/14/2009 4:53 AM
Company: Microsoft Corporation
---------Key:
WIMMount
ImagePath: system32\drivers\wimmount.sys
C:\Windows\system32\drivers\wimmount.sys
19008 bytes
Created: 7/14/2009 4:17 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------************************************************************
9:45:09 AM: Scanning -----VXD ENTRIES----************************************************************
9:45:09 AM: Scanning ----- WINLOGON\NOTIFY DLLS ----No WINLOGON\NOTIFY DLLs found to scan
************************************************************
9:45:09 AM: Scanning ----- CONTEXTMENUHANDLERS ----Key: avast
CLSID: {472083B0-C522-11CF-8763-00608CC02F24}
Path: C:\Program Files\Alwil Software\Avast4\ashShell.dll
C:\Program Files\Alwil Software\Avast4\ashShell.dll
76880 bytes
Created: 11/15/2011 9:36 AM
Modified: 11/25/2009 4:47 AM
Company: ALWIL Software
---------Key: BriefcaseMenu
CLSID: {85BBD920-42A0-1069-A2E4-08002B30309D}

Path: %SystemRoot%\system32\syncui.dll
C:\Windows\system32\syncui.dll
158720 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: DAP_ShredMenu
CLSID: {BED4C38B-F765-45AC-8C56-613F76BBF43E}
Path: C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
55472 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/14/2011 8:58 AM
Company: Speedbit Ltd.
---------Key: EPP
CLSID: {09A47860-11B0-4DA5-AFA5-26D86198A780}
Path: c:\PROGRA~1\MICROS~4\shellext.dll
c:\PROGRA~1\MICROS~4\shellext.dll
301128 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
---------Key: Sharing
CLSID: {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Path: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll
442880 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: Shell Extension for Malware scanning
CLSID: {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
Path: C:\Program Files\Avira\AntiVir Desktop\shlext.dll
C:\Program Files\Avira\AntiVir Desktop\shlext.dll
150480 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------************************************************************
9:45:11 AM: Scanning ----- FOLDER\COLUMNHANDLERS ----Key: {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A}
File: C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
5972760 bytes
Created: 10/29/2011 4:30 PM
Modified: 1/11/2011 12:18 PM
Company: Tracker Software Products Ltd.
---------************************************************************
9:45:11 AM: Scanning ----- BROWSER HELPER OBJECTS ----Key: {389943B0-C3A2-4E69-82CB-8596A84CB3DC}
BHO: C:\Program Files\SearchPredict\SearchPredict.dll
C:\Program Files\SearchPredict\SearchPredict.dll

498840 bytes
Created: 10/14/2011 8:58 AM
Modified: 6/28/2011 5:41 PM
Company: SpeedBit Ltd.
---------Key: {92A9ACF4-9333-43AE-9698-DB283326F87F}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
2660016 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/15/2011 8:25 PM
Company:
---------Key: {99079a25-328f-4bd4-be04-00955acaa0a7}
BHO: C:\PROGRA~1\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
C:\PROGRA~1\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll - this BHO was being loade
d by the following key:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{
99079a25-328f-4bd4-be04-00955acaa0a7} - this key has been removed
C:\PROGRA~1\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll - this BHO was referenced
by the following key:
HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} - this key has be
en removed
C:\PROGRA~1\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll - unable to take ownership
/change permissions
C:\PROGRA~1\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll - marked for renaming when
the PC is restarted (if it exists)
---------Key: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
BHO: C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
3844768 bytes
Created: 11/29/2011 6:22 AM
Modified: 11/29/2011 6:22 AM
Company: Skype Technologies S.A.
---------Key: {D4027C7F-154A-4066-A1AD-4243D8127440}
BHO: C:\Program Files\Ask.com\GenericAskToolbar.dll
C:\Program Files\Ask.com\GenericAskToolbar.dll - this BHO was being loaded by th
e following key:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{
D4027C7F-154A-4066-A1AD-4243D8127440} - this key has been removed
C:\Program Files\Ask.com\GenericAskToolbar.dll - this BHO was referenced by the
following key:
HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} - this key has be
en removed
C:\Program Files\Ask.com\GenericAskToolbar.dll - unable to take ownership/change
permissions
C:\Program Files\Ask.com\GenericAskToolbar.dll - marked for renaming when the PC
is restarted (if it exists)
---------Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files\Java\jre6\bin\jp2ssv.dll
C:\Program Files\Java\jre6\bin\jp2ssv.dll
42272 bytes
Created: 10/7/2011 11:23 AM
Modified: 10/7/2011 11:23 AM
Company: Sun Microsystems, Inc.
---------Key: {FF6C3CF0-4B15-11D1-ABED-709549C10000}

BHO: C:\PROGRA~1\DAP\DAPIEL~1.DLL
C:\PROGRA~1\DAP\DAPIEL~1.DLL
141568 bytes
Created: 10/14/2011 11:31 AM
Modified: 10/14/2011 11:31 AM
Company: SpeedBit Ltd.
---------Key: {FF7C3CF0-4B15-11D1-ABED-709549C10000}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
356024 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/15/2011 8:25 PM
Company: SpeedBit
---------************************************************************
9:45:43 AM: Scanning ----- SHELLSERVICEOBJECTS ----************************************************************
9:45:43 AM: Scanning ----- SHAREDTASKSCHEDULER ENTRIES ----No SharedTaskScheduler entries found to scan
************************************************************
9:45:43 AM: Scanning ----- IMAGEFILE DEBUGGERS ----No "Debugger" entries found.
************************************************************
9:45:43 AM: Scanning ----- APPINIT_DLLS ----The following AppInitDLLs entry is hidden/stealthed:
AppInitDLLs entry = [
]
************************************************************
9:45:44 AM: Scanning ----- SECURITY PROVIDER DLLS ----************************************************************
9:45:44 AM: Scanning ------ COMMON STARTUP GROUP -----[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 7/14/2009 9:41 AM
Modified: 7/14/2009 9:41 AM
Company: [no info]
-------------------************************************************************
9:45:44 AM: Scanning ----- USER STARTUP GROUPS ----Checking Startup Group for: PAKISTAN
[C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
]
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
desktop.ini
-HS- 174 bytes
Created: 10/14/2011 8:50 AM
Modified: 10/14/2011 8:50 AM
Company: [no info]
-----------------------------

************************************************************
9:45:45 AM: Scanning ----- SCHEDULED TASKS ----Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00Core.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/c /nocrashserver
Next Run Time: 11/15/2011 4:53:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00UA.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/ua /installsource scheduler
Next Run Time: 11/15/2011 10:54:00 AM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
GoogleUpdateTaskMachineCore.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
Parameters:
/c
Next Run Time: 11/15/2011 11:48:00 AM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------Taskname:
GoogleUpdateTaskMachineUA.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM

Company: Google Inc.

Parameters:
/ua /installsource scheduler
Next Run Time: 11/15/2011 9:48:00 AM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------************************************************************
9:45:46 AM: Scanning ----- SHELLICONOVERLAYIDENTIFIERS ----Key: EnhancedStorageShell
CLSID: {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}
File: %SystemRoot%\system32\EhStorShell.dll
C:\Windows\system32\EhStorShell.dll
189952 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
---------Key: IDM Shell Extension
CLSID: {CDC95B92-E27C-4745-A8C5-64A52A78855D}
File: C:\Program Files\Internet Download Manager\IDMShellExt.dll
C:\Program Files\Internet Download Manager\IDMShellExt.dll
21864 bytes
Created: 11/14/2011 6:39 PM
Modified: 5/30/2011 7:50 PM
Company: Tonec Inc.
---------Key: SharingPrivate
CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235}
File: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll - file already scanned
---------************************************************************
9:45:47 AM: ----- ADDITIONAL CHECKS ----Heuristic checks for hidden files/drivers completed
---------Layered Service Provider entries checks completed
---------Windows Explorer Policies checks completed
---------Checking autorun.inf in J:\
J:\autorun.inf
-RHS- 144 bytes
Created: 12/12/2011 5:41 PM
Modified: 12/24/2011 3:48 PM
Company: [no info]
J:\autorun.inf: Access Error
----------------------------Desktop Wallpaper: C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\Tr
anscodedWallpaper.jpg
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.j
pg
1149968 bytes
Created: 2/20/2011 3:24 PM

Modified: 12/25/2011 9:05 AM

Company: [no info]
---------Web Desktop Wallpaper entry is blank
---------Checks for rogue DNS NameServers completed
------------------Additional checks completed
************************************************************
9:45:48 AM: Scanning ----- RUNNING PROCESSES ----C:\Windows\System32\smss.exe
69632 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe
6144 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\wininit.exe
96256 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe - file already scanned
-------------------C:\Windows\system32\services.exe
259072 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\lsass.exe
22528 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\lsm.exe
261120 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\winlogon.exe
285696 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe
20992 bytes
Created: 7/14/2009 4:19 AM

Modified: 7/14/2009 6:14 AM

Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe - file alread
y scanned
-------------------C:\Windows\system32\Ati2evxx.exe
684032 bytes
Created: 6/3/2008 3:33 AM
Modified: 6/3/2008 3:33 AM
Company: ATI Technologies Inc.
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\Ati2evxx.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\System32\spoolsv.exe
316416 bytes
Created: 7/14/2009 5:18 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\sched.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avguard.exe - file already scanned
-------------------C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe - file already
scanned
-------------------C:\Windows\system32\NLSSRV32.EXE - file already scanned
-------------------C:\Windows\system32\taskhost.exe
49152 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\Dwm.exe
92672 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\Explorer.EXE - file already scanned
-------------------C:\Program Files\USB Disk Security\USBGuard.exe - file already scanned
-------------------C:\Program Files\Common Files\Java\Java Update\jusched.exe - file already scanne

d
-------------------C:\Program Files\Microsoft Security Client\msseces.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - file already scanned
-------------------C:\Program Files\DAP\DAP.exe - file already scanned
-------------------C:\Program Files\Windows Sidebar\sidebar.exe - file already scanned
-------------------C:\Program Files\Internet Download Manager\IDMan.exe - file already scanned
-------------------C:\Program Files\Broadband\Broadband.exe - file already scanned
-------------------C:\Program Files\Internet Download Manager\IEMonitor.exe
263600 bytes
Created: 11/14/2011 6:39 PM
Modified: 5/25/2010 5:28 PM
Company: Tonec Inc.
-------------------C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
80336 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------C:\Windows\system32\conhost.exe
271360 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\avmailc.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE - file already scanned
-------------------C:\Windows\system32\SearchIndexer.exe
428032 bytes
Created: 7/14/2009 5:14 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe - file already
scanned
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------D:\Not Alloawed\Softwares\PC Softwares\AVast P_4_8_1367\setupengpro.exe
41455136 bytes
Created: 2/20/2011 3:27 PM
Modified: 11/26/2009 11:08 PM
Company:
-------------------C:\Users\PAKISTAN\AppData\Local\Temp\_av_sfx.tm~a01324\avast.setup
2752560 bytes
Created: 11/15/2011 9:35 AM
Modified: 11/15/2011 9:35 AM
Company: ALWIL Software

-------------------C:\Program Files\Avira\AntiVir Desktop\avscan.exe

490448 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------C:\Program Files\Trojan Remover\Rmvtrjan.exe
FileSize:
2933624
[This is a Trojan Remover component]
-------------------************************************************************
9:45:59 AM: Checking HOSTS file
No malicious entries were found in the HOSTS file
************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS -----HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://home.allgameshome.com/
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.searchqu.com/406
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
************************************************************
=== CHANGES WERE MADE TO THE WINDOWS REGISTRY ===
Scan completed at: 9:45:59 AM 15 Nov 2011
Total Scan time: 00:01:46
------------------------------------------------------------------------One or more files could not be moved or renamed as requested.
They may be in use by Windows, so Trojan Remover needs
to restart the system in order to deal with these files.
11/15/2011 9:46:28 AM: restart commenced
************************************************************
***** DRIVE/DIRECTORY SCAN *****
Trojan Remover Ver 6.7.6.2565. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 9:33:11 AM 15 Nov 2011
Using Database v7291
Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED.
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\

Program directory: C:\Program Files\Trojan Remover\

Running with Administrator privileges
************************************************************
The following Anti-Malware program(s) are loaded:
Avira AntiVir
************************************************************
Carrying out scan on H:\
(including subdirectories)
Archive files will be EXCLUDED.
The scan will also include files aready renamed by Trojan Remover.
----------------------------------------------------------Scan stopped by user after 2072 files were checked
No Malware files detected
Scan stopped at: 11/15/2011 9:43:58 AM
Total Scan time: 00:10:46
************************************************************
***** DRIVE/DIRECTORY SCAN *****
Trojan Remover Ver 6.7.6.2565. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 9:32:58 AM 15 Nov 2011
Using Database v7291
Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED.
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************
The following Anti-Malware program(s) are loaded:
Avira AntiVir
************************************************************
Carrying out scan on G:\
(including subdirectories)
Archive files will be EXCLUDED.
The scan will also include files aready renamed by Trojan Remover.
----------------------------------------------------------0 files scanned
Directory scan complete - no Malware files detected
Scan completed at: 9:32:58 AM 15 Nov 2011
Total Scan time: 00:00:00
************************************************************
***** DRIVE/DIRECTORY SCAN *****
Trojan Remover Ver 6.7.6.2565. For information, email support@simplysup.com
[Unregistered version]

Scan started at: 9:32:48 AM 15 Nov 2011

Using Database v7291
Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED.
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************
The following Anti-Malware program(s) are loaded:
Avira AntiVir
************************************************************
Carrying out scan on G:\
(including subdirectories)
Archive files will be EXCLUDED.
----------------------------------------------------------0 files scanned
Directory scan complete - no Malware files detected
Scan completed at: 9:32:48 AM 15 Nov 2011
Total Scan time: 00:00:00
************************************************************
***** DRIVE/DIRECTORY SCAN *****
Trojan Remover Ver 6.8.2.2598. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 4:59:07 PM 23 Nov 2011
Using Database v7794
Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************
Carrying out scan on I:\
(including subdirectories)
Archive files will be EXCLUDED.
----------------------------------------------------------174 files scanned
Directory scan complete - no Malware files detected
Scan completed at: 4:59:22 PM 23 Nov 2011
Total Scan time: 00:00:14
************************************************************

***** INDIVIDUAL FILE SCAN *****

Trojan Remover Ver 6.8.2.2598. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 10:59:38 AM 23 Nov 2011
Using Database v7794
Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************
Carrying out individual file scan on C:\Users\PAKISTAN\Desktop\19484109-Bhayanak
-Aadmi-Imran-Series.pdf
This file appears to be OK
************************************************************
***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.6.2565. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 11:58:21 AM 05 Nov 2011
Using Database v7291
Operating System: Windows 7 Ultimate [Build: 6.1.7600]
File System:
NTFS
User Account Control is DISABLED.
UserData directory: C:\Users\PAKISTAN\AppData\Roaming\Simply Super Software\Troj
an Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Users\PAKISTAN\Documents\Simply Super Software\Trojan Rem
over Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges
************************************************************
The following Anti-Malware program(s) are loaded:
Avira AntiVir
************************************************************
************************************************************
11:58:23 AM: ----- SCANNING FOR ROOTKIT SERVICES ----No hidden Services were detected.
************************************************************
11:58:26 AM: Scanning -----WINDOWS REGISTRY-----------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: explorer.exe
C:\Windows\explorer.exe

2613248 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
26112 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
----------------------------Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
-------------------Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
-------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: USB Antivirus
Value Data: C:\Program Files\USB Disk Security\USBGuard.exe
C:\Program Files\USB Disk Security\USBGuard.exe
798720 bytes
Created: 10/14/2011 8:59 AM
Modified: 3/27/2008 11:35 AM
Company: http://www.zbshareware.com
-------------------Value Name: QuickTime Task
Value Data: "C:\Program Files\QuickTime\QTTask.exe" -atboottime
C:\Program Files\QuickTime\QTTask.exe
421888 bytes
Created: 7/5/2011 6:36 PM
Modified: 7/5/2011 6:36 PM
Company: Apple Inc.
-------------------Value Name: SunJavaUpdateSched
Value Data: "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
C:\Program Files\Common Files\Java\Java Update\jusched.exe
254696 bytes
Created: 6/9/2011 1:06 PM
Modified: 6/9/2011 1:06 PM
Company: Sun Microsystems, Inc.
-------------------Value Name:
Value Data:
Blank entry: []
-------------------Value Name: ApnUpdater
Value Data: "C:\Program Files\Ask.com\Updater\Updater.exe"
C:\Program Files\Ask.com\Updater\Updater.exe
397992 bytes
Created: 7/9/2011 7:13 AM
Modified: 7/9/2011 7:13 AM
Company: {StringFileInfo_CompanyName}
-------------------Value Name: MSC
Value Data: "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runk
ey

c:\Program Files\Microsoft Security Client\msseces.exe

997920 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
-------------------Value Name: avgnt
Value Data: "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
258512 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
--------------------------------------Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
-------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: Sidebar
Value Data: C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
C:\Program Files\Windows Sidebar\sidebar.exe
1173504 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Value Name: Facebook Update
Value Data: "C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe"
/c /nocrashserver
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
-------------------Value Name: DownloadAccelerator
Value Data: "C:\Program Files\DAP\DAP.EXE" /STARTUP
C:\Program Files\DAP\DAP.EXE
2975920 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/29/2011 6:30 AM
Company: SpeedBit Ltd.
--------------------------------------Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
************************************************************
11:58:30 AM: Scanning -----SHELLEXECUTEHOOKS----ShellExecuteHooks key is empty
************************************************************
11:58:30 AM: Scanning -----HIDDEN REGISTRY ENTRIES----Taskdir check completed
---------No Hidden File-loading Registry Entries found
---------************************************************************

11:58:31 AM: Scanning -----ACTIVE SCREENSAVER----ScreenSaver: C:\Windows\system32\Bubbles.scr

C:\Windows\system32\Bubbles.scr
878592 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------************************************************************
11:58:31 AM: Scanning ----- REGISTRY ACTIVE SETUP KEYS ----Key: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}
Path: "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",Bran
dIEActiveSetup SIGNUP
C:\Windows\System32\rundll32.exe
44544 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------************************************************************
11:58:32 AM: Scanning ----- SERVICEDLL REGISTRY KEYS ----Key: AppIDSvc
Path: %SystemRoot%\System32\appidsvc.dll
C:\Windows\System32\appidsvc.dll
27648 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: AxInstSV
Path: %SystemRoot%\System32\AxInstSV.dll
C:\Windows\System32\AxInstSV.dll
88064 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: BDESVC
Path: %SystemRoot%\System32\bdesvc.dll
C:\Windows\System32\bdesvc.dll
76800 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------Key: bthserv
Path: %SystemRoot%\system32\bthserv.dll
C:\Windows\system32\bthserv.dll
64512 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: defragsvc
Path: %Systemroot%\System32\defragsvc.dll
C:\Windows\System32\defragsvc.dll
218624 bytes
Created: 7/14/2009 4:23 AM

Modified: 7/14/2009 6:15 AM

Company: Microsoft Corporation
-------------------Key: Dhcp
Path: %SystemRoot%\system32\dhcpcore.dll
C:\Windows\system32\dhcpcore.dll
253440 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: FontCache
Path: %SystemRoot%\system32\FntCache.dll
C:\Windows\system32\FntCache.dll
797696 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupListener
Path: %SystemRoot%\system32\ListSvc.dll
C:\Windows\system32\ListSvc.dll
194560 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
-------------------Key: HomeGroupProvider
Path: %SystemRoot%\system32\provsvc.dll
C:\Windows\system32\provsvc.dll
165376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: p2pimsvc
Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PeerDistSvc
Path: %SystemRoot%\system32\peerdistsvc.dll
C:\Windows\system32\peerdistsvc.dll
1004544 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPAutoReg
Path: %SystemRoot%\system32\pnrpauto.dll
C:\Windows\system32\pnrpauto.dll
20480 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: PNRPsvc

Path: %SystemRoot%\system32\pnrpsvc.dll
C:\Windows\system32\pnrpsvc.dll
269824 bytes
Created: 7/14/2009 4:56 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: Power
Path: %SystemRoot%\system32\umpo.dll
C:\Windows\system32\umpo.dll
119808 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: RpcEptMapper
Path: %SystemRoot%\System32\RpcEpMap.dll
C:\Windows\System32\RpcEpMap.dll
43520 bytes
Created: 7/14/2009 4:12 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: SensrSvc
Path: %SystemRoot%\system32\sensrsvc.dll
C:\Windows\system32\sensrsvc.dll
25088 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: sppuinotify
Path: %SystemRoot%\system32\sppuinotify.dll
C:\Windows\system32\sppuinotify.dll
53760 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: Themes
Path: %SystemRoot%\system32\themeservice.dll
C:\Windows\system32\themeservice.dll
37376 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WbioSrvc
Path: %SystemRoot%\System32\wbiosrvc.dll
C:\Windows\System32\wbiosrvc.dll
151552 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
-------------------Key: WwanSvc
Path: %SystemRoot%\System32\wwansvc.dll
C:\Windows\System32\wwansvc.dll
185856 bytes
Created: 7/14/2009 4:56 AM

Modified: 7/14/2009 6:16 AM

Company: Microsoft Corporation
-------------------************************************************************
11:58:59 AM: Scanning ----- SERVICES REGISTRY KEYS ----Key:
1394ohci
ImagePath: \SystemRoot\system32\DRIVERS\1394ohci.sys
C:\Windows\system32\DRIVERS\1394ohci.sys
163328 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
AcpiPmi
ImagePath: \SystemRoot\system32\DRIVERS\acpipmi.sys
C:\Windows\system32\DRIVERS\acpipmi.sys
9728 bytes
Created: 7/14/2009 4:16 AM
Modified: 7/14/2009 4:16 AM
Company: Microsoft Corporation
---------Key:
ALCXWDM
ImagePath: system32\drivers\RTKVAC.SYS
C:\Windows\system32\drivers\RTKVAC.SYS
4172832 bytes
Created: 6/18/2009 7:45 PM
Modified: 6/18/2009 7:45 PM
Company: Realtek Semiconductor Corp.
---------Key:
AmdPPM
ImagePath: \SystemRoot\system32\DRIVERS\amdppm.sys
C:\Windows\system32\DRIVERS\amdppm.sys
52736 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
amdsata
ImagePath: \SystemRoot\system32\DRIVERS\amdsata.sys
C:\Windows\system32\DRIVERS\amdsata.sys
79952 bytes
Created: 6/11/2009 2:19 AM
Modified: 7/14/2009 6:26 AM
Company: Advanced Micro Devices
---------Key:
amdsbs
ImagePath: \SystemRoot\system32\DRIVERS\amdsbs.sys
C:\Windows\system32\DRIVERS\amdsbs.sys
159312 bytes
Created: 6/11/2009 2:20 AM
Modified: 7/14/2009 6:26 AM
Company: AMD Technologies Inc.
---------Key:
amdxata
ImagePath: system32\DRIVERS\amdxata.sys
C:\Windows\system32\DRIVERS\amdxata.sys
23616 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:26 AM

Company: Advanced Micro Devices

---------Key:
AntiVirMailService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avmailc.exe"
C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
342480 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirSchedulerService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\sched.exe"
C:\Program Files\Avira\AntiVir Desktop\sched.exe
86224 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\avguard.exe"
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
110032 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AntiVirWebService
ImagePath: "C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
463824 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------Key:
AppID
ImagePath: \SystemRoot\system32\drivers\appid.sys
C:\Windows\system32\drivers\appid.sys
50176 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 4:36 AM
Company: Microsoft Corporation
---------Key:
avgntflt
ImagePath: system32\DRIVERS\avgntflt.sys
C:\Windows\system32\DRIVERS\avgntflt.sys
74640 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
avipbb
ImagePath: system32\DRIVERS\avipbb.sys
C:\Windows\system32\DRIVERS\avipbb.sys
134344 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
avkmgr
ImagePath: system32\DRIVERS\avkmgr.sys

C:\Windows\system32\DRIVERS\avkmgr.sys
36000 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira GmbH
---------Key:
b06bdrv
ImagePath: \SystemRoot\system32\DRIVERS\bxvbdx.sys
C:\Windows\system32\DRIVERS\bxvbdx.sys
430080 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
b57nd60x
ImagePath: system32\DRIVERS\b57nd60x.sys
C:\Windows\system32\DRIVERS\b57nd60x.sys
229888 bytes
Created: 7/14/2009 3:02 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
blbdrive
ImagePath: system32\DRIVERS\blbdrive.sys
C:\Windows\system32\DRIVERS\blbdrive.sys
35328 bytes
Created: 7/14/2009 4:23 AM
Modified: 7/14/2009 4:23 AM
Company: Microsoft Corporation
---------Key:
CmBatt
ImagePath: \SystemRoot\system32\DRIVERS\CmBatt.sys
C:\Windows\system32\DRIVERS\CmBatt.sys
14080 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
CNG
ImagePath: System32\Drivers\cng.sys
C:\Windows\System32\Drivers\cng.sys
369568 bytes
Created: 7/14/2009 4:32 AM
Modified: 7/14/2009 6:17 AM
Company: Microsoft Corporation
---------Key:
CompositeBus
ImagePath: system32\DRIVERS\CompositeBus.sys
C:\Windows\system32\DRIVERS\CompositeBus.sys
31232 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
crcdisk
ImagePath: \SystemRoot\system32\DRIVERS\crcdisk.sys
C:\Windows\system32\DRIVERS\crcdisk.sys
22096 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM

Company: Microsoft Corporation

---------Key:
discache
ImagePath: System32\drivers\discache.sys
C:\Windows\System32\drivers\discache.sys
32256 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 4:24 AM
Company: Microsoft Corporation
---------Key:
ebdrv
ImagePath: \SystemRoot\system32\DRIVERS\evbdx.sys
C:\Windows\system32\DRIVERS\evbdx.sys
3100160 bytes
Created: 6/11/2009 2:17 AM
Modified: 7/14/2009 3:02 AM
Company: Broadcom Corporation
---------Key:
flpydisk
ImagePath: \SystemRoot\system32\DRIVERS\flpydisk.sys
C:\Windows\system32\DRIVERS\flpydisk.sys
19968 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM
Company: Microsoft Corporation
---------Key:
FsDepends
ImagePath: System32\drivers\FsDepends.sys
C:\Windows\System32\drivers\FsDepends.sys
46160 bytes
Created: 7/14/2009 4:15 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
gupdate
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /svc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
gupdatem
ImagePath: C:\Program Files\Google\Update\GoogleUpdate.exe /medsvc
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
---------Key:
hcw85cir
ImagePath: \SystemRoot\system32\drivers\hcw85cir.sys
C:\Windows\system32\drivers\hcw85cir.sys
26624 bytes
Created: 7/14/2009 3:54 AM
Modified: 7/14/2009 3:54 AM
Company: Hauppauge Computer Works, Inc.
---------Key:
HidBatt
ImagePath: \SystemRoot\system32\DRIVERS\HidBatt.sys

C:\Windows\system32\DRIVERS\HidBatt.sys
21504 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 4:19 AM
Company: Microsoft Corporation
---------Key:
HpSAMD
ImagePath: \SystemRoot\system32\DRIVERS\HpSAMD.sys
C:\Windows\system32\DRIVERS\HpSAMD.sys
67152 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: Hewlett-Packard Company
---------Key:
hwdatacard
ImagePath: system32\DRIVERS\ewusbmdm.sys
C:\Windows\system32\DRIVERS\ewusbmdm.sys
102912 bytes
Created: 10/14/2011 8:54 AM
Modified: 9/10/2009 3:31 PM
Company: Huawei Technologies Co., Ltd.
---------Key:
hwpolicy
ImagePath: System32\drivers\hwpolicy.sys
C:\Windows\System32\drivers\hwpolicy.sys
13904 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
hwusbdev
ImagePath: system32\DRIVERS\ewusbdev.sys
C:\Windows\system32\DRIVERS\ewusbdev.sys
101120 bytes
Created: 10/14/2011 8:54 AM
Modified: 10/12/2009 3:22 PM
Company: Huawei Technologies Co., Ltd.
---------Key:
intelppm
ImagePath: \SystemRoot\system32\DRIVERS\intelppm.sys
C:\Windows\system32\DRIVERS\intelppm.sys
53760 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 4:11 AM
Company: Microsoft Corporation
---------Key:
iScsiPrt
ImagePath: \SystemRoot\system32\DRIVERS\msiscsi.sys
C:\Windows\system32\DRIVERS\msiscsi.sys
186960 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
kbdhid
ImagePath: \SystemRoot\system32\DRIVERS\kbdhid.sys
C:\Windows\system32\DRIVERS\kbdhid.sys
28160 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 4:45 AM

Company: Microsoft Corporation

---------Key:
KSecPkg
ImagePath: System32\Drivers\ksecpkg.sys
C:\Windows\System32\Drivers\ksecpkg.sys
133200 bytes
Created: 7/14/2009 4:34 AM
Modified: 7/14/2009 6:20 AM
Company: Microsoft Corporation
---------Key:
LSI_FC
ImagePath: \SystemRoot\system32\DRIVERS\lsi_fc.sys
C:\Windows\system32\DRIVERS\lsi_fc.sys
95824 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas.sys
C:\Windows\system32\DRIVERS\lsi_sas.sys
89168 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SAS2
ImagePath: \SystemRoot\system32\DRIVERS\lsi_sas2.sys
C:\Windows\system32\DRIVERS\lsi_sas2.sys
54864 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
LSI_SCSI
ImagePath: \SystemRoot\system32\DRIVERS\lsi_scsi.sys
C:\Windows\system32\DRIVERS\lsi_scsi.sys
96848 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:20 AM
Company: LSI Corporation
---------Key:
MpFilter
ImagePath: system32\DRIVERS\MpFilter.sys
C:\Windows\system32\DRIVERS\MpFilter.sys
165648 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation
---------Key:
MpKsl23da4c8f
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKsl23da4c8f.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKsl23da4c8f.sys
28752 bytes
Created: 11/11/2011 7:50 AM
Modified: 11/11/2011 7:50 AM
Company: Microsoft Corporation
----------

Key:
MpKsl4af71ab5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{125D1778-DD71-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{125D1778-DD71
-426D-9BB3-F65A9923CA17}\MpKsl4af71ab5.sys [file not found to scan]
---------Key:
MpKsl9b9925f7
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{87A2B06F-AEDB-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{87A2B06F-AEDB
-4DC3-9E40-01F765CF0574}\MpKsl9b9925f7.sys [file not found to scan]
---------Key:
MpKslc812cda5
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{FA6905F5-3F3B-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{FA6905F5-3F3B
-402C-9EA0-26F7537EB4E3}\MpKslc812cda5.sys [file not found to scan]
---------Key:
MpKsld6bc2ace
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{41075F48-D9B6-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{41075F48-D9B6
-4BEB-8D4B-635A65B8ADDF}\MpKsld6bc2ace.sys [file not found to scan]
---------Key:
MpKsled7ad05b
ImagePath: \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates
\{4B60937A-DEE2-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys
c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4B60937A-DEE2
-41F6-BDC3-0166B4DA7921}\MpKsled7ad05b.sys [file not found to scan]
---------Key:
MpNWMon
ImagePath: system32\DRIVERS\MpNWMon.sys
C:\Windows\system32\DRIVERS\MpNWMon.sys
43392 bytes
Created: 4/18/2011 1:18 PM
Modified: 4/18/2011 1:18 PM
Company: Microsoft Corporation
---------Key:
mshidkmdf
ImagePath: \SystemRoot\System32\drivers\mshidkmdf.sys
C:\Windows\System32\drivers\mshidkmdf.sys
4096 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
MsMpSvc
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
11736 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
MTConfig
ImagePath: \SystemRoot\system32\DRIVERS\MTConfig.sys
C:\Windows\system32\DRIVERS\MTConfig.sys
12288 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 4:46 AM

Company: Microsoft Corporation

---------Key:
NdisCap
ImagePath: system32\DRIVERS\ndiscap.sys
C:\Windows\system32\DRIVERS\ndiscap.sys
27136 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
Nero BackItUp Scheduler 4.0
ImagePath: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
935208 bytes
Created: 7/20/2009 11:51 AM
Modified: 7/20/2009 11:51 AM
Company: Nero AG
---------Key:
NisDrv
ImagePath: system32\DRIVERS\NisDrvWFP.sys
C:\Windows\system32\DRIVERS\NisDrvWFP.sys
65024 bytes
Created: 4/27/2011 3:25 PM
Modified: 4/27/2011 3:25 PM
Company: Microsoft Corporation
---------Key:
NisSrv
ImagePath: "c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
208944 bytes
Created: 4/27/2011 3:39 PM
Modified: 4/27/2011 3:39 PM
Company: Microsoft Corporation
---------Key:
nlsX86cc
ImagePath: C:\Windows\system32\NLSSRV32.EXE
C:\Windows\system32\NLSSRV32.EXE
68928 bytes
Created: 9/24/2011 3:03 PM
Modified: 9/24/2011 3:03 PM
Company: Nalpeiron Ltd.
---------Key:
pcw
ImagePath: System32\drivers\pcw.sys
C:\Windows\System32\drivers\pcw.sys
43088 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
RasAgileVpn
ImagePath: system32\DRIVERS\AgileVpn.sys
C:\Windows\system32\DRIVERS\AgileVpn.sys
49152 bytes
Created: 7/14/2009 4:55 AM
Modified: 7/14/2009 4:55 AM
Company: Microsoft Corporation
---------Key:
rdpbus
ImagePath: system32\DRIVERS\rdpbus.sys

C:\Windows\system32\DRIVERS\rdpbus.sys
18944 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 5:02 AM
Company: Microsoft Corporation
---------Key:
RDPREFMP
ImagePath: system32\drivers\rdprefmp.sys
C:\Windows\system32\drivers\rdprefmp.sys
7168 bytes
Created: 7/14/2009 5:01 AM
Modified: 7/14/2009 5:01 AM
Company: Microsoft Corporation
---------Key:
rdyboost
ImagePath: System32\drivers\rdyboost.sys
C:\Windows\System32\drivers\rdyboost.sys
173648 bytes
Created: 7/14/2009 4:22 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
s3cap
ImagePath: \SystemRoot\system32\DRIVERS\vms3cap.sys
C:\Windows\system32\DRIVERS\vms3cap.sys
5632 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
scfilter
ImagePath: System32\DRIVERS\scfilter.sys
C:\Windows\System32\DRIVERS\scfilter.sys
26624 bytes
Created: 7/14/2009 4:33 AM
Modified: 7/14/2009 4:33 AM
Company: Microsoft Corporation
---------Key:
sppsvc
ImagePath: %SystemRoot%\system32\sppsvc.exe
C:\Windows\system32\sppsvc.exe
3179520 bytes
Created: 7/14/2009 5:41 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
---------Key:
ssmdrv
ImagePath: system32\DRIVERS\ssmdrv.sys
C:\Windows\system32\DRIVERS\ssmdrv.sys
28520 bytes
Created: 11/1/2011 10:59 AM
Modified: 6/17/2010 3:14 PM
Company: Avira GmbH
---------Key:
stexstor
ImagePath: \SystemRoot\system32\DRIVERS\stexstor.sys
C:\Windows\system32\DRIVERS\stexstor.sys
21072 bytes
Created: 7/14/2009 3:09 AM
Modified: 7/14/2009 6:19 AM

Company: Promise Technology

---------Key:
storflt
ImagePath: system32\DRIVERS\vmstorfl.sys
C:\Windows\system32\DRIVERS\vmstorfl.sys
40896 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
storvsc
ImagePath: \SystemRoot\system32\DRIVERS\storvsc.sys
C:\Windows\system32\DRIVERS\storvsc.sys
28224 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
UmPass
ImagePath: \SystemRoot\system32\DRIVERS\umpass.sys
C:\Windows\system32\DRIVERS\umpass.sys
8192 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbuhci
ImagePath: \SystemRoot\system32\DRIVERS\usbuhci.sys
C:\Windows\system32\DRIVERS\usbuhci.sys
24064 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
usbvideo
ImagePath: System32\Drivers\usbvideo.sys
C:\Windows\System32\Drivers\usbvideo.sys
146176 bytes
Created: 7/14/2009 4:51 AM
Modified: 7/14/2009 4:51 AM
Company: Microsoft Corporation
---------Key:
vdrvroot
ImagePath: system32\DRIVERS\vdrvroot.sys
C:\Windows\system32\DRIVERS\vdrvroot.sys
32832 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vhdmp
ImagePath: \SystemRoot\system32\DRIVERS\vhdmp.sys
C:\Windows\system32\DRIVERS\vhdmp.sys
159824 bytes
Created: 7/14/2009 4:46 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
vmbus
ImagePath: \SystemRoot\system32\DRIVERS\vmbus.sys

C:\Windows\system32\DRIVERS\vmbus.sys
175824 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------Key:
VMBusHID
ImagePath: \SystemRoot\system32\DRIVERS\VMBusHID.sys
C:\Windows\system32\DRIVERS\VMBusHID.sys
17920 bytes
Created: 7/14/2009 12:47 PM
Modified: 7/14/2009 4:28 AM
Company: Microsoft Corporation
---------Key:
vwifibus
ImagePath: \SystemRoot\System32\drivers\vwifibus.sys
C:\Windows\System32\drivers\vwifibus.sys
19968 bytes
Created: 7/14/2009 4:52 AM
Modified: 7/14/2009 4:52 AM
Company: Microsoft Corporation
---------Key:
WfpLwf
ImagePath: system32\DRIVERS\wfplwf.sys
C:\Windows\system32\DRIVERS\wfplwf.sys
9728 bytes
Created: 7/14/2009 4:53 AM
Modified: 7/14/2009 4:53 AM
Company: Microsoft Corporation
---------Key:
WIMMount
ImagePath: system32\drivers\wimmount.sys
C:\Windows\system32\drivers\wimmount.sys
19008 bytes
Created: 7/14/2009 4:17 AM
Modified: 7/14/2009 6:19 AM
Company: Microsoft Corporation
---------************************************************************
12:00:03 PM: Scanning -----VXD ENTRIES----************************************************************
12:00:03 PM: Scanning ----- WINLOGON\NOTIFY DLLS ----No WINLOGON\NOTIFY DLLs found to scan
************************************************************
12:00:03 PM: Scanning ----- CONTEXTMENUHANDLERS ----Key: BriefcaseMenu
CLSID: {85BBD920-42A0-1069-A2E4-08002B30309D}
Path: %SystemRoot%\system32\syncui.dll
C:\Windows\system32\syncui.dll
158720 bytes
Created: 7/14/2009 4:39 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: DAP_ShredMenu
CLSID: {BED4C38B-F765-45AC-8C56-613F76BBF43E}
Path: C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL

C:\PROGRA~1\DAP\PRIVAC~1\DAPCTX~1.DLL
55472 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/14/2011 8:58 AM
Company: Speedbit Ltd.
---------Key: EPP
CLSID: {09A47860-11B0-4DA5-AFA5-26D86198A780}
Path: c:\PROGRA~1\MICROS~4\shellext.dll
c:\PROGRA~1\MICROS~4\shellext.dll
301128 bytes
Created: 6/15/2011 3:16 PM
Modified: 6/15/2011 3:16 PM
Company: Microsoft Corporation
---------Key: Sharing
CLSID: {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}
Path: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll
442880 bytes
Created: 7/14/2009 4:41 AM
Modified: 7/14/2009 6:16 AM
Company: Microsoft Corporation
---------Key: Shell Extension for Malware scanning
CLSID: {45AC2688-0253-4ED8-97DE-B5370FA7D48A}
Path: C:\Program Files\Avira\AntiVir Desktop\shlext.dll
C:\Program Files\Avira\AntiVir Desktop\shlext.dll
150480 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
---------************************************************************
12:00:06 PM: Scanning ----- FOLDER\COLUMNHANDLERS ----Key: {B2F55D43-C7A4-4B7C-90D7-7A860DFA9F2A}
File: C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.dll
5972760 bytes
Created: 10/29/2011 4:30 PM
Modified: 1/11/2011 12:18 PM
Company: Tracker Software Products Ltd.
---------************************************************************
12:00:07 PM: Scanning ----- BROWSER HELPER OBJECTS ----Key: {389943B0-C3A2-4E69-82CB-8596A84CB3DC}
BHO: C:\Program Files\SearchPredict\SearchPredict.dll
C:\Program Files\SearchPredict\SearchPredict.dll
498840 bytes
Created: 10/14/2011 8:58 AM
Modified: 6/28/2011 5:41 PM
Company: SpeedBit Ltd.
---------Key: {92A9ACF4-9333-43AE-9698-DB283326F87F}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\tbcore3.dll
2660016 bytes
Created: 10/14/2011 8:58 AM

Modified: 10/15/2011 8:25 PM

Company:
---------Key: {D4027C7F-154A-4066-A1AD-4243D8127440}
BHO: C:\Program Files\Ask.com\GenericAskToolbar.dll
C:\Program Files\Ask.com\GenericAskToolbar.dll
1493160 bytes
Created: 7/9/2011 7:13 AM
Modified: 7/9/2011 7:13 AM
Company: Ask
---------Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files\Java\jre6\bin\jp2ssv.dll
C:\Program Files\Java\jre6\bin\jp2ssv.dll
42272 bytes
Created: 10/7/2011 11:23 AM
Modified: 10/7/2011 11:23 AM
Company: Sun Microsystems, Inc.
---------Key: {FF6C3CF0-4B15-11D1-ABED-709549C10000}
BHO: C:\PROGRA~1\DAP\DAPIEL~1.DLL
C:\PROGRA~1\DAP\DAPIEL~1.DLL
141568 bytes
Created: 10/14/2011 11:31 AM
Modified: 10/14/2011 11:31 AM
Company: SpeedBit Ltd.
---------Key: {FF7C3CF0-4B15-11D1-ABED-709549C10000}
BHO: C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
C:\Program Files\SpeedBit Video Downloader\Toolbar\grabber.dll
356024 bytes
Created: 10/14/2011 8:58 AM
Modified: 10/15/2011 8:25 PM
Company: SpeedBit
---------************************************************************
12:00:09 PM: Scanning ----- SHELLSERVICEOBJECTS ----************************************************************
12:00:09 PM: Scanning ----- SHAREDTASKSCHEDULER ENTRIES ----No SharedTaskScheduler entries found to scan
************************************************************
12:00:10 PM: Scanning ----- IMAGEFILE DEBUGGERS ----No "Debugger" entries found.
************************************************************
12:00:10 PM: Scanning ----- APPINIT_DLLS ----The AppInit_DLLs value is blank or does not exist
************************************************************
12:00:12 PM: Scanning ----- SECURITY PROVIDER DLLS ----************************************************************
12:00:12 PM: Scanning ------ COMMON STARTUP GROUP -----[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes

Created: 7/14/2009 9:41 AM

Modified: 7/14/2009 9:41 AM
Company: [no info]
-------------------************************************************************
12:00:13 PM: Scanning ----- USER STARTUP GROUPS ----Checking Startup Group for: PAKISTAN
[C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
]
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
desktop.ini
-HS- 174 bytes
Created: 10/14/2011 8:50 AM
Modified: 10/14/2011 8:50 AM
Company: [no info]
----------------------------************************************************************
12:00:13 PM: Scanning ----- SCHEDULED TASKS ----Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00Core.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/c /nocrashserver
Next Run Time: 11/5/2011 4:53:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
FacebookUpdateTaskUserS-1-5-21-184243364-3962860275-1713924723-10
00UA.job
File:
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.ex
e
C:\Users\PAKISTAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
137536 bytes
Created: 10/21/2011 4:48 PM
Modified: 10/21/2011 4:48 PM
Company: Facebook Inc.
Parameters:
/ua /installsource scheduler
Next Run Time: 11/5/2011 1:54:00 PM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Facebook software up to date. If this task is disabled
or stopped, your Facebook software will not be kept up to date, meaning securit
y vulnerabilities that may arise cannot be fixed and features may not work. This
task uninstalls itself when there is no Facebook software using it.
---------Taskname:
GoogleUpdateTaskMachineCore.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe

136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
Parameters:
/c
Next Run Time: 11/8/2011 11:48:00 AM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------Taskname:
GoogleUpdateTaskMachineUA.job
File:
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
136176 bytes
Created: 11/8/2011 11:43 AM
Modified: 11/8/2011 11:43 AM
Company: Google Inc.
Parameters:
/ua /installsource scheduler
Next Run Time: 11/8/2011 11:48:00 AM
Status:
The task is ready to run at its next scheduled time
Creator:
PAKISTAN
Comments:
Keeps your Google software up to date. If this task is disabled o
r stopped, your Google software will not be kept up to date, meaning security vu
lnerabilities that may arise cannot be fixed and features may not work. This tas
k uninstalls itself when there is no Google software using it.
---------************************************************************
12:00:16 PM: Scanning ----- SHELLICONOVERLAYIDENTIFIERS ----Key: EnhancedStorageShell
CLSID: {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}
File: %SystemRoot%\system32\EhStorShell.dll
C:\Windows\system32\EhStorShell.dll
189952 bytes
Created: 7/14/2009 4:45 AM
Modified: 7/14/2009 6:15 AM
Company: Microsoft Corporation
---------Key: SharingPrivate
CLSID: {08244EE6-92F0-47f2-9FC9-929BAA2E7235}
File: %SystemRoot%\system32\ntshrui.dll
C:\Windows\system32\ntshrui.dll - file already scanned
---------************************************************************
12:00:17 PM: ----- ADDITIONAL CHECKS ----Heuristic checks for hidden files/drivers completed
---------Layered Service Provider entries checks completed
---------Windows Explorer Policies checks completed
---------Checking autorun.inf in G:\
G:\autorun.inf
-RHS- 623 bytes
Created: 11/6/2011 1:16 AM
Modified: 11/6/2011 1:16 AM

Company: [no info]

G:\autorun.inf: Access Error
---------Checking autorun.inf in H:\
H:\autorun.inf
-RHS- 114 bytes
Created: 11/2/2011 4:01 AM
Modified: 11/9/2011 5:12 AM
Company: [no info]
H:\autorun.inf: Access Error
---------Checking autorun.inf in I:\
I:\autorun.inf
-RHS- 660 bytes
Created: 11/6/2011 1:17 AM
Modified: 11/6/2011 1:17 AM
Company: [no info]
I:\autorun.inf: Access Error
---------Checking autorun.inf in J:\
J:\autorun.inf
-RHS- 660 bytes
Created: 11/6/2011 1:17 AM
Modified: 11/6/2011 1:17 AM
Company: [no info]
J:\autorun.inf: Access Error
----------------------------Desktop Wallpaper: C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\Tr
anscodedWallpaper.jpg
C:\Users\PAKISTAN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.j
pg
929473 bytes
Created: 2/20/2011 3:24 PM
Modified: 11/5/2011 12:00 PM
Company: [no info]
---------Web Desktop Wallpaper entry is blank
---------DNS Server information:
Interface:
NameServers: 119.159.255.36 203.99.163.240
Checks for rogue DNS NameServers completed
------------------Additional checks completed
************************************************************
12:00:23 PM: Scanning ----- RUNNING PROCESSES ----C:\Windows\System32\smss.exe
69632 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe
6144 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM

Company: Microsoft Corporation

-------------------C:\Windows\system32\wininit.exe
96256 bytes
Created: 7/14/2009 4:36 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\csrss.exe - file already scanned
-------------------C:\Windows\system32\services.exe
259072 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\winlogon.exe
285696 bytes
Created: 7/14/2009 4:37 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\lsass.exe
22528 bytes
Created: 7/14/2009 4:11 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\lsm.exe
261120 bytes
Created: 7/14/2009 5:02 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe
20992 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe - file alread
y scanned
-------------------C:\Windows\system32\Ati2evxx.exe
684032 bytes
Created: 6/3/2008 3:33 AM
Modified: 6/3/2008 3:33 AM
Company: ATI Technologies Inc.
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\Ati2evxx.exe - file already scanned

-------------------C:\Windows\system32\svchost.exe - file already scanned

-------------------C:\Windows\System32\spoolsv.exe
316416 bytes
Created: 7/14/2009 5:18 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\sched.exe - file already scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avguard.exe - file already scanned
-------------------C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe - file already
scanned
-------------------C:\Windows\system32\NLSSRV32.EXE - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
80336 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------C:\Windows\system32\conhost.exe
271360 bytes
Created: 7/14/2009 4:25 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Avira\AntiVir Desktop\avmailc.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE - file already scanned
-------------------c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe - file already
scanned
-------------------C:\Windows\system32\svchost.exe - file already scanned
-------------------C:\Windows\system32\SearchIndexer.exe
428032 bytes
Created: 7/14/2009 5:14 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\Dwm.exe
92672 bytes
Created: 7/14/2009 4:24 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\system32\taskeng.exe
190464 bytes
Created: 7/14/2009 4:30 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Windows\Explorer.EXE - file already scanned

-------------------C:\Windows\system32\taskhost.exe
49152 bytes
Created: 7/14/2009 4:19 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\USB Disk Security\USBGuard.exe - file already scanned
-------------------C:\Program Files\Common Files\Java\Java Update\jusched.exe - file already scanne
d
-------------------C:\Program Files\Ask.com\Updater\Updater.exe - file already scanned
-------------------C:\Program Files\Microsoft Security Client\msseces.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - file already scanned
-------------------C:\Program Files\Windows Sidebar\sidebar.exe - file already scanned
-------------------C:\Program Files\DAP\DAP.exe - file already scanned
-------------------C:\Program Files\Avira\AntiVir Desktop\avscan.exe
490448 bytes
Created: 11/1/2011 10:59 AM
Modified: 10/19/2011 5:03 PM
Company: Avira Operations GmbH & Co. KG
-------------------C:\Program Files\Common Files\Speedbit\SbUpdate\SBUpdate.exe
92320 bytes
Created: 10/14/2011 11:31 AM
Modified: 10/29/2011 6:30 AM
Company:
-------------------C:\Windows\system32\SearchProtocolHost.exe
164352 bytes
Created: 7/14/2009 5:14 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------C:\Program Files\Trojan Remover\Rmvtrjan.exe
FileSize:
2933624
[This is a Trojan Remover component]
-------------------C:\Windows\System32\svchost.exe - file already scanned
-------------------C:\Program Files\Windows Media Player\wmplayer.exe
164864 bytes
Created: 7/14/2009 5:09 AM
Modified: 7/14/2009 6:14 AM
Company: Microsoft Corporation
-------------------************************************************************
12:00:53 PM: Checking HOSTS file
No malicious entries were found in the HOSTS file
************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS -----HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":

http://home.allgameshome.com/
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\System32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
http://go.microsoft.com/fwlink/?LinkId=69157
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://go.microsoft.com/fwlink/?LinkId=54896
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://home.speedbit.com/?aff=105
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://go.microsoft.com/fwlink/?LinkId=54896
************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 12:00:53 PM 05 Nov 2011
Total Scan time: 00:02:30
************************************************************