"Detected presence of rootkit activity and must reboot the computer"
After reboot came the usual scan in 50 stages.
Combofix log
ComboFix 10-04-27.04 - Per 2010-04-28 16:06:23.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3197.2814 [GMT 2:00]
Running from: c:\documents and settings\Per\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *On-access scanning disabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: Sygate Personal Firewall *enabled* {BE898FE3-CD0B-4014-85A9-03DB9923DDB6}
* Resident AV is active
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\look.bat
.
((((((((((((((((((((((((( Files Created from 2010-03-28 to 2010-04-28 )))))))))))))))))))))))))))))))
.
2010-04-28 12:29 . 2010-02-26 15:26 220024 ----a-w- c:\windows\sigcheck.exe
2010-04-28 12:24 . 2010-04-28 14:26 -------- d-----w- c:\windows\maxdriver
2010-04-27 15:21 . 2010-04-27 15:21 -------- d-----w- c:\documents and settings\Per\Local Settings\Application Data\ESET
2010-04-26 16:41 . 2010-04-26 16:41 -------- d-----w- c:\temp\SamsungUniversalPrintDriver
2010-04-26 16:39 . 2010-04-26 16:41 -------- d-----w- c:\program files\SAMSUNG
2010-04-26 16:39 . 2010-04-26 16:39 -------- d-----w- c:\temp\ML-1710
2010-04-26 16:29 . 2008-04-13 17:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
2010-04-26 16:29 . 2008-04-13 17:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2010-04-25 16:00 . 2010-04-25 16:00 -------- d-----w- c:\program files\Defraggler
2010-04-25 11:25 . 2008-01-09 10:28 27632 ----a-w- c:\windows\system32\drivers\seehcri.sys
2010-04-24 09:55 . 2010-04-24 09:55 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA Corporation
2010-04-24 09:55 . 2010-04-24 09:55 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-24 09:21 . 2010-04-24 09:21 -------- d-----w- c:\documents and settings\Per\Application Data\Foxit
2010-04-24 09:21 . 2010-04-24 09:21 -------- d-----w- c:\program files\Foxit Software
2010-04-24 09:12 . 2010-04-24 09:12 -------- d-----w- c:\documents and settings\Per\Application Data\JAM Software
2010-04-24 09:09 . 2010-04-24 09:09 -------- d-----w- c:\program files\JAM Software
2010-04-24 09:08 . 2010-04-24 09:09 -------- d-----w- c:\program files\ImgBurn
2010-04-24 09:08 . 2009-05-13 16:51 19968 ----a-w- c:\windows\system32\drivers\imdisk.sys
2010-04-24 09:08 . 2009-02-09 13:16 9216 ----a-w- c:\windows\system32\drivers\awealloc.sys
2010-04-24 09:08 . 2009-05-13 16:51 10240 ----a-w- c:\windows\system32\imdsksvc.exe
2010-04-24 09:08 . 2009-05-13 16:51 35840 ----a-w- c:\windows\system32\imdisk.exe
2010-04-24 06:43 . 2010-04-24 06:43 -------- d-----w- c:\documents and settings\Per\DoctorWeb
2010-04-24 00:37 . 2004-10-15 16:32 14568 ----a-w- c:\windows\system32\drivers\wg3n.sys
2010-04-24 00:37 . 2004-10-15 16:17 60496 ----a-w- c:\windows\system32\drivers\Teefer.sys
2010-04-24 00:37 . 2004-10-15 16:18 21075 ----a-w- c:\windows\system32\drivers\wpsdrvnt.sys
2010-04-24 00:37 . 2004-10-15 16:32 83096 ----a-w- c:\windows\system32\SSSensor.dll
2010-04-24 00:37 . 2010-04-24 00:37 -------- d-----w- c:\program files\Sygate
2010-04-23 23:51 . 2010-02-25 06:24 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-04-23 23:51 . 2010-02-25 06:24 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-04-23 23:51 . 2010-02-16 04:50 64000 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-04-23 23:49 . 2010-04-23 23:50 -------- dc-h--w- c:\windows\ie8
2010-04-23 23:47 . 2010-04-23 23:47 -------- d-----w- c:\program files\Trend Micro
2010-04-23 23:41 . 2008-04-14 00:12 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-04-23 23:38 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-04-23 23:38 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-23 23:37 . 2009-10-15 16:28 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-04-23 23:37 . 2009-10-15 16:28 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-04-23 23:37 . 2009-11-21 15:51 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-04-23 23:35 . 2009-06-21 21:44 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-04-23 23:34 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll
2010-04-23 23:08 . 2010-04-28 13:10 -------- d-----w- c:\documents and settings\Per\Local Settings\Application Data\Spotify
2010-04-23 23:08 . 2010-04-28 12:55 -------- d-----w- c:\documents and settings\Per\Application Data\Spotify
2010-04-23 22:35 . 2010-04-23 22:35 -------- d-----w- c:\program files\Common Files\Java
2010-04-23 22:35 . 2010-04-23 22:35 503808 ----a-w- c:\documents and settings\Per\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6774b8ce-n\msvcp71.dll
2010-04-23 22:35 . 2010-04-23 22:35 499712 ----a-w- c:\documents and settings\Per\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6774b8ce-n\jmc.dll
2010-04-23 22:35 . 2010-04-23 22:35 348160 ----a-w- c:\documents and settings\Per\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-6774b8ce-n\msvcr71.dll
2010-04-23 22:35 . 2010-04-23 22:35 61440 ----a-w- c:\documents and settings\Per\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-45960d9c-n\decora-sse.dll
2010-04-23 22:35 . 2010-04-23 22:35 12800 ----a-w- c:\documents and settings\Per\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-45960d9c-n\decora-d3d.dll
2010-04-23 22:35 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-04-23 20:53 . 2009-02-07 05:43 24576 ----a-w- c:\documents and settings\Per\Application Data\Mozilla\Firefox\Profiles\9l23s4zn.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}\platform\WINNT\components\ColorZilla.dll
2010-04-23 20:53 . 2009-05-17 17:56 11776 ----a-w- c:\documents and settings\Per\Application Data\Mozilla\Firefox\Profiles\9l23s4zn.default\extensions\{FFA36170-80B1-4535-B0E3-A4569E497DD0}\platform\WINNT_x86-msvc\components\mgMouseService.dll
2010-04-23 19:33 . 2010-04-23 19:33 -------- d-----w- c:\program files\MAPILab Ltd
2010-04-23 19:32 . 2010-04-23 19:32 -------- d-----w- c:\windows\Downloaded Installations
2010-04-23 19:15 . 2010-04-23 19:15 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET
2010-04-03 20:55 . 2010-04-03 20:55 61440 ----a-w- c:\windows\system32\OpenCL.dll
2010-04-03 20:55 . 2010-04-03 20:55 4075520 ----a-w- c:\windows\system32\nvcuda.dll
2010-04-03 20:55 . 2010-04-03 20:55 2646632 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-04-03 20:55 . 2010-04-03 20:55 2183470 ----a-w- c:\windows\system32\nvdata.bin
2010-04-03 20:55 . 2010-04-03 20:55 2030184 ----a-w- c:\windows\system32\nvcuvid.dll
2010-04-03 20:55 . 2010-04-03 20:55 11647592 ----a-w- c:\windows\system32\nvcompiler.dll
2010-04-03 17:23 . 2010-04-03 17:23 278120 ----a-w- c:\windows\system32\nvmccs.dll
2010-04-03 17:23 . 2010-04-03 17:23 154216 ----a-w- c:\windows\system32\nvsvc32.exe
2010-04-03 17:23 . 2010-04-03 17:23 145000 ----a-w- c:\windows\system32\nvcolor.exe
2010-04-03 17:23 . 2010-04-03 17:23 13670504 ----a-w- c:\windows\system32\nvcpl.dll
2010-04-03 17:23 . 2010-04-03 17:23 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-04-03 17:22 . 2010-04-03 17:22 81920 ----a-w- c:\windows\system32\nvwddi.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-25 11:50 . 2009-04-19 08:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2010-04-25 11:24 . 2009-04-19 08:58 -------- d-----w- c:\program files\Sony Ericsson
2010-04-25 11:24 . 2009-03-13 21:21 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-25 11:23 . 2009-04-19 08:59 -------- d-----w- c:\program files\Avanquest update
2010-04-24 15:54 . 2009-04-22 19:18 -------- d-----w- c:\program files\Axis Communications
2010-04-24 09:59 . 2009-03-15 09:12 -------- d-----w- c:\program files\ESET
2010-04-24 08:43 . 2009-04-04 20:49 -------- d-----w- c:\documents and settings\Per\Application Data\Audacity
2010-04-23 23:31 . 2009-03-13 21:28 64752 ----a-w- c:\documents and settings\Per\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-04-23 22:54 . 2009-04-10 21:54 -------- d-----w- c:\program files\SpeedFan
2010-04-23 22:41 . 2009-04-04 06:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-23 22:35 . 2009-04-08 16:54 -------- d-----w- c:\program files\Java
2010-04-23 20:28 . 2009-05-23 12:59 5918775 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-04-03 20:55 . 2009-03-14 05:16 600680 ----a-w- c:\windows\system32\NVUNINST.EXE
2010-04-03 20:55 . 2009-03-13 21:20 600680 ----a-w- c:\windows\system32\nvudisp.exe
2010-04-03 20:55 . 2007-10-04 08:14 6432128 ----a-w- c:\windows\system32\nv4_disp.dll
2010-04-03 20:55 . 2007-10-04 08:14 227944 ----a-w- c:\windows\system32\nvcodins.dll
2010-04-03 20:55 . 2007-10-04 08:14 227944 ----a-w- c:\windows\system32\nvcod.dll
2010-04-03 20:55 . 2007-10-04 08:14 14757888 ----a-w- c:\windows\system32\nvoglnt.dll
2010-04-03 20:55 . 2007-10-04 08:14 1097728 ----a-w- c:\windows\system32\nvapi.dll
2010-04-03 20:55 . 2007-10-04 08:14 10232128 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2010-03-29 22:46 . 2009-04-04 06:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-03-29 22:45 . 2009-04-04 06:46 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-03-25 07:49 . 2010-04-26 16:42 282624 ----a-w- c:\windows\system32\DscPnt.dll
2010-03-16 15:01 . 2010-04-26 16:42 141680 ----a-w- c:\windows\system32\SUPDSvcA.dll
2010-03-16 15:01 . 2010-04-26 16:42 132464 ----a-w- c:\windows\system32\SUPDSvc.exe
2010-03-16 15:00 . 2010-04-26 16:42 260464 ----a-w- c:\windows\SUPDRun.exe
2010-03-11 12:38 . 2010-03-11 12:38 78336 ------w- c:\windows\system32\ieencode.dll
2010-03-10 06:15 . 2007-07-27 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-09 11:34 . 2010-04-26 16:42 157552 ----a-w- c:\windows\system32\spd__ci.exe
2010-02-25 06:24 . 2007-07-27 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2007-07-27 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 14:08 . 2007-07-27 12:00 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2004-08-03 22:59 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2007-07-27 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2007-07-27 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
.
((((((((((((((((((((((((((((( SnapShot@2010-04-27_15.25.26 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-04-28 14:06 . 2010-04-28 14:06 16384 c:\windows\Temp\Perflib_Perfdata_55c.dat
+ 2007-07-27 12:00 . 2010-04-28 14:00 72108 c:\windows\system32\perfc009.dat
- 2007-07-27 12:00 . 2010-04-27 15:17 72108 c:\windows\system32\perfc009.dat
+ 2006-09-28 18:00 . 2006-09-28 18:00 82944 c:\windows\maxdriver\WudfRd.sys
+ 2006-09-28 17:55 . 2006-09-28 17:55 77568 c:\windows\maxdriver\WudfPf.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 12032 c:\windows\maxdriver\ws2ifsl.sys
+ 2010-04-24 00:37 . 2004-10-15 16:18 21075 c:\windows\maxdriver\wpsdrvnt.sys
+ 2006-10-18 19:00 . 2006-10-18 19:00 38528 c:\windows\maxdriver\wpdusb.sys
+ 2007-07-27 12:00 . 2008-04-13 18:41 52352 c:\windows\maxdriver\volsnap.sys
+ 2007-07-27 12:00 . 2008-04-13 18:44 81664 c:\windows\maxdriver\videoprt.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 42240 c:\windows\maxdriver\viaagp.sys
+ 2007-07-27 12:00 . 2008-04-13 18:44 20992 c:\windows\maxdriver\vga.sys
+ 2009-04-04 15:22 . 2004-10-15 16:32 14568 c:\windows\maxdriver\wg6n.sys
+ 2009-04-04 15:22 . 2004-10-15 16:32 14568 c:\windows\maxdriver\wg5n.sys
+ 2009-04-04 15:22 . 2004-10-15 16:32 14568 c:\windows\maxdriver\wg4n.sys
+ 2010-04-24 00:37 . 2004-10-15 16:32 14568 c:\windows\maxdriver\wg3n.sys
+ 2001-08-17 14:02 . 2007-07-27 12:00 58112 c:\windows\maxdriver\vdmindvd.sys
+ 2009-03-13 21:23 . 2008-04-13 19:17 83072 c:\windows\maxdriver\wdmaud.sys
+ 2008-03-27 14:27 . 2008-03-27 14:27 35040 c:\windows\maxdriver\wdfldr.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 25471 c:\windows\maxdriver\watv10nt.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 22271 c:\windows\maxdriver\watv06nt.sys
+ 2007-07-27 12:00 . 2008-04-13 18:57 34560 c:\windows\maxdriver\wanarp.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 11935 c:\windows\maxdriver\wadv11nt.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 11871 c:\windows\maxdriver\wadv09nt.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 11295 c:\windows\maxdriver\wadv08nt.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 11807 c:\windows\maxdriver\wadv07nt.sys
+ 2008-04-13 18:43 . 2008-04-13 18:43 14208 c:\windows\maxdriver\wacompen.sys
+ 2009-03-13 21:24 . 2008-04-13 18:45 26368 c:\windows\maxdriver\usbstor.sys
+ 2010-04-26 16:29 . 2008-04-13 17:47 25856 c:\windows\maxdriver\usbprint.sys
+ 2007-07-27 12:00 . 2008-04-13 18:45 17152 c:\windows\maxdriver\usbohci.sys
+ 2004-08-03 23:08 . 2008-04-13 18:45 15872 c:\windows\maxdriver\usbintel.sys
+ 2007-07-27 12:00 . 2008-04-13 17:45 59520 c:\windows\maxdriver\usbhub.sys
+ 2007-07-27 12:00 . 2008-04-13 18:45 30208 c:\windows\maxdriver\usbehci.sys
+ 2009-04-18 21:16 . 2008-04-13 17:45 32128 c:\windows\maxdriver\usbccgp.sys
+ 2001-08-17 14:03 . 2008-04-13 18:45 25728 c:\windows\maxdriver\usbcamd2.sys
+ 2001-08-17 14:03 . 2008-04-13 18:45 25600 c:\windows\maxdriver\usbcamd.sys
+ 2008-04-13 18:56 . 2008-04-13 18:56 12800 c:\windows\maxdriver\usb8023x.sys
+ 2007-07-27 12:00 . 2008-04-13 18:56 12800 c:\windows\maxdriver\usb8023.sys
+ 2007-07-27 12:00 . 2008-04-13 18:32 66048 c:\windows\maxdriver\udfs.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 44672 c:\windows\maxdriver\uagp35.sys
+ 2004-08-03 23:03 . 2008-04-13 18:56 12288 c:\windows\maxdriver\tunmp.sys
+ 2001-08-17 14:06 . 2007-07-27 12:00 21376 c:\windows\maxdriver\tsbvcap.sys
+ 2001-08-17 14:01 . 2007-07-27 12:00 51712 c:\windows\maxdriver\tosdvd.sys
+ 2009-03-14 04:29 . 2008-04-14 00:13 40840 c:\windows\maxdriver\termdd.sys
+ 2010-04-24 00:37 . 2004-10-15 16:17 60496 c:\windows\maxdriver\Teefer.sys
+ 2009-03-14 04:29 . 2008-04-14 00:13 21896 c:\windows\maxdriver\tdtcp.sys
+ 2009-03-14 04:29 . 2008-04-14 00:13 12040 c:\windows\maxdriver\tdpipe.sys
+ 2007-07-27 12:00 . 2008-04-13 19:00 19072 c:\windows\maxdriver\tdi.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 14976 c:\windows\maxdriver\tape.sys
+ 2009-03-13 21:22 . 2008-04-13 19:15 60800 c:\windows\maxdriver\sysaudio.sys
+ 2009-03-13 21:23 . 2008-04-13 18:45 56576 c:\windows\maxdriver\swmidi.sys
+ 2004-08-03 23:08 . 2008-04-13 18:45 49408 c:\windows\maxdriver\stream.sys
+ 2009-03-14 04:31 . 2008-04-13 18:36 73472 c:\windows\maxdriver\sr.sys
+ 2004-08-03 23:09 . 2008-04-13 18:46 25344 c:\windows\maxdriver\sonydcam.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 14592 c:\windows\maxdriver\smclib.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 13240 c:\windows\maxdriver\slwdmsup.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 95424 c:\windows\maxdriver\slnthal.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 40960 c:\windows\maxdriver\sisagp.sys
+ 2005-08-24 13:55 . 2005-08-24 13:55 66560 c:\windows\maxdriver\sfvfs02.sys
+ 2005-08-10 14:06 . 2005-08-10 14:06 19968 c:\windows\maxdriver\sfsync02.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 11392 c:\windows\maxdriver\sfloppy.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 11008 c:\windows\maxdriver\sffp_sd.sys
+ 2008-04-13 18:40 . 2008-04-13 18:40 10240 c:\windows\maxdriver\sffp_mmc.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 11904 c:\windows\maxdriver\sffdisk.sys
+ 2005-08-10 12:44 . 2005-08-10 12:44 50688 c:\windows\maxdriver\sfdrv01.sys
+ 2007-07-27 12:00 . 2008-04-13 19:15 64512 c:\windows\maxdriver\serial.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 15744 c:\windows\maxdriver\serenum.sys
+ 2010-04-25 11:25 . 2008-01-09 10:28 27632 c:\windows\maxdriver\seehcri.sys
+ 2007-07-27 12:00 . 2008-04-13 16:39 20480 c:\windows\maxdriver\secdrv.sys
+ 2007-07-27 12:00 . 2008-04-13 18:36 79232 c:\windows\maxdriver\sdbus.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 96384 c:\windows\maxdriver\scsiport.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 12200 c:\windows\maxdriver\s0016whnt.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 12200 c:\windows\maxdriver\s0016wh.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 25512 c:\windows\maxdriver\s0016nd5.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 15016 c:\windows\maxdriver\s0016mdfl.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 10792 c:\windows\maxdriver\s0016cr.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 12200 c:\windows\maxdriver\s0016cmnt.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 12200 c:\windows\maxdriver\s0016cm.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 89256 c:\windows\maxdriver\s0016bus.sys
+ 2008-04-13 18:56 . 2008-04-13 18:56 30592 c:\windows\maxdriver\rndismpx.sys
+ 2007-07-27 12:00 . 2008-04-13 18:56 30592 c:\windows\maxdriver\rndismp.sys
+ 2001-08-17 13:24 . 2007-07-27 12:00 12032 c:\windows\maxdriver\riodrv.sys
+ 2001-08-17 13:24 . 2007-07-27 12:00 12032 c:\windows\maxdriver\rio8drv.sys
+ 2008-04-13 18:46 . 2008-04-13 18:46 59136 c:\windows\maxdriver\rfcomm.sys
+ 2009-03-14 03:19 . 2008-04-13 18:40 57600 c:\windows\maxdriver\redbook.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 13776 c:\windows\maxdriver\recagent.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 34432 c:\windows\maxdriver\rawwan.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 16512 c:\windows\maxdriver\raspti.sys
+ 2007-07-27 12:00 . 2008-04-13 19:19 48384 c:\windows\maxdriver\raspptp.sys
+ 2007-07-27 12:00 . 2008-04-13 18:57 41472 c:\windows\maxdriver\raspppoe.sys
+ 2007-07-27 12:00 . 2008-04-13 19:19 51328 c:\windows\maxdriver\rasl2tp.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 17792 c:\windows\maxdriver\ptilink.sys
+ 2007-07-27 12:00 . 2008-04-13 18:56 69120 c:\windows\maxdriver\psched.sys
+ 2004-08-03 22:59 . 2008-04-13 18:31 35840 c:\windows\maxdriver\processr.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 24960 c:\windows\maxdriver\pciidex.sys
+ 2007-07-27 12:00 . 2008-04-13 18:36 68224 c:\windows\maxdriver\pci.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 19712 c:\windows\maxdriver\partmgr.sys
+ 2004-08-03 22:59 . 2008-04-13 18:40 80128 c:\windows\maxdriver\parport.sys
+ 2004-08-03 22:59 . 2008-04-13 18:31 42752 c:\windows\maxdriver\p3.sys
+ 2007-07-27 12:00 . 2008-04-13 18:46 61696 c:\windows\maxdriver\ohci1394.sys
+ 2007-09-20 17:07 . 2008-08-01 16:36 22016 c:\windows\maxdriver\nvnetbus.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 55936 c:\windows\maxdriver\nwlnkspx.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 63232 c:\windows\maxdriver\nwlnknb.sys
+ 2007-07-27 12:00 . 2008-04-13 18:56 88320 c:\windows\maxdriver\nwlnkipx.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 32512 c:\windows\maxdriver\nwlnkfwd.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 12416 c:\windows\maxdriver\nwlnkflt.sys
+ 2007-11-10 02:20 . 2007-11-10 02:20 29728 c:\windows\maxdriver\nvhda32.sys
+ 2007-09-20 17:07 . 2008-08-01 16:36 54784 c:\windows\maxdriver\NVENETFD.sys
+ 2007-07-27 12:00 . 2008-04-13 18:32 30848 c:\windows\maxdriver\npfs.sys
+ 2007-07-27 12:00 . 2008-04-13 18:53 40320 c:\windows\maxdriver\nmnt.sys
+ 2001-08-17 13:24 . 2007-07-27 12:00 12032 c:\windows\maxdriver\nikedrv.sys
+ 2004-08-03 22:58 . 2008-04-13 18:51 61824 c:\windows\maxdriver\nic1394.sys
+ 2007-07-27 12:00 . 2008-04-13 18:56 34688 c:\windows\maxdriver\netbios.sys
+ 2007-07-27 12:00 . 2008-04-13 18:57 40576 c:\windows\maxdriver\ndproxy.sys
+ 2007-07-27 12:00 . 2008-04-13 19:20 91520 c:\windows\maxdriver\ndiswan.sys
+ 2004-08-03 23:03 . 2008-04-13 18:55 14592 c:\windows\maxdriver\ndisuio.sys
+ 2007-07-27 12:00 . 2008-04-13 18:57 10112 c:\windows\maxdriver\ndistapi.sys
+ 2008-04-13 18:43 . 2008-04-13 18:43 12672 c:\windows\maxdriver\mutohpen.sys
+ 2004-08-03 23:07 . 2008-04-13 18:36 15488 c:\windows\maxdriver\mssmbios.sys
+ 2007-07-27 12:00 . 2008-04-13 18:56 35072 c:\windows\maxdriver\msgpc.sys
+ 2009-04-10 20:36 . 2001-08-17 12:02 35200 c:\windows\maxdriver\msgame.sys
+ 2007-07-27 12:00 . 2008-04-13 18:32 19072 c:\windows\maxdriver\msfs.sys
+ 2007-07-27 12:00 . 2008-04-13 18:39 92544 c:\windows\maxdriver\mqac.sys
+ 2007-07-27 12:00 . 2008-04-13 18:39 42368 c:\windows\maxdriver\mountmgr.sys
+ 2004-08-03 22:58 . 2008-04-13 18:39 23040 c:\windows\maxdriver\mouclass.sys
+ 2004-08-03 23:08 . 2008-04-13 19:00 30080 c:\windows\maxdriver\modem.sys
+ 2004-08-03 23:07 . 2008-04-13 18:36 63744 c:\windows\maxdriver\mf.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 11868 c:\windows\maxdriver\mdmxsdk.sys
+ 2009-04-04 06:46 . 2010-03-29 22:46 38224 c:\windows\maxdriver\mbamswissarmy.sys
+ 2009-04-04 06:46 . 2010-03-29 22:45 20824 c:\windows\maxdriver\mbam.sys
+ 2009-05-02 10:57 . 2004-05-12 13:02 18432 c:\windows\maxdriver\maplom.sys
+ 2007-07-27 12:00 . 2009-06-24 11:18 92928 c:\windows\maxdriver\ksecdd.sys
+ 2007-07-27 12:00 . 2008-04-13 18:39 24576 c:\windows\maxdriver\kbdclass.sys
+ 2007-07-27 12:00 . 2008-04-13 18:36 37248 c:\windows\maxdriver\isapnp.sys
+ 2009-03-14 03:18 . 2008-04-13 18:54 11264 c:\windows\maxdriver\irenum.sys
+ 2008-04-13 18:45 . 2008-04-13 18:45 46592 c:\windows\maxdriver\irbus.sys
+ 2007-07-27 12:00 . 2008-04-13 19:19 75264 c:\windows\maxdriver\ipsec.sys
+ 2007-07-27 12:00 . 2008-04-13 18:57 20864 c:\windows\maxdriver\ipinip.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 32896 c:\windows\maxdriver\ipfltdrv.sys
+ 2007-07-27 12:00 . 2008-04-13 18:53 36608 c:\windows\maxdriver\ip6fw.sys
+ 2007-07-27 12:00 . 2008-04-13 18:31 36352 c:\windows\maxdriver\intelppm.sys
+ 2010-04-24 09:08 . 2009-05-13 16:51 19968 c:\windows\maxdriver\imdisk.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 42112 c:\windows\maxdriver\imapi.sys
+ 2007-07-27 12:00 . 2008-04-13 19:18 52480 c:\windows\maxdriver\i8042prt.sys
+ 2009-05-01 06:53 . 2008-04-13 17:45 10368 c:\windows\maxdriver\hidusb.sys
+ 2007-07-27 12:00 . 2008-04-13 18:45 24960 c:\windows\maxdriver\hidparse.sys
+ 2008-04-13 18:45 . 2008-04-13 18:45 19200 c:\windows\maxdriver\hidir.sys
+ 2007-07-27 12:00 . 2008-04-13 18:45 36864 c:\windows\maxdriver\hidclass.sys
+ 2008-04-13 18:46 . 2008-04-13 18:46 25600 c:\windows\maxdriver\hidbth.sys
+ 2009-04-19 10:41 . 2009-04-19 11:08 24616 c:\windows\maxdriver\ggsemc.sys
+ 2009-04-19 10:41 . 2009-04-19 11:08 13224 c:\windows\maxdriver\ggflt.sys
+ 2009-04-10 20:03 . 2008-04-13 17:45 10624 c:\windows\maxdriver\gameenum.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 46464 c:\windows\maxdriver\gagp30kx.sys
+ 2001-08-17 13:57 . 2007-07-27 12:00 12160 c:\windows\maxdriver\fsvga.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 20480 c:\windows\maxdriver\flpydisk.sys
+ 2007-07-27 12:00 . 2008-04-13 18:33 44544 c:\windows\maxdriver\fips.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 27392 c:\windows\maxdriver\fdc.sys
+ 2009-04-10 20:03 . 2001-08-17 10:19 40704 c:\windows\maxdriver\es1371mp.sys
+ 2009-11-16 07:06 . 2009-11-16 07:06 96408 c:\windows\maxdriver\epfwtdir.sys
+ 2005-05-03 15:34 . 2005-05-03 15:34 27392 c:\windows\maxdriver\ElbyCDFL.sys
+ 2007-07-27 12:00 . 2008-04-13 18:38 71168 c:\windows\maxdriver\dxg.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 10496 c:\windows\maxdriver\dxapi.sys
+ 2009-03-13 21:22 . 2008-04-13 18:45 60160 c:\windows\maxdriver\drmk.sys
+ 2009-03-13 21:23 . 2008-04-13 18:45 52864 c:\windows\maxdriver\dmusic.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 14208 c:\windows\maxdriver\diskdump.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 36352 c:\windows\maxdriver\disk.sys
+ 2004-08-03 22:59 . 2008-04-13 18:31 36736 c:\windows\maxdriver\crusoe.sys
+ 2001-08-17 13:24 . 2007-07-27 12:00 11776 c:\windows\maxdriver\cpqdap01.sys
+ 2007-07-27 12:00 . 2008-04-13 19:16 49536 c:\windows\maxdriver\classpnp.sys
+ 2007-07-27 12:00 . 2008-04-13 18:40 62976 c:\windows\maxdriver\cdrom.sys
+ 2007-07-27 12:00 . 2008-04-13 19:14 63744 c:\windows\maxdriver\cdfs.sys
+ 2001-08-17 13:52 . 2007-07-27 12:00 18688 c:\windows\maxdriver\cdaudio.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 13952 c:\windows\maxdriver\cbidf2k.sys
+ 2008-04-13 18:46 . 2008-04-13 18:46 18944 c:\windows\maxdriver\bthusb.sys
+ 2008-04-13 18:46 . 2008-04-13 18:46 36480 c:\windows\maxdriver\bthprint.sys
+ 2008-04-13 18:46 . 2008-04-13 18:46 37888 c:\windows\maxdriver\bthmodem.sys
+ 2008-04-13 18:46 . 2008-04-13 18:46 17024 c:\windows\maxdriver\bthenum.sys
+ 2007-07-27 12:00 . 2008-04-13 18:53 71552 c:\windows\maxdriver\bridge.sys
+ 2007-07-27 12:00 . 2008-04-13 18:51 55808 c:\windows\maxdriver\atmlane.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 31360 c:\windows\maxdriver\atmepvc.sys
+ 2007-07-27 12:00 . 2008-04-13 18:51 59904 c:\windows\maxdriver\atmarpc.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 63488 c:\windows\maxdriver\atinxsxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 31744 c:\windows\maxdriver\atinxbxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 73216 c:\windows\maxdriver\atintuxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 13824 c:\windows\maxdriver\atinttxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 28672 c:\windows\maxdriver\atinsnxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 52224 c:\windows\maxdriver\atinraxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 14336 c:\windows\maxdriver\atinpdxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 13824 c:\windows\maxdriver\atinmdxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 57856 c:\windows\maxdriver\atinbtxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 34735 c:\windows\maxdriver\ati1xsxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 29455 c:\windows\maxdriver\ati1xbxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 36463 c:\windows\maxdriver\ati1tuxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 21343 c:\windows\maxdriver\ati1ttxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 26367 c:\windows\maxdriver\ati1snxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 63663 c:\windows\maxdriver\ati1rvxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 30671 c:\windows\maxdriver\ati1raxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 12047 c:\windows\maxdriver\ati1pdxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 11615 c:\windows\maxdriver\ati1mdxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 56623 c:\windows\maxdriver\ati1btxx.sys
+ 2007-07-27 10:00 . 2008-04-13 16:40 96512 c:\windows\maxdriver\atapi.sys
+ 2007-07-27 12:00 . 2008-04-13 18:57 14336 c:\windows\maxdriver\asyncmac.sys
+ 2004-08-03 22:58 . 2008-04-13 18:51 60800 c:\windows\maxdriver\arp1394.sys
+ 2004-08-03 22:59 . 2008-04-13 18:31 37760 c:\windows\maxdriver\amdk7.sys
+ 2004-08-03 22:59 . 2008-04-13 18:31 37376 c:\windows\maxdriver\amdk6.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 43008 c:\windows\maxdriver\amdagp.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 42752 c:\windows\maxdriver\alim1541.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 44928 c:\windows\maxdriver\agpcpq.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 42368 c:\windows\maxdriver\agp440.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 11648 c:\windows\maxdriver\acpiec.sys
+ 2007-07-27 12:00 . 2008-04-13 18:46 53376 c:\windows\maxdriver\1394bus.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 4352 c:\windows\maxdriver\wmilib.sys
+ 2009-03-14 03:19 . 2008-04-13 18:36 8832 c:\windows\maxdriver\wmiacpi.sys
+ 2007-07-27 12:00 . 2001-08-17 12:03 4736 c:\windows\maxdriver\usbd.sys
+ 2004-08-03 22:58 . 2008-04-13 18:39 4352 c:\windows\maxdriver\swenum.sys
+ 2009-03-13 21:23 . 2008-04-13 18:45 6272 c:\windows\maxdriver\splitter.sys
+ 2008-04-13 18:36 . 2008-04-13 18:36 5888 c:\windows\maxdriver\smbali.sys
+ 2005-05-16 13:20 . 2005-05-16 13:20 6656 c:\windows\maxdriver\sfhlp02.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 5888 c:\windows\maxdriver\rootmdm.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 4224 c:\windows\maxdriver\rdpcdd.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 8832 c:\windows\maxdriver\rasacd.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 3328 c:\windows\maxdriver\pciide.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 6784 c:\windows\maxdriver\parvdm.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 3456 c:\windows\maxdriver\oprghdlr.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 2944 c:\windows\maxdriver\null.sys
+ 2009-03-13 21:22 . 2008-04-13 18:39 4992 c:\windows\maxdriver\mspqm.sys
+ 2009-03-13 21:22 . 2008-04-13 18:39 5376 c:\windows\maxdriver\mspclock.sys
+ 2009-03-13 21:22 . 2008-04-13 18:39 7552 c:\windows\maxdriver\mskssrv.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 4224 c:\windows\maxdriver\mnmdd.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 7680 c:\windows\maxdriver\mcd.sys
+ 2009-04-10 20:28 . 2001-08-17 12:02 8576 c:\windows\maxdriver\hidgame.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 7936 c:\windows\maxdriver\fs_rec.sys
+ 2009-03-14 03:19 . 2001-08-17 13:46 6400 c:\windows\maxdriver\enum1394.sys
+ 2006-04-22 01:44 . 2006-04-22 01:44 8064 c:\windows\maxdriver\ElbyCDIO.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 3328 c:\windows\maxdriver\dxgthk.sys
+ 2009-03-13 21:22 . 2008-04-13 18:45 2944 c:\windows\maxdriver\drmkaud.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 5888 c:\windows\maxdriver\dmload.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 4224 c:\windows\maxdriver\beep.sys
+ 2003-03-28 09:58 . 2003-03-28 09:58 8640 c:\windows\maxdriver\axskbus.sys
+ 2010-04-24 09:08 . 2009-02-09 13:16 9216 c:\windows\maxdriver\awealloc.sys
+ 2009-03-14 03:20 . 2001-08-17 13:59 3072 c:\windows\maxdriver\audstub.sys
+ 2009-04-04 15:02 . 2004-04-30 07:33 5248 c:\windows\maxdriver\a347scsi.sys
+ 2007-07-27 12:00 . 2010-04-28 14:00 444358 c:\windows\system32\perfh009.dat
- 2007-07-27 12:00 . 2010-04-27 15:17 444358 c:\windows\system32\perfh009.dat
+ 2008-03-27 14:27 . 2008-03-27 14:27 503008 c:\windows\maxdriver\wdf01000.sys
+ 2008-04-13 18:46 . 2008-04-13 18:46 121984 c:\windows\maxdriver\usbvideo.sys
+ 2007-07-27 12:00 . 2008-04-13 18:45 143872 c:\windows\maxdriver\usbport.sys
+ 2007-07-27 12:00 . 2008-04-13 18:39 384768 c:\windows\maxdriver\update.sys
+ 2007-07-27 12:00 . 2010-02-11 12:02 226880 c:\windows\maxdriver\tcpip6.sys
+ 2007-07-27 12:00 . 2008-06-20 11:51 361600 c:\windows\maxdriver\tcpip.sys
+ 2007-07-27 12:00 . 2009-12-31 16:50 353792 c:\windows\maxdriver\srv.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 404990 c:\windows\maxdriver\slntamr.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 129535 c:\windows\maxdriver\slnt7554.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 166912 c:\windows\maxdriver\s3gnbm.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 115752 c:\windows\maxdriver\s0016unic.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 110632 c:\windows\maxdriver\s0016obex.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 114216 c:\windows\maxdriver\s0016mgmt.sys
+ 2009-04-18 21:27 . 2008-05-16 09:33 120744 c:\windows\maxdriver\s0016mdm.sys
+ 2007-07-27 12:00 . 2008-05-08 14:02 203136 c:\windows\maxdriver\rmcast.sys
+ 2009-03-14 04:29 . 2008-04-14 00:13 139656 c:\windows\maxdriver\rdpwd.sys
+ 2009-03-14 04:29 . 2008-04-13 18:32 196224 c:\windows\maxdriver\rdpdr.sys
+ 2007-07-27 12:00 . 2008-04-13 19:28 175744 c:\windows\maxdriver\rdbss.sys
+ 2004-03-16 09:58 . 2008-04-13 19:19 146048 c:\windows\maxdriver\portcls.sys
+ 2007-07-27 12:00 . 2008-04-13 18:36 120192 c:\windows\maxdriver\pcmcia.sys
+ 2007-07-27 12:00 . 2008-04-13 18:34 163584 c:\windows\maxdriver\nwrdr.sys
+ 2007-09-20 17:07 . 2008-08-01 16:35 955520 c:\windows\maxdriver\nvnrm.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 180360 c:\windows\maxdriver\ntmtlfax.sys
+ 2007-07-27 12:00 . 2008-04-13 19:15 574976 c:\windows\maxdriver\ntfs.sys
+ 2007-07-27 12:00 . 2008-04-13 19:21 162816 c:\windows\maxdriver\netbt.sys
+ 2007-07-27 12:00 . 2008-04-13 19:20 182656 c:\windows\maxdriver\ndis.sys
+ 2007-07-27 12:00 . 2008-04-13 19:17 105344 c:\windows\maxdriver\mup.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 452736 c:\windows\maxdriver\mtxparhm.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 126686 c:\windows\maxdriver\mtlmnt5.sys
+ 2007-07-27 12:00 . 2010-02-24 13:11 455680 c:\windows\maxdriver\mrxsmb.sys
+ 2007-07-27 12:00 . 2008-04-13 18:32 180608 c:\windows\maxdriver\mrxdav.sys
+ 2004-08-03 23:15 . 2008-04-13 19:16 141056 c:\windows\maxdriver\ks.sys
+ 2009-03-13 21:22 . 2008-04-13 18:45 172416 c:\windows\maxdriver\kmixer.sys
+ 2007-07-27 12:00 . 2008-04-13 18:57 152832 c:\windows\maxdriver\ipnat.sys
+ 2007-07-27 12:00 . 2009-10-20 16:20 265728 c:\windows\maxdriver\http.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 685056 c:\windows\maxdriver\hsfcxts2.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 220032 c:\windows\maxdriver\hsfbs2s2.sys
+ 2005-01-07 16:07 . 2005-01-07 16:07 145920 c:\windows\maxdriver\Hdaudio.sys
+ 2005-01-07 16:07 . 2008-04-13 16:36 144384 c:\windows\maxdriver\hdaudbus.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 125056 c:\windows\maxdriver\ftdisk.sys
+ 2009-03-14 04:31 . 2008-04-13 18:32 129792 c:\windows\maxdriver\fltmgr.sys
+ 2007-07-27 12:00 . 2008-04-13 19:14 143744 c:\windows\maxdriver\fastfat.sys
+ 2009-11-16 07:03 . 2009-11-16 07:03 108792 c:\windows\maxdriver\ehdrv.sys
+ 2009-11-16 06:56 . 2009-11-16 06:56 116520 c:\windows\maxdriver\eamon.sys
+ 2007-07-27 12:00 . 2008-04-13 18:44 153344 c:\windows\maxdriver\dmio.sys
+ 2007-07-27 12:00 . 2008-04-13 18:44 799744 c:\windows\maxdriver\dmboot.sys
+ 2001-08-17 14:02 . 2007-07-27 12:00 262528 c:\windows\maxdriver\cinemst2.sys
+ 2008-04-13 18:46 . 2008-06-13 11:05 272128 c:\windows\maxdriver\bthport.sys
+ 2008-04-13 18:51 . 2008-04-13 18:51 101120 c:\windows\maxdriver\bthpan.sys
+ 2003-03-30 19:38 . 2003-03-30 19:38 102624 c:\windows\maxdriver\axsaki.sys
+ 2007-07-27 12:00 . 2007-07-27 12:00 352256 c:\windows\maxdriver\atmuni.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 104960 c:\windows\maxdriver\atinrvxx.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 701440 c:\windows\maxdriver\ati2mtag.sys
+ 2009-03-13 21:31 . 2004-08-03 21:29 327040 c:\windows\maxdriver\ati2mtaa.sys
+ 2007-07-27 12:00 . 2008-08-14 10:04 138496 c:\windows\maxdriver\afd.sys
+ 2009-03-13 21:22 . 2008-04-13 16:39 142592 c:\windows\maxdriver\aec.sys
+ 2007-07-27 12:00 . 2008-04-13 18:36 187776 c:\windows\maxdriver\acpi.sys
+ 2009-04-04 15:02 . 2004-04-30 07:37 160640 c:\windows\maxdriver\a347bus.sys
+ 2009-03-13 21:21 . 2007-09-19 09:16 4617728 c:\windows\maxdriver\RtkHDAud.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 1309184 c:\windows\maxdriver\mtlstrm.sys
+ 2009-03-13 21:31 . 2004-08-03 21:41 1041536 c:\windows\maxdriver\hsfdpsp2.sys
+ 2007-10-04 08:14 . 2010-04-03 20:55 10232128 c:\windows\maxdriver\nv4_mini.sys
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"RTHDCPL"="RTHDCPL.EXE" [2007-09-19 16844800]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2054360]
"SmcService"="c:\progra~1\Sygate\SPF\smc.exe" [2004-10-15 2577632]
"Hard Disk Sentinel"="g:\program files\Hard Disk Sentinel\HDSentinel.exe" [2009-02-24 3198464]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-04-03 110696]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-04-03 13670504]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2009-10-12 614400]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
BankID Security Application.lnk - c:\program files\Personal\bin\Personal.exe [2009-5-3 939536]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"g:\\Program Files\\Spotify\\spotify.exe"=
"c:\\WINDOWS\\system32\\SUPDSvc.exe"=
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-11-16 108792]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-11-16 96408]
R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2009-11-16 735960]
R3 NVHDA;Service for NVIDIA HDMI Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2007-11-10 29728]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-04-25 27632]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2010-04-25 90112]
S3 AWEAlloc;AWE Memory Allocation Driver;c:\windows\system32\drivers\awealloc.sys [2010-04-24 9216]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-04-19 13224]
S3 ImDisk;ImDisk Virtual Disk Driver;c:\windows\system32\drivers\imdisk.sys [2010-04-24 19968]
S3 ImDskSvc;ImDisk Virtual Disk Driver Helper;c:\windows\system32\imdsksvc.exe [2010-04-24 10240]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-04-18 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-04-18 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-04-18 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-04-18 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-04-18 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-04-18 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-04-18 115752]
S3 Samsung UPD Service;Samsung UPD Service;c:\windows\system32\SUPDSvc.exe [2010-04-26 132464]
S4 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [2009-04-04 160640]
S4 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [2009-04-04 5248]
.
Contents of the 'Scheduled Tasks' folder
2010-04-28 c:\windows\Tasks\User_Feed_Synchronization-{E51E9111-755F-4990-99AB-39BEABF9B266}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://81.232.99.43:60108/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\Per\Application Data\Mozilla\Firefox\Profiles\9l23s4zn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.leta.se/
FF - component: c:\documents and settings\Per\Application Data\Mozilla\Firefox\Profiles\9l23s4zn.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}\platform\WINNT\components\ColorZilla.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\Personal\bin\np_prsnl.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
**************************************************************************
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files:
**************************************************************************
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vsdatant]
"ImagePath"=""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_USERS\S-1-5-21-1454471165-1844237615-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:34,16,57,02,3b,e5,67,7e,51,a1,ab,35,30,1a,60,b1,b1,bf,5b,05,40,89,12,
96,a7,85,da,07,ef,fa,f4,8e,87,76,cb,87,cd,98,ac,b8,36,d6,e1,e0,16,94,85,ad,\
"??"=hex:b5,5e,67,b3,49,08,72,ad,41,a9,3a,9c,e3,bb,58,83
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•A~*]
"D140111900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
Completion time: 2010-04-28 16:09:34
ComboFix-quarantined-files.txt 2010-04-28 14:09
ComboFix2.txt 2010-04-27 15:27
Pre-Run: 29 362 298 880 bytes free
Post-Run: 29 327 077 376 bytes free
- - End Of File - - 6D24CFD4471BAF12ABCA71A914CD250B