Inhoud van kjv

16 augustus 2012

Run date: 2012-08-16 23:26:59

-----------------------------

23:26:59.453 OS Version: Windows 5.1.2600 Service Pack 3

23:26:59.453 Number of processors: 1 586 0xD08

23:26:59.453 ComputerName: MIRJAM-303AF4B9 UserName: Mirjam

23:27:04.375 Initialize success

23:27:39.312 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

23:27:39.328 Disk 0 Vendor: ST9408114A 8.03 Size: 38154MB BusType: 3

23:27:39.328 Disk 0 MBR read successfully

23:27:39.328 Disk 0 MBR scan

23:27:39.328 Disk 0 Windows XP default MBR code

23:27:39.343 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 38153 MB offset 63

23:27:39.359 Disk 0 scanning sectors +78139039

23:27:39.453 Disk 0 scanning C:\WINDOWS\system32\drivers

23:27:45.937 Service scanning

23:27:48.125 Service atapi C:\WINDOWS\system32\DRIVERS\atapi.sys **LOCKED** 32

23:28:01.296 Modules scanning

23:28:08.578 Disk 0 trace - called modules:

23:28:08.593 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS

23:28:08.593 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8715bab8]

23:28:09.109 3 CLASSPNP.SYS[f75c7fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x871dd940]

23:28:09.109 Scan finished successfully

23:29:08.734 Disk 0 MBR has been saved successfully to "E:\MBR.dat"

23:29:08.750 The log file has been saved successfully to "E:\aswMBR.txt"

16 augustus 2012

dr web uitgevoerd zoals hierboven, maar helaas heeft en gezinslid de computer uitgezet voordat er een log is opgeslagen. Het hele circus nogmaals laten draaien en log opgeslagen (zeer groot bestand). alles was o.k. , geen virussen o.i.d. gedetecteerd.

Ik heb wel de bestanden die bij de eerste dr-web-scan in quarantine zijn geplaatst genoteerd. Vervolgens AVG laten scannen: meer infecties gedetecteerd dan voorheen!

dr-web-quarantine:

A0060108.dll

A0060573.dll

A0061224.dll

descript.ion

Helper.dll.vir

AVG-scan:

"";"C:\WINDOWS\system32\winlogon.exe (1176)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (672)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (3812)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (312)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (2160)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1748)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1696)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1632)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\services.exe (1224)";"Trojan horse PSW.Agent.AUES";"Deleted"

"";"C:\WINDOWS\system32\igfxpers.exe (3568)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\hkcmd.exe (3560)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\ctfmon.exe (3912)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\alg.exe (2916)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\explorer.exe (240)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (108)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3868)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (3636)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3876)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3624)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3528)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (536)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (392)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2000)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3596)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1864)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (3476)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (1816)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (2724)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (3884)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgui.exe (4592)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgtray.exe (3756)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (720)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\winlogon.exe (1176):\memory_00bf0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (672):\memory_00930000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (672):\memory_008a0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3812):\memory_00b50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3812):\memory_00ac0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (312):\memory_00b60000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (312):\memory_00ae0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (2160):\memory_00c00000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (2160):\memory_00b70000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1748):\memory_00ae0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1748):\memory_00a50000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1696):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1696):\memory_00af0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1632):\memory_00ae0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1632):\memory_00a60000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\services.exe (1224):\memory_00670000";"Trojan horse PSW.Agent.AUES";"Infected"

"";"C:\WINDOWS\system32\igfxpers.exe (3568):\memory_00cc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\hkcmd.exe (3560):\memory_00cd0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\ctfmon.exe (3912):\memory_00b10000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\alg.exe (2916):\memory_00aa0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (240):\memory_00f10000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (240):\memory_00e80000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (108):\memory_00e90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3868):\memory_05cf0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (3636):\memory_01670000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3876):\memory_01280000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3624):\memory_00b20000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3528):\memory_01050000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (536):\memory_02880000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (392):\memory_01ad0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2000):\memory_006a0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3596):\memory_00fc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1864):\memory_00fb0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (3476):\memory_01670000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (1816):\memory_008f0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (2724):\memory_00da0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (3884):\memory_019e0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgui.exe (4592):\memory_01430000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgtray.exe (3756):\memory_03760000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (720):\memory_008d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\drivers\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

14 augustus 2012

TDSS-killer en avg-scan. tdss heeft niets gevonden, avg blijft problemen signaleren, dit klopt want computer blijft traag en onvoorspelbaar.

20:23:10.0265 2808 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

20:23:10.0750 2808 ============================================================

20:23:10.0750 2808 Current date / time: 2012/08/13 20:23:10.0750

20:23:10.0750 2808 SystemInfo:

20:23:10.0750 2808

20:23:10.0750 2808 OS Version: 5.1.2600 ServicePack: 3.0

20:23:10.0750 2808 Product type: Workstation

20:23:10.0750 2808 ComputerName: MIRJAM-303AF4B9

20:23:10.0750 2808 UserName: Mirjam

20:23:10.0750 2808 Windows directory: C:\WINDOWS

20:23:10.0750 2808 System windows directory: C:\WINDOWS

20:23:10.0750 2808 Processor architecture: Intel x86

20:23:10.0750 2808 Number of processors: 1

20:23:10.0750 2808 Page size: 0x1000

20:23:10.0750 2808 Boot type: Normal boot

20:23:10.0750 2808 ============================================================

20:23:13.0375 2808 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000020

20:23:13.0375 2808 ============================================================

20:23:13.0375 2808 \Device\Harddisk0\DR0:

20:23:13.0375 2808 MBR partitions:

20:23:13.0375 2808 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A84E60

20:23:13.0375 2808 ============================================================

20:23:13.0406 2808 C: <-> \Device\Harddisk0\DR0\Partition0

20:23:13.0406 2808 ============================================================

20:23:13.0406 2808 Initialize success

20:23:13.0406 2808 ============================================================

20:23:38.0640 4336 ============================================================

20:23:38.0640 4336 Scan started

20:23:38.0640 4336 Mode: Manual;

20:23:38.0640 4336 ============================================================

20:23:39.0109 4336 Abiosdsk - ok

20:23:39.0125 4336 abp480n5 - ok

20:23:39.0187 4336 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

20:23:39.0218 4336 ACPI - ok

20:23:39.0265 4336 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

20:23:39.0265 4336 ACPIEC - ok

20:23:39.0359 4336 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

20:23:39.0375 4336 Adobe LM Service - ok

20:23:39.0484 4336 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

20:23:39.0500 4336 AdobeFlashPlayerUpdateSvc - ok

20:23:39.0515 4336 adpu160m - ok

20:23:39.0562 4336 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

20:23:39.0578 4336 aec - ok

20:23:39.0656 4336 AegisP (375eb0b97e3950adef3633c27a82438b) C:\WINDOWS\system32\DRIVERS\AegisP.sys

20:23:39.0671 4336 AegisP - ok

20:23:39.0734 4336 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

20:23:39.0750 4336 AFD - ok

20:23:39.0750 4336 Aha154x - ok

20:23:39.0765 4336 aic78u2 - ok

20:23:39.0781 4336 aic78xx - ok

20:23:39.0812 4336 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

20:23:39.0812 4336 Alerter - ok

20:23:39.0859 4336 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

20:23:39.0875 4336 ALG - ok

20:23:39.0875 4336 AliIde - ok

20:23:39.0890 4336 amsint - ok

20:23:39.0937 4336 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

20:23:39.0937 4336 AppMgmt - ok

20:23:39.0953 4336 asc - ok

20:23:39.0968 4336 asc3350p - ok

20:23:39.0968 4336 asc3550 - ok

20:23:40.0093 4336 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

20:23:40.0093 4336 aspnet_state - ok

20:23:40.0125 4336 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

20:23:40.0125 4336 AsyncMac - ok

20:23:40.0140 4336 Atdisk - ok

20:23:40.0171 4336 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

20:23:40.0171 4336 Atmarpc - ok

20:23:40.0203 4336 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

20:23:40.0203 4336 AudioSrv - ok

20:23:40.0250 4336 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

20:23:40.0250 4336 audstub - ok

20:23:40.0687 4336 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

20:23:40.0953 4336 AVGIDSAgent - ok

20:23:41.0109 4336 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

20:23:41.0125 4336 AVGIDSDriver - ok

20:23:41.0187 4336 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

20:23:41.0187 4336 AVGIDSEH - ok

20:23:41.0203 4336 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

20:23:41.0218 4336 AVGIDSFilter - ok

20:23:41.0234 4336 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

20:23:41.0234 4336 AVGIDSShim - ok

20:23:41.0296 4336 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

20:23:41.0328 4336 Avgldx86 - ok

20:23:41.0328 4336 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

20:23:41.0343 4336 Avgmfx86 - ok

20:23:41.0406 4336 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

20:23:41.0421 4336 Avgrkx86 - ok

20:23:41.0468 4336 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

20:23:41.0500 4336 Avgtdix - ok

20:23:41.0656 4336 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe

20:23:41.0671 4336 avgwd - ok

20:23:41.0734 4336 b57w2k (2acf06176b9d011567d7f25b83ddd066) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

20:23:41.0750 4336 b57w2k - ok

20:23:41.0796 4336 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

20:23:41.0796 4336 Beep - ok

20:23:41.0875 4336 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

20:23:41.0953 4336 BITS - ok

20:23:42.0000 4336 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

20:23:42.0015 4336 Browser - ok

20:23:42.0140 4336 catchme - ok

20:23:42.0203 4336 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

20:23:42.0203 4336 cbidf2k - ok

20:23:42.0218 4336 cd20xrnt - ok

20:23:42.0234 4336 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

20:23:42.0250 4336 Cdaudio - ok

20:23:42.0296 4336 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

20:23:42.0296 4336 Cdfs - ok

20:23:42.0468 4336 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

20:23:42.0468 4336 Cdrom - ok

20:23:42.0484 4336 cerc6 - ok

20:23:42.0484 4336 CFcatchme - ok

20:23:42.0500 4336 Changer - ok

20:23:42.0531 4336 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

20:23:42.0531 4336 CiSvc - ok

20:23:42.0546 4336 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

20:23:42.0546 4336 ClipSrv - ok

20:23:42.0671 4336 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

20:23:42.0671 4336 clr_optimization_v2.0.50727_32 - ok

20:23:42.0718 4336 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

20:23:42.0718 4336 CmBatt - ok

20:23:42.0734 4336 CmdIde - ok

20:23:42.0750 4336 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

20:23:42.0750 4336 Compbatt - ok

20:23:42.0765 4336 COMSysApp - ok

20:23:42.0781 4336 Cpqarray - ok

20:23:42.0828 4336 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

20:23:42.0828 4336 CryptSvc - ok

20:23:42.0843 4336 dac2w2k - ok

20:23:42.0859 4336 dac960nt - ok

20:23:42.0921 4336 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

20:23:42.0953 4336 DcomLaunch - ok

20:23:42.0984 4336 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

20:23:43.0000 4336 Dhcp - ok

20:23:43.0031 4336 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

20:23:43.0046 4336 Disk - ok

20:23:43.0062 4336 dmadmin - ok

20:23:43.0156 4336 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

20:23:43.0218 4336 dmboot - ok

20:23:43.0265 4336 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

20:23:43.0281 4336 dmio - ok

20:23:43.0312 4336 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

20:23:43.0328 4336 dmload - ok

20:23:43.0343 4336 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

20:23:43.0343 4336 dmserver - ok

20:23:43.0390 4336 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

20:23:43.0390 4336 DMusic - ok

20:23:43.0453 4336 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

20:23:43.0453 4336 Dnscache - ok

20:23:43.0515 4336 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

20:23:43.0531 4336 Dot3svc - ok

20:23:43.0531 4336 dpti2o - ok

20:23:43.0578 4336 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

20:23:43.0578 4336 drmkaud - ok

20:23:43.0609 4336 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

20:23:43.0609 4336 EapHost - ok

20:23:43.0640 4336 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

20:23:43.0656 4336 ERSvc - ok

20:23:43.0703 4336 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

20:23:43.0734 4336 Eventlog - ok

20:23:43.0812 4336 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

20:23:43.0828 4336 EventSystem - ok

20:23:44.0031 4336 EvtEng (4c6fa3fd55087b7c35707068723a1710) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

20:23:44.0078 4336 EvtEng - ok

20:23:44.0140 4336 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

20:23:44.0156 4336 Fastfat - ok

20:23:44.0203 4336 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

20:23:44.0250 4336 FastUserSwitchingCompatibility - ok

20:23:44.0265 4336 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

20:23:44.0281 4336 Fdc - ok

20:23:44.0296 4336 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

20:23:44.0296 4336 Fips - ok

20:23:44.0312 4336 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

20:23:44.0312 4336 Flpydisk - ok

20:23:44.0500 4336 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

20:23:44.0531 4336 FltMgr - ok

20:23:44.0703 4336 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

20:23:44.0703 4336 FontCache3.0.0.0 - ok

20:23:44.0734 4336 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

20:23:44.0750 4336 Fs_Rec - ok

20:23:44.0765 4336 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

20:23:44.0781 4336 Ftdisk - ok

20:23:44.0828 4336 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

20:23:44.0843 4336 Gpc - ok

20:23:44.0906 4336 GTIPCI21 (7d074058804ad398f93ca0a08af83ff2) C:\WINDOWS\system32\DRIVERS\gtipci21.sys

20:23:44.0906 4336 GTIPCI21 - ok

20:23:45.0046 4336 gupdate1c9a6233ac2f8f8 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

20:23:45.0046 4336 gupdate1c9a6233ac2f8f8 - ok

20:23:45.0062 4336 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

20:23:45.0062 4336 gupdatem - ok

20:23:45.0125 4336 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

20:23:45.0187 4336 gusvc - ok

20:23:45.0281 4336 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

20:23:45.0281 4336 helpsvc - ok

20:23:45.0312 4336 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

20:23:45.0312 4336 HidServ - ok

20:23:45.0375 4336 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

20:23:45.0375 4336 hidusb - ok

20:23:45.0421 4336 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

20:23:45.0421 4336 hkmsvc - ok

20:23:45.0437 4336 hpn - ok

20:23:45.0500 4336 HSFHWICH (140ba850417896b6b3322048de280368) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys

20:23:45.0515 4336 HSFHWICH - ok

20:23:45.0625 4336 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

20:23:45.0671 4336 HSF_DP - ok

20:23:45.0750 4336 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

20:23:45.0765 4336 HTTP - ok

20:23:45.0812 4336 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

20:23:45.0812 4336 HTTPFilter - ok

20:23:45.0828 4336 i2omgmt - ok

20:23:45.0843 4336 i2omp - ok

20:23:45.0875 4336 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

20:23:45.0875 4336 i8042prt - ok

20:23:45.0984 4336 ialm (d705558b6a678e894c5c67430eef67a2) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

20:23:46.0062 4336 ialm - ok

20:23:46.0218 4336 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

20:23:46.0234 4336 IDriverT - ok

20:23:46.0406 4336 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

20:23:46.0484 4336 idsvc - ok

20:23:46.0593 4336 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

20:23:46.0593 4336 Imapi - ok

20:23:46.0640 4336 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

20:23:46.0671 4336 ImapiService - ok

20:23:46.0687 4336 ini910u - ok

20:23:46.0750 4336 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

20:23:46.0750 4336 IntelIde - ok

20:23:46.0796 4336 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

20:23:46.0812 4336 intelppm - ok

20:23:46.0843 4336 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

20:23:46.0843 4336 Ip6Fw - ok

20:23:46.0875 4336 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

20:23:46.0875 4336 IpFilterDriver - ok

20:23:46.0890 4336 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

20:23:46.0890 4336 IpInIp - ok

20:23:46.0937 4336 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

20:23:46.0953 4336 IpNat - ok

20:23:47.0015 4336 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

20:23:47.0015 4336 IPSec - ok

20:23:47.0046 4336 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys

20:23:47.0062 4336 irda - ok

20:23:47.0109 4336 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

20:23:47.0109 4336 IRENUM - ok

20:23:47.0125 4336 Irmon (49cc4533ce897cb2e93c1e84a818fde5) C:\WINDOWS\System32\irmon.dll

20:23:47.0125 4336 Irmon - ok

20:23:47.0187 4336 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

20:23:47.0187 4336 isapnp - ok

20:23:47.0359 4336 JavaQuickStarterService (511ab23a292497f2c527eee5775b0bfe) C:\Program Files\Java\jre6\bin\jqs.exe

20:23:47.0375 4336 JavaQuickStarterService - ok

20:23:47.0437 4336 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

20:23:47.0437 4336 Kbdclass - ok

20:23:47.0453 4336 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

20:23:47.0468 4336 kbdhid - ok

20:23:47.0515 4336 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

20:23:47.0546 4336 kmixer - ok

20:23:47.0593 4336 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

20:23:47.0609 4336 KSecDD - ok

20:23:47.0640 4336 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

20:23:47.0671 4336 LanmanServer - ok

20:23:47.0734 4336 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

20:23:47.0750 4336 lanmanworkstation - ok

20:23:47.0765 4336 lbrtfdc - ok

20:23:47.0859 4336 LightScribeService (00944d59948596721d17510c94cd3e4f) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

20:23:47.0859 4336 LightScribeService - ok

20:23:47.0906 4336 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

20:23:47.0906 4336 LmHosts - ok

20:23:47.0953 4336 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys

20:23:47.0953 4336 MBAMProtector - ok

20:23:48.0062 4336 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

20:23:48.0125 4336 MBAMService - ok

20:23:48.0203 4336 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

20:23:48.0234 4336 MDM - ok

20:23:48.0281 4336 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

20:23:48.0281 4336 mdmxsdk - ok

20:23:48.0343 4336 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

20:23:48.0343 4336 Messenger - ok

20:23:48.0390 4336 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

20:23:48.0390 4336 mnmdd - ok

20:23:48.0437 4336 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

20:23:48.0453 4336 mnmsrvc - ok

20:23:48.0484 4336 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

20:23:48.0484 4336 Modem - ok

20:23:48.0515 4336 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

20:23:48.0515 4336 Mouclass - ok

20:23:48.0562 4336 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

20:23:48.0562 4336 mouhid - ok

20:23:48.0578 4336 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

20:23:48.0578 4336 MountMgr - ok

20:23:48.0593 4336 mraid35x - ok

20:23:48.0671 4336 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

20:23:48.0671 4336 MRxDAV - ok

20:23:48.0765 4336 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

20:23:48.0796 4336 MRxSmb - ok

20:23:48.0828 4336 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

20:23:48.0828 4336 MSDTC - ok

20:23:48.0859 4336 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

20:23:48.0859 4336 Msfs - ok

20:23:48.0875 4336 MSIServer - ok

20:23:48.0921 4336 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

20:23:48.0921 4336 MSKSSRV - ok

20:23:48.0953 4336 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

20:23:48.0953 4336 MSPCLOCK - ok

20:23:48.0984 4336 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

20:23:48.0984 4336 MSPQM - ok

20:23:49.0015 4336 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

20:23:49.0015 4336 mssmbios - ok

20:23:49.0078 4336 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

20:23:49.0093 4336 Mup - ok

20:23:49.0140 4336 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

20:23:49.0171 4336 napagent - ok

20:23:49.0218 4336 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

20:23:49.0234 4336 NDIS - ok

20:23:49.0296 4336 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

20:23:49.0296 4336 NdisTapi - ok

20:23:49.0359 4336 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

20:23:49.0359 4336 Ndisuio - ok

20:23:49.0406 4336 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

20:23:49.0406 4336 NdisWan - ok

20:23:49.0468 4336 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

20:23:49.0468 4336 NDProxy - ok

20:23:49.0484 4336 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

20:23:49.0484 4336 NetBIOS - ok

20:23:49.0515 4336 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

20:23:49.0531 4336 NetBT - ok

20:23:49.0578 4336 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

20:23:49.0609 4336 NetDDE - ok

20:23:49.0609 4336 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

20:23:49.0625 4336 NetDDEdsdm - ok

20:23:49.0671 4336 NetillaVPN (a84ae956ac7f9e493cac07ef98c1a3d1) C:\WINDOWS\system32\DRIVERS\Netva.sys

20:23:49.0671 4336 NetillaVPN - ok

20:23:49.0812 4336 NetillaVPNService (d5480f358c8781f46136df8c669b0d7a) C:\Program Files\AEP\SSLTunnel\nvpns.exe

20:23:49.0859 4336 NetillaVPNService - ok

20:23:49.0906 4336 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

20:23:49.0906 4336 Netlogon - ok

20:23:49.0937 4336 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

20:23:49.0968 4336 Netman - ok

20:23:50.0109 4336 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

20:23:50.0125 4336 NetTcpPortSharing - ok

20:23:50.0203 4336 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

20:23:50.0218 4336 Nla - ok

20:23:50.0250 4336 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

20:23:50.0250 4336 Npfs - ok

20:23:50.0390 4336 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

20:23:50.0437 4336 Ntfs - ok

20:23:50.0453 4336 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

20:23:50.0453 4336 NtLmSsp - ok

20:23:50.0515 4336 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

20:23:50.0562 4336 NtmsSvc - ok

20:23:50.0593 4336 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

20:23:50.0593 4336 Null - ok

20:23:50.0656 4336 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

20:23:50.0656 4336 NwlnkFlt - ok

20:23:50.0671 4336 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

20:23:50.0671 4336 NwlnkFwd - ok

20:23:50.0765 4336 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:23:50.0781 4336 ose - ok

20:23:50.0828 4336 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

20:23:50.0843 4336 Parport - ok

20:23:50.0859 4336 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

20:23:50.0859 4336 PartMgr - ok

20:23:50.0875 4336 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

20:23:50.0875 4336 ParVdm - ok

20:23:50.0906 4336 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

20:23:50.0921 4336 PCI - ok

20:23:50.0921 4336 PCIDump - ok

20:23:50.0968 4336 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

20:23:50.0968 4336 PCIIde - ok

20:23:51.0000 4336 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

20:23:51.0000 4336 Pcmcia - ok

20:23:51.0015 4336 PDCOMP - ok

20:23:51.0031 4336 PDFRAME - ok

20:23:51.0031 4336 PDRELI - ok

20:23:51.0046 4336 PDRFRAME - ok

20:23:51.0062 4336 perc2 - ok

20:23:51.0078 4336 perc2hib - ok

20:23:51.0140 4336 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

20:23:51.0140 4336 PlugPlay - ok

20:23:51.0156 4336 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

20:23:51.0156 4336 PolicyAgent - ok

20:23:51.0187 4336 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

20:23:51.0187 4336 PptpMiniport - ok

20:23:51.0203 4336 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

20:23:51.0203 4336 ProtectedStorage - ok

20:23:51.0218 4336 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

20:23:51.0218 4336 PSched - ok

20:23:51.0234 4336 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

20:23:51.0234 4336 Ptilink - ok

20:23:51.0250 4336 ql1080 - ok

20:23:51.0250 4336 Ql10wnt - ok

20:23:51.0265 4336 ql12160 - ok

20:23:51.0281 4336 ql1240 - ok

20:23:51.0296 4336 ql1280 - ok

20:23:51.0328 4336 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

20:23:51.0328 4336 RasAcd - ok

20:23:51.0375 4336 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

20:23:51.0375 4336 RasAuto - ok

20:23:51.0421 4336 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

20:23:51.0421 4336 Rasirda - ok

20:23:51.0468 4336 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

20:23:51.0468 4336 Rasl2tp - ok

20:23:51.0515 4336 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

20:23:51.0531 4336 RasMan - ok

20:23:51.0546 4336 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

20:23:51.0562 4336 RasPppoe - ok

20:23:51.0593 4336 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

20:23:51.0593 4336 Raspti - ok

20:23:51.0625 4336 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

20:23:51.0640 4336 Rdbss - ok

20:23:51.0656 4336 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

20:23:51.0656 4336 RDPCDD - ok

20:23:51.0718 4336 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

20:23:51.0734 4336 rdpdr - ok

20:23:51.0781 4336 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys

20:23:51.0796 4336 RDPWD - ok

20:23:51.0843 4336 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

20:23:51.0859 4336 RDSessMgr - ok

20:23:51.0890 4336 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

20:23:51.0890 4336 redbook - ok

20:23:52.0078 4336 RegSrvc (8ac155995f5d10fc0d3ad949a1a68075) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

20:23:52.0109 4336 RegSrvc - ok

20:23:52.0156 4336 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

20:23:52.0171 4336 RemoteAccess - ok

20:23:52.0218 4336 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

20:23:52.0218 4336 RemoteRegistry - ok

20:23:52.0265 4336 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

20:23:52.0265 4336 RpcLocator - ok

20:23:52.0343 4336 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll

20:23:52.0343 4336 RpcSs - ok

20:23:52.0406 4336 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

20:23:52.0421 4336 RSVP - ok

20:23:52.0531 4336 S24EventMonitor (131d50f081d2e29ebd1365b21f6b9736) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

20:23:52.0593 4336 S24EventMonitor - ok

20:23:52.0656 4336 s24trans (e2c6abcbefb1d44f6aaeb1cd5d6062d4) C:\WINDOWS\system32\DRIVERS\s24trans.sys

20:23:52.0656 4336 s24trans - ok

20:23:52.0703 4336 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

20:23:52.0718 4336 SamSs - ok

20:23:52.0796 4336 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

20:23:52.0796 4336 SASDIFSV - ok

20:23:52.0812 4336 SAS***IL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS

20:23:52.0828 4336 SAS***IL - ok

20:23:52.0875 4336 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

20:23:52.0890 4336 SCardSvr - ok

20:23:52.0968 4336 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

20:23:52.0984 4336 Schedule - ok

20:23:53.0015 4336 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

20:23:53.0015 4336 Secdrv - ok

20:23:53.0078 4336 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

20:23:53.0078 4336 seclogon - ok

20:23:53.0093 4336 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

20:23:53.0093 4336 SENS - ok

20:23:53.0156 4336 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

20:23:53.0156 4336 serenum - ok

20:23:53.0171 4336 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

20:23:53.0171 4336 Serial - ok

20:23:53.0234 4336 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

20:23:53.0234 4336 Sfloppy - ok

20:23:53.0312 4336 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

20:23:53.0343 4336 SharedAccess - ok

20:23:53.0406 4336 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

20:23:53.0421 4336 ShellHWDetection - ok

20:23:53.0421 4336 Simbad - ok

20:23:53.0468 4336 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys

20:23:53.0468 4336 SMCIRDA - ok

20:23:53.0484 4336 Sparrow - ok

20:23:53.0531 4336 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

20:23:53.0531 4336 splitter - ok

20:23:53.0593 4336 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

20:23:53.0609 4336 Spooler - ok

20:23:53.0656 4336 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

20:23:53.0656 4336 sr - ok

20:23:53.0687 4336 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

20:23:53.0718 4336 srservice - ok

20:23:53.0781 4336 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

20:23:53.0781 4336 Srv - ok

20:23:53.0828 4336 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

20:23:53.0828 4336 SSDPSRV - ok

20:23:53.0906 4336 STAC97 (305cc42945a713347f978d78566113f3) C:\WINDOWS\system32\drivers\STAC97.sys

20:23:53.0921 4336 STAC97 - ok

20:23:54.0015 4336 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

20:23:54.0031 4336 stisvc - ok

20:23:54.0093 4336 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

20:23:54.0093 4336 swenum - ok

20:23:54.0140 4336 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

20:23:54.0140 4336 swmidi - ok

20:23:54.0156 4336 SwPrv - ok

20:23:54.0171 4336 symc810 - ok

20:23:54.0187 4336 symc8xx - ok

20:23:54.0187 4336 sym_hi - ok

20:23:54.0203 4336 sym_u3 - ok

20:23:54.0234 4336 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

20:23:54.0250 4336 sysaudio - ok

20:23:54.0296 4336 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

20:23:54.0312 4336 SysmonLog - ok

20:23:54.0375 4336 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

20:23:54.0390 4336 TapiSrv - ok

20:23:54.0500 4336 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

20:23:54.0515 4336 Tcpip - ok

20:23:54.0578 4336 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

20:23:54.0578 4336 TDPIPE - ok

20:23:54.0609 4336 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

20:23:54.0609 4336 TDTCP - ok

20:23:54.0671 4336 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

20:23:54.0671 4336 TermDD - ok

20:23:54.0750 4336 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

20:23:54.0750 4336 TermService - ok

20:23:54.0781 4336 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

20:23:54.0796 4336 Themes - ok

20:23:54.0843 4336 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

20:23:54.0843 4336 TlntSvr - ok

20:23:54.0859 4336 TosIde - ok

20:23:54.0921 4336 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

20:23:54.0953 4336 TrkWks - ok

20:23:54.0984 4336 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

20:23:54.0984 4336 Udfs - ok

20:23:55.0000 4336 UIUSys - ok

20:23:55.0015 4336 ultra - ok

20:23:55.0093 4336 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

20:23:55.0125 4336 Update - ok

20:23:55.0171 4336 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

20:23:55.0187 4336 upnphost - ok

20:23:55.0218 4336 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

20:23:55.0218 4336 UPS - ok

20:23:55.0265 4336 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

20:23:55.0265 4336 usbccgp - ok

20:23:55.0296 4336 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

20:23:55.0312 4336 usbehci - ok

20:23:55.0328 4336 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

20:23:55.0343 4336 usbhub - ok

20:23:55.0359 4336 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

20:23:55.0359 4336 usbprint - ok

20:23:55.0390 4336 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

20:23:55.0390 4336 usbscan - ok

20:23:55.0437 4336 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

20:23:55.0453 4336 USBSTOR - ok

20:23:55.0468 4336 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

20:23:55.0468 4336 usbuhci - ok

20:23:55.0531 4336 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

20:23:55.0531 4336 VgaSave - ok

20:23:55.0546 4336 ViaIde - ok

20:23:55.0578 4336 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

20:23:55.0578 4336 VolSnap - ok

20:23:55.0640 4336 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

20:23:55.0656 4336 VSS - ok

20:23:55.0875 4336 w29n51 (d6006de6a6ed423d8016a03bc50cbe6b) C:\WINDOWS\system32\DRIVERS\w29n51.sys

20:23:56.0031 4336 w29n51 - ok

20:23:56.0187 4336 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

20:23:56.0203 4336 W32Time - ok

20:23:56.0265 4336 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

20:23:56.0265 4336 Wanarp - ok

20:23:56.0312 4336 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

20:23:56.0328 4336 wceusbsh - ok

20:23:56.0328 4336 WDICA - ok

20:23:56.0390 4336 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

20:23:56.0390 4336 wdmaud - ok

20:23:56.0421 4336 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

20:23:56.0437 4336 WebClient - ok

20:23:56.0546 4336 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

20:23:56.0593 4336 winachsf - ok

20:23:56.0703 4336 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

20:23:56.0734 4336 winmgmt - ok

20:23:56.0953 4336 WLANKEEPER (8880769b9f88918e27f8e7332aa1aa01) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

20:23:56.0984 4336 WLANKEEPER - ok

20:23:57.0046 4336 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll

20:23:57.0046 4336 WmdmPmSN - ok

20:23:57.0125 4336 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

20:23:57.0187 4336 Wmi - ok

20:23:57.0234 4336 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

20:23:57.0250 4336 WmiApSrv - ok

20:23:57.0343 4336 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

20:23:57.0343 4336 WS2IFSL - ok

20:23:57.0406 4336 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

20:23:57.0406 4336 wscsvc - ok

20:23:57.0453 4336 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

20:23:57.0484 4336 wuauserv - ok

20:23:57.0562 4336 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

20:23:57.0593 4336 WZCSVC - ok

20:23:57.0609 4336 xcpip - ok

20:23:57.0656 4336 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

20:23:57.0671 4336 xmlprov - ok

20:23:57.0687 4336 xpsec - ok

20:23:57.0734 4336 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

20:23:58.0546 4336 \Device\Harddisk0\DR0 - ok

20:23:58.0562 4336 Boot (0x1200) (91d123cdc670794bbef41be835648a46) \Device\Harddisk0\DR0\Partition0

20:23:58.0562 4336 \Device\Harddisk0\DR0\Partition0 - ok

20:23:58.0562 4336 ============================================================

20:23:58.0562 4336 Scan finished

20:23:58.0562 4336 ============================================================

20:23:58.0578 4224 Detected object count: 0

20:23:58.0578 4224 Actual detected object count: 0

20:25:09.0156 4500 Deinitialize success

AVG-scan:

"";"C:\WINDOWS\system32\winlogon.exe (1160)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (672)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (448)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (3740)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (3124)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1776)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1696)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1436)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\services.exe (1208)";"Trojan horse PSW.Agent.AUES";"Deleted"

"";"C:\WINDOWS\system32\igfxpers.exe (3708)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\hkcmd.exe (3700)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\alg.exe (3088)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\explorer.exe (5016)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (1872)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (1508)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (1284)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3968)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jqs.exe (2488)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3784)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (468)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (328)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2972)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3816)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1900)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (5588)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (2924)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (4076)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (480)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgtray.exe (1936)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (3288)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3920)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\winlogon.exe (1160):\memory_00ff0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (672):\memory_00930000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (672):\memory_008a0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (448):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (448):\memory_00af0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3740):\memory_00b50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3740):\memory_00ac0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3124):\memory_00c00000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3124):\memory_00b70000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1776):\memory_00a90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1776):\memory_00a10000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1696):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1696):\memory_00af0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1436):\memory_00a90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1436):\memory_00640000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\services.exe (1208):\memory_009c0000";"Trojan horse PSW.Agent.AUES";"Infected"

"";"C:\WINDOWS\system32\igfxpers.exe (3708):\memory_00cc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\hkcmd.exe (3700):\memory_00cd0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\alg.exe (3088):\memory_00aa0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (5016):\memory_00e10000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (5016):\memory_00d80000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (1872):\memory_00f50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (1508):\memory_05cf0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (1284):\memory_01230000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3968):\memory_00b20000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jqs.exe (2488):\memory_010d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3784):\memory_010b0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (468):\memory_01a50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (328):\memory_01400000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2972):\memory_006a0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3816):\memory_00f70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1900):\memory_01490000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (5588):\memory_00e90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (2924):\memory_008f0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (4076):\memory_00da0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (480):\memory_023d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgtray.exe (1936):\memory_01aa0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (3288):\memory_01c70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3920):\memory_008d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\drivers\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

13 augustus 2012

ä2scan + resultaten van avg-scan die daana is uitgevoerd. Lijkt een hardnekkig probleem.

Emsisoft Emergency Kit - Versie 2.0

Laatste Update: 11-8-2012 23:39:57

Scaninstellingen:

Scantype: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\

Scan archieven: Aan

ADS Scan: Aan

Scan gestart: 11-8-2012 23:40:27

C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_9d64955df7c56982_.sys.zip -> 9d64955df7c56982.sys.1 Ontdekt: Trojan.WinNT.Necurs!E2

C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_9d64955df7c56982_.sys.zip -> 9d64955df7c56982.sys Ontdekt: Trojan.WinNT.Necurs!E2

C:\Program Files\AEP\SSLTunnel\InstallVPN.exe Ontdekt: Trojan.Agent!E2

C:\Documents and Settings\Mirjam\Application Data\Sun\Java\Deployment\cache\6.0\31\2b3c0d1f-65222a6f -> rula\rulc.class Ontdekt: Exploit.Java.Blacole!E2

C:\Documents and Settings\Mirjam\Application Data\Sun\Java\Deployment\cache\6.0\31\2b3c0d1f-65222a6f -> rula\rulb.class Ontdekt: Exploit.Java.Blacole!E2

C:\Documents and Settings\Mirjam\Application Data\Sun\Java\Deployment\cache\6.0\31\2b3c0d1f-65222a6f -> rula\ruld.class Ontdekt: Exploit.Java.CVE-2012!E2

C:\Documents and Settings\Mirjam\Application Data\Sun\Java\Deployment\cache\6.0\31\2b3c0d1f-65222a6f -> rula\rula.class Ontdekt: Exploit.Java.Blacole!E2

Gescand 532251

Gevonden 7

Scan geëindigd: 12-8-2012 1:32:07

Scantijd: 1:51:40

C:\Documents and Settings\Mirjam\Application Data\Sun\Java\Deployment\cache\6.0\31\2b3c0d1f-65222a6f -> rula\ruld.class Verwijderd Exploit.Java.CVE-2012!E2

C:\Program Files\AEP\SSLTunnel\InstallVPN.exe Verwijderd Trojan.Agent!E2

C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\_9d64955df7c56982_.sys.zip -> 9d64955df7c56982.sys.1 Verwijderd Trojan.WinNT.Necurs!E2

Verwijderd 3

AVG-Scan

"";"C:\WINDOWS\system32\winlogon.exe (1164)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (836)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (668)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (3988)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (2264)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1796)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1756)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1460)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\services.exe (1212)";"Trojan horse PSW.Agent.AUES";"Deleted"

"";"C:\WINDOWS\system32\igfxpers.exe (3524)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\hkcmd.exe (3504)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\alg.exe (3164)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\explorer.exe (152)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3744)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (3672)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3736)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (1608)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3652)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3540)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (492)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (420)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2120)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3556)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1940)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (2320)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (3692)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (4052)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3640)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\winlogon.exe (1164):\memory_00ff0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (836):\memory_00b60000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (836):\memory_00ae0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (668):\memory_00930000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (668):\memory_008a0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3988):\memory_00b50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3988):\memory_00ac0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (2264):\memory_00c00000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (2264):\memory_00b70000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1796):\memory_00ad0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1796):\memory_00a10000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1756):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1756):\memory_00af0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1460):\memory_00a90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1460):\memory_00640000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\services.exe (1212):\memory_00aa0000";"Trojan horse PSW.Agent.AUES";"Infected"

"";"C:\WINDOWS\system32\igfxpers.exe (3524):\memory_00cc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\hkcmd.exe (3504):\memory_00cd0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\alg.exe (3164):\memory_00a60000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (152):\memory_01730000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (152):\memory_00ff0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3744):\memory_05cf0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (3672):\memory_01670000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3736):\memory_01280000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (1608):\memory_01310000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3652):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3540):\memory_010c0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (492):\memory_01a50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (420):\memory_01400000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2120):\memory_006a0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3556):\memory_00fc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1940):\memory_01890000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (2320):\memory_067d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (3692):\memory_00da0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (4052):\memory_02400000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3640):\memory_008d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"HKLM\SYSTEM\CurrentControlSet\services\atapi";"Found registry key with reference to infected file C:\WINDOWS\system32\DRIVERS\atapi.sys";"Moved to Virus Vault"

"";"C:\WINDOWS\system32\DRIVERS\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

"";"C:\WINDOWS\system32\drivers\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

10 augustus 2012

resultaten combofix en aansluitend avg-scan:

ComboFix 12-08-09.01 - Mirjam 10-08-2012 10:12:59.4.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.598 [GMT 2:00]

Running from: c:\documents and settings\Mirjam\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Mirjam\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

FILE ::

"c:\windows\system32\drivers\rxr1z_.sys"

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_RXR1Z_.SYS

-------\Service_xcpip

-------\Service_xpsec

.

((((((((((((((((((((((((( Files Created from 2012-07-10 to 2012-08-10 )))))))))))))))))))))))))))))))

.

2012-08-06 22:59 . 2012-08-06 22:59 -------- d-----w- c:\documents and settings\Mirjam\Application Data\SUPERAntiSpyware.com

2012-08-06 22:58 . 2012-08-07 09:12 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-08-06 22:58 . 2012-08-06 22:58 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com

2012-08-06 22:57 . 2012-08-06 22:57 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-08-06 21:05 . 2012-08-06 21:05 388096 ----a-r- c:\documents and settings\Mirjam\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-08-06 21:05 . 2012-08-06 21:05 -------- d-----w- c:\program files\Trend Micro

2012-08-03 11:51 . 2012-08-03 11:51 54016 ----a-w- c:\windows\system32\drivers\ixodm.sys

2012-08-02 22:31 . 2012-08-02 22:31 -------- d-----w- c:\documents and settings\Mirjam\Application Data\Malwarebytes

2012-08-02 22:31 . 2012-08-02 22:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-08-02 22:31 . 2012-08-02 22:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-08-02 22:31 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-02 21:08 . 2012-08-03 08:06 -------- d-----w- c:\documents and settings\Mirjam\Application Data\eType

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-02 22:25 . 2012-03-29 19:52 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-02 22:25 . 2011-07-31 21:24 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-13 13:19 . 2008-04-14 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:50 . 2008-04-14 12:00 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 15:50 . 2008-04-14 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32 . 2008-04-14 12:00 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 13:19 . 2008-10-16 13:09 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 13:19 . 2009-01-28 08:57 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 13:19 . 2009-01-28 08:57 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 13:19 . 2009-01-28 08:57 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 13:19 . 2008-10-16 13:07 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 13:19 . 2009-01-28 08:57 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 13:19 . 2009-01-28 08:57 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 13:19 . 2008-10-16 13:09 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 13:19 . 2008-10-16 13:07 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 13:19 . 2008-04-14 12:00 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 13:19 . 2008-10-16 13:07 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 13:19 . 2009-01-28 08:57 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 13:19 . 2009-01-28 08:57 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 13:18 . 2010-10-13 17:07 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-02 13:18 . 2010-10-13 17:07 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-02 13:18 . 2010-10-13 17:07 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22 . 2008-04-14 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-16 15:08 . 2008-04-14 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

Cryptography Services Error !!

.

((((((((((((((((((((((((((((( SnapShot@2012-08-02_23.19.50 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-07-15 21:15 . 2012-08-07 09:12 1137132 c:\windows\system32\Restore\rstrlog.dat

+ 2012-08-06 21:05 . 2012-08-06 21:05 1094656 c:\windows\Installer\5f2a31.msi

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\Wcescomm.exe" [2006-11-13 1289000]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-09 4777856]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-06-06 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-06-06 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-06-06 118784]

"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-02-21 819200]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-02-21 970752]

"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]

"DVDTray"="c:\program files\Ahead\ODD Toolkit\DVDTray.exe" [2004-09-03 65536]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-02-21 148888]

"SMSTray"="c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-12-14 132624]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"Nikon Transfer Monitor"="c:\program files\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-09-15 479232]

"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\Mirjam\Start Menu\Programs\Startup\

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\LimeWire\\LimeWire.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

"3389:TCP"= 3389:TCP:Remote Desktop

"65533:TCP"= 65533:TCP:Services

"52344:TCP"= 52344:TCP:Services

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [11-7-2011 1:14 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13-9-2011 6:30 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [11-7-2011 1:13 230608]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11-7-2011 1:14 295248]

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22-7-2011 18:27 12880]

R1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.SYS [12-7-2011 23:55 67664]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [12-10-2011 7:25 4433248]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2-8-2011 6:09 192776]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [3-8-2012 0:31 655944]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [11-7-2011 1:14 134608]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [11-7-2011 1:14 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [11-7-2011 1:14 16720]

R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [3-5-2004 17:26 80384]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [3-8-2012 0:31 22344]

R3 NetillaVPN;AEP VPN Adapter;c:\windows\system32\drivers\Netva.sys [12-8-2008 13:08 10112]

S0 cerc6;cerc6; [x]

S2 gupdate1c9a6233ac2f8f8;Google Updateservice (gupdate1c9a6233ac2f8f8);c:\program files\Google\Update\GoogleUpdate.exe [16-3-2009 12:37 133104]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [29-3-2012 21:52 250056]

S3 CFcatchme;CFcatchme;\??\c:\docume~1\Mirjam\LOCALS~1\Temp\CFcatchme.sys --> c:\docume~1\Mirjam\LOCALS~1\Temp\CFcatchme.sys [?]

S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [16-3-2009 12:37 133104]

S3 NetillaVPNService;AEP SSL Tunnel Helper Service;c:\program files\AEP\SSLTunnel\NVPNs.exe [12-8-2008 13:08 13824]

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 22:25]

.

2012-08-07 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-16 21:09]

.

2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-16 10:37]

.

2012-08-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-16 10:37]

.

2012-08-10 c:\windows\Tasks\User_Feed_Synchronization-{04FCF37C-6942-4AD6-8098-20AD25E9506F}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.nu.nl/

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Locate Spot on Map by GPS - c:\program files\Opanda\IExif 2.3\IExifMap.htm

IE: View Exif/GPS/IPTC with IExif - c:\program files\Opanda\IExif 2.3\IExifCom.htm

TCP: DhcpNameServer = 192.168.1.254 192.168.0.1

DPF: {37066585-F2BD-4F2E-A6C6-F2CB64EEE826} - hxxps://aloa.arcadis.nl/webapp/psvpns/VPNInstall.cab

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-08-10 10:26

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•A~*]

"3140210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1384)

c:\program files\SUPERAntiSpyware\SASWINLO.DLL

c:\windows\system32\WININET.dll

.

- - - - - - - > 'explorer.exe'(5636)

c:\windows\system32\WININET.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\IEFRAME.dll

.

------------------------ Other Running Processes ------------------------

.

c:\progra~1\AVG\AVG2012\avgrsx.exe

c:\program files\AVG\AVG2012\avgcsrvx.exe

c:\program files\Intel\Wireless\Bin\EvtEng.exe

c:\program files\Intel\Wireless\Bin\S24EvMon.exe

c:\program files\Intel\Wireless\Bin\WLKeeper.exe

c:\windows\System32\SCardSvr.exe

c:\progra~1\MI3AA1~1\rapimgr.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\program files\Intel\Wireless\Bin\RegSrvc.exe

c:\program files\AVG\AVG2012\avgnsx.exe

c:\program files\Intel\Wireless\Bin\Dot1XCfg.exe

.

**************************************************************************

.

Completion time: 2012-08-10 10:33:49 - machine was rebooted

ComboFix-quarantined-files.txt 2012-08-10 08:33

ComboFix2.txt 2012-08-08 20:44

ComboFix3.txt 2012-08-07 11:29

ComboFix4.txt 2012-08-02 23:35

.

Pre-Run: 14.616.731.648 bytes free

Post-Run: 14.608.093.184 bytes free

.

- - End Of File - - EBC33F07298740C8452635919F0546B6

"";"C:\WINDOWS\system32\wuauclt.exe (1568):\memory_027e0000";"Trojan horse PSW.Agent.ASJX";"Object is inaccessible."

"";"C:\WINDOWS\system32\wuauclt.exe (1568)";"Trojan horse PSW.Agent.ASJX";""

"";"C:\WINDOWS\system32\winlogon.exe (1384)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (3304)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1772)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1628)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\services.exe (1432)";"Trojan horse PSW.Agent.AUES";"Deleted"

"";"C:\WINDOWS\system32\igfxpers.exe (3644)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\hkcmd.exe (3636)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\explorer.exe (5636)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (452)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3848)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3832)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3708)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3652)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (504)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (356)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (3156)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3672)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1912)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (4128)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (3776)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (2604)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgui.exe (5920)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (3548)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3692)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\winlogon.exe (1384):\memory_00c40000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3304):\memory_00c00000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (3304):\memory_00b70000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1772):\memory_00ad0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1772):\memory_00a50000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1628):\memory_00ae0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1628):\memory_00a60000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\services.exe (1432):\memory_006a0000";"Trojan horse PSW.Agent.AUES";"Infected"

"";"C:\WINDOWS\system32\igfxpers.exe (3644):\memory_00cc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\hkcmd.exe (3636):\memory_00cd0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (5636):\memory_00ed0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (5636):\memory_00e40000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (452):\memory_00f50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (3848):\memory_05cf0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3832):\memory_01230000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (3708):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3652):\memory_02230000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (504):\memory_06980000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (356):\memory_01400000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (3156):\memory_006a0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (3672):\memory_06c30000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1912):\memory_00fb0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (4128):\memory_00e90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (3776):\memory_01e20000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (2604):\memory_023d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgui.exe (5920):\memory_025f0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (3548):\memory_01c70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3692):\memory_00900000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"HKLM\SYSTEM\CurrentControlSet\services\atapi";"Found registry key with reference to infected file C:\WINDOWS\system32\DRIVERS\atapi.sys";"Healed"

"";"C:\WINDOWS\system32\DRIVERS\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

10 augustus 2012

09:17:12.0625 3980 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

09:17:13.0062 3980 ============================================================

09:17:13.0062 3980 Current date / time: 2012/08/10 09:17:13.0062

09:17:13.0062 3980 SystemInfo:

09:17:13.0062 3980

09:17:13.0062 3980 OS Version: 5.1.2600 ServicePack: 3.0

09:17:13.0062 3980 Product type: Workstation

09:17:13.0062 3980 ComputerName: MIRJAM-303AF4B9

09:17:13.0062 3980 UserName: Mirjam

09:17:13.0062 3980 Windows directory: C:\WINDOWS

09:17:13.0062 3980 System windows directory: C:\WINDOWS

09:17:13.0062 3980 Processor architecture: Intel x86

09:17:13.0062 3980 Number of processors: 1

09:17:13.0062 3980 Page size: 0x1000

09:17:13.0062 3980 Boot type: Normal boot

09:17:13.0062 3980 ============================================================

09:17:17.0171 3980 Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000020

09:17:17.0171 3980 ============================================================

09:17:17.0171 3980 \Device\Harddisk0\DR0:

09:17:17.0171 3980 MBR partitions:

09:17:17.0171 3980 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A84E60

09:17:17.0171 3980 ============================================================

09:17:17.0328 3980 C: <-> \Device\Harddisk0\DR0\Partition0

09:17:17.0328 3980 ============================================================

09:17:17.0328 3980 Initialize success

09:17:17.0328 3980 ============================================================

09:17:33.0593 5496 ============================================================

09:17:33.0593 5496 Scan started

09:17:33.0593 5496 Mode: Manual;

09:17:33.0593 5496 ============================================================

09:17:34.0125 5496 Abiosdsk - ok

09:17:34.0140 5496 abp480n5 - ok

09:17:34.0171 5496 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

09:17:34.0187 5496 ACPI - ok

09:17:34.0234 5496 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

09:17:34.0234 5496 ACPIEC - ok

09:17:34.0343 5496 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

09:17:34.0359 5496 Adobe LM Service - ok

09:17:34.0468 5496 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

09:17:34.0500 5496 AdobeFlashPlayerUpdateSvc - ok

09:17:34.0515 5496 adpu160m - ok

09:17:34.0578 5496 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

09:17:34.0593 5496 aec - ok

09:17:34.0656 5496 AegisP (375eb0b97e3950adef3633c27a82438b) C:\WINDOWS\system32\DRIVERS\AegisP.sys

09:17:34.0671 5496 AegisP - ok

09:17:34.0734 5496 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

09:17:34.0750 5496 AFD - ok

09:17:34.0765 5496 Aha154x - ok

09:17:34.0765 5496 aic78u2 - ok

09:17:34.0781 5496 aic78xx - ok

09:17:34.0828 5496 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

09:17:34.0828 5496 Alerter - ok

09:17:34.0875 5496 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

09:17:34.0875 5496 ALG - ok

09:17:34.0890 5496 AliIde - ok

09:17:34.0890 5496 amsint - ok

09:17:34.0953 5496 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

09:17:34.0968 5496 AppMgmt - ok

09:17:34.0984 5496 asc - ok

09:17:34.0984 5496 asc3350p - ok

09:17:35.0000 5496 asc3550 - ok

09:17:35.0171 5496 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

09:17:35.0218 5496 aspnet_state - ok

09:17:35.0234 5496 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

09:17:35.0234 5496 AsyncMac - ok

09:17:35.0296 5496 atapi (4bd052a6bf351b00b87d2c18fa7fa9cb) C:\WINDOWS\system32\DRIVERS\atapi.sys

09:17:35.0312 5496 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\atapi.sys. Real md5: 4bd052a6bf351b00b87d2c18fa7fa9cb, Fake md5: 43769e974a1c5105171652f38e6cb8e2

09:17:35.0312 5496 atapi ( ForgedFile.Multi.Generic ) - warning

09:17:35.0312 5496 atapi - detected ForgedFile.Multi.Generic (1)

09:17:35.0328 5496 Atdisk - ok

09:17:35.0359 5496 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

09:17:35.0359 5496 Atmarpc - ok

09:17:35.0421 5496 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

09:17:35.0421 5496 AudioSrv - ok

09:17:35.0484 5496 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

09:17:35.0484 5496 audstub - ok

09:17:35.0890 5496 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

09:17:36.0156 5496 AVGIDSAgent - ok

09:17:36.0312 5496 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

09:17:36.0328 5496 AVGIDSDriver - ok

09:17:36.0343 5496 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

09:17:36.0359 5496 AVGIDSEH - ok

09:17:36.0375 5496 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

09:17:36.0390 5496 AVGIDSFilter - ok

09:17:36.0406 5496 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

09:17:36.0406 5496 AVGIDSShim - ok

09:17:36.0437 5496 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

09:17:36.0453 5496 Avgldx86 - ok

09:17:36.0468 5496 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

09:17:36.0468 5496 Avgmfx86 - ok

09:17:36.0531 5496 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

09:17:36.0531 5496 Avgrkx86 - ok

09:17:36.0625 5496 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

09:17:36.0656 5496 Avgtdix - ok

09:17:36.0796 5496 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe

09:17:36.0796 5496 avgwd - ok

09:17:36.0859 5496 b57w2k (2acf06176b9d011567d7f25b83ddd066) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

09:17:36.0859 5496 b57w2k - ok

09:17:36.0921 5496 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

09:17:36.0921 5496 Beep - ok

09:17:37.0000 5496 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

09:17:37.0031 5496 BITS - ok

09:17:37.0078 5496 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

09:17:37.0078 5496 Browser - ok

09:17:37.0093 5496 catchme - ok

09:17:37.0109 5496 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

09:17:37.0109 5496 cbidf2k - ok

09:17:37.0125 5496 cd20xrnt - ok

09:17:37.0156 5496 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

09:17:37.0156 5496 Cdaudio - ok

09:17:37.0218 5496 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

09:17:37.0218 5496 Cdfs - ok

09:17:37.0265 5496 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

09:17:37.0281 5496 Cdrom - ok

09:17:37.0296 5496 cerc6 - ok

09:17:37.0421 5496 CFcatchme - ok

09:17:37.0437 5496 Changer - ok

09:17:37.0468 5496 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

09:17:37.0468 5496 CiSvc - ok

09:17:37.0484 5496 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

09:17:37.0500 5496 ClipSrv - ok

09:17:37.0593 5496 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:17:37.0671 5496 clr_optimization_v2.0.50727_32 - ok

09:17:37.0734 5496 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

09:17:37.0734 5496 CmBatt - ok

09:17:37.0750 5496 CmdIde - ok

09:17:37.0796 5496 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

09:17:37.0796 5496 Compbatt - ok

09:17:37.0812 5496 COMSysApp - ok

09:17:37.0843 5496 Cpqarray - ok

09:17:37.0875 5496 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

09:17:37.0875 5496 CryptSvc - ok

09:17:37.0890 5496 dac2w2k - ok

09:17:37.0906 5496 dac960nt - ok

09:17:37.0984 5496 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

09:17:37.0984 5496 DcomLaunch - ok

09:17:38.0046 5496 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

09:17:38.0062 5496 Dhcp - ok

09:17:38.0093 5496 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

09:17:38.0093 5496 Disk - ok

09:17:38.0093 5496 dmadmin - ok

09:17:38.0187 5496 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

09:17:38.0250 5496 dmboot - ok

09:17:38.0281 5496 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

09:17:38.0296 5496 dmio - ok

09:17:38.0312 5496 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

09:17:38.0328 5496 dmload - ok

09:17:38.0390 5496 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

09:17:38.0453 5496 dmserver - ok

09:17:38.0546 5496 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

09:17:38.0546 5496 DMusic - ok

09:17:38.0609 5496 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

09:17:38.0609 5496 Dnscache - ok

09:17:38.0656 5496 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

09:17:38.0671 5496 Dot3svc - ok

09:17:38.0671 5496 dpti2o - ok

09:17:38.0718 5496 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

09:17:38.0734 5496 drmkaud - ok

09:17:38.0781 5496 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

09:17:38.0796 5496 EapHost - ok

09:17:38.0828 5496 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

09:17:38.0828 5496 ERSvc - ok

09:17:38.0890 5496 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

09:17:38.0906 5496 Eventlog - ok

09:17:38.0984 5496 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

09:17:39.0000 5496 EventSystem - ok

09:17:39.0203 5496 EvtEng (4c6fa3fd55087b7c35707068723a1710) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

09:17:39.0250 5496 EvtEng - ok

09:17:39.0312 5496 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

09:17:39.0343 5496 Fastfat - ok

09:17:39.0406 5496 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

09:17:39.0421 5496 FastUserSwitchingCompatibility - ok

09:17:39.0468 5496 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

09:17:39.0468 5496 Fdc - ok

09:17:39.0484 5496 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

09:17:39.0484 5496 Fips - ok

09:17:39.0500 5496 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

09:17:39.0500 5496 Flpydisk - ok

09:17:39.0578 5496 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

09:17:39.0593 5496 FltMgr - ok

09:17:39.0734 5496 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

09:17:39.0734 5496 FontCache3.0.0.0 - ok

09:17:39.0765 5496 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

09:17:39.0765 5496 Fs_Rec - ok

09:17:39.0812 5496 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

09:17:39.0859 5496 Ftdisk - ok

09:17:39.0906 5496 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

09:17:39.0906 5496 Gpc - ok

09:17:39.0968 5496 GTIPCI21 (7d074058804ad398f93ca0a08af83ff2) C:\WINDOWS\system32\DRIVERS\gtipci21.sys

09:17:39.0968 5496 GTIPCI21 - ok

09:17:40.0125 5496 gupdate1c9a6233ac2f8f8 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

09:17:40.0140 5496 gupdate1c9a6233ac2f8f8 - ok

09:17:40.0156 5496 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

09:17:40.0156 5496 gupdatem - ok

09:17:40.0218 5496 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

09:17:40.0234 5496 gusvc - ok

09:17:40.0312 5496 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

09:17:40.0312 5496 helpsvc - ok

09:17:40.0359 5496 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

09:17:40.0359 5496 HidServ - ok

09:17:40.0421 5496 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

09:17:40.0421 5496 hidusb - ok

09:17:40.0468 5496 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

09:17:40.0468 5496 hkmsvc - ok

09:17:40.0484 5496 hpn - ok

09:17:40.0546 5496 HSFHWICH (140ba850417896b6b3322048de280368) C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys

09:17:40.0562 5496 HSFHWICH - ok

09:17:40.0656 5496 HSF_DP (b2dfc168d6f7512faea085253c5a37ad) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

09:17:40.0734 5496 HSF_DP - ok

09:17:40.0796 5496 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

09:17:40.0828 5496 HTTP - ok

09:17:40.0875 5496 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

09:17:40.0890 5496 HTTPFilter - ok

09:17:40.0906 5496 i2omgmt - ok

09:17:40.0937 5496 i2omp - ok

09:17:40.0984 5496 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

09:17:40.0984 5496 i8042prt - ok

09:17:41.0093 5496 ialm (d705558b6a678e894c5c67430eef67a2) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

09:17:41.0171 5496 ialm - ok

09:17:41.0328 5496 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

09:17:41.0328 5496 IDriverT - ok

09:17:41.0515 5496 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

09:17:41.0578 5496 idsvc - ok

09:17:41.0687 5496 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

09:17:41.0687 5496 Imapi - ok

09:17:41.0765 5496 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

09:17:41.0781 5496 ImapiService - ok

09:17:41.0796 5496 ini910u - ok

09:17:41.0859 5496 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

09:17:41.0859 5496 IntelIde - ok

09:17:41.0921 5496 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

09:17:41.0921 5496 intelppm - ok

09:17:41.0953 5496 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

09:17:41.0953 5496 Ip6Fw - ok

09:17:42.0000 5496 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

09:17:42.0000 5496 IpFilterDriver - ok

09:17:42.0031 5496 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

09:17:42.0031 5496 IpInIp - ok

09:17:42.0093 5496 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

09:17:42.0109 5496 IpNat - ok

09:17:42.0156 5496 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

09:17:42.0171 5496 IPSec - ok

09:17:42.0187 5496 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys

09:17:42.0187 5496 irda - ok

09:17:42.0234 5496 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

09:17:42.0250 5496 IRENUM - ok

09:17:42.0265 5496 Irmon (49cc4533ce897cb2e93c1e84a818fde5) C:\WINDOWS\System32\irmon.dll

09:17:42.0265 5496 Irmon - ok

09:17:42.0328 5496 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

09:17:42.0328 5496 isapnp - ok

09:17:42.0484 5496 JavaQuickStarterService (511ab23a292497f2c527eee5775b0bfe) C:\Program Files\Java\jre6\bin\jqs.exe

09:17:42.0500 5496 JavaQuickStarterService - ok

09:17:42.0531 5496 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

09:17:42.0531 5496 Kbdclass - ok

09:17:42.0578 5496 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

09:17:42.0578 5496 kbdhid - ok

09:17:42.0640 5496 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

09:17:42.0656 5496 kmixer - ok

09:17:42.0718 5496 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

09:17:42.0734 5496 KSecDD - ok

09:17:42.0796 5496 LanmanServer (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

09:17:42.0796 5496 LanmanServer - ok

09:17:42.0859 5496 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

09:17:42.0875 5496 lanmanworkstation - ok

09:17:42.0890 5496 lbrtfdc - ok

09:17:42.0953 5496 LightScribeService (00944d59948596721d17510c94cd3e4f) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

09:17:42.0953 5496 LightScribeService - ok

09:17:43.0015 5496 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

09:17:43.0015 5496 LmHosts - ok

09:17:43.0046 5496 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys

09:17:43.0046 5496 MBAMProtector - ok

09:17:43.0187 5496 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

09:17:43.0234 5496 MBAMService - ok

09:17:43.0343 5496 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

09:17:43.0359 5496 MDM - ok

09:17:43.0421 5496 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

09:17:43.0421 5496 mdmxsdk - ok

09:17:43.0468 5496 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

09:17:43.0468 5496 Messenger - ok

09:17:43.0515 5496 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

09:17:43.0515 5496 mnmdd - ok

09:17:43.0562 5496 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

09:17:43.0578 5496 mnmsrvc - ok

09:17:43.0609 5496 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

09:17:43.0625 5496 Modem - ok

09:17:43.0656 5496 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

09:17:43.0656 5496 Mouclass - ok

09:17:43.0765 5496 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

09:17:43.0796 5496 mouhid - ok

09:17:43.0828 5496 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

09:17:43.0828 5496 MountMgr - ok

09:17:43.0843 5496 mraid35x - ok

09:17:43.0875 5496 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

09:17:43.0875 5496 MRxDAV - ok

09:17:43.0984 5496 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

09:17:44.0015 5496 MRxSmb - ok

09:17:44.0046 5496 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

09:17:44.0046 5496 MSDTC - ok

09:17:44.0078 5496 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

09:17:44.0078 5496 Msfs - ok

09:17:44.0093 5496 MSIServer - ok

09:17:44.0109 5496 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

09:17:44.0109 5496 MSKSSRV - ok

09:17:44.0140 5496 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

09:17:44.0140 5496 MSPCLOCK - ok

09:17:44.0156 5496 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

09:17:44.0171 5496 MSPQM - ok

09:17:44.0218 5496 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

09:17:44.0234 5496 mssmbios - ok

09:17:44.0281 5496 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

09:17:44.0296 5496 Mup - ok

09:17:44.0343 5496 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

09:17:44.0375 5496 napagent - ok

09:17:44.0453 5496 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

09:17:44.0468 5496 NDIS - ok

09:17:44.0531 5496 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

09:17:44.0531 5496 NdisTapi - ok

09:17:44.0578 5496 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

09:17:44.0578 5496 Ndisuio - ok

09:17:44.0625 5496 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

09:17:44.0625 5496 NdisWan - ok

09:17:44.0687 5496 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

09:17:44.0687 5496 NDProxy - ok

09:17:44.0703 5496 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

09:17:44.0703 5496 NetBIOS - ok

09:17:44.0734 5496 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

09:17:44.0750 5496 NetBT - ok

09:17:44.0812 5496 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

09:17:44.0828 5496 NetDDE - ok

09:17:44.0843 5496 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

09:17:44.0843 5496 NetDDEdsdm - ok

09:17:44.0890 5496 NetillaVPN (a84ae956ac7f9e493cac07ef98c1a3d1) C:\WINDOWS\system32\DRIVERS\Netva.sys

09:17:44.0890 5496 NetillaVPN - ok

09:17:44.0984 5496 NetillaVPNService (d5480f358c8781f46136df8c669b0d7a) C:\Program Files\AEP\SSLTunnel\nvpns.exe

09:17:44.0984 5496 NetillaVPNService - ok

09:17:45.0015 5496 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

09:17:45.0015 5496 Netlogon - ok

09:17:45.0062 5496 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

09:17:45.0062 5496 Netman - ok

09:17:45.0218 5496 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

09:17:45.0234 5496 NetTcpPortSharing - ok

09:17:45.0312 5496 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

09:17:45.0375 5496 Nla - ok

09:17:45.0437 5496 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

09:17:45.0437 5496 Npfs - ok

09:17:45.0531 5496 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

09:17:45.0578 5496 Ntfs - ok

09:17:45.0593 5496 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

09:17:45.0593 5496 NtLmSsp - ok

09:17:45.0640 5496 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

09:17:45.0687 5496 NtmsSvc - ok

09:17:45.0718 5496 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

09:17:45.0718 5496 Null - ok

09:17:45.0781 5496 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

09:17:45.0781 5496 NwlnkFlt - ok

09:17:45.0796 5496 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

09:17:45.0812 5496 NwlnkFwd - ok

09:17:45.0906 5496 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:17:45.0921 5496 ose - ok

09:17:45.0968 5496 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

09:17:45.0968 5496 Parport - ok

09:17:45.0984 5496 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

09:17:46.0000 5496 PartMgr - ok

09:17:46.0046 5496 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

09:17:46.0046 5496 ParVdm - ok

09:17:46.0078 5496 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

09:17:46.0078 5496 PCI - ok

09:17:46.0093 5496 PCIDump - ok

09:17:46.0125 5496 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

09:17:46.0125 5496 PCIIde - ok

09:17:46.0140 5496 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

09:17:46.0156 5496 Pcmcia - ok

09:17:46.0156 5496 PDCOMP - ok

09:17:46.0171 5496 PDFRAME - ok

09:17:46.0187 5496 PDRELI - ok

09:17:46.0203 5496 PDRFRAME - ok

09:17:46.0203 5496 perc2 - ok

09:17:46.0218 5496 perc2hib - ok

09:17:46.0296 5496 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

09:17:46.0296 5496 PlugPlay - ok

09:17:46.0312 5496 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

09:17:46.0312 5496 PolicyAgent - ok

09:17:46.0406 5496 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

09:17:46.0406 5496 PptpMiniport - ok

09:17:46.0421 5496 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

09:17:46.0421 5496 ProtectedStorage - ok

09:17:46.0437 5496 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

09:17:46.0453 5496 PSched - ok

09:17:46.0484 5496 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

09:17:46.0484 5496 Ptilink - ok

09:17:46.0500 5496 ql1080 - ok

09:17:46.0515 5496 Ql10wnt - ok

09:17:46.0515 5496 ql12160 - ok

09:17:46.0531 5496 ql1240 - ok

09:17:46.0546 5496 ql1280 - ok

09:17:46.0578 5496 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

09:17:46.0578 5496 RasAcd - ok

09:17:46.0609 5496 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

09:17:46.0625 5496 RasAuto - ok

09:17:46.0671 5496 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys

09:17:46.0671 5496 Rasirda - ok

09:17:46.0687 5496 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

09:17:46.0703 5496 Rasl2tp - ok

09:17:46.0734 5496 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

09:17:46.0750 5496 RasMan - ok

09:17:46.0765 5496 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

09:17:46.0765 5496 RasPppoe - ok

09:17:46.0781 5496 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

09:17:46.0781 5496 Raspti - ok

09:17:46.0828 5496 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

09:17:46.0843 5496 Rdbss - ok

09:17:46.0859 5496 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

09:17:46.0875 5496 RDPCDD - ok

09:17:46.0921 5496 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

09:17:46.0937 5496 rdpdr - ok

09:17:47.0000 5496 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys

09:17:47.0031 5496 RDPWD - ok

09:17:47.0078 5496 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

09:17:47.0093 5496 RDSessMgr - ok

09:17:47.0125 5496 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

09:17:47.0140 5496 redbook - ok

09:17:47.0312 5496 RegSrvc (8ac155995f5d10fc0d3ad949a1a68075) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

09:17:47.0343 5496 RegSrvc - ok

09:17:47.0406 5496 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

09:17:47.0406 5496 RemoteAccess - ok

09:17:47.0484 5496 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

09:17:47.0484 5496 RemoteRegistry - ok

09:17:47.0531 5496 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

09:17:47.0531 5496 RpcLocator - ok

09:17:47.0593 5496 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll

09:17:47.0609 5496 RpcSs - ok

09:17:47.0671 5496 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

09:17:47.0703 5496 RSVP - ok

09:17:47.0812 5496 S24EventMonitor (131d50f081d2e29ebd1365b21f6b9736) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

09:17:47.0875 5496 S24EventMonitor - ok

09:17:47.0921 5496 s24trans (e2c6abcbefb1d44f6aaeb1cd5d6062d4) C:\WINDOWS\system32\DRIVERS\s24trans.sys

09:17:47.0921 5496 s24trans - ok

09:17:47.0984 5496 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

09:17:47.0984 5496 SamSs - ok

09:17:48.0078 5496 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

09:17:48.0078 5496 SASDIFSV - ok

09:17:48.0093 5496 SAS***IL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS

09:17:48.0093 5496 SAS***IL - ok

09:17:48.0156 5496 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

09:17:48.0171 5496 SCardSvr - ok

09:17:48.0234 5496 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

09:17:48.0281 5496 Schedule - ok

09:17:48.0312 5496 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

09:17:48.0328 5496 Secdrv - ok

09:17:48.0359 5496 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

09:17:48.0359 5496 seclogon - ok

09:17:48.0468 5496 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

09:17:48.0468 5496 SENS - ok

09:17:48.0546 5496 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

09:17:48.0562 5496 serenum - ok

09:17:48.0609 5496 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

09:17:48.0609 5496 Serial - ok

09:17:48.0671 5496 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

09:17:48.0671 5496 Sfloppy - ok

09:17:48.0750 5496 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

09:17:48.0765 5496 SharedAccess - ok

09:17:48.0828 5496 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

09:17:48.0828 5496 ShellHWDetection - ok

09:17:48.0843 5496 Simbad - ok

09:17:48.0890 5496 SMCIRDA (707647a1aa0edb6cbef61b0c75c28ed3) C:\WINDOWS\system32\DRIVERS\smcirda.sys

09:17:48.0890 5496 SMCIRDA - ok

09:17:48.0906 5496 Sparrow - ok

09:17:48.0953 5496 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

09:17:48.0953 5496 splitter - ok

09:17:49.0015 5496 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

09:17:49.0015 5496 Spooler - ok

09:17:49.0078 5496 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

09:17:49.0078 5496 sr - ok

09:17:49.0125 5496 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

09:17:49.0125 5496 srservice - ok

09:17:49.0187 5496 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

09:17:49.0203 5496 Srv - ok

09:17:49.0296 5496 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

09:17:49.0296 5496 SSDPSRV - ok

09:17:49.0375 5496 STAC97 (305cc42945a713347f978d78566113f3) C:\WINDOWS\system32\drivers\STAC97.sys

09:17:49.0390 5496 STAC97 - ok

09:17:49.0453 5496 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

09:17:49.0453 5496 stisvc - ok

09:17:49.0500 5496 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

09:17:49.0515 5496 swenum - ok

09:17:49.0531 5496 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

09:17:49.0531 5496 swmidi - ok

09:17:49.0546 5496 SwPrv - ok

09:17:49.0562 5496 symc810 - ok

09:17:49.0578 5496 symc8xx - ok

09:17:49.0593 5496 sym_hi - ok

09:17:49.0609 5496 sym_u3 - ok

09:17:49.0656 5496 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

09:17:49.0671 5496 sysaudio - ok

09:17:49.0718 5496 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

09:17:49.0734 5496 SysmonLog - ok

09:17:49.0781 5496 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

09:17:49.0796 5496 TapiSrv - ok

09:17:49.0859 5496 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

09:17:49.0890 5496 Tcpip - ok

09:17:49.0953 5496 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

09:17:49.0953 5496 TDPIPE - ok

09:17:49.0984 5496 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

09:17:49.0984 5496 TDTCP - ok

09:17:50.0000 5496 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

09:17:50.0015 5496 TermDD - ok

09:17:50.0046 5496 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

09:17:50.0062 5496 TermService - ok

09:17:50.0125 5496 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

09:17:50.0125 5496 Themes - ok

09:17:50.0171 5496 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

09:17:50.0187 5496 TlntSvr - ok

09:17:50.0203 5496 TosIde - ok

09:17:50.0250 5496 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

09:17:50.0265 5496 TrkWks - ok

09:17:50.0296 5496 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

09:17:50.0296 5496 Udfs - ok

09:17:50.0312 5496 UIUSys - ok

09:17:50.0328 5496 ultra - ok

09:17:50.0421 5496 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

09:17:50.0453 5496 Update - ok

09:17:50.0500 5496 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

09:17:50.0515 5496 upnphost - ok

09:17:50.0546 5496 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

09:17:50.0546 5496 UPS - ok

09:17:50.0625 5496 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

09:17:50.0625 5496 usbccgp - ok

09:17:50.0765 5496 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

09:17:50.0781 5496 usbehci - ok

09:17:50.0796 5496 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

09:17:50.0796 5496 usbhub - ok

09:17:50.0828 5496 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

09:17:50.0843 5496 usbprint - ok

09:17:50.0859 5496 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

09:17:50.0859 5496 usbscan - ok

09:17:50.0906 5496 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

09:17:50.0906 5496 USBSTOR - ok

09:17:50.0968 5496 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

09:17:50.0968 5496 usbuhci - ok

09:17:51.0078 5496 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

09:17:51.0078 5496 VgaSave - ok

09:17:51.0093 5496 ViaIde - ok

09:17:51.0125 5496 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

09:17:51.0125 5496 VolSnap - ok

09:17:51.0187 5496 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

09:17:51.0203 5496 VSS - ok

09:17:51.0421 5496 w29n51 (d6006de6a6ed423d8016a03bc50cbe6b) C:\WINDOWS\system32\DRIVERS\w29n51.sys

09:17:51.0578 5496 w29n51 - ok

09:17:51.0750 5496 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

09:17:51.0765 5496 W32Time - ok

09:17:51.0828 5496 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

09:17:51.0843 5496 Wanarp - ok

09:17:51.0890 5496 wceusbsh (46a247f6617526afe38b6f12f5512120) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys

09:17:51.0906 5496 wceusbsh - ok

09:17:51.0906 5496 WDICA - ok

09:17:51.0984 5496 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

09:17:51.0984 5496 wdmaud - ok

09:17:52.0046 5496 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

09:17:52.0062 5496 WebClient - ok

09:17:52.0156 5496 winachsf (2dc7c0b6175a0a8ed84a4f70199c93b5) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

09:17:52.0203 5496 winachsf - ok

09:17:52.0312 5496 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

09:17:52.0312 5496 winmgmt - ok

09:17:52.0515 5496 WLANKEEPER (8880769b9f88918e27f8e7332aa1aa01) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

09:17:52.0546 5496 WLANKEEPER - ok

09:17:52.0593 5496 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll

09:17:52.0593 5496 WmdmPmSN - ok

09:17:52.0687 5496 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

09:17:52.0734 5496 Wmi - ok

09:17:52.0796 5496 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

09:17:52.0812 5496 WmiApSrv - ok

09:17:52.0906 5496 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

09:17:52.0921 5496 WS2IFSL - ok

09:17:52.0984 5496 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

09:17:52.0984 5496 wscsvc - ok

09:17:53.0046 5496 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

09:17:53.0062 5496 wuauserv - ok

09:17:53.0140 5496 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

09:17:53.0156 5496 WZCSVC - ok

09:17:53.0156 5496 xcpip - ok

09:17:53.0218 5496 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

09:17:53.0234 5496 xmlprov - ok

09:17:53.0250 5496 xpsec - ok

09:17:53.0328 5496 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

09:17:54.0156 5496 \Device\Harddisk0\DR0 - ok

09:17:54.0156 5496 Boot (0x1200) (91d123cdc670794bbef41be835648a46) \Device\Harddisk0\DR0\Partition0

09:17:54.0171 5496 \Device\Harddisk0\DR0\Partition0 - ok

09:17:54.0171 5496 ============================================================

09:17:54.0171 5496 Scan finished

09:17:54.0187 5496 ============================================================

09:17:54.0218 5488 Detected object count: 1

09:17:54.0218 5488 Actual detected object count: 1

09:18:11.0218 5488 atapi ( ForgedFile.Multi.Generic ) - skipped by user

09:18:11.0218 5488 atapi ( ForgedFile.Multi.Generic ) - User select action: Skip

9 augustus 2012

"";""";"HKLM\SYSTEM\CurrentControlSet\services\atapi";"Found registry key with reference to infected file C:\WINDOWS\system32\DRIVERS\atapi.sys";"Moved to Virus Vault"

"";"C:\WINDOWS\system32\DRIVERS\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

"";"C:\WINDOWS\system32\drivers\atapi.sys";"Corrupted executable file";"Object is white-listed (critical/system file that should not be removed)"

"";"C:\WINDOWS\system32\wuauclt.exe (2836)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\winlogon.exe (1168)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (788)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (772)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (560)";"Trojan horse PSW.Agent.AUET";"Deleted"

C:\WINDOWS\system32\svchost.exe (2532)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1716)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1640)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\svchost.exe (1412)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\WINDOWS\system32\services.exe (1220)";"Trojan horse PSW.Agent.AUES";"Deleted"

"";"C:\WINDOWS\system32\igfxpers.exe (264)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\hkcmd.exe (1848)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\alg.exe (3300)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\explorer.exe (160)";"Trojan horse PSW.Agent.AUET";"Deleted"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (2096)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (528)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (3776)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3964)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (256)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Java\jre6\bin\jucheck.exe (2448)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Internet Explorer\iexplore.exe (4948)";"Trojan horse PSW.Agent.ARMW";"Deleted"

"";"C:\Program Files\Internet Explorer\iexplore.exe (3536)";"Trojan horse PSW.Agent.ARMW";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3704)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (472)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (336)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2400)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (1620)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1860)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (2892)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (3848)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (1136)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\AVG\AVG2012\avgmfapx.exe (4736)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3760)";"Trojan horse PSW.Agent.ASJX";"Deleted"

"";"C:\WINDOWS\system32\wuauclt.exe (2836):\memory_027e0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\winlogon.exe (1168):\memory_00df0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (788):\memory_00b50000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (788):\memory_00ac0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (772):\memory_00c30000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (772):\memory_00bb0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (560):\memory_00930000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (560):\memory_008a0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (2532):\memory_00c00000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (2532):\memory_00b70000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1716):\memory_00ae0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1716):\memory_00a10000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1640):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1640):\memory_00af0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1412):\memory_00a90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\svchost.exe (1412):\memory_00640000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\WINDOWS\system32\services.exe (1220):\memory_009b0000";"Trojan horse PSW.Agent.AUES";"Infected"

"";"C:\WINDOWS\system32\igfxpers.exe (264):\memory_00cc0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\hkcmd.exe (1848):\memory_00cd0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\system32\alg.exe (3300):\memory_00aa0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (160):\memory_01730000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\WINDOWS\explorer.exe (160):\memory_00ff0000";"Trojan horse PSW.Agent.AUET";"Infected"

"";"C:\PROGRA~1\MI3AA1~1\rapimgr.exe (2096):\memory_00e90000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (528):\memory_05cf0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe (3776):\memory_01470000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Microsoft ActiveSync\wcescomm.exe (3964):\memory_01280000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jusched.exe (256):\memory_00b70000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Java\jre6\bin\jucheck.exe (2448):\memory_00df0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Internet Explorer\iexplore.exe (4948):\memory_02000000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Internet Explorer\iexplore.exe (4948):\memory_009d0000";"Trojan horse PSW.Agent.ARMW";"Infected"

"";"C:\Program Files\Internet Explorer\iexplore.exe (3536):\memory_00f20000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Internet Explorer\iexplore.exe (3536):\memory_009c0000";"Trojan horse PSW.Agent.ARMW";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe (3704):\memory_01050000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (472):\memory_06c80000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (336):\memory_01b20000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (2400):\memory_006a0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe (1620):\memory_013c0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (1860):\memory_00fb0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe (2892):\memory_01620000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (3848):\memory_00d40000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgwdsvc.exe (1136):\memory_019e0000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\AVG\AVG2012\avgmfapx.exe (4736):\memory_01090000";"Trojan horse PSW.Agent.ASJX";"Infected"

"";"C:\Program Files\Ahead\ODD Toolkit\dvdtray.exe (3760):\memory_008d0000";"Trojan horse PSW.Agent.ASJX";"Infected"

8 augustus 2012

ComboFix 12-08-08.01 - Mirjam 08-08-2012 22:10:30.3.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1015.410 [GMT 2:00]

Running from: c:\documents and settings\Mirjam\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Mirjam\Desktop\CFScript.txt

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

FILE ::

"c:\windows\system32\drivers\ixodm.sys"

"c:\windows\system32\drivers\rxr1z_.sys"

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\Mirjam\Local Settings\Application Data\Ilivid Player

c:\documents and settings\Mirjam\Local Settings\Application Data\Ilivid Player\script.qscript

c:\program files\iLivid

c:\program files\iLivid\fantastic\icon.ico

c:\program files\iLivid\ftalk.ico

c:\program files\iLivid\Helper.dll

c:\program files\iLivid\ilivid.exe

c:\program files\iLivid\ilivid.ico

c:\program files\iLivid\imageformats\qgif4.dll

c:\program files\iLivid\imageformats\qjpeg4.dll

c:\program files\iLivid\libeay32.dll

c:\program files\iLivid\libgcc_s_dw2-1.dll

c:\program files\iLivid\mingwm10.dll

c:\program files\iLivid\phonon4.dll

c:\program files\iLivid\QtCore4.dll

c:\program files\iLivid\QtGui4.dll

c:\program files\iLivid\QtNetwork4.dll

c:\program files\iLivid\QtScript4.dll

c:\program files\iLivid\QtSvg4.dll

c:\program files\iLivid\QtWebKit4.dll

c:\program files\iLivid\QtXmlPatterns4.dll

c:\program files\iLivid\script.qscript

c:\program files\iLivid\script1.81.qscript

c:\program files\iLivid\ssleay32.dll

c:\program files\iLivid\uninstall.exe

c:\program files\iLivid\VLC\activex\axvlc.dll

c:\program files\iLivid\VLC\activex\axvlc.dll.manifest

c:\program files\iLivid\VLC\activex\README.TXT

c:\program files\iLivid\VLC\activex\test.html

c:\program files\iLivid\VLC\AUTHORS.txt

c:\program files\iLivid\VLC\COPYING.txt

c:\program files\iLivid\VLC\http\.hosts

c:\program files\iLivid\VLC\http\dialogs\.hosts

c:\program files\iLivid\VLC\http\dialogs\browse

c:\program files\iLivid\VLC\http\dialogs\footer

c:\program files\iLivid\VLC\http\dialogs\input

c:\program files\iLivid\VLC\http\dialogs\main

c:\program files\iLivid\VLC\http\dialogs\mosaic

c:\program files\iLivid\VLC\http\dialogs\playlist

c:\program files\iLivid\VLC\http\dialogs\sout

c:\program files\iLivid\VLC\http\dialogs\vlm

c:\program files\iLivid\VLC\http\favicon.ico

c:\program files\iLivid\VLC\http\flash.html

c:\program files\iLivid\VLC\http\iehacks.css

c:\program files\iLivid\VLC\http\images\delete.png

c:\program files\iLivid\VLC\http\images\delete_small.png

c:\program files\iLivid\VLC\http\images\eject.png

c:\program files\iLivid\VLC\http\images\empty.png

c:\program files\iLivid\VLC\http\images\fullscreen.png

c:\program files\iLivid\VLC\http\images\help.png

c:\program files\iLivid\VLC\http\images\info.png

c:\program files\iLivid\VLC\http\images\loop.png

c:\program files\iLivid\VLC\http\images\minus.png

c:\program files\iLivid\VLC\http\images\next.png

c:\program files\iLivid\VLC\http\images\pause.png

c:\program files\iLivid\VLC\http\images\play.png

c:\program files\iLivid\VLC\http\images\playlist.png

c:\program files\iLivid\VLC\http\images\playlist_small.png

c:\program files\iLivid\VLC\http\images\plus.png

c:\program files\iLivid\VLC\http\images\prev.png

c:\program files\iLivid\VLC\http\images\refresh.png

c:\program files\iLivid\VLC\http\images\repeat.png

c:\program files\iLivid\VLC\http\images\sd.png

c:\program files\iLivid\VLC\http\images\shuffle.png

c:\program files\iLivid\VLC\http\images\slider_bar.png

c:\program files\iLivid\VLC\http\images\slider_left.png

c:\program files\iLivid\VLC\http\images\slider_point.png

c:\program files\iLivid\VLC\http\images\slider_right.png

c:\program files\iLivid\VLC\http\images\slow.png

c:\program files\iLivid\VLC\http\images\snapshot.png

c:\program files\iLivid\VLC\http\images\sort.png

c:\program files\iLivid\VLC\http\images\sout.png

c:\program files\iLivid\VLC\http\images\speaker.png

c:\program files\iLivid\VLC\http\images\speaker_mute.png

c:\program files\iLivid\VLC\http\images\stop.png

c:\program files\iLivid\VLC\http\images\vlc16x16.png

c:\program files\iLivid\VLC\http\images\volume_down.png

c:\program files\iLivid\VLC\http\images\volume_up.png

c:\program files\iLivid\VLC\http\images\white.png

c:\program files\iLivid\VLC\http\images\white_cross_small.png

c:\program files\iLivid\VLC\http\index.html

c:\program files\iLivid\VLC\http\js\functions.js

c:\program files\iLivid\VLC\http\js\mosaic.js

c:\program files\iLivid\VLC\http\js\vlm.js

c:\program files\iLivid\VLC\http\mosaic.html

c:\program files\iLivid\VLC\http\requests\browse.xml

c:\program files\iLivid\VLC\http\requests\playlist.xml

c:\program files\iLivid\VLC\http\requests\readme.txt

c:\program files\iLivid\VLC\http\requests\status.xml

c:\program files\iLivid\VLC\http\requests\vlm.xml

c:\program files\iLivid\VLC\http\requests\vlm_cmd.xml

c:\program files\iLivid\VLC\http\style.css

c:\program files\iLivid\VLC\http\vlm.html

c:\program files\iLivid\VLC\http\vlm_export.html

c:\program files\iLivid\VLC\languages\bengali.nsh

c:\program files\iLivid\VLC\languages\brazilian_portuguese.nsh

c:\program files\iLivid\VLC\languages\bulgarian.nsh

c:\program files\iLivid\VLC\languages\catalan.nsh

c:\program files\iLivid\VLC\languages\danish.nsh

c:\program files\iLivid\VLC\languages\declaration.nsh

c:\program files\iLivid\VLC\languages\dutch.nsh

c:\program files\iLivid\VLC\languages\english.nsh

c:\program files\iLivid\VLC\languages\estonian.nsh

c:\program files\iLivid\VLC\languages\finnish.nsh

c:\program files\iLivid\VLC\languages\french.nsh

c:\program files\iLivid\VLC\languages\german.nsh

c:\program files\iLivid\VLC\languages\hungarian.nsh

c:\program files\iLivid\VLC\languages\italian.nsh

c:\program files\iLivid\VLC\languages\japanese.nsh

c:\program files\iLivid\VLC\languages\lithuanian.nsh

c:\program files\iLivid\VLC\languages\occitan.nsh

c:\program files\iLivid\VLC\languages\polish.nsh

c:\program files\iLivid\VLC\languages\punjabi.nsh

c:\program files\iLivid\VLC\languages\romanian.nsh

c:\program files\iLivid\VLC\languages\schinese.nsh

c:\program files\iLivid\VLC\languages\slovak.nsh

c:\program files\iLivid\VLC\languages\slovenian.nsh

c:\program files\iLivid\VLC\languages\sorani.nsh

c:\program files\iLivid\VLC\languages\spanish.nsh

c:\program files\iLivid\VLC\libvlc.dll

c:\program files\iLivid\VLC\libvlc.dll.manifest

c:\program files\iLivid\VLC\libvlccore.dll

c:\program files\iLivid\VLC\locale\ach\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\af\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\am\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ar\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ast\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\be\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\bg\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\bn\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\br\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ca\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\cgg\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ckb\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\co\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\cs\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\da\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\de\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\el\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\en_GB\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\es\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\et\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\eu\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\fa\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ff\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\fi\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\fr\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\fur\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ga\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\gl\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\he\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\hi\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\hr\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\hu\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\hy\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\id\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\is\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\it\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ja\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ka\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\kk\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\km\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ko\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\lg\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\lt\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\lv\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\mk\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ml\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\mn\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ms\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\my\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\nb\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ne\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\nl\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\nn\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\oc\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\pa\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\pl\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ps\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\pt_BR\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ro\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ru\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\si\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\sk\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\sl\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\sq\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\sr\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\sv\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\ta\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\tet\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\th\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\tl\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\tr\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\uk\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\vi\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\wa\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\zh_CN\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\locale\zu\LC_MESSAGES\vlc.mo

c:\program files\iLivid\VLC\lua\extensions\allocine-fr.lua

c:\program files\iLivid\VLC\lua\extensions\imdb.lua

c:\program files\iLivid\VLC\lua\extensions\README.txt

c:\program files\iLivid\VLC\lua\http\.hosts

c:\program files\iLivid\VLC\lua\http\custom.lua

c:\program files\iLivid\VLC\lua\http\dialogs\.hosts

c:\program files\iLivid\VLC\lua\http\dialogs\browse

c:\program files\iLivid\VLC\lua\http\dialogs\footer

c:\program files\iLivid\VLC\lua\http\dialogs\input

c:\program files\iLivid\VLC\lua\http\dialogs\main

c:\program files\iLivid\VLC\lua\http\dialogs\mosaic

c:\program files\iLivid\VLC\lua\http\dialogs\playlist

c:\program files\iLivid\VLC\lua\http\dialogs\sout

c:\program files\iLivid\VLC\lua\http\dialogs\vlm

c:\program files\iLivid\VLC\lua\http\favicon.ico

c:\program files\iLivid\VLC\lua\http\flash.html

c:\program files\iLivid\VLC\lua\http\iehacks.css

c:\program files\iLivid\VLC\lua\http\images\delete.png

c:\program files\iLivid\VLC\lua\http\images\delete_small.png

c:\program files\iLivid\VLC\lua\http\images\eject.png

c:\program files\iLivid\VLC\lua\http\images\empty.png

c:\program files\iLivid\VLC\lua\http\images\fullscreen.png

c:\program files\iLivid\VLC\lua\http\images\help.png

c:\program files\iLivid\VLC\lua\http\images\info.png

c:\program files\iLivid\VLC\lua\http\images\loop.png

c:\program files\iLivid\VLC\lua\http\images\minus.png

c:\program files\iLivid\VLC\lua\http\images\next.png

c:\program files\iLivid\VLC\lua\http\images\pause.png

c:\program files\iLivid\VLC\lua\http\images\play.png

c:\program files\iLivid\VLC\lua\http\images\playlist.png

c:\program files\iLivid\VLC\lua\http\images\playlist_small.png

c:\program files\iLivid\VLC\lua\http\images\plus.png

c:\program files\iLivid\VLC\lua\http\images\prev.png

c:\program files\iLivid\VLC\lua\http\images\refresh.png

c:\program files\iLivid\VLC\lua\http\images\repeat.png

c:\program files\iLivid\VLC\lua\http\images\reset.png

c:\program files\iLivid\VLC\lua\http\images\sd.png

c:\program files\iLivid\VLC\lua\http\images\shuffle.png

c:\program files\iLivid\VLC\lua\http\images\slider_bar.png

c:\program files\iLivid\VLC\lua\http\images\slider_left.png

c:\program files\iLivid\VLC\lua\http\images\slider_point.png

c:\program files\iLivid\VLC\lua\http\images\slider_right.png

c:\program files\iLivid\VLC\lua\http\images\slow.png

c:\program files\iLivid\VLC\lua\http\images\snapshot.png

c:\program files\iLivid\VLC\lua\http\images\sort.png

c:\program files\iLivid\VLC\lua\http\images\sout.png

c:\program files\iLivid\VLC\lua\http\images\speaker.png

c:\program files\iLivid\VLC\lua\http\images\speaker_mute.png

c:\program files\iLivid\VLC\lua\http\images\stop.png

c:\program files\iLivid\VLC\lua\http\images\vlc16x16.png

c:\program files\iLivid\VLC\lua\http\images\volume_down.png

c:\program files\iLivid\VLC\lua\http\images\volume_up.png

c:\program files\iLivid\VLC\lua\http\images\white.png

c:\program files\iLivid\VLC\lua\http\images\white_cross_small.png

c:\program files\iLivid\VLC\lua\http\index.html

c:\program files\iLivid\VLC\lua\http\js\functions.js

c:\program files\iLivid\VLC\lua\http\js\mosaic.js

c:\program files\iLivid\VLC\lua\http\js\vlm.js

c:\program files\iLivid\VLC\lua\http\mosaic.html

c:\program files\iLivid\VLC\lua\http\requests\browse.xml

c:\program files\iLivid\VLC\lua\http\requests\playlist.xml

c:\program files\iLivid\VLC\lua\http\requests\readme.txt

c:\program files\iLivid\VLC\lua\http\requests\status.xml

c:\program files\iLivid\VLC\lua\http\requests\vlm.xml

c:\program files\iLivid\VLC\lua\http\requests\vlm_cmd.xml

c:\program files\iLivid\VLC\lua\http\style.css

c:\program files\iLivid\VLC\lua\http\vlm.html

c:\program files\iLivid\VLC\lua\http\vlm_export.html

c:\program files\iLivid\VLC\lua\intf\dummy.lua

c:\program files\iLivid\VLC\lua\intf\dumpmeta.lua

c:\program files\iLivid\VLC\lua\intf\hotkeys.lua

c:\program files\iLivid\VLC\lua\intf\http.lua

c:\program files\iLivid\VLC\lua\intf\luac.lua

c:\program files\iLivid\VLC\lua\intf\modules\common.lua

c:\program files\iLivid\VLC\lua\intf\modules\host.lua

c:\program files\iLivid\VLC\lua\intf\rc.lua

c:\program files\iLivid\VLC\lua\intf\README.txt

c:\program files\iLivid\VLC\lua\intf\telnet.lua

c:\program files\iLivid\VLC\lua\meta\art\01_googleimage.lua

c:\program files\iLivid\VLC\lua\meta\art\02_frenchtv.lua

c:\program files\iLivid\VLC\lua\meta\art\03_lastfm.lua

c:\program files\iLivid\VLC\lua\meta\art\04_musicbrainz.lua

c:\program files\iLivid\VLC\lua\meta\art\README.txt

c:\program files\iLivid\VLC\lua\meta\fetcher\README.txt

c:\program files\iLivid\VLC\lua\meta\fetcher\tvrage.lua

c:\program files\iLivid\VLC\lua\meta\reader\filename.lua

c:\program files\iLivid\VLC\lua\meta\reader\README.txt

c:\program files\iLivid\VLC\lua\modules\sandbox.lua

c:\program files\iLivid\VLC\lua\modules\simplexml.lua

c:\program files\iLivid\VLC\lua\playlist\anevia_streams.lua

c:\program files\iLivid\VLC\lua\playlist\anevia_xml.lua

c:\program files\iLivid\VLC\lua\playlist\appletrailers.lua

c:\program files\iLivid\VLC\lua\playlist\bbc_co_uk.lua

c:\program files\iLivid\VLC\lua\playlist\break.lua

c:\program files\iLivid\VLC\lua\playlist\canalplus.lua

c:\program files\iLivid\VLC\lua\playlist\cue.lua

c:\program files\iLivid\VLC\lua\playlist\dailymotion.lua

c:\program files\iLivid\VLC\lua\playlist\france2.lua

c:\program files\iLivid\VLC\lua\playlist\googlevideo.lua

c:\program files\iLivid\VLC\lua\playlist\jamendo.lua

c:\program files\iLivid\VLC\lua\playlist\joox.lua

c:\program files\iLivid\VLC\lua\playlist\katsomo.lua

c:\program files\iLivid\VLC\lua\playlist\koreus.lua

c:\program files\iLivid\VLC\lua\playlist\lelombrik.lua

c:\program files\iLivid\VLC\lua\playlist\megavideo.lua

c:\program files\iLivid\VLC\lua\playlist\metacafe.lua

c:\program files\iLivid\VLC\lua\playlist\metachannels.lua

c:\program files\iLivid\VLC\lua\playlist\mpora.lua

c:\program files\iLivid\VLC\lua\playlist\pinkbike.lua

c:\program files\iLivid\VLC\lua\playlist\README.txt

c:\program files\iLivid\VLC\lua\playlist\rockbox_fm_presets.lua

c:\program files\iLivid\VLC\lua\playlist\vimeo.lua

c:\program files\iLivid\VLC\lua\playlist\youtube.lua

c:\program files\iLivid\VLC\lua\playlist\youtube_homepage.lua

c:\program files\iLivid\VLC\lua\README.txt

c:\program files\iLivid\VLC\lua\sd\fmc.lua

c:\program files\iLivid\VLC\lua\sd\freebox.lua

c:\program files\iLivid\VLC\lua\sd\icecast.lua

c:\program files\iLivid\VLC\lua\sd\jamendo.lua

c:\program files\iLivid\VLC\lua\sd\metachannels.lua

c:\program files\iLivid\VLC\lua\sd\README.txt

c:\program files\iLivid\VLC\mozilla\npvlc.dll

c:\program files\iLivid\VLC\mozilla\npvlc.dll.manifest

c:\program files\iLivid\VLC\NEWS.txt

c:\program files\iLivid\VLC\NSIS\UAC.dll

c:\program files\iLivid\VLC\NSIS\UAC.nsh

c:\program files\iLivid\VLC\osdmenu\default.cfg

c:\program files\iLivid\VLC\osdmenu\default\selected\bw.png

c:\program files\iLivid\VLC\osdmenu\default\selected\esc.png

c:\program files\iLivid\VLC\osdmenu\default\selected\fw.png

c:\program files\iLivid\VLC\osdmenu\default\selected\next.png

c:\program files\iLivid\VLC\osdmenu\default\selected\play_pause.png

c:\program files\iLivid\VLC\osdmenu\default\selected\previous.png

c:\program files\iLivid\VLC\osdmenu\default\selected\stop.png

c:\program files\iLivid\VLC\osdmenu\default\selected\volume.png

c:\program files\iLivid\VLC\osdmenu\default\selection\bw.png

c:\program files\iLivid\VLC\osdmenu\default\selection\esc.png

c:\program files\iLivid\VLC\osdmenu\default\selection\fw.png

c:\program files\iLivid\VLC\osdmenu\default\selection\next.png

c:\program files\iLivid\VLC\osdmenu\default\selection\play_pause.png

c:\program files\iLivid\VLC\osdmenu\default\selection\previous.png

c:\program files\iLivid\VLC\osdmenu\default\selection\stop.png

c:\program files\iLivid\VLC\osdmenu\default\selection\volume.png

c:\program files\iLivid\VLC\osdmenu\default\unselected.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_00.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_01.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_02.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_03.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_04.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_05.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_06.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_07.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_08.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_09.png

c:\program files\iLivid\VLC\osdmenu\default\volume\volume_10.png

c:\program files\iLivid\VLC\plugins\liba52_plugin.dll

c:\program files\iLivid\VLC\plugins\liba52tofloat32_plugin.dll

c:\program files\iLivid\VLC\plugins\liba52tospdif_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_attachment_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_bd_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_fake_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_ftp_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_http_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_imem_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_mms_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_output_dummy_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_output_file_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_output_http_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_output_shout_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_output_udp_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_realrtsp_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_smb_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_tcp_plugin.dll

c:\program files\iLivid\VLC\plugins\libaccess_udp_plugin.dll

c:\program files\iLivid\VLC\plugins\libadjust_plugin.dll

c:\program files\iLivid\VLC\plugins\libadpcm_plugin.dll

c:\program files\iLivid\VLC\plugins\libaes3_plugin.dll

c:\program files\iLivid\VLC\plugins\libaiff_plugin.dll

c:\program files\iLivid\VLC\plugins\libalphamask_plugin.dll

c:\program files\iLivid\VLC\plugins\libaout_directx_plugin.dll

c:\program files\iLivid\VLC\plugins\libaout_file_plugin.dll

c:\program files\iLivid\VLC\plugins\libaout_sdl_plugin.dll

c:\program files\iLivid\VLC\plugins\libaraw_plugin.dll

c:\program files\iLivid\VLC\plugins\libasf_plugin.dll

c:\program files\iLivid\VLC\plugins\libatmo_plugin.dll

c:\program files\iLivid\VLC\plugins\libau_plugin.dll

c:\program files\iLivid\VLC\plugins\libaudio_format_plugin.dll

c:\program files\iLivid\VLC\plugins\libaudiobargraph_a_plugin.dll

c:\program files\iLivid\VLC\plugins\libaudiobargraph_v_plugin.dll

c:\program files\iLivid\VLC\plugins\libaudioscrobbler_plugin.dll

c:\program files\iLivid\VLC\plugins\libavcodec_plugin.dll

c:\program files\iLivid\VLC\plugins\libavi_plugin.dll

c:\program files\iLivid\VLC\plugins\libball_plugin.dll

c:\program files\iLivid\VLC\plugins\libbda_plugin.dll

c:\program files\iLivid\VLC\plugins\libblend_plugin.dll

c:\program files\iLivid\VLC\plugins\libblendbench_plugin.dll

c:\program files\iLivid\VLC\plugins\libbluescreen_plugin.dll

c:\program files\iLivid\VLC\plugins\libcaca_plugin.dll

c:\program files\iLivid\VLC\plugins\libcanvas_plugin.dll

c:\program files\iLivid\VLC\plugins\libcc_plugin.dll

c:\program files\iLivid\VLC\plugins\libcdda_plugin.dll

c:\program files\iLivid\VLC\plugins\libcdg_plugin.dll

c:\program files\iLivid\VLC\plugins\libchain_plugin.dll

c:\program files\iLivid\VLC\plugins\libchorus_flanger_plugin.dll

c:\program files\iLivid\VLC\plugins\libclone_plugin.dll

c:\program files\iLivid\VLC\plugins\libcolorthres_plugin.dll

c:\program files\iLivid\VLC\plugins\libconverter_fixed_plugin.dll

c:\program files\iLivid\VLC\plugins\libcrop_plugin.dll

c:\program files\iLivid\VLC\plugins\libcroppadd_plugin.dll

c:\program files\iLivid\VLC\plugins\libcvdsub_plugin.dll

c:\program files\iLivid\VLC\plugins\libdeinterlace_plugin.dll

c:\program files\iLivid\VLC\plugins\libdemux_cdg_plugin.dll

c:\program files\iLivid\VLC\plugins\libdemuxdump_plugin.dll

c:\program files\iLivid\VLC\plugins\libdirac_plugin.dll

c:\program files\iLivid\VLC\plugins\libdirect3d_plugin.dll

c:\program files\iLivid\VLC\plugins\libdirectx_plugin.dll

c:\program files\iLivid\VLC\plugins\libdmo_plugin.dll

c:\program files\iLivid\VLC\plugins\libdolby_surround_decoder_plugin.dll

c:\program files\iLivid\VLC\plugins\libdrawable_plugin.dll

c:\program files\iLivid\VLC\plugins\libdshow_plugin.dll

c:\program files\iLivid\VLC\plugins\libdts_plugin.dll

c:\program files\iLivid\VLC\plugins\libdtstofloat32_plugin.dll

c:\program files\iLivid\VLC\plugins\libdtstospdif_plugin.dll

c:\program files\iLivid\VLC\plugins\libdummy_plugin.dll

c:\program files\iLivid\VLC\plugins\libdvbsub_plugin.dll

c:\program files\iLivid\VLC\plugins\libdvdnav_plugin.dll

c:\program files\iLivid\VLC\plugins\libdvdread_plugin.dll

c:\program files\iLivid\VLC\plugins\libequalizer_plugin.dll

c:\program files\iLivid\VLC\plugins\liberase_plugin.dll

c:\program files\iLivid\VLC\plugins\libes_plugin.dll

c:\program files\iLivid\VLC\plugins\libexport_plugin.dll

c:\program files\iLivid\VLC\plugins\libextract_plugin.dll

c:\program files\iLivid\VLC\plugins\libfaad_plugin.dll

c:\program files\iLivid\VLC\plugins\libfake_plugin.dll

c:\program files\iLivid\VLC\plugins\libfilesystem_plugin.dll

c:\program files\iLivid\VLC\plugins\libflac_plugin.dll

c:\program files\iLivid\VLC\plugins\libflacsys_plugin.dll

c:\program files\iLivid\VLC\plugins\libfloat32_mixer_plugin.dll

c:\program files\iLivid\VLC\plugins\libfluidsynth_plugin.dll

c:\program files\iLivid\VLC\plugins\libfolder_plugin.dll

c:\program files\iLivid\VLC\plugins\libfreetype_plugin.dll

c:\program files\iLivid\VLC\plugins\libgaussianblur_plugin.dll

c:\program files\iLivid\VLC\plugins\libgestures_plugin.dll

c:\program files\iLivid\VLC\plugins\libglobalhotkeys_plugin.dll

c:\program files\iLivid\VLC\plugins\libglwin32_plugin.dll

c:\program files\iLivid\VLC\plugins\libgme_plugin.dll

c:\program files\iLivid\VLC\plugins\libgnutls_plugin.dll

c:\program files\iLivid\VLC\plugins\libgoom_plugin.dll

c:\program files\iLivid\VLC\plugins\libgradient_plugin.dll

c:\program files\iLivid\VLC\plugins\libgrain_plugin.dll

c:\program files\iLivid\VLC\plugins\libgrey_yuv_plugin.dll

c:\program files\iLivid\VLC\plugins\libh264_plugin.dll

c:\program files\iLivid\VLC\plugins\libheadphone_channel_mixer_plugin.dll

c:\program files\iLivid\VLC\plugins\libhotkeys_plugin.dll

c:\program files\iLivid\VLC\plugins\libi420_rgb_mmx_plugin.dll

c:\program files\iLivid\VLC\plugins\libi420_rgb_plugin.dll

c:\program files\iLivid\VLC\plugins\libi420_rgb_sse2_plugin.dll

c:\program files\iLivid\VLC\plugins\libi420_yuy2_mmx_plugin.dll

c:\program files\iLivid\VLC\plugins\libi420_yuy2_plugin.dll

c:\program files\iLivid\VLC\plugins\libi420_yuy2_sse2_plugin.dll

c:\program files\iLivid\VLC\plugins\libi422_i420_plugin.dll

c:\program files\iLivid\VLC\plugins\libi422_yuy2_mmx_plugin.dll

c:\program files\iLivid\VLC\plugins\libi422_yuy2_plugin.dll

c:\program files\iLivid\VLC\plugins\libi422_yuy2_sse2_plugin.dll

c:\program files\iLivid\VLC\plugins\libinvert_plugin.dll

c:\program files\iLivid\VLC\plugins\libinvmem_plugin.dll

c:\program files\iLivid\VLC\plugins\libkate_plugin.dll

c:\program files\iLivid\VLC\plugins\liblibass_plugin.dll

c:\program files\iLivid\VLC\plugins\liblibmpeg2_plugin.dll

c:\program files\iLivid\VLC\plugins\liblive555_plugin.dll

c:\program files\iLivid\VLC\plugins\liblogger_plugin.dll

c:\program files\iLivid\VLC\plugins\liblogo_plugin.dll

c:\program files\iLivid\VLC\plugins\liblpcm_plugin.dll

c:\program files\iLivid\VLC\plugins\liblua_plugin.dll

c:\program files\iLivid\VLC\plugins\libmagnify_plugin.dll

c:\program files\iLivid\VLC\plugins\libmarq_plugin.dll

c:\program files\iLivid\VLC\plugins\libmediadirs_plugin.dll

c:\program files\iLivid\VLC\plugins\libmemcpy3dn_plugin.dll

c:\program files\iLivid\VLC\plugins\libmemcpymmx_plugin.dll

c:\program files\iLivid\VLC\plugins\libmemcpymmxext_plugin.dll

c:\program files\iLivid\VLC\plugins\libmirror_plugin.dll

c:\program files\iLivid\VLC\plugins\libmjpeg_plugin.dll

c:\program files\iLivid\VLC\plugins\libmkv_plugin.dll

c:\program files\iLivid\VLC\plugins\libmod_plugin.dll

c:\program files\iLivid\VLC\plugins\libmono_plugin.dll

c:\program files\iLivid\VLC\plugins\libmosaic_plugin.dll

c:\program files\iLivid\VLC\plugins\libmotionblur_plugin.dll

c:\program files\iLivid\VLC\plugins\libmotiondetect_plugin.dll

c:\program files\iLivid\VLC\plugins\libmp4_plugin.dll

c:\program files\iLivid\VLC\plugins\libmpc_plugin.dll

c:\program files\iLivid\VLC\plugins\libmpeg_audio_plugin.dll

c:\program files\iLivid\VLC\plugins\libmpgatofixed32_plugin.dll

c:\program files\iLivid\VLC\plugins\libmpgv_plugin.dll

c:\program files\iLivid\VLC\plugins\libmsn_plugin.dll

c:\program files\iLivid\VLC\plugins\libmux_asf_plugin.dll

c:\program files\iLivid\VLC\plugins\libmux_avi_plugin.dll

c:\program files\iLivid\VLC\plugins\libmux_dummy_plugin.dll

c:\program files\iLivid\VLC\plugins\libmux_mp4_plugin.dll

c:\program files\iLivid\VLC\plugins\libmux_mpjpeg_plugin.dll

c:\program files\iLivid\VLC\plugins\libmux_ogg_plugin.dll

c:\program files\iLivid\VLC\plugins\libmux_ps_plugin.dll

c:\program files\iLivid\VLC\plugins\libmux_ts_plugin.dll

c:\program files\iLivid\VLC\plugins\libmux_wav_plugin.dll

c:\program files\iLivid\VLC\plugins\libnetsync_plugin.dll

c:\program files\iLivid\VLC\plugins\libnoise_plugin.dll

c:\program files\iLivid\VLC\plugins\libnormvol_plugin.dll

c:\program files\iLivid\VLC\plugins\libnsc_plugin.dll

c:\program files\iLivid\VLC\plugins\libnsv_plugin.dll

c:\program files\iLivid\VLC\plugins\libntservice_plugin.dll

c:\program files\iLivid\VLC\plugins\libnuv_plugin.dll

c:\program files\iLivid\VLC\plugins\libogg_plugin.dll

c:\program files\iLivid\VLC\plugins\liboldhttp_plugin.dll

c:\program files\iLivid\VLC\plugins\liboldrc_plugin.dll

c:\program files\iLivid\VLC\plugins\liboldtelnet_plugin.dll

c:\program files\iLivid\VLC\plugins\libosd_parser_plugin.dll

c:\program files\iLivid\VLC\plugins\libosdmenu_plugin.dll

c:\program files\iLivid\VLC\plugins\libpacketizer_copy_plugin.dll

c:\program files\iLivid\VLC\plugins\libpacketizer_dirac_plugin.dll

c:\program files\iLivid\VLC\plugins\libpacketizer_flac_plugin.dll

c:\program files\iLivid\VLC\plugins\libpacketizer_h264_plugin.dll

c:\program files\iLivid\VLC\plugins\libpacketizer_mlp_plugin.dll

c:\program files\iLivid\VLC\plugins\libpacketizer_mpeg4audio_plugin.dll

c:\program files\iLivid\VLC\plugins\libpacketizer_mpeg4video_plugin.dll

c:\program files\iLivid\VLC\plugins\libpacketizer_mpegvideo_plugin.dll

c:\program files\iLivid\VLC\plugins\libpacketizer_vc1_plugin.dll

c:\program files\iLivid\VLC\plugins\libpanoramix_plugin.dll

c:\program files\iLivid\VLC\plugins\libparam_eq_plugin.dll

c:\program files\iLivid\VLC\plugins\libplaylist_plugin.dll

c:\program files\iLivid\VLC\plugins\libpng_plugin.dll

c:\program files\iLivid\VLC\plugins\libpodcast_plugin.dll

c:\program files\iLivid\VLC\plugins\libportaudio_plugin.dll

c:\program files\iLivid\VLC\plugins\libpostproc_plugin.dll

c:\program files\iLivid\VLC\plugins\libprojectm_plugin.dll

c:\program files\iLivid\VLC\plugins\libps_plugin.dll

c:\program files\iLivid\VLC\plugins\libpsychedelic_plugin.dll

c:\program files\iLivid\VLC\plugins\libpuzzle_plugin.dll

c:\program files\iLivid\VLC\plugins\libpva_plugin.dll

c:\program files\iLivid\VLC\plugins\libqt4_plugin.dll

c:\program files\iLivid\VLC\plugins\libquicktime_plugin.dll

c:\program files\iLivid\VLC\plugins\librawaud_plugin.dll

c:\program files\iLivid\VLC\plugins\librawdv_plugin.dll

c:\program files\iLivid\VLC\plugins\librawvid_plugin.dll

c:\program files\iLivid\VLC\plugins\librawvideo_plugin.dll

c:\program files\iLivid\VLC\plugins\libreal_plugin.dll

c:\program files\iLivid\VLC\plugins\librealvideo_plugin.dll

c:\program files\iLivid\VLC\plugins\libremoteosd_plugin.dll

c:\program files\iLivid\VLC\plugins\libripple_plugin.dll

c:\program files\iLivid\VLC\plugins\librotate_plugin.dll

c:\program files\iLivid\VLC\plugins\librss_plugin.dll

c:\program files\iLivid\VLC\plugins\librtp_plugin.dll

c:\program files\iLivid\VLC\plugins\librv32_plugin.dll

c:\program files\iLivid\VLC\plugins\libsap_plugin.dll

c:\program files\iLivid\VLC\plugins\libscale_plugin.dll

c:\program files\iLivid\VLC\plugins\libscaletempo_plugin.dll

c:\program files\iLivid\VLC\plugins\libscene_plugin.dll

c:\program files\iLivid\VLC\plugins\libschroedinger_plugin.dll

c:\program files\iLivid\VLC\plugins\libscreen_plugin.dll

c:\program files\iLivid\VLC\plugins\libsdl_image_plugin.dll

c:\program files\iLivid\VLC\plugins\libsharpen_plugin.dll

c:\program files\iLivid\VLC\plugins\libsimple_channel_mixer_plugin.dll

c:\program files\iLivid\VLC\plugins\libskins2_plugin.dll

c:\program files\iLivid\VLC\plugins\libsmf_plugin.dll

c:\program files\iLivid\VLC\plugins\libspatializer_plugin.dll

c:\program files\iLivid\VLC\plugins\libspdif_mixer_plugin.dll

c:\program files\iLivid\VLC\plugins\libspeex_plugin.dll

c:\program files\iLivid\VLC\plugins\libspudec_plugin.dll

c:\program files\iLivid\VLC\plugins\libstats_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_filter_rar_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_filter_record_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_autodel_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_bridge_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_description_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_display_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_dummy_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_duplicate_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_es_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_gather_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_mosaic_bridge_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_raop_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_record_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_rtp_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_smem_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_standard_plugin.dll

c:\program files\iLivid\VLC\plugins\libstream_out_transcode_plugin.dll

c:\program files\iLivid\VLC\plugins\libsubsdec_plugin.dll

c:\program files\iLivid\VLC\plugins\libsubsusf_plugin.dll

c:\program files\iLivid\VLC\plugins\libsubtitle_plugin.dll

c:\program files\iLivid\VLC\plugins\libsvcdsub_plugin.dll

c:\program files\iLivid\VLC\plugins\libswscale_plugin.dll

c:\program files\iLivid\VLC\plugins\libt140_plugin.dll

c:\program files\iLivid\VLC\plugins\libtaglib_plugin.dll

c:\program files\iLivid\VLC\plugins\libtheora_plugin.dll

c:\program files\iLivid\VLC\plugins\libtransform_plugin.dll

c:\program files\iLivid\VLC\plugins\libtrivial_channel_mixer_plugin.dll

c:\program files\iLivid\VLC\plugins\libtrivial_mixer_plugin.dll

c:\program files\iLivid\VLC\plugins\libts_plugin.dll

c:\program files\iLivid\VLC\plugins\libtta_plugin.dll

c:\program files\iLivid\VLC\plugins\libtwolame_plugin.dll

c:\program files\iLivid\VLC\plugins\libty_plugin.dll

c:\program files\iLivid\VLC\plugins\libugly_resampler_plugin.dll

c:\program files\iLivid\VLC\plugins\libvc1_plugin.dll

c:\program files\iLivid\VLC\plugins\libvcd_plugin.dll

c:\program files\iLivid\VLC\plugins\libvideo_filter_wrapper_plugin.dll

c:\program files\iLivid\VLC\plugins\libvisual_plugin.dll

c:\program files\iLivid\VLC\plugins\libvmem_plugin.dll

c:\program files\iLivid\VLC\plugins\libvobsub_plugin.dll

c:\program files\iLivid\VLC\plugins\libvoc_plugin.dll

c:\program files\iLivid\VLC\plugins\libvod_rtsp_plugin.dll

c:\program files\iLivid\VLC\plugins\libvorbis_plugin.dll

c:\program files\iLivid\VLC\plugins\libvout_sdl_plugin.dll

c:\program files\iLivid\VLC\plugins\libvout_wrapper_plugin.dll

c:\program files\iLivid\VLC\plugins\libwall_plugin.dll

c:\program files\iLivid\VLC\plugins\libwav_plugin.dll

c:\program files\iLivid\VLC\plugins\libwave_plugin.dll

c:\program files\iLivid\VLC\plugins\libwaveout_plugin.dll

c:\program files\iLivid\VLC\plugins\libwingdi_plugin.dll

c:\program files\iLivid\VLC\plugins\libx264_plugin.dll

c:\program files\iLivid\VLC\plugins\libxa_plugin.dll

c:\program files\iLivid\VLC\plugins\libxml_plugin.dll

c:\program files\iLivid\VLC\plugins\libxtag_plugin.dll

c:\program files\iLivid\VLC\plugins\libyuv_plugin.dll

c:\program files\iLivid\VLC\plugins\libyuvp_plugin.dll

c:\program files\iLivid\VLC\plugins\libyuy2_i420_plugin.dll

c:\program files\iLivid\VLC\plugins\libyuy2_i422_plugin.dll

c:\program files\iLivid\VLC\plugins\libzip_plugin.dll

c:\program files\iLivid\VLC\plugins\libzvbi_plugin.dll

c:\program files\iLivid\VLC\plugins\plugins-04041e-3e8.dat

c:\program files\iLivid\VLC\README.txt

c:\program files\iLivid\VLC\sdk\include\vlc\deprecated.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_events.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media_discoverer.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media_library.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media_list.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media_list_player.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_media_player.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_structures.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_version.h

c:\program files\iLivid\VLC\sdk\include\vlc\libvlc_vlm.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_access.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_acl.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_aout.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_aout_mixer.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_arrays.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_art_finder.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_avcodec.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_bits.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_block.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_block_helper.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_charset.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_codec.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_common.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_config.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_config_cat.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_configuration.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_cpu.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_demux.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_dialog.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_epg.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_es.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_es_out.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_events.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_filter.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_fourcc.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_fs.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_gcrypt.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_http.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_httpd.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_image.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_inhibit.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_input.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_input_item.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_main.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_md5.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_messages.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_meta.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_modules.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_mouse.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_mtime.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_objects.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_picture.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_picture_fifo.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_picture_pool.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_playlist.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_plugin.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_probe.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_rand.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_services_discovery.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_sout.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_sql.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_stream.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_strings.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_subpicture.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_threads.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_url.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_variables.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_video_splitter.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_vlm.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_vout.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_vout_display.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_vout_opengl.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_vout_window.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_xlib.h

c:\program files\iLivid\VLC\sdk\include\vlc\plugins\vlc_xml.h

c:\program files\iLivid\VLC\sdk\include\vlc\vlc.h

c:\program files\iLivid\VLC\sdk\lib\libvlc.dll.a

c:\program files\iLivid\VLC\sdk\lib\libvlc.la

c:\program files\iLivid\VLC\sdk\lib\libvlccore.dll.a

c:\program files\iLivid\VLC\sdk\lib\libvlccore.la

c:\program files\iLivid\VLC\sdk\lib\pkgconfig\libvlc.pc

c:\program files\iLivid\VLC\sdk\lib\pkgconfig\vlc-plugin.pc

c:\program files\iLivid\VLC\skins\default.vlt

c:\program files\iLivid\VLC\skins\fonts\FreeSans.ttf

c:\program files\iLivid\VLC\skins\fonts\FreeSansBold.ttf

c:\program files\iLivid\VLC\skins\skin.catalog

c:\program files\iLivid\VLC\skins\skin.dtd

c:\program files\iLivid\VLC\spad.nsi

c:\program files\iLivid\VLC\THANKS.txt

c:\program files\iLivid\VLC\vlc-cache-gen.exe

c:\program files\iLivid\VLC\vlc.exe

c:\program files\iLivid\VLC\vlc.exe.manifest

c:\program files\iLivid\VLC\vlc.ico

c:\program files\iLivid\VLC\vlc.win32.nsi

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_RXR1Z_.SYS

-------\Service_rxr1z_.sys

-------\Service_xcpip

-------\Service_xpsec

.

((((((((((((((((((((((((( Files Created from 2012-07-08 to 2012-08-08 )))))))))))))))))))))))))))))))