Malware problem maybe more?

Solved
By billyd
May 13, 2012
  1. hi,

    a couple of months ago I switched from microsoft essentials to panda global protection! I started having BSOD crashes . after a short time working with panda problem was not solved. but happened alot less often. as time went on I noticed other things acting up . mouse going right click all the time , redirects on web pages. decided panda wasn't cutting it so bought ESET Sart security! installed today. scan found somethings it couldn't remove.
  2. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    malwarebytes quick scan log

    Malwarebytes Anti-Malware (PRO) 1.61.0.1400
    www.malwarebytes.org
    Database version: v2012.05.13.04
    Windows Vista Service Pack 2 x86 NTFS
    Internet Explorer 9.0.8112.16421
    William :: WILLIAM-PC [administrator]
    Protection: Disabled
    5/13/2012 7:47:18 PM
    mbam-log-2012-05-13 (19-47-18).txt
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled:
    Objects scanned: 186045
    Time elapsed: 6 minute(s), 51 second(s)
    Memory Processes Detected: 0
    (No malicious items detected)
    Memory Modules Detected: 0
    (No malicious items detected)
    Registry Keys Detected: 0
    (No malicious items detected)
    Registry Values Detected: 0
    (No malicious items detected)
    Registry Data Items Detected: 0
    (No malicious items detected)
    Folders Detected: 0
    (No malicious items detected)
    Files Detected: 0
    (No malicious items detected)
    (end)
  3. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    GMER log let me know if I'm doing this wrong!


    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit quick scan 2012-05-13 20:01:35
    Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 ST9160821AS rev.3.BHD
    Running: oibfjxod.exe; Driver: C:\Users\William\AppData\Local\Temp\pwriyfod.sys

    ---- Processes - GMER 1.0.15 ----
    Process PING.EXE (*** hidden *** ) 3076
    Process PING.EXE (*** hidden *** ) 5420
    ---- EOF - GMER 1.0.15 ----
  4. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    dds logs

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421
    Run by William at 20:59:15 on 2012-05-13
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.1092 [GMT -4:00]
    .
    AV: Panda Global Protection 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
    SP: Panda Global Protection 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
    .
    ============== Running Processes ===============
    .
    C:\Windows\SYSTEM32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\WLTRYSVC.EXE
    C:\Windows\System32\bcmwltry.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\dlbacoms.exe
    C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\SYSTEM32\taskeng.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\Explorer.EXE
    C:\Windows\SYSTEM32\taskeng.exe
    C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\WLTRAY.EXE
    C:\Program Files\TeamViewer\Version4\TeamViewer.exe
    C:\Program Files\ESET\ESET Smart Security\egui.exe
    C:\Windows\ehome\ehtray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\mobsync.exe
    C:\Windows\System32\alg.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    uWindow Title = Microsoft Internet Explorer
    uURLSearchHooks: H - No File
    BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    uRun: [Google Update] "c:\users\william\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
    mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
    mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\ssv.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    LSP: mswsock.dll
    Trusted Zone: intuit.com\ttlc
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{431E6B66-43D9-4C45-9390-7F4CABDE6BF8} : DhcpNameServer = 192.168.1.1
    Notify: igfxcui - igfxdev.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-12-21 115008]
    R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]
    R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2010-12-21 41336]
    R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-5-13 40776]
    S2 avg7rsw;Aec;c:\windows\system32\svchost.exe -k netsvcs [2011-12-16 21504]
    S2 avg7updsvc;HBtnKey;c:\windows\system32\svchost.exe -k netsvcs [2011-12-16 21504]
    S2 avgarcln;SE2Cmdfl;c:\windows\system32\svchost.exe -k netsvcs [2011-12-16 21504]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-4 257696]
    .
    =============== Created Last 30 ================
    .
    2012-05-14 00:49:18 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2012-05-13 23:46:03 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-05-13 23:46:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-05-13 17:41:45 -------- d-----w- c:\users\william\appdata\roaming\ESET
    2012-05-13 17:41:45 -------- d-----w- c:\users\william\appdata\local\ESET
    2012-05-13 17:30:42 -------- d-----w- c:\program files\Windows Resource Kits
    2012-05-12 23:11:37 -------- d-----w- c:\program files\ESET
    2012-05-11 01:11:52 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-11 01:11:52 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-11 01:11:51 2044928 ----a-w- c:\windows\system32\win32k.sys
    2012-05-05 22:42:10 -------- d-----w- c:\program files\Sherlock Holmes and the Hound of the Baskervilles
    2012-04-22 23:44:40 -------- d-sh--w- C:\found.000
    2012-04-22 19:14:07 -------- d-----w- c:\programdata\Kaspersky Lab
    .
    ==================== Find3M ====================
    .
    2012-05-13 23:35:22 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
    2012-05-05 16:58:21 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-05-05 16:58:21 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-03-30 12:39:11 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2012-03-29 13:39:19 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
    2012-03-28 16:09:16 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2012-03-20 23:28:50 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
    2012-03-01 14:46:01 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
    2012-03-01 14:46:01 160768 ----a-w- c:\windows\system32\d3d10_1.dll
    2012-02-29 15:11:45 5120 ----a-w- c:\windows\system32\wmi.dll
    2012-02-29 15:11:42 172032 ----a-w- c:\windows\system32\wintrust.dll
    2012-02-29 15:09:53 157696 ----a-w- c:\windows\system32\imagehlp.dll
    2012-02-29 14:08:47 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
    2012-02-29 13:44:50 683008 ----a-w- c:\windows\system32\d2d1.dll
    2012-02-29 13:41:40 1069056 ----a-w- c:\windows\system32\DWrite.dll
    2012-02-29 13:32:37 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
    2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
    2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-02-25 19:19:08 121208 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
    2012-02-23 14:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe
    .
    ============= FINISH: 21:01:32.04 ===============
  5. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/14/2011 2:09:22 PM
    System Uptime: 5/13/2012 7:34:44 PM (2 hours ago)
    .
    Motherboard: Dell Inc. | | 0UK439
    Processor: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz | Microprocessor | 2000/166mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 141 GiB total, 38.999 GiB free.
    D: is FIXED (NTFS) - 8 GiB total, 1.753 GiB free.
    E: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP196: 5/9/2012 1:24:09 AM - Scheduled Checkpoint
    RP197: 5/11/2012 3:00:13 AM - Windows Update
    RP198: 5/11/2012 9:34:31 PM - Scheduled Checkpoint
    RP200: 5/12/2012 7:10:16 PM - Installed ESET Smart Security
    RP201: 5/12/2012 7:17:07 PM - Installed ESET Smart Security
    RP202: 5/12/2012 7:24:48 PM - Installed ESET Smart Security
    RP203: 5/12/2012 7:31:05 PM - Installed ESET Smart Security
    RP204: 5/12/2012 7:38:55 PM - Installed ESET Smart Security
    RP205: 5/12/2012 7:42:13 PM - Installed ESET Smart Security
    RP206: 5/12/2012 7:43:24 PM - Windows Update
    RP207: 5/12/2012 7:55:54 PM - Installed ESET Smart Security
    RP208: 5/12/2012 8:02:40 PM - Installed ESET Smart Security
    RP209: 5/12/2012 8:24:09 PM - Installed ESET Smart Security
    RP210: 5/12/2012 8:27:38 PM - Installed ESET Smart Security
    RP211: 5/12/2012 8:44:47 PM - Installed ESET Smart Security
    RP212: 5/13/2012 1:00:05 PM - Installed ESET Smart Security
    RP213: 5/13/2012 1:29:47 PM - Installed Windows Resource Kit Tools - SubInAcl.exe
    RP214: 5/13/2012 1:38:23 PM - Installed ESET Smart Security
    .
    ==== Installed Programs ======================
    .
    .
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Shockwave Player 11.6
    AirXonix version 1.40
    AnyDVD
    Application Verifier
    Awakening: The Dreamless Castle
    Ball Breaker 3D
    Big Fish Games: Game Manager
    CCleaner
    CDBurnerXP
    Cisco EAP-FAST Module
    Cisco LEAP Module
    Cisco PEAP Module
    CleanUp!
    CloneDVD2
    ConvertXtoDVD 4.1.19.365
    Debugging Tools for Windows (x86)
    Defraggler
    Dell Wireless WLAN Card
    DivX Setup
    DVDFab 8.1.5.9 (20/01/2012) Qt
    DX-Ball 2 v1.25
    Elven Mists
    ESET Smart Security
    Foxit Reader 5.1
    FrostWire 5.3.2
    Google Chrome
    Google Update Helper
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    ImgBurn
    Intel(R) Graphics Media Accelerator Driver
    Java(TM) 6 Update 31
    K-Lite Codec Pack 5.2.0 (Standard)
    Malwarebytes Anti-Malware version 1.61.0.1400
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft Choice Guard
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    Microsoft Windows Performance Toolkit
    Microsoft Windows SDK for Windows 7 (7.1)
    Microsoft Windows SDK for Windows 7 Common Utilities (30514)
    Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
    Microsoft Windows SDK for Windows 7 Samples (30514)
    Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
    Nightfall Mysteries: Asylum Conspiracy
    QuickPar 0.9
    RICOH Media Driver ver.2.07.01.04
    RICOH R5U8xx Media Driver ver.3.62.02
    SCREENSEVEN GAME CENTER
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Sherlock Holmes and the Hound of the Baskervilles
    swMSM
    TeamViewer 4
    Temple of Life: The Legend of Four Elements Collector's Edition
    Treasure Island 2
    Turbo Tourney 2012
    TurboTax 2011
    TurboTax 2011 WinPerFedFormset
    TurboTax 2011 WinPerReleaseEngine
    TurboTax 2011 WinPerTaxSupport
    TurboTax 2011 wohiper
    TurboTax 2011 wrapper
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    VC80CRTRedist - 8.0.50727.6195
    WinASO Registry Optimizer 4.7.5
    Windows Live Essentials
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows Live Writer
    Windows Resource Kit Tools - SubInAcl.exe
    WinRAR archiver
    Wonderlines
    .
    ==== Event Viewer Messages From Past Week ========
    .
    5/9/2012 9:57:58 AM, Error: EventLog [6008] - The previous system shutdown at 9:56:48 AM on 5/9/2012 was unexpected.
    5/8/2012 4:33:51 AM, Error: EventLog [6008] - The previous system shutdown at 4:32:20 AM on 5/8/2012 was unexpected.
    5/8/2012 4:15:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service v4 service to connect.
    5/8/2012 4:15:47 PM, Error: Service Control Manager [7000] - The Intuit Update Service v4 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    5/8/2012 4:11:51 PM, Error: EventLog [6008] - The previous system shutdown at 4:10:26 PM on 5/8/2012 was unexpected.
    5/8/2012 3:39:38 AM, Error: Schannel [36874] - An SSL connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
    5/8/2012 2:45:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
    5/8/2012 2:45:22 PM, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    5/8/2012 2:40:34 PM, Error: EventLog [6008] - The previous system shutdown at 2:38:46 PM on 5/8/2012 was unexpected.
    5/7/2012 7:02:23 PM, Error: EventLog [6008] - The previous system shutdown at 6:45:25 PM on 5/7/2012 was unexpected.
    5/7/2012 6:42:38 PM, Error: EventLog [6008] - The previous system shutdown at 6:41:07 PM on 5/7/2012 was unexpected.
    5/7/2012 1:34:10 PM, Error: Service Control Manager [7022] - The Panda On-Access Anti-Malware Service service hung on starting.
    5/7/2012 1:32:12 PM, Error: EventLog [6008] - The previous system shutdown at 1:24:47 PM on 5/7/2012 was unexpected.
    5/6/2012 8:44:55 AM, Error: EventLog [6008] - The previous system shutdown at 8:42:27 AM on 5/6/2012 was unexpected.
    5/13/2012 9:01:08 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume1.
    5/13/2012 8:07:18 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ZTEusbnmea service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Zppinger service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Zebrsce service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ZBackupAssistService service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The XTrapD12 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The XFX_program service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The WUSB54Gv4SVC service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wudfpf service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wpsscannersvc service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The WmVirHid service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wmp54gv4svc service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The WMIService service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wmconnectcds service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wg111nd5 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Websensecamreportserver service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Webrootspysweeperservice service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wceusbsh service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wanatw service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The W810obex service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vulfnths service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vtserver service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vmx86 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vmparport service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vmnetadapter service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Video3D service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vhidmini service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The USBVCD service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Usbio service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The UMPass service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The UDFReadr service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Tsmapip service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Toscosrv service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The TNaviSrv service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The TMMEmu service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The TMBUS service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Tfsndrct service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The TcpipBM service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The TBPanel service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Tandpl service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sysmonlog service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Symtdi service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Suservice service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Streamip service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Stcagent service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Statusagent service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sscdmdfl service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ss_mdm service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SrvcEPECioctl service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SRTSP service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Srservice service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Srescan service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sqlagent$sony_mediamgr service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SPFDRV service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sonypvs1 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SNTIE service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Snoopfreesvc service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Smtpd32 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sfilter service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sfhlp02 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Servicelayer service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SECYPUSB service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Se59unic service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Se59bus service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Se2Cnd5 service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SE2Cmdfl service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Se2Bnd5 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SE2Bmdm service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SE26mdm service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ScanUSBEMPIA service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sandrathesrv service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sandradatasrv service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The RVIEG01 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rupsd service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rt2500usb service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rrspy service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rrrspy service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Roxmediadb service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rollbackclientservice service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ROB_V service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The RIOUNIV service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rfcomm service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Retroexplauncher service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The QV2KUX service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ql2100 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ql10wnt service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The PSSdk23 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Proxyhostmirrordisplay service terminated with the following error: The specified module could not be found.
  6. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    cont.

    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Procexp111 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The PNDIS5 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Phnxvcdservice service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The PEVSystemStart service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Pepifilter service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Pdlnctdl service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Pdengine service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Padfsvr service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The P17xfilt service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ozoneinstallerservice service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The OVT511Plus service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Oracleformsserver-forms60server-oraform service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ooclevercacheagent service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Omnidrv service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Olregcap service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ofcpfwsvc service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The OEM02Vfx service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Odclientservice service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The NWUSBPort service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Nwcworkstation service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The NWADI service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Nvpvrmon service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Nvnetbus service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ntsyslog service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Nsm1bus service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Nipsvc service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Niorbk service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The NICSer_WPC300N service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The NETMDUSB service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mxssvr service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mvc25U870_VID_1262&PID_25FD service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mssql$pinnaclesys service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The MSSQL$MSSMLBIZ service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The MSMQTriggers service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Msmframework service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The MSFWDrv service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mscsptisrv service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mpe service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mnsframework service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mindrepair service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mi-raysat_3dsmax8 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mhndrv service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Merakpop3 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mdmxsdk service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The McciCMService service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The MaRdPnp service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The MA_CMIDI service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Lxda_device service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Lxby_device service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Lxbt_device service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The LKbdFlt2 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Lilsgt service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The LHidFilt service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The L1e service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The K750mdfl service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The iwebmsg service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ISODrive service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ipsecmon service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The IPFilter service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The IOSLINK service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The IntuitUpdateService service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The InterBaseServer service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Interactivelogon service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Inorpc service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The InCDsrvR service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Igniteservice.exe service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Idisw2km service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ibmsmbus service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ibmasrex service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The IAimFP6 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Hcf_msft service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The HBtnKey service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The GT891x service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The FsVga service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Flutilssvc service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Fix service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Fasttx2k service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Fasttraksvc service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Fallback service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Exportit service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Evteng service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Eskerlicensecontrol service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Emu10k service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Elotouchscreen service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The DVDVRRdr_xp service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dtscsi service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dmserver service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dmio service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dmadmin service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The DLH5X service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Djsnetcn service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dcpflics service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dcfssvc service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The DCamUSBGrandTek service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dbmang service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Db2governor service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Datasvr service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dac960nt service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cvintdrv service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ctprxy2k service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The CTAUDFX.DLL service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cqcpu service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The CoachAud service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cnxtdiag service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cltnetcnservice service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cebdaldr service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The CDRPDACC service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cdr4_xp service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The CdaD10BA service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The CdaC15BA service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ccs service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ccproxy service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Carboncopy32 service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cacheserver service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cachemgr service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Caboagp service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Btwdndis service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The BsHelpCS service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The BootScreen service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Blueservice service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The BLKWGU(Belkin) service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Bjmcmng service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Bdrsdrv service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Bcserver service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Basfipm service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Backupexecnamingservice service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Avipbb service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Avgmfx86 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Avfilter service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Automate6 service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ATKGFNEXSrv service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ASUSVRC service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Asusgsb service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The AsDsm service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The As32svc service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Aha154x service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Aec service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The AEAudioService service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Adobeactivefilemonitor5.0 service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Acpiec service terminated with the following error: The system cannot find the file specified.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The A8djusb service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The A016mgmt service terminated with the following error: The specified module could not be found.
    5/13/2012 7:36:47 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    5/13/2012 2:22:08 PM, Error: Service Control Manager [7023] - The Msk80service service terminated with the following error: The specified module could not be found.
    5/13/2012 2:22:08 PM, Error: Service Control Manager [7023] - The Freepops service terminated with the following error: The specified module could not be found.
    5/13/2012 2:22:08 PM, Error: Service Control Manager [7023] - The CXAVXBAR service terminated with the following error: The specified module could not be found.
    5/13/2012 2:22:08 PM, Error: Service Control Manager [7023] - The BoiHwsetup service terminated with the following error: The specified module could not be found.
    5/13/2012 2:22:08 PM, Error: Service Control Manager [7023] - The A016mdfl service terminated with the following error: The specified module could not be found.
    5/13/2012 2:20:34 PM, Error: EventLog [6008] - The previous system shutdown at 2:19:33 PM on 5/13/2012 was unexpected.
    5/13/2012 12:57:10 PM, Error: Service Control Manager [7023] - The EL90X service terminated with the following error: The specified module could not be found.
    5/13/2012 12:57:10 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
    5/13/2012 12:55:41 PM, Error: EventLog [6008] - The previous system shutdown at 12:54:09 PM on 5/13/2012 was unexpected.
    5/13/2012 1:53:25 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\RegBack\COMPONENTS' was corrupted and it has been recovered. Some data might have been lost.
    5/13/2012 1:41:19 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
    5/13/2012 1:40:26 PM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Vpnva service terminated with the following error: The specified module could not be found.
    5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Streamloadservice service terminated with the following error: The specified module could not be found.
    5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Sr_service service terminated with the following error: The specified module could not be found.
    5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Nm service terminated with the following error: The specified module could not be found.
    5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Issvc service terminated with the following error: The specified module could not be found.
    5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Ec2007service service terminated with the following error: The specified module could not be found.
    5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Dpfusmgr service terminated with the following error: The specified module could not be found.
    5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The CTSYN service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Zpjava service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Vmnetdhcp service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Uhcd service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The U81xmdfl service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The TcUsb service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Slapd-config52 service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The SANDRA service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Rp32service service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The R300 service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Pinetmgr service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The MobilityService service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Mgabgexe service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Lvsrvlauncher service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Ipodsrv service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Invoker service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Gdrv service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The FTSER2K service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Fsdfwd service terminated with the following error: The specified module could not be found.
    5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Crystalaps service terminated with the following error: The specified module could not be found.
    5/13/2012 1:02:06 PM, Error: Service Control Manager [7003] - The epfwwfp service depends the following service: BFE. This service might not be installed.
    5/12/2012 9:14:41 PM, Error: Service Control Manager [7023] - The Rupsmon service terminated with the following error: The specified module could not be found.
    5/12/2012 9:14:41 PM, Error: Service Control Manager [7023] - The Mwssched service terminated with the following error: The specified module could not be found.
    5/12/2012 9:14:41 PM, Error: Service Control Manager [7023] - The Dmisrv service terminated with the following error: The specified module could not be found.
    5/12/2012 9:14:41 PM, Error: Service Control Manager [7023] - The BCMWLNPF service terminated with the following error: The specified module could not be found.
    5/12/2012 9:14:41 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
    5/12/2012 9:13:00 PM, Error: EventLog [6008] - The previous system shutdown at 9:12:08 PM on 5/12/2012 was unexpected.
    5/12/2012 7:07:17 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Installer service, but this action failed with the following error: An instance of the service is already running.
    5/12/2012 7:05:17 PM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
    5/12/2012 6:43:45 PM, Error: Service Control Manager [7023] - The Videoacceleratorengine service terminated with the following error: The specified module could not be found.
    5/12/2012 3:59:09 AM, Error: Service Control Manager [7000] - The BCM42RLY service failed to start due to the following error: The system cannot find the file specified.
    5/12/2012 3:56:42 AM, Error: EventLog [6008] - The previous system shutdown at 3:55:02 AM on 5/12/2012 was unexpected.
    5/11/2012 11:46:07 AM, Error: EventLog [6008] - The previous system shutdown at 11:44:05 AM on 5/11/2012 was unexpected.
    5/10/2012 4:45:57 AM, Error: EventLog [6008] - The previous system shutdown at 4:44:45 AM on 5/10/2012 was unexpected.
    5/10/2012 4:43:52 AM, Error: EventLog [6008] - The previous system shutdown at 4:41:43 AM on 5/10/2012 was unexpected.
    5/10/2012 4:10:12 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
    5/10/2012 4:10:12 AM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    5/10/2012 4:08:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
    5/10/2012 4:08:50 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    5/10/2012 4:08:20 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect.
    5/10/2012 4:08:20 AM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    5/10/2012 4:07:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
    5/10/2012 4:04:51 AM, Error: EventLog [6008] - The previous system shutdown at 4:03:06 AM on 5/10/2012 was unexpected.
    5/10/2012 3:51:41 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user William-PC\William SID (S-1-5-21-1815498000-2833343681-1250068786-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    .
    ==== End Of File ===========================
  7. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ===========================================================================

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

    ======================================================================

    Download Bootkit Remover to your desktop.

    • Unzip downloaded file to your Desktop.
    • Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
    • It will show a Black screen with some data on it.
    • Right click on the screen and click Select All.
    • Press CTRL+C
    • Open a Notepad and press CTRL+V
    • Post the output back here.
  8. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-05-13 23:40:10
    -----------------------------
    23:40:10.915 OS Version: Windows 6.0.6002 Service Pack 2
    23:40:10.915 Number of processors: 2 586 0xF0D
    23:40:10.917 ComputerName: WILLIAM-PC UserName: William
    23:40:17.167 Initialize success
    23:42:23.074 AVAST engine defs: 12051301
    23:46:47.236 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
    23:46:47.239 Disk 0 Vendor: ST9160821AS 3.BHD Size: 152627MB BusType: 3
    23:46:47.266 Disk 0 MBR read successfully
    23:46:47.269 Disk 0 MBR scan
    23:46:47.277 Disk 0 Windows VISTA default MBR code
    23:46:47.282 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 144231 MB offset 63
    23:46:47.316 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8393 MB offset 295387155
    23:46:47.353 Disk 0 scanning sectors +312576705
    23:46:47.527 Disk 0 scanning C:\Windows\system32\drivers
    23:47:22.376 Service scanning
    23:47:56.872 Modules scanning
    23:48:16.490 Module: C:\Windows\System32\DRIVERS\netbt.sys **SUSPICIOUS**
    23:48:26.189 Disk 0 trace - called modules:
    23:48:26.253 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86d19fd0]<<
    23:48:26.262 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a99ac8]
    23:48:26.271 3 CLASSPNP.SYS[8a5a78b3] -> nt!IofCallDriver -> [0x86bd2030]
    23:48:26.279 \Driver\00001772[0x86b8adf0] -> IRP_MJ_CREATE -> 0x86d19fd0
    23:48:28.853 AVAST engine scan C:\Windows
    23:48:34.926 AVAST engine scan C:\Windows\system32
    23:54:17.636 AVAST engine scan C:\Windows\system32\drivers
    23:54:46.867 AVAST engine scan C:\Users\William
    00:00:46.244 Disk 0 MBR has been saved successfully to "C:\Users\William\Desktop\MBR.dat"
    00:00:46.264 The log file has been saved successfully to "C:\Users\William\Desktop\aswMBR.txt"
  9. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    Bootkit Remover
    (c) 2009 Esage Lab
    www.esagelab.com
    Program version: 1.2.0.1
    OS Version: Microsoft Windows Vista Home Premium Edition Service Pack 2 (build 6
    002), 32-bit
    System volume is \\.\C:
    \\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
    Boot sector MD5 is: 0ec6b2481fc707d1e901dc2a875f2826
    Size Device Name MBR Status
    --------------------------------------------
    149 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)

    Done;
    Press any key to quit...
  10. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Please download ComboFix from Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
    There are 4 different versions. If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click Rkill and choose Run as Administrator
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    * Rkill.com
    * Rkill.scr
    * Rkill.exe
    • Double-click on the Rkill icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.
    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
  11. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    ComboFix 12-05-14.03 - William 05/15/2012 4:16.1.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.2074 [GMT -4:00]
    Running from: c:\users\William\Desktop\ComboFix.exe
    AV: Panda Global Protection 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
    FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
    SP: Panda Global Protection 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Resident AV is active
    .
    .
    ADS - Windows: deleted 24 bytes in 1 streams.
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\William\AppData\Roaming\vso_ts_preview.xml
    c:\windows\$NtUninstallKB37865$\3590362446
    c:\windows\$NtUninstallKB37865$\4017323162\@
    c:\windows\$NtUninstallKB37865$\4017323162\cfg.ini
    c:\windows\$NtUninstallKB37865$\4017323162\Desktop.ini
    c:\windows\$NtUninstallKB37865$\4017323162\L\qnbwvoto
    c:\windows\$NtUninstallKB37865$\4017323162\oemid
    c:\windows\$NtUninstallKB37865$\4017323162\U\00000001.@
    c:\windows\$NtUninstallKB37865$\4017323162\U\00000002.@
    c:\windows\$NtUninstallKB37865$\4017323162\U\00000004.@
    c:\windows\$NtUninstallKB37865$\4017323162\U\80000000.@
    c:\windows\$NtUninstallKB37865$\4017323162\U\80000004.@
    c:\windows\$NtUninstallKB37865$\4017323162\U\80000032.@
    c:\windows\$NtUninstallKB37865$\4017323162\version
    c:\windows\security\Database\tmp.edb
    c:\windows\system32\dds_trash_log.cmd
    c:\windows\system32\drivers\etc\hosts.ics
    c:\windows\$NtUninstallKB37865$ . . . . Failed to delete
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Service_6to4
    -------\Service_radiosvr
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-04-15 to 2012-05-15 )))))))))))))))))))))))))))))))
    .
    .
    2012-05-15 08:30 . 2012-05-15 08:35 -------- d-----w- c:\users\William\AppData\Local\temp
    2012-05-15 08:30 . 2012-05-15 08:30 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-05-13 23:46 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-05-13 23:46 . 2012-05-13 23:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-05-13 17:41 . 2012-05-13 17:41 -------- d-----w- c:\users\William\AppData\Local\ESET
    2012-05-13 17:30 . 2012-05-13 17:30 -------- d-----w- c:\program files\Windows Resource Kits
    2012-05-12 23:11 . 2012-05-12 23:11 -------- d-----w- c:\program files\ESET
    2012-05-11 01:11 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-11 01:11 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-05 22:42 . 2012-05-05 22:43 -------- d-----w- c:\program files\Sherlock Holmes and the Hound of the Baskervilles
    2012-04-22 23:44 . 2012-04-22 23:44 -------- d-----w- C:\found.000
    2012-04-22 19:14 . 2012-04-22 19:14 -------- d-----w- c:\programdata\Kaspersky Lab
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-05-05 16:58 . 2012-04-04 17:05 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-05-05 16:58 . 2011-12-23 00:38 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-04-03 18:42 . 2012-04-03 18:42 652296 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
    2012-04-03 18:42 . 2012-04-03 18:42 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2012-04-03 18:42 . 2012-04-03 18:42 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
    2012-04-02 13:36 . 2012-05-11 01:11 2044928 ----a-w- c:\windows\system32\win32k.sys
    2012-03-28 16:09 . 2012-03-20 23:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2012-03-20 05:50 . 2012-03-20 05:50 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E5EF829-F29F-45F4-AD4A-C33D507A9B4B}\offreg.dll
    2012-02-29 15:11 . 2012-04-12 07:13 5120 ----a-w- c:\windows\system32\wmi.dll
    2012-02-29 15:11 . 2012-04-12 07:13 172032 ----a-w- c:\windows\system32\wintrust.dll
    2012-02-29 15:09 . 2012-04-12 07:13 157696 ----a-w- c:\windows\system32\imagehlp.dll
    2012-02-29 13:32 . 2012-04-12 07:13 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2012-02-28 01:18 . 2012-04-12 07:14 1799168 ----a-w- c:\windows\system32\jscript9.dll
    2012-02-28 01:11 . 2012-04-12 07:14 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-02-28 01:11 . 2012-04-12 07:14 1127424 ----a-w- c:\windows\system32\wininet.dll
    2012-02-28 01:03 . 2012-04-12 07:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-02-25 19:19 . 2012-02-25 19:19 121208 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
    2012-02-23 14:18 . 2011-12-16 16:56 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-02-20 06:05 . 2012-03-20 05:45 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E5EF829-F29F-45F4-AD4A-C33D507A9B4B}\mpengine.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
    "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
    "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
    BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Turbo Tourney 2012 Scheduler.lnk]
    backup=c:\windows\pss\Turbo Tourney 2012 Scheduler.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
    2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
    2008-02-12 01:13 141848 ----a-w- c:\windows\System32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
    2008-02-12 01:13 133656 ----a-w- c:\windows\System32\igfxpers.exe
    .
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    se2Bunic
    ofcpfwsvc
    upsmonservice
    nmservice
    atkkeyboardservice
    SE2Bmdfl
    SE2Dbus
    omsad
    tmtdi
    wscsvc
    wm
    UNDPX2A
    sdcoreservice
    EIO_XP
    ErrDev
    qfcoresvc
    mcdetect.exe
    pelusblf
    DS1410D
    CTMFLT
    EMATCORE
    CVirtA
    mssqlserverolapservice
    pgpsdkservice
    PTDCVsp
    dsNcAdpt
    sisnic
    btnetfilter
    nimcdfxk
    MTC0001_ESB
    SprintRcAppSvc
    pcx1unic
    RDID1027
    pwkntmon
    axsaki
    mwagent
    oracle_load_balancer_60_server-forms6ip9
    rslinxng
    mysql
    teefer
    atixsaudio
    adminserver
    mvserver
    spmd
    bc_filter
    atiavaiw
    UimBus
    sisperf
    imapiservice
    s716mdm
    rt2500usb
    ppped
    tfsnboio
    dlartl_n
    vstor2-ws60
    iPassPeriodicUpdateService
    speakerphone
    ZDPNDIS5
    ISAMSvc
    plsremotesvc
    smartwiservice
    mcdbus
    se45mgmt
    ccflic0
    webdriveservice
    wlluc48b
    webrootenterpriseclientservice
    imagesrv
    flashcom
    ssm_bus
    olapserver
    wintab32
    a016mgmt
    MRV6X32P
    EACSvrMngr
    sglogplayer
    AcronisOSSReinstallSvc
    atdisk
    bantext
    nwlnkspx
    PBADRV
    oraclewebassistant
    sonytvc
    intelroam
    papyjoy
    tfsnudf
    U3sHlpDr
    npapimon
    comhost
    SetupSys
    pdlnatcm
    iPassP
    perc2
    statusagent
    ATWPKT2
    AdobeActiveFileMonitor6.0
    WD_FireWire_HID
    {a7447300-8075-4b0d-83f1-3d75c8ebc623}
    hclinetd
    i81x
    SWUMX51
    MQAC
    UsbserFilt
    dlbu_device
    szkg
    incdsrv
    acrotray
    rootmodem
    nwlnknb
    avgems
    datasvr
    NETw4v32
    cfgwzsvc
    tvtfilter
    USB_NDIS_51
    s125mdfl
    tng-dtmg
    vproeventmonitor
    wmconnectcds
    redbook
    DivisCTS
    NWSAP
    macformatservice
    sit_flt
    EL2000
    ssfs0509
    procexp90
    iksyssec
    starwindservice
    mnsframework
    bwcsrv
    aolservice
    crauto
    nvax
    mctskshd.exe
    ICAM5USB
    LC7981
    razerusb
    EagleNT
    elockservice
    xfilt
    ageremodemaudio
    MA8032U
    fshttps
    slabbus
    useraccess7
    ctljystk
    acermemusagecheckservice
    NVR0Dev
    rnadirectory
    netmdsb
    nm
    bc_pat_f
    MREMP50
    W700mdm
    oraclemtsrecoveryservice
    pduip6000dmemcrdmgr
    roxwatch
    svv
    SMCB000
    vncdrv
    tapeware
    Angel2
    qkbfiltr
    persfw
    cpucoolserver
    elnkservice
    btwusb
    STV680m
    msftpsvc
    mxnic
    ikhfile
    opcenum
    trioservice
    cebdaldr
    winpppoverethernet
    lpx
    TOSHIBASoftModem
    mssql$sqlexpress
    Hotkey
    NITaggerService
    dlcj_device
    slabser
    openldap-slapd
    diskeeper
    WinVd32
    rchost
    w800mdm
    NTIDrvr
    dlcc_device
    server
    SE26mgmt
    z800mgmt
    emitray
    aspi32
    S3GIGP
    tgsrvc_smartagent
    beatjamupnpmusicserver
    iaimfp1
    Slntamr
    defwatch
    sis315
    queuemgr
    penrendezvous
    lktimesync
    bthpan
    ATMsg
    ino_flpy
    cvslock
    dtsrvc
    noipducservice
    WaveFDE
    ntcharge
    se45nd5
    rfcomm
    tavsvc
    SABSVC
    screadspool
    GTSCSER
    mysqlinventime
    modemcsa
    timounter
    NETw3v32
    ma_cmidi_installerservice
    getPlusHelper
    nimxdfk
    tdimsys
    bdselfpr
    PD0620VID
    PGPdisk
    SimpTcp
    mfeavfk
    AVerTV
    SPFDRV
    btwhid
    pcradminserver
    audstub
    mlkkbdntdriver
    WBHWDOCT
    lvprcsrv
    uleadburninghelper
    mwstick
    vsdatant
    hibernation
    lmab_device
    rppkt
    mcsysmon
    UWProSys
    s217nd5
    CX88AUD
    pdlnshay
    monfilt
    lxcj_device
    ntpr_nic_service2
    a016mdm
    iAimTV5
    zpsc
    haspnt
    Jukebox
    VAIOMediaPlatform-MusicServer-HTTP
    FETNDIS
    scsk4
    outpostfirewall
    backupexecalertserver
    nmwcdc
    pavdrv
    sandboxu
    slee_503_service
    HIDSwvd
    ssm_mdm
    LVRS
    sifilter
    viaagp1
    ood2000
    STV680
    CnxTrLan
    win32sl
    s116mdm
    cwcwdm
    Pctspk
    jaguar
    ROB_A
    Appn
    hwpsgt
    AVCSTRM
    regspy
    spcsutilityservice
    nvstor32
    mfesmfk
    roxupnpserver
    avg7rsw
    SWNC5E00
    DNE
    ovsecurityserver
    p2k
    ADIDTSFiltService
    wuolservice
    ggsemc
    winpowerrmi
    GoToAssist
    DgiVecp
    cccredmgr
    srvdpi
    db2das00
    spbbcsvc
    vcommmgr
    SNP2STD
    NIPALK
    hpqddsvc
    harmony
    sshrmd
    GT890x
    winpower
    Slpsvdr
    oracle_load_balancer_60_client-forms6ip9
    APLMp50
    TMKEmu
    HPFECP20
    pcidump
    ftsata2
    UVCFTR
    nbservice
    license
    oracleorahomehttpserver
    DirectUpdate
    PGPsdkDriver
    retroexplauncher
    nfmservice
    tng-dts
    SE2Eobex
    wampmysqld
    s217mdm
    dlcf_device
    rimvserport
    TNaviSrv
    el90xbc
    RESMGR
    SDdriver
    pdlnsx25
    gameenum
    wdica
    AR5523
    picturetaker
    Evian
    btwavdt
    rnadiagnosticsservice
    cusrvc
    Via4in1
    freepops
    nimcrpcsu
    dmio
    TuneUp.Defrag
    iPassPeriodicUpdateApp
    prism_a02
    IFPUSB
    bt3cser
    transarcafsdaemon
    k750mdfl
    USB_RNDIS
    SRTSP
    ifxtcs
    VICESYS
    PTDCBus
    tcsd_win32.exe
    pml
    ScFBPNT3
    UxTuneUp
    vc5secs
    tbhsd
    stacsv
    licensemanagersocket
    avgarcln
    tosrfnds
    ql1280
    s3ssavage
    hmonitor
    wlluc48
    tmmbd
    cbidf
    zebrbus
    dvd_2K
    vsapint
    w200bus
    awhost32
    filechecker
    NsTrcNT
    hsf_dp
    trackcam4
    arcltsrv
    dladresm
    WUSB54GPV4SRV
    us30service
    vvoice
    inotask
    inorpc
    VNUSB
    lxrjd31d
    Ncrc710
    rca
    s125obex
    NxSysMon
    VX3000
    srescan
    {95808DC4-FA4A-4c74-92FE-5B863F82066B}
    isapisearch
    lockmgr
    nvcap
    ss_mdfl
    SRS_SSCFilter
    klif
    DCamUSBSQTECH
    se26unic
    mks_scan
    s7otranx
    SED133x
    ibmcicstransactiongateway
    s7oppitx
    LKbdFlt2
    3comtftp
    UMPass
    U81xobex
    U2SP
    co_mon
    atierecord
    qbfcservice
    tosrfsnd
    openvpnservice
    AmdLLD
    freebsd
    atkdisplf
    se58unic
    RMCAST
    mcnasvc
    cdr4_2k
    avg7updsvc
    cvsnt
    k750mdm
    s616unic
    artourservice
    symmpi
    iastor
    aclient
    BTSLBCSP
    askernel
    acprfmgrsvc
    https-admserv61
    splitter
    SaiU040B
    proxyhostservice
    USB_RNDIS_XP
    nmsaccess
    mfehidk
    snmptrapdservice
    digictrl
    emupia
    rimusb
    array_utility_service4,0,1,3
    gearaspiwdm
    eskerlicensecontrol
    lxbs_device
    nimdbgk
    CTMSHD
    ihcservice
    pavreport
    ATKFUSService
    iomdisk
    se59mdfl
    pnkbstrb
    lp6nds35
    syntp
    SWMX00
    se2Bnd5
    e1express
    w800mdfl
    entech
    T6963C
    hnmsvc
    VCAM
    purgeieservice
    XFX_program
    smcservice
    ldlcserv
    PQNTDrv
    iviaspi
    enxpsvc
    DniVad
    acedrv07
    Subsonic
    iwebmsg
    qmofiltr
    agrsrvce
    SunkFilt39
    TcUsb
    MA_CMIDI
    trcboot
    smsmdd
    iam
    a016mdfl
    db2ntsecserver
    ec2007service
    sqlagent$sony_mediamgr
    soma
    tvs
    ipsraidn
    kservice
    Bcim
    amon
    axinstsv
    btwrchid
    bdfsdrv
    SE2Dmdfl
    MTsensor
    maya70docserver
    ctdvda2k
    wg111nd5
    nchssvad
    SaiNtSub
    cpqarray
    gv3
    UpdateCenterService
    MobilePreInstallerService
    SQLWriter
    iap
    usb20l
    s716nd5
    FireTDI
    pdframe
    HSFHWICH
    yukonwxp
    lvpopflt
    vzcdbsvc
    NVTCP
    SE27mdm
    atalk
    SunkFilt
    NVENET
    ctmmfilt
    cicssfs.scmmc223
    ifxspmgtsrv
    se44nd5
    agentsrv
    ATMsrvc
    nsengine
    s117obex
    aswrdr
    z800obex
    mwspollserver
    lxbu_device
    rtl8139
    se44bus
    USB11LDR
    ramaint
    pfc
    athr
    se59nd5
    sentinel
    ser2pl
    websenselogserver
    ltck000c
    ZuneWlanCfgSvc
    k750mgmt
    Nsynas32
    uclauncherservice
    ossrv
    sprtsvc_smartagent
    autocomplete
    sbhooksvc
    USBCamera
    TestHandler
    adiloader
    elotouchscreen
    cwafrmiregistry
    W55U01
    tvicport
    aec
    ino_fltr
    CTEDSPFX.DLL
    U81xmdm
    HFACSVC
    imaservice
    tmactmon
    MpFilter
    bthusb
    symids
    ASMMAP
    atchksrv
    AKSIFDH
    GV600_4
    nvmpu401
    ASNDIS5
    omniusbl
    papycpu2
    cpuz132
    HECI
    tsdhd
    protexislicensing
    slapd-data52
    tandpl
    dxdebug
    scanwscs
    ntrtscan
    mod7700
    TVALG
    oracle_load_balancer_60_client-forms6ip14
    telnet
    mapserver6.3
    incdfs
    eamon
    GTPTSER
    atmeltpm
    vetmsgnt
    nvsmu
    RSAFAL
    alertmanager
    sysmonlog
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 16:58]
    .
    2012-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-20 21:41]
    .
    2012-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-20 21:41]
    .
    2012-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
    - c:\users\William\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-23 04:45]
    .
    2012-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
    - c:\users\William\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-23 04:45]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = about:blank
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    Trusted Zone: intuit.com\ttlc
    TCP: DhcpNameServer = 192.168.1.1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-05-15 04:36
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
    27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
    "{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
    36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
    "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
    94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
    "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
    ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:81,97,c7,74,c6,e0,cc,01
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,44,3b,da,52,c0,a4,82,4f,a1,90,3e,\
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\System32\bcmwltry.exe
    c:\windows\system32\WLANExt.exe
    c:\windows\system32\dlbacoms.exe
    c:\program files\ESET\ESET Smart Security\ekrn.exe
    c:\program files\TeamViewer\Version4\TeamViewer_Service.exe
    c:\program files\TeamViewer\Version4\TeamViewer.exe
    c:\windows\system32\igfxsrvc.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Windows Media Player\wmpnscfg.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
    c:\windows\system32\DllHost.exe
    .
    **************************************************************************
    .
    Completion time: 2012-05-15 04:44:59 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-05-15 08:44
    .
    Pre-Run: 48,785,174,528 bytes free
    Post-Run: 49,288,650,752 bytes free
    .
    - - End Of File - - ADCD2C6711C758428802EC4C4CA1C465
     
  12. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
    billyd likes this.
  13. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    06:37:52.0921 3388 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
    06:37:58.0896 3388 ============================================================
    06:37:58.0896 3388 Current date / time: 2012/05/16 06:37:58.0896
    06:37:58.0896 3388 SystemInfo:
    06:37:58.0896 3388
    06:37:58.0896 3388 OS Version: 6.0.6002 ServicePack: 2.0
    06:37:58.0896 3388 Product type: Workstation
    06:37:58.0896 3388 ComputerName: WILLIAM-PC
    06:37:58.0896 3388 UserName: William
    06:37:58.0896 3388 Windows directory: C:\Windows
    06:37:58.0896 3388 System windows directory: C:\Windows
    06:37:58.0896 3388 Processor architecture: Intel x86
    06:37:58.0896 3388 Number of processors: 2
    06:37:58.0896 3388 Page size: 0x1000
    06:37:58.0896 3388 Boot type: Normal boot
    06:37:58.0896 3388 ============================================================
    06:37:59.0676 3388 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    06:37:59.0676 3388 ============================================================
    06:37:59.0676 3388 \Device\Harddisk0\DR0:
    06:37:59.0676 3388 MBR partitions:
    06:37:59.0676 3388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x119B3FD4
    06:37:59.0676 3388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x119B4013, BlocksNum 0x1064AAE
    06:37:59.0676 3388 ============================================================
    06:37:59.0691 3388 C: <-> \Device\Harddisk0\DR0\Partition0
    06:37:59.0738 3388 D: <-> \Device\Harddisk0\DR0\Partition1
    06:37:59.0738 3388 ============================================================
    06:37:59.0738 3388 Initialize success
    06:37:59.0738 3388 ============================================================
  14. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    It's incomplete.
    Please try to run it again.
  15. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    04:06:55.0591 5772 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
    04:06:57.0806 5772 ============================================================
    04:06:57.0806 5772 Current date / time: 2012/05/16 04:06:57.0806
    04:06:57.0806 5772 SystemInfo:
    04:06:57.0806 5772
    04:06:57.0806 5772 OS Version: 6.0.6002 ServicePack: 2.0
    04:06:57.0806 5772 Product type: Workstation
    04:06:57.0806 5772 ComputerName: WILLIAM-PC
    04:06:57.0806 5772 UserName: William
    04:06:57.0806 5772 Windows directory: C:\Windows
    04:06:57.0806 5772 System windows directory: C:\Windows
    04:06:57.0806 5772 Processor architecture: Intel x86
    04:06:57.0806 5772 Number of processors: 2
    04:06:57.0806 5772 Page size: 0x1000
    04:06:57.0806 5772 Boot type: Normal boot
    04:06:57.0806 5772 ============================================================
    04:06:58.0960 5772 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    04:06:58.0960 5772 ============================================================
    04:06:58.0960 5772 \Device\Harddisk0\DR0:
    04:06:58.0960 5772 MBR partitions:
    04:06:58.0960 5772 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x119B3FD4
    04:06:58.0960 5772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x119B4013, BlocksNum 0x1064AAE
    04:06:58.0960 5772 ============================================================
    04:06:58.0976 5772 C: <-> \Device\Harddisk0\DR0\Partition0
    04:06:59.0023 5772 D: <-> \Device\Harddisk0\DR0\Partition1
    04:06:59.0023 5772 ============================================================
    04:06:59.0023 5772 Initialize success
    04:06:59.0023 5772 ============================================================
    04:07:00.0583 4232 ============================================================
    04:07:00.0583 4232 Scan started
    04:07:00.0583 4232 Mode: Manual;
    04:07:00.0583 4232 ============================================================
    04:07:02.0408 4232 a016mgmt - ok
    04:07:02.0408 4232 acermemusagecheckservice - ok
    04:07:02.0424 4232 aclient - ok
    04:07:02.0517 4232 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    04:07:02.0548 4232 ACPI - ok
    04:07:02.0564 4232 acprfmgrsvc - ok
    04:07:02.0564 4232 AcronisOSSReinstallSvc - ok
    04:07:02.0580 4232 AdobeActiveFileMonitor6.0 - ok
    04:07:02.0658 4232 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    04:07:02.0658 4232 AdobeFlashPlayerUpdateSvc - ok
    04:07:02.0704 4232 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
    04:07:02.0704 4232 adp94xx - ok
    04:07:02.0736 4232 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
    04:07:02.0782 4232 adpahci - ok
    04:07:02.0814 4232 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
    04:07:02.0814 4232 adpu160m - ok
    04:07:02.0829 4232 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
    04:07:02.0876 4232 adpu320 - ok
    04:07:02.0907 4232 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
    04:07:02.0907 4232 AeLookupSvc - ok
    04:07:02.0938 4232 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
    04:07:02.0954 4232 AFD - ok
    04:07:02.0954 4232 ageremodemaudio - ok
    04:07:02.0985 4232 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
    04:07:03.0016 4232 agp440 - ok
    04:07:03.0032 4232 agrsrvce - ok
    04:07:03.0048 4232 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    04:07:03.0079 4232 aic78xx - ok
    04:07:03.0079 4232 AKSIFDH - ok
    04:07:03.0110 4232 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
    04:07:03.0110 4232 ALG - ok
    04:07:03.0126 4232 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
    04:07:03.0141 4232 aliide - ok
    04:07:03.0172 4232 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
    04:07:03.0204 4232 amdagp - ok
    04:07:03.0219 4232 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
    04:07:03.0219 4232 amdide - ok
    04:07:03.0235 4232 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
    04:07:03.0266 4232 AmdK7 - ok
    04:07:03.0297 4232 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
    04:07:03.0297 4232 AmdK8 - ok
    04:07:03.0297 4232 Angel2 - ok
    04:07:03.0344 4232 AnyDVD (eb9a88895a822c13aa2bbc9dcd44280f) C:\Windows\system32\Drivers\AnyDVD.sys
    04:07:03.0375 4232 AnyDVD - ok
    04:07:03.0406 4232 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
    04:07:03.0406 4232 Appinfo - ok
    04:07:03.0422 4232 Appn - ok
    04:07:03.0453 4232 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
    04:07:03.0453 4232 arc - ok
    04:07:03.0469 4232 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
    04:07:03.0484 4232 arcsas - ok
    04:07:03.0484 4232 array_utility_service4,0,1,3 - ok
    04:07:03.0484 4232 artourservice - ok
    04:07:03.0500 4232 askernel - ok
    04:07:03.0516 4232 ASNDIS5 - ok
    04:07:03.0516 4232 aswrdr - ok
    04:07:03.0562 4232 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    04:07:03.0578 4232 AsyncMac - ok
    04:07:03.0578 4232 atalk - ok
    04:07:03.0609 4232 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    04:07:03.0609 4232 atapi - ok
    04:07:03.0625 4232 athr - ok
    04:07:03.0625 4232 atixsaudio - ok
    04:07:03.0640 4232 atkkeyboardservice - ok
    04:07:03.0640 4232 ATMsrvc - ok
    04:07:03.0656 4232 ATWPKT2 - ok
    04:07:03.0703 4232 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    04:07:03.0703 4232 AudioEndpointBuilder - ok
    04:07:03.0718 4232 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    04:07:03.0718 4232 Audiosrv - ok
    04:07:03.0734 4232 avg7rsw - ok
    04:07:03.0750 4232 axsaki - ok
    04:07:03.0750 4232 backupexecalertserver - ok
    04:07:03.0750 4232 bantext - ok
    04:07:03.0781 4232 BCM42RLY - ok
    04:07:03.0859 4232 BCM43XX (cdf7f28ffd693b1b4137845dd1ef1ccc) C:\Windows\system32\DRIVERS\bcmwl6.sys
    04:07:03.0874 4232 BCM43XX - ok
    04:07:03.0906 4232 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
    04:07:03.0906 4232 bcm4sbxp - ok
    04:07:03.0952 4232 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    04:07:03.0984 4232 Beep - ok
    04:07:04.0062 4232 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
    04:07:04.0062 4232 BFE - ok
    04:07:04.0124 4232 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
    04:07:04.0140 4232 BITS - ok
    04:07:04.0140 4232 blbdrive - ok
    04:07:04.0171 4232 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
    04:07:04.0202 4232 bowser - ok
    04:07:04.0233 4232 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    04:07:04.0233 4232 BrFiltLo - ok
    04:07:04.0249 4232 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    04:07:04.0249 4232 BrFiltUp - ok
    04:07:04.0264 4232 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
    04:07:04.0280 4232 Browser - ok
    04:07:04.0296 4232 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    04:07:04.0296 4232 Brserid - ok
    04:07:04.0311 4232 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    04:07:04.0311 4232 BrSerWdm - ok
    04:07:04.0327 4232 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    04:07:04.0327 4232 BrUsbMdm - ok
    04:07:04.0342 4232 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    04:07:04.0342 4232 BrUsbSer - ok
    04:07:04.0374 4232 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    04:07:04.0374 4232 BTHMODEM - ok
    04:07:04.0374 4232 bthusb - ok
    04:07:04.0389 4232 btnetfilter - ok
    04:07:04.0389 4232 BTSLBCSP - ok
    04:07:04.0405 4232 btwusb - ok
    04:07:04.0561 4232 catchme - ok
    04:07:04.0576 4232 ccflic0 - ok
    04:07:04.0717 4232 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    04:07:04.0764 4232 cdfs - ok
    04:07:04.0810 4232 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    04:07:04.0857 4232 cdrom - ok
    04:07:04.0857 4232 cebdaldr - ok
    04:07:04.0904 4232 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    04:07:04.0904 4232 CertPropSvc - ok
    04:07:04.0920 4232 cicssfs.scmmc223 - ok
    04:07:04.0951 4232 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
    04:07:04.0982 4232 circlass - ok
    04:07:05.0044 4232 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    04:07:05.0076 4232 CLFS - ok
    04:07:05.0138 4232 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    04:07:05.0138 4232 clr_optimization_v2.0.50727_32 - ok
    04:07:05.0216 4232 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    04:07:05.0232 4232 clr_optimization_v4.0.30319_32 - ok
    04:07:05.0247 4232 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    04:07:05.0247 4232 CmBatt - ok
    04:07:05.0278 4232 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
    04:07:05.0294 4232 cmdide - ok
    04:07:05.0325 4232 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    04:07:05.0325 4232 Compbatt - ok
    04:07:05.0341 4232 COMSysApp - ok
    04:07:05.0356 4232 cpucoolserver - ok
    04:07:05.0356 4232 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
    04:07:05.0372 4232 crcdisk - ok
    04:07:05.0388 4232 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
    04:07:05.0434 4232 Crusoe - ok
    04:07:05.0466 4232 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
    04:07:05.0466 4232 CryptSvc - ok
    04:07:05.0481 4232 ctljystk - ok
    04:07:05.0575 4232 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    04:07:05.0575 4232 DcomLaunch - ok
    04:07:05.0590 4232 defwatch - ok
    04:07:05.0622 4232 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
    04:07:05.0637 4232 DfsC - ok
    04:07:05.0762 4232 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
    04:07:05.0824 4232 DFSR - ok
    04:07:05.0934 4232 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
    04:07:05.0934 4232 Dhcp - ok
    04:07:05.0949 4232 digictrl - ok
    04:07:05.0965 4232 DirectUpdate - ok
    04:07:06.0027 4232 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    04:07:06.0043 4232 disk - ok
    04:07:06.0043 4232 dlba_device - ok
    04:07:06.0058 4232 dlcf_device - ok
    04:07:06.0074 4232 dmio - ok
    04:07:06.0074 4232 DNE - ok
    04:07:06.0121 4232 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
    04:07:06.0121 4232 Dnscache - ok
    04:07:06.0168 4232 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
    04:07:06.0168 4232 dot3svc - ok
    04:07:06.0214 4232 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
    04:07:06.0214 4232 DPS - ok
    04:07:06.0230 4232 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    04:07:06.0261 4232 drmkaud - ok
    04:07:06.0324 4232 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    04:07:06.0355 4232 DXGKrnl - ok
    04:07:06.0370 4232 e1express - ok
    04:07:06.0402 4232 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
    04:07:06.0402 4232 E1G60 - ok
    04:07:06.0417 4232 EACSvrMngr - ok
    04:07:06.0480 4232 eamonm (04cba07e73f152970fc34d66d3892e2a) C:\Windows\system32\DRIVERS\eamonm.sys
    04:07:06.0495 4232 eamonm - ok
    04:07:06.0542 4232 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
    04:07:06.0542 4232 EapHost - ok
    04:07:06.0589 4232 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    04:07:06.0589 4232 Ecache - ok
    04:07:06.0636 4232 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\Windows\system32\DRIVERS\ehdrv.sys
    04:07:06.0636 4232 ehdrv - ok
    04:07:06.0698 4232 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
    04:07:06.0729 4232 ehRecvr - ok
    04:07:06.0760 4232 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
    04:07:06.0760 4232 ehSched - ok
    04:07:06.0792 4232 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
    04:07:06.0807 4232 ehstart - ok
    04:07:06.0901 4232 EhttpSrv (68d91a34ce51cf15c45dd68f7f1257e8) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    04:07:06.0901 4232 EhttpSrv - ok
    04:07:06.0963 4232 ekrn (191d8eccc40f05b52fac0513f35ba01d) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    04:07:06.0979 4232 ekrn - ok
    04:07:07.0026 4232 EL2000 - ok
    04:07:07.0041 4232 el90xbc - ok
    04:07:07.0119 4232 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys
    04:07:07.0166 4232 ElbyCDIO - ok
    04:07:07.0228 4232 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
    04:07:07.0244 4232 elxstor - ok
    04:07:07.0291 4232 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
    04:07:07.0306 4232 EMDMgmt - ok
    04:07:07.0306 4232 emupia - ok
    04:07:07.0353 4232 epfw (73411c14a8c6062bb6a510772cf2f38c) C:\Windows\system32\DRIVERS\epfw.sys
    04:07:07.0353 4232 epfw - ok
    04:07:07.0369 4232 Epfwndis (490329bf80f333e788df9596a752a915) C:\Windows\system32\DRIVERS\Epfwndis.sys
    04:07:07.0369 4232 Epfwndis - ok
    04:07:07.0416 4232 epfwwfp (c62068dab6e2510fb231286d3da63dfa) C:\Windows\system32\DRIVERS\epfwwfp.sys
    04:07:07.0447 4232 epfwwfp - ok
    04:07:07.0447 4232 eskerlicensecontrol - ok
    04:07:07.0540 4232 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
    04:07:07.0540 4232 EventSystem - ok
    04:07:07.0587 4232 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    04:07:07.0650 4232 exfat - ok
    04:07:07.0665 4232 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    04:07:07.0696 4232 fastfat - ok
    04:07:07.0743 4232 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
    04:07:07.0774 4232 fdc - ok
    04:07:07.0806 4232 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
    04:07:07.0806 4232 fdPHost - ok
    04:07:07.0837 4232 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
    04:07:07.0837 4232 FDResPub - ok
    04:07:07.0884 4232 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    04:07:07.0930 4232 FileInfo - ok
    04:07:07.0946 4232 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    04:07:07.0962 4232 Filetrace - ok
    04:07:07.0977 4232 flashcom - ok
    04:07:08.0008 4232 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
    04:07:08.0008 4232 flpydisk - ok
    04:07:08.0040 4232 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    04:07:08.0102 4232 FltMgr - ok
    04:07:08.0164 4232 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
    04:07:08.0180 4232 FontCache - ok
    04:07:08.0274 4232 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    04:07:08.0274 4232 FontCache3.0.0.0 - ok
    04:07:08.0274 4232 freebsd - ok
    04:07:08.0289 4232 freepops - ok
    04:07:08.0305 4232 fshttps - ok
    04:07:08.0336 4232 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
    04:07:08.0352 4232 Fs_Rec - ok
    04:07:08.0398 4232 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
    04:07:08.0398 4232 gagp30kx - ok
    04:07:08.0398 4232 gearaspiwdm - ok
    04:07:08.0476 4232 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
    04:07:08.0476 4232 gpsvc - ok
    04:07:08.0492 4232 GTPTSER - ok
    04:07:08.0508 4232 GTSCSER - ok
    04:07:08.0617 4232 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
    04:07:08.0632 4232 gupdate - ok
    04:07:08.0648 4232 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
    04:07:08.0648 4232 gupdatem - ok
    04:07:08.0664 4232 gv3 - ok
    04:07:08.0664 4232 GV600_4 - ok
    04:07:08.0679 4232 harmony - ok
    04:07:08.0695 4232 haspnt - ok
    04:07:08.0710 4232 hclinetd - ok
    04:07:08.0742 4232 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
    04:07:08.0804 4232 HdAudAddService - ok
    04:07:08.0851 4232 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    04:07:08.0851 4232 HDAudBus - ok
    04:07:08.0866 4232 hibernation - ok
    04:07:08.0898 4232 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    04:07:08.0929 4232 HidBth - ok
    04:07:08.0944 4232 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    04:07:08.0976 4232 HidIr - ok
    04:07:09.0022 4232 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
    04:07:09.0022 4232 hidserv - ok
    04:07:09.0022 4232 HIDSwvd - ok
    04:07:09.0054 4232 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    04:07:09.0069 4232 HidUsb - ok
    04:07:09.0100 4232 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
    04:07:09.0100 4232 hkmsvc - ok
    04:07:09.0116 4232 hmonitor - ok
    04:07:09.0116 4232 Hotkey - ok
    04:07:09.0163 4232 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
    04:07:09.0194 4232 HpCISSs - ok
    04:07:09.0210 4232 HPFECP20 - ok
    04:07:09.0210 4232 hpqddsvc - ok
    04:07:09.0256 4232 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    04:07:09.0288 4232 HSFHWAZL - ok
    04:07:09.0303 4232 HSFHWICH - ok
    04:07:09.0303 4232 hsf_dp - ok
    04:07:09.0366 4232 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
    04:07:09.0381 4232 HSF_DPV - ok
    04:07:09.0428 4232 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    04:07:09.0444 4232 HTTP - ok
    04:07:09.0444 4232 https-admserv61 - ok
    04:07:09.0459 4232 hwpsgt - ok
    04:07:09.0490 4232 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
    04:07:09.0490 4232 i2omp - ok
    04:07:09.0522 4232 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    04:07:09.0537 4232 i8042prt - ok
    04:07:09.0553 4232 i81x - ok
    04:07:09.0553 4232 iaimfp1 - ok
    04:07:09.0584 4232 iAimTV5 - ok
    04:07:09.0600 4232 iap - ok
    04:07:09.0615 4232 iastor - ok
    04:07:09.0646 4232 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
    04:07:09.0646 4232 iaStorV - ok
    04:07:09.0662 4232 ibmcicstransactiongateway - ok
    04:07:10.0380 4232 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    04:07:10.0411 4232 idsvc - ok
    04:07:10.0442 4232 IFPUSB - ok
    04:07:10.0458 4232 ifxspmgtsrv - ok
    04:07:10.0458 4232 ifxtcs - ok
    04:07:10.0910 4232 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
    04:07:10.0926 4232 igfx - ok
    04:07:11.0050 4232 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    04:07:11.0082 4232 iirsp - ok
    04:07:11.0144 4232 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
    04:07:11.0144 4232 IKEEXT - ok
    04:07:11.0160 4232 ikhfile - ok
    04:07:11.0175 4232 iksyssec - ok
    04:07:11.0175 4232 imagesrv - ok
    04:07:11.0191 4232 incdfs - ok
    04:07:11.0206 4232 inorpc - ok
    04:07:11.0222 4232 inotask - ok
    04:07:11.0238 4232 ino_flpy - ok
    04:07:11.0269 4232 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    04:07:11.0269 4232 intelide - ok
    04:07:11.0300 4232 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    04:07:11.0300 4232 intelppm - ok
    04:07:11.0378 4232 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    04:07:11.0394 4232 IntuitUpdateServiceV4 - ok
    04:07:11.0394 4232 iPassP - ok
    04:07:11.0409 4232 iPassPeriodicUpdateApp - ok
    04:07:11.0425 4232 iPassPeriodicUpdateService - ok
    04:07:11.0472 4232 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
    04:07:11.0472 4232 IPBusEnum - ok
    04:07:11.0503 4232 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    04:07:11.0518 4232 IpFilterDriver - ok
    04:07:11.0565 4232 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
    04:07:11.0565 4232 iphlpsvc - ok
    04:07:11.0581 4232 IpInIp - ok
    04:07:11.0612 4232 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
    04:07:11.0612 4232 IPMIDRV - ok
    04:07:11.0643 4232 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    04:07:11.0674 4232 IPNAT - ok
    04:07:11.0690 4232 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    04:07:11.0706 4232 IRENUM - ok
    04:07:11.0706 4232 ISAMSvc - ok
    04:07:11.0721 4232 isapisearch - ok
    04:07:11.0752 4232 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
    04:07:11.0752 4232 isapnp - ok
    04:07:11.0799 4232 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    04:07:11.0815 4232 iScsiPrt - ok
    04:07:11.0846 4232 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    04:07:11.0877 4232 iteatapi - ok
    04:07:11.0924 4232 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    04:07:11.0971 4232 iteraid - ok
    04:07:12.0033 4232 iviaspi - ok
    04:07:12.0033 4232 iwebmsg - ok
    04:07:12.0049 4232 jaguar - ok
    04:07:12.0064 4232 Jukebox - ok
    04:07:12.0064 4232 k750mdfl - ok
    04:07:12.0080 4232 k750mdm - ok
    04:07:12.0376 4232 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    04:07:12.0423 4232 kbdclass - ok
    04:07:12.0501 4232 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
    04:07:12.0517 4232 kbdhid - ok
    04:07:12.0595 4232 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    04:07:12.0595 4232 KeyIso - ok
    04:07:12.0610 4232 klif - ok
    04:07:12.0673 4232 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
    04:07:12.0704 4232 KSecDD - ok
    04:07:12.0751 4232 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
    04:07:12.0798 4232 KtmRm - ok
    04:07:12.0829 4232 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
    04:07:12.0844 4232 LanmanServer - ok
    04:07:12.0876 4232 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
    04:07:12.0876 4232 LanmanWorkstation - ok
    04:07:12.0891 4232 license - ok
    04:07:12.0891 4232 licensemanagersocket - ok
    04:07:12.0907 4232 LKbdFlt2 - ok
    04:07:12.0922 4232 lktimesync - ok
    04:07:12.0954 4232 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    04:07:12.0969 4232 lltdio - ok
    04:07:13.0000 4232 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
    04:07:13.0016 4232 lltdsvc - ok
    04:07:13.0016 4232 lmab_device - ok
    04:07:13.0063 4232 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
    04:07:13.0063 4232 lmhosts - ok
    04:07:13.0078 4232 lockmgr - ok
    04:07:13.0078 4232 lp6nds35 - ok
    04:07:13.0110 4232 lpx - ok
    04:07:13.0156 4232 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
    04:07:13.0188 4232 LSI_FC - ok
    04:07:13.0203 4232 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
    04:07:13.0234 4232 LSI_SAS - ok
    04:07:13.0250 4232 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
    04:07:13.0266 4232 LSI_SCSI - ok
    04:07:13.0297 4232 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    04:07:13.0297 4232 luafv - ok
    04:07:13.0312 4232 lvprcsrv - ok
    04:07:13.0312 4232 LVRS - ok
    04:07:13.0328 4232 lxbs_device - ok
    04:07:13.0344 4232 lxbu_device - ok
    04:07:13.0344 4232 lxcj_device - ok
    04:07:13.0359 4232 lxrjd31d - ok
    04:07:13.0375 4232 MA8032U - ok
    04:07:13.0375 4232 mapserver6.3 - ok
    04:07:13.0390 4232 ma_cmidi_installerservice - ok
    04:07:13.0422 4232 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
    04:07:13.0437 4232 MBAMProtector - ok
    04:07:13.0546 4232 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    04:07:13.0562 4232 MBAMService - ok
    04:07:13.0562 4232 mcdbus - ok
    04:07:13.0578 4232 mcnasvc - ok
    04:07:13.0578 4232 mcsysmon - ok
    04:07:13.0593 4232 mctskshd.exe - ok
    04:07:13.0624 4232 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
    04:07:13.0640 4232 Mcx2Svc - ok
    04:07:13.0656 4232 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
    04:07:13.0687 4232 megasas - ok
    04:07:13.0687 4232 mfeavfk - ok
    04:07:13.0702 4232 mfehidk - ok
    04:07:13.0718 4232 mfesmfk - ok
    04:07:13.0718 4232 mks_scan - ok
    04:07:13.0749 4232 mlkkbdntdriver - ok
    04:07:13.0796 4232 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    04:07:13.0796 4232 MMCSS - ok
    04:07:13.0796 4232 MobilePreInstallerService - ok
    04:07:13.0827 4232 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    04:07:13.0843 4232 Modem - ok
    04:07:13.0858 4232 modemcsa - ok
    04:07:13.0858 4232 monfilt - ok
    04:07:13.0921 4232 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    04:07:13.0921 4232 monitor - ok
    04:07:13.0952 4232 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    04:07:13.0968 4232 mouclass - ok
    04:07:13.0999 4232 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    04:07:14.0030 4232 mouhid - ok
    04:07:14.0061 4232 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    04:07:14.0077 4232 MountMgr - ok
    04:07:14.0108 4232 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
    04:07:14.0108 4232 mpio - ok
    04:07:14.0139 4232 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    04:07:14.0186 4232 mpsdrv - ok
    04:07:14.0248 4232 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
    04:07:14.0248 4232 MpsSvc - ok
    04:07:14.0280 4232 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    04:07:14.0280 4232 Mraid35x - ok
    04:07:14.0342 4232 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    04:07:14.0420 4232 MRxDAV - ok
    04:07:14.0451 4232 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    04:07:14.0482 4232 mrxsmb - ok
    04:07:14.0529 4232 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    04:07:14.0560 4232 mrxsmb10 - ok
    04:07:14.0576 4232 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    04:07:14.0607 4232 mrxsmb20 - ok
    04:07:14.0638 4232 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
    04:07:14.0638 4232 msahci - ok
    04:07:14.0670 4232 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
    04:07:14.0716 4232 msdsm - ok
    04:07:14.0748 4232 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
    04:07:14.0763 4232 MSDTC - ok
    04:07:14.0794 4232 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    04:07:14.0826 4232 Msfs - ok
    04:07:14.0826 4232 msftpsvc - ok
    04:07:14.0841 4232 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    04:07:14.0857 4232 msisadrv - ok
    04:07:14.0904 4232 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
    04:07:14.0904 4232 MSiSCSI - ok
    04:07:14.0919 4232 msiserver - ok
    04:07:14.0997 4232 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    04:07:15.0028 4232 MSKSSRV - ok
    04:07:15.0060 4232 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    04:07:15.0091 4232 MSPCLOCK - ok
    04:07:15.0153 4232 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    04:07:15.0169 4232 MSPQM - ok
    04:07:15.0216 4232 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    04:07:15.0216 4232 MsRPC - ok
    04:07:15.0262 4232 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    04:07:15.0262 4232 mssmbios - ok
    04:07:15.0262 4232 mssql$sqlexpress - ok
    04:07:15.0278 4232 mssqlserverolapservice - ok
    04:07:15.0309 4232 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    04:07:15.0340 4232 MSTEE - ok
    04:07:15.0387 4232 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    04:07:15.0403 4232 Mup - ok
    04:07:15.0418 4232 mwspollserver - ok
    04:07:15.0418 4232 mwstick - ok
    04:07:15.0434 4232 mxnic - ok
    04:07:15.0450 4232 mysqlinventime - ok
    04:07:15.0512 4232 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
    04:07:15.0543 4232 napagent - ok
    04:07:15.0574 4232 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    04:07:15.0621 4232 NativeWifiP - ok
    04:07:15.0621 4232 nbservice - ok
    04:07:15.0637 4232 Ncrc710 - ok
    04:07:15.0730 4232 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    04:07:15.0777 4232 NDIS - ok
    04:07:15.0808 4232 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    04:07:15.0808 4232 NdisTapi - ok
    04:07:15.0824 4232 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    04:07:15.0855 4232 Ndisuio - ok
    04:07:15.0871 4232 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    04:07:15.0902 4232 NdisWan - ok
    04:07:15.0949 4232 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    04:07:15.0980 4232 NDProxy - ok
    04:07:16.0011 4232 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    04:07:16.0027 4232 NetBIOS - ok
    04:07:16.0074 4232 netbt (b3a0ca5e3dbbc1d817d4478b915ecbac) C:\Windows\system32\DRIVERS\netbt.sys
    04:07:16.0074 4232 netbt ( Virus.Win32.ZAccess.k ) - infected
    04:07:16.0074 4232 netbt - detected Virus.Win32.ZAccess.k (0)
    04:07:16.0105 4232 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    04:07:16.0105 4232 Netlogon - ok
    04:07:16.0120 4232 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
    04:07:16.0136 4232 Netman - ok
    04:07:16.0136 4232 netmdsb - ok
    04:07:16.0167 4232 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
    04:07:16.0183 4232 netprofm - ok
    04:07:16.0276 4232 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    04:07:16.0276 4232 NetTcpPortSharing - ok
    04:07:16.0292 4232 NETw3v32 - ok
    04:07:16.0308 4232 nfmservice - ok
    04:07:16.0354 4232 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    04:07:16.0370 4232 nfrd960 - ok
    04:07:16.0386 4232 nimcdfxk - ok
    04:07:16.0401 4232 nimcrpcsu - ok
    04:07:16.0401 4232 NIPALK - ok
    04:07:16.0417 4232 NITaggerService - ok
    04:07:16.0464 4232 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
    04:07:16.0464 4232 NlaSvc - ok
    04:07:16.0479 4232 nmsaccess - ok
    04:07:16.0495 4232 nmservice - ok
    04:07:16.0510 4232 nmwcdc - ok
    04:07:16.0526 4232 noipducservice - ok
    04:07:16.0557 4232 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    04:07:16.0573 4232 Npfs - ok
    04:07:16.0620 4232 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
    04:07:16.0620 4232 nsi - ok
    04:07:16.0635 4232 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    04:07:16.0666 4232 nsiproxy - ok
    04:07:16.0682 4232 NsTrcNT - ok
    04:07:16.0682 4232 ntcharge - ok
    04:07:16.0791 4232 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    04:07:16.0869 4232 Ntfs - ok
    04:07:16.0885 4232 NTIDrvr - ok
    04:07:16.0900 4232 ntmssvc - ok
    04:07:16.0900 4232 ntpr_nic_service2 - ok
    04:07:16.0932 4232 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    04:07:16.0963 4232 ntrigdigi - ok
    04:07:16.0994 4232 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
    04:07:17.0025 4232 NuidFltr - ok
    04:07:17.0056 4232 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    04:07:17.0088 4232 Null - ok
    04:07:17.0088 4232 nvcap - ok
    04:07:17.0103 4232 NVENET - ok
    04:07:17.0103 4232 nvmpu401 - ok
    04:07:17.0119 4232 NVR0Dev - ok
    04:07:17.0150 4232 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
    04:07:17.0181 4232 nvraid - ok
    04:07:17.0181 4232 nvsmu - ok
    04:07:17.0197 4232 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
    04:07:17.0228 4232 nvstor - ok
    04:07:17.0228 4232 nvstor32 - ok
    04:07:17.0244 4232 NVTCP - ok
    04:07:17.0259 4232 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
    04:07:17.0290 4232 nv_agp - ok
    04:07:17.0306 4232 NwlnkFlt - ok
    04:07:17.0322 4232 NwlnkFwd - ok
    04:07:17.0322 4232 nwlnkspx - ok
    04:07:17.0337 4232 NxSysMon - ok
    04:07:17.0368 4232 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
    04:07:17.0384 4232 ohci1394 - ok
    04:07:17.0384 4232 olapserver - ok
    04:07:17.0400 4232 omniusbl - ok
    04:07:17.0415 4232 omsad - ok
    04:07:17.0431 4232 ood2000 - ok
    04:07:17.0446 4232 openldap-slapd - ok
    04:07:17.0446 4232 openvpnservice - ok
    04:07:17.0462 4232 oracleorahomehttpserver - ok
    04:07:17.0478 4232 oraclewebassistant - ok
    04:07:17.0493 4232 oracle_load_balancer_60_client-forms6ip14 - ok
    04:07:17.0509 4232 oracle_load_balancer_60_client-forms6ip9 - ok
    04:07:17.0524 4232 outpostfirewall - ok
    04:07:17.0540 4232 ovsecurityserver - ok
    04:07:17.0556 4232 p2k - ok
    04:07:17.0618 4232 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    04:07:17.0665 4232 p2pimsvc - ok
    04:07:17.0665 4232 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    04:07:17.0680 4232 p2psvc - ok
    04:07:17.0680 4232 papycpu2 - ok
    04:07:17.0696 4232 papyjoy - ok
    04:07:17.0790 4232 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    04:07:17.0805 4232 Parport - ok
    04:07:17.0852 4232 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
    04:07:17.0868 4232 partmgr - ok
    04:07:17.0899 4232 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    04:07:17.0899 4232 Parvdm - ok
    04:07:17.0914 4232 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
    04:07:17.0930 4232 PcaSvc - ok
    04:07:17.0961 4232 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    04:07:17.0992 4232 pci - ok
    04:07:18.0008 4232 pcidump - ok
    04:07:18.0039 4232 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
    04:07:18.0039 4232 pciide - ok
    04:07:18.0086 4232 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    04:07:18.0133 4232 pcmcia - ok
  16. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    04:07:18.0133 4232 pcradminserver - ok
    04:07:18.0148 4232 Pctspk - ok
    04:07:18.0164 4232 PD0620VID - ok
    04:07:18.0164 4232 pdframe - ok
    04:07:18.0180 4232 pdlnatcm - ok
    04:07:18.0226 4232 pdlnsx25 - ok
    04:07:18.0226 4232 pduip6000dmemcrdmgr - ok
    04:07:18.0289 4232 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    04:07:18.0336 4232 PEAUTH - ok
    04:07:18.0351 4232 penrendezvous - ok
    04:07:18.0367 4232 perc2 - ok
    04:07:18.0398 4232 persfw - ok
    04:07:18.0414 4232 pfc - ok
    04:07:18.0429 4232 PGPdisk - ok
    04:07:18.0445 4232 PGPsdkDriver - ok
    04:07:18.0445 4232 picturetaker - ok
    04:07:18.0554 4232 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
    04:07:18.0601 4232 pla - ok
    04:07:18.0710 4232 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
    04:07:18.0710 4232 PlugPlay - ok
    04:07:18.0726 4232 pml - ok
    04:07:18.0804 4232 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    04:07:18.0804 4232 PNRPAutoReg - ok
    04:07:18.0819 4232 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    04:07:18.0819 4232 PNRPsvc - ok
    04:07:18.0866 4232 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
    04:07:18.0882 4232 PolicyAgent - ok
    04:07:18.0960 4232 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    04:07:18.0991 4232 PptpMiniport - ok
    04:07:18.0991 4232 prism_a02 - ok
    04:07:19.0038 4232 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
    04:07:19.0069 4232 Processor - ok
    04:07:19.0084 4232 procexp90 - ok
    04:07:19.0116 4232 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
    04:07:19.0131 4232 ProfSvc - ok
    04:07:19.0147 4232 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    04:07:19.0162 4232 ProtectedStorage - ok
    04:07:19.0162 4232 protexislicensing - ok
    04:07:19.0178 4232 proxyhostservice - ok
    04:07:19.0225 4232 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    04:07:19.0240 4232 PSched - ok
    04:07:19.0240 4232 PTDCBus - ok
    04:07:19.0256 4232 PTDCVsp - ok
    04:07:19.0272 4232 qbfcservice - ok
    04:07:19.0287 4232 qkbfiltr - ok
    04:07:19.0303 4232 ql1280 - ok
    04:07:19.0350 4232 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
    04:07:19.0396 4232 ql2300 - ok
    04:07:19.0443 4232 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    04:07:19.0443 4232 ql40xx - ok
    04:07:19.0443 4232 qmofiltr - ok
    04:07:19.0459 4232 queuemgr - ok
    04:07:19.0521 4232 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
    04:07:19.0537 4232 QWAVE - ok
    04:07:19.0568 4232 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    04:07:19.0599 4232 QWAVEdrv - ok
    04:07:19.0599 4232 ramaint - ok
    04:07:19.0646 4232 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    04:07:19.0646 4232 RasAcd - ok
    04:07:19.0693 4232 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
    04:07:19.0693 4232 RasAuto - ok
    04:07:19.0724 4232 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    04:07:19.0771 4232 Rasl2tp - ok
    04:07:19.0802 4232 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
    04:07:19.0818 4232 RasMan - ok
    04:07:19.0849 4232 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    04:07:19.0880 4232 RasPppoe - ok
    04:07:19.0911 4232 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    04:07:19.0942 4232 RasSstp - ok
    04:07:19.0942 4232 rca - ok
    04:07:19.0958 4232 rchost - ok
    04:07:20.0005 4232 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    04:07:20.0020 4232 rdbss - ok
    04:07:20.0020 4232 RDID1027 - ok
    04:07:20.0067 4232 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    04:07:20.0098 4232 RDPCDD - ok
    04:07:20.0457 4232 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
    04:07:20.0504 4232 rdpdr - ok
    04:07:20.0535 4232 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    04:07:20.0551 4232 RDPENCDD - ok
    04:07:20.0613 4232 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
    04:07:20.0644 4232 RDPWD - ok
    04:07:20.0660 4232 regspy - ok
    04:07:20.0738 4232 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
    04:07:20.0738 4232 RemoteAccess - ok
    04:07:20.0800 4232 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
    04:07:20.0800 4232 RemoteRegistry - ok
    04:07:20.0816 4232 RESMGR - ok
    04:07:20.0832 4232 retroexplauncher - ok
    04:07:20.0847 4232 rfcomm - ok
    04:07:20.0941 4232 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
    04:07:20.0941 4232 rimmptsk - ok
    04:07:20.0956 4232 rimsptsk (d7e09bc852684a7b1fc0f74fe090d45a) C:\Windows\system32\DRIVERS\rimsptsk.sys
    04:07:20.0956 4232 rimsptsk - ok
    04:07:20.0972 4232 rimusb - ok
    04:07:20.0988 4232 rimvserport - ok
    04:07:21.0003 4232 rismxdp (b0a7494a9ba7909efac64e05d3f160db) C:\Windows\system32\DRIVERS\rixdptsk.sys
    04:07:21.0003 4232 rismxdp - ok
    04:07:21.0019 4232 RMCAST - ok
    04:07:21.0034 4232 rnadiagnosticsservice - ok
    04:07:21.0050 4232 ROB_A - ok
    04:07:21.0066 4232 roxupnpserver - ok
    04:07:21.0097 4232 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
    04:07:21.0097 4232 RpcLocator - ok
    04:07:21.0159 4232 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    04:07:21.0159 4232 RpcSs - ok
    04:07:21.0175 4232 rppkt - ok
    04:07:21.0190 4232 RSAFAL - ok
    04:07:21.0222 4232 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    04:07:21.0237 4232 rspndr - ok
    04:07:21.0253 4232 rtl8139 - ok
    04:07:21.0268 4232 s116mdm - ok
    04:07:21.0268 4232 s125obex - ok
    04:07:21.0284 4232 s217mdm - ok
    04:07:21.0300 4232 s217nd5 - ok
    04:07:21.0315 4232 S3GIGP - ok
    04:07:21.0331 4232 s3ssavage - ok
    04:07:21.0331 4232 s616unic - ok
    04:07:21.0346 4232 s716nd5 - ok
    04:07:21.0362 4232 s7oppitx - ok
    04:07:21.0378 4232 s7otranx - ok
    04:07:21.0393 4232 SABSVC - ok
    04:07:21.0409 4232 SaiNtSub - ok
    04:07:21.0409 4232 SaiU040B - ok
    04:07:21.0502 4232 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    04:07:21.0502 4232 SamSs - ok
    04:07:21.0518 4232 sandboxu - ok
    04:07:21.0549 4232 sbhooksvc - ok
    04:07:21.0580 4232 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    04:07:21.0580 4232 sbp2port - ok
    04:07:21.0627 4232 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
    04:07:21.0643 4232 SCardSvr - ok
    04:07:21.0658 4232 ScFBPNT3 - ok
    04:07:21.0721 4232 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
    04:07:21.0721 4232 Schedule - ok
    04:07:21.0736 4232 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    04:07:21.0736 4232 SCPolicySvc - ok
    04:07:21.0752 4232 screadspool - ok
    04:07:21.0768 4232 scsk4 - ok
    04:07:21.0861 4232 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
    04:07:21.0892 4232 sdbus - ok
    04:07:21.0908 4232 sdcoreservice - ok
    04:07:21.0908 4232 SDdriver - ok
    04:07:21.0955 4232 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
    04:07:21.0970 4232 SDRSVC - ok
    04:07:21.0986 4232 SE26mgmt - ok
    04:07:22.0002 4232 se26unic - ok
    04:07:22.0002 4232 SE2Bmdfl - ok
    04:07:22.0017 4232 se2Bnd5 - ok
    04:07:22.0033 4232 se2Bunic - ok
    04:07:22.0048 4232 SE2Dbus - ok
    04:07:22.0064 4232 SE2Eobex - ok
    04:07:22.0080 4232 se44bus - ok
    04:07:22.0095 4232 se44nd5 - ok
    04:07:22.0111 4232 se45mgmt - ok
    04:07:22.0126 4232 se45nd5 - ok
    04:07:22.0142 4232 se58unic - ok
    04:07:22.0158 4232 se59nd5 - ok
    04:07:22.0189 4232 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    04:07:22.0220 4232 secdrv - ok
    04:07:22.0251 4232 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
    04:07:22.0251 4232 seclogon - ok
    04:07:22.0251 4232 SED133x - ok
    04:07:22.0282 4232 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
    04:07:22.0298 4232 SENS - ok
    04:07:22.0298 4232 sentinel - ok
    04:07:22.0314 4232 ser2pl - ok
    04:07:22.0345 4232 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    04:07:22.0345 4232 Serenum - ok
    04:07:22.0392 4232 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    04:07:22.0423 4232 Serial - ok
    04:07:22.0454 4232 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    04:07:22.0470 4232 sermouse - ok
    04:07:22.0485 4232 server - ok
    04:07:22.0563 4232 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
    04:07:22.0579 4232 SessionEnv - ok
    04:07:22.0594 4232 SetupSys - ok
    04:07:22.0641 4232 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
    04:07:22.0672 4232 sffdisk - ok
    04:07:22.0704 4232 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
    04:07:22.0704 4232 sffp_mmc - ok
    04:07:22.0735 4232 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
    04:07:22.0750 4232 sffp_sd - ok
    04:07:22.0782 4232 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    04:07:22.0813 4232 sfloppy - ok
    04:07:22.0828 4232 sglogplayer - ok
    04:07:22.0891 4232 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
    04:07:22.0906 4232 SharedAccess - ok
    04:07:22.0984 4232 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
    04:07:22.0984 4232 ShellHWDetection - ok
    04:07:23.0000 4232 sifilter - ok
    04:07:23.0031 4232 SimpTcp - ok
    04:07:23.0062 4232 sis315 - ok
    04:07:23.0109 4232 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
    04:07:23.0140 4232 sisagp - ok
    04:07:23.0156 4232 sisnic - ok
    04:07:23.0187 4232 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
    04:07:23.0187 4232 SiSRaid2 - ok
    04:07:23.0203 4232 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
    04:07:23.0203 4232 SiSRaid4 - ok
    04:07:23.0218 4232 slabbus - ok
    04:07:23.0234 4232 slabser - ok
    04:07:23.0250 4232 slee_503_service - ok
    04:07:23.0265 4232 Slntamr - ok
    04:07:23.0281 4232 Slpsvdr - ok
    04:07:23.0437 4232 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
    04:07:23.0468 4232 slsvc - ok
    04:07:23.0577 4232 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
    04:07:23.0577 4232 SLUINotify - ok
    04:07:23.0608 4232 smartwiservice - ok
    04:07:23.0671 4232 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    04:07:23.0671 4232 Smb - ok
    04:07:23.0671 4232 SMCB000 - ok
    04:07:23.0702 4232 smsmdd - ok
    04:07:23.0764 4232 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
    04:07:23.0764 4232 SNMPTRAP - ok
    04:07:23.0780 4232 snmptrapdservice - ok
    04:07:23.0796 4232 SNP2STD - ok
    04:07:23.0827 4232 sonytvc - ok
    04:07:23.0842 4232 spbbcsvc - ok
    04:07:23.0858 4232 spcsutilityservice - ok
    04:07:23.0874 4232 SPFDRV - ok
    04:07:23.0920 4232 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    04:07:23.0936 4232 spldr - ok
    04:07:23.0952 4232 splitter - ok
    04:07:23.0967 4232 spmd - ok
    04:07:23.0998 4232 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
    04:07:23.0998 4232 Spooler - ok
    04:07:24.0014 4232 sprtsvc_smartagent - ok
    04:07:24.0030 4232 SQLWriter - ok
    04:07:24.0045 4232 srescan - ok
    04:07:24.0061 4232 SRS_SSCFilter - ok
    04:07:24.0076 4232 SRTSP - ok
    04:07:24.0123 4232 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
    04:07:24.0170 4232 srv - ok
    04:07:24.0217 4232 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
    04:07:24.0232 4232 srv2 - ok
    04:07:24.0248 4232 srvdpi - ok
    04:07:24.0279 4232 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
    04:07:24.0279 4232 srvnet - ok
    04:07:24.0326 4232 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
    04:07:24.0342 4232 SSDPSRV - ok
    04:07:24.0357 4232 ssfs0509 - ok
    04:07:24.0373 4232 sshrmd - ok
    04:07:24.0373 4232 ssm_bus - ok
    04:07:24.0388 4232 ssm_mdm - ok
    04:07:24.0420 4232 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
    04:07:24.0420 4232 SstpSvc - ok
    04:07:24.0435 4232 ss_mdfl - ok
    04:07:24.0451 4232 stacsv - ok
    04:07:24.0498 4232 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
    04:07:24.0529 4232 stisvc - ok
    04:07:24.0544 4232 STV680 - ok
    04:07:24.0544 4232 STV680m - ok
    04:07:24.0560 4232 Subsonic - ok
    04:07:24.0576 4232 SunkFilt - ok
    04:07:24.0591 4232 SunkFilt39 - ok
    04:07:24.0607 4232 svv - ok
    04:07:24.0654 4232 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    04:07:24.0654 4232 swenum - ok
    04:07:24.0669 4232 SWMX00 - ok
    04:07:24.0685 4232 SWNC5E00 - ok
    04:07:24.0732 4232 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
    04:07:24.0747 4232 swprv - ok
    04:07:24.0763 4232 SWUMX51 - ok
    04:07:24.0810 4232 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    04:07:24.0841 4232 Symc8xx - ok
    04:07:24.0856 4232 symids - ok
    04:07:24.0872 4232 symmpi - ok
    04:07:24.0903 4232 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    04:07:24.0934 4232 Sym_hi - ok
    04:07:24.0966 4232 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    04:07:24.0981 4232 Sym_u3 - ok
    04:07:24.0997 4232 syntp - ok
    04:07:25.0044 4232 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
    04:07:25.0059 4232 SysMain - ok
    04:07:25.0106 4232 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
    04:07:25.0122 4232 TabletInputService - ok
    04:07:25.0122 4232 tandpl - ok
    04:07:25.0137 4232 tapeware - ok
    04:07:25.0200 4232 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
    04:07:25.0215 4232 TapiSrv - ok
    04:07:25.0231 4232 tavsvc - ok
    04:07:25.0246 4232 tbhsd - ok
    04:07:25.0293 4232 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
    04:07:25.0309 4232 TBS - ok
    04:07:25.0387 4232 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
    04:07:25.0480 4232 Tcpip - ok
    04:07:25.0527 4232 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
    04:07:25.0527 4232 Tcpip6 - ok
    04:07:25.0605 4232 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
    04:07:25.0652 4232 tcpipreg - ok
    04:07:25.0683 4232 tcsd_win32.exe - ok
    04:07:25.0699 4232 tdimsys - ok
    04:07:25.0730 4232 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    04:07:25.0761 4232 TDPIPE - ok
    04:07:25.0792 4232 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    04:07:25.0824 4232 TDTCP - ok
    04:07:25.0870 4232 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    04:07:25.0886 4232 tdx - ok
    04:07:25.0964 4232 TeamViewer4 (392e619012f752d071910917e9307cc9) C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
    04:07:25.0980 4232 TeamViewer4 - ok
    04:07:25.0995 4232 telnet - ok
    04:07:26.0104 4232 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    04:07:26.0104 4232 TermDD - ok
    04:07:26.0292 4232 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
    04:07:26.0307 4232 TermService - ok
    04:07:26.0323 4232 tfsnudf - ok
    04:07:26.0338 4232 tgsrvc_smartagent - ok
    04:07:26.0385 4232 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
    04:07:26.0385 4232 Themes - ok
    04:07:26.0432 4232 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    04:07:26.0432 4232 THREADORDER - ok
    04:07:26.0448 4232 timounter - ok
    04:07:26.0463 4232 TMKEmu - ok
    04:07:26.0479 4232 tmmbd - ok
    04:07:26.0494 4232 tmtdi - ok
    04:07:26.0510 4232 TNaviSrv - ok
    04:07:26.0526 4232 tng-dts - ok
    04:07:26.0541 4232 TOSHIBASoftModem - ok
    04:07:26.0557 4232 tosrfnds - ok
    04:07:26.0588 4232 tosrfsnd - ok
    04:07:26.0604 4232 trackcam4 - ok
    04:07:26.0619 4232 transarcafsdaemon - ok
    04:07:26.0635 4232 trioservice - ok
    04:07:26.0744 4232 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
    04:07:26.0744 4232 TrkWks - ok
    04:07:26.0822 4232 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
    04:07:26.0822 4232 TrustedInstaller - ok
    04:07:26.0853 4232 tsdhd - ok
    04:07:26.0869 4232 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    04:07:26.0900 4232 tssecsrv - ok
    04:07:26.0900 4232 TuneUp.Defrag - ok
    04:07:26.0947 4232 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    04:07:26.0962 4232 tunmp - ok
    04:07:26.0994 4232 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    04:07:27.0025 4232 tunnel - ok
    04:07:27.0040 4232 TVALG - ok
    04:07:27.0056 4232 tvs - ok
    04:07:27.0087 4232 U81xobex - ok
    04:07:27.0134 4232 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
    04:07:27.0134 4232 uagp35 - ok
    04:07:27.0150 4232 uclauncherservice - ok
    04:07:27.0196 4232 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    04:07:27.0243 4232 udfs - ok
    04:07:27.0306 4232 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
    04:07:27.0306 4232 UI0Detect - ok
    04:07:27.0321 4232 uleadburninghelper - ok
    04:07:27.0352 4232 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
    04:07:27.0384 4232 uliagpkx - ok
    04:07:27.0415 4232 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
    04:07:27.0430 4232 uliahci - ok
    04:07:27.0462 4232 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    04:07:27.0477 4232 UlSata - ok
    04:07:27.0508 4232 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    04:07:27.0540 4232 ulsata2 - ok
    04:07:27.0571 4232 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    04:07:27.0571 4232 umbus - ok
    04:07:27.0586 4232 UMPass - ok
    04:07:27.0602 4232 UNDPX2A - ok
    04:07:27.0618 4232 UpdateCenterService - ok
    04:07:27.0633 4232 uploadmgr - ok
    04:07:27.0680 4232 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
    04:07:27.0680 4232 upnphost - ok
    04:07:27.0696 4232 upsmonservice - ok
    04:07:27.0711 4232 us30service - ok
    04:07:27.0742 4232 USB11LDR - ok
    04:07:27.0758 4232 usb20l - ok
    04:07:27.0805 4232 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    04:07:27.0836 4232 usbccgp - ok
    04:07:27.0883 4232 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    04:07:27.0898 4232 usbcir - ok
    04:07:27.0930 4232 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    04:07:27.0961 4232 usbehci - ok
    04:07:27.0976 4232 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    04:07:28.0023 4232 usbhub - ok
    04:07:28.0054 4232 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
    04:07:28.0070 4232 usbohci - ok
    04:07:28.0101 4232 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    04:07:28.0117 4232 usbprint - ok
    04:07:28.0164 4232 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    04:07:28.0195 4232 usbscan - ok
    04:07:28.0226 4232 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    04:07:28.0257 4232 USBSTOR - ok
    04:07:28.0288 4232 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    04:07:28.0320 4232 usbuhci - ok
    04:07:28.0335 4232 USB_RNDIS - ok
    04:07:28.0335 4232 USB_RNDIS_XP - ok
    04:07:28.0366 4232 useraccess7 - ok
    04:07:28.0382 4232 UVCFTR - ok
    04:07:28.0398 4232 UWProSys - ok
    04:07:28.0429 4232 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
    04:07:28.0444 4232 UxSms - ok
    04:07:28.0444 4232 UxTuneUp - ok
    04:07:28.0476 4232 VAIOMediaPlatform-MusicServer-HTTP - ok
    04:07:28.0491 4232 vc5secs - ok
    04:07:28.0507 4232 vcommmgr - ok
    04:07:28.0554 4232 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
    04:07:28.0585 4232 vds - ok
    04:07:28.0600 4232 vetmsgnt - ok
    04:07:28.0647 4232 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
    04:07:28.0663 4232 vga - ok
    04:07:28.0710 4232 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    04:07:28.0741 4232 VgaSave - ok
    04:07:28.0756 4232 Via4in1 - ok
    04:07:28.0788 4232 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
    04:07:28.0803 4232 viaagp - ok
    04:07:28.0819 4232 viaagp1 - ok
    04:07:28.0866 4232 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
    04:07:28.0866 4232 ViaC7 - ok
    04:07:28.0881 4232 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
    04:07:28.0912 4232 viaide - ok
    04:07:28.0928 4232 VICESYS - ok
    04:07:28.0944 4232 vncdrv - ok
    04:07:28.0959 4232 VNUSB - ok
    04:07:29.0022 4232 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    04:07:29.0022 4232 volmgr - ok
    04:07:29.0068 4232 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    04:07:29.0131 4232 volmgrx - ok
    04:07:29.0162 4232 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    04:07:29.0193 4232 volsnap - ok
    04:07:29.0209 4232 vsapint - ok
    04:07:29.0224 4232 vsdatant - ok
    04:07:29.0271 4232 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
    04:07:29.0302 4232 vsmraid - ok
    04:07:29.0380 4232 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
    04:07:29.0396 4232 VSS - ok
    04:07:29.0412 4232 vvoice - ok
    04:07:29.0427 4232 VX3000 - ok
    04:07:29.0443 4232 vzcdbsvc - ok
    04:07:29.0458 4232 w200bus - ok
    04:07:29.0521 4232 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
    04:07:29.0521 4232 W32Time - ok
    04:07:29.0552 4232 W55U01 - ok
    04:07:29.0568 4232 w800mdfl - ok
    04:07:29.0599 4232 w800mdm - ok
    04:07:29.0661 4232 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    04:07:29.0692 4232 WacomPen - ok
    04:07:29.0708 4232 wampmysqld - ok
    04:07:29.0755 4232 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    04:07:29.0755 4232 Wanarp - ok
    04:07:29.0770 4232 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    04:07:29.0770 4232 Wanarpv6 - ok
    04:07:29.0786 4232 WaveFDE - ok
    04:07:29.0802 4232 WBHWDOCT - ok
    04:07:29.0848 4232 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
    04:07:29.0880 4232 wcncsvc - ok
    04:07:29.0926 4232 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
    04:07:29.0926 4232 WcsPlugInService - ok
    04:07:29.0958 4232 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
    04:07:29.0973 4232 Wd - ok
    04:07:30.0036 4232 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    04:07:30.0145 4232 Wdf01000 - ok
    04:07:30.0160 4232 wdica - ok
    04:07:30.0207 4232 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    04:07:30.0207 4232 WdiServiceHost - ok
    04:07:30.0223 4232 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    04:07:30.0223 4232 WdiSystemHost - ok
    04:07:30.0254 4232 WD_FireWire_HID - ok
    04:07:30.0316 4232 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
    04:07:30.0332 4232 WebClient - ok
    04:07:30.0348 4232 webdriveservice - ok
    04:07:30.0363 4232 webrootenterpriseclientservice - ok
    04:07:30.0426 4232 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
    04:07:30.0426 4232 Wecsvc - ok
    04:07:30.0488 4232 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
    04:07:30.0488 4232 wercplsupport - ok
    04:07:30.0535 4232 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
    04:07:30.0535 4232 WerSvc - ok
    04:07:30.0550 4232 wg111nd5 - ok
    04:07:30.0566 4232 win32sl - ok
    04:07:30.0644 4232 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
    04:07:30.0660 4232 winachsf - ok
    04:07:30.0769 4232 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
    04:07:30.0769 4232 WinDefend - ok
    04:07:30.0800 4232 WinHttpAutoProxySvc - ok
    04:07:30.0894 4232 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
    04:07:30.0894 4232 Winmgmt - ok
    04:07:30.0909 4232 winpower - ok
    04:07:30.0925 4232 winpowerrmi - ok
    04:07:30.0940 4232 winpppoverethernet - ok
    04:07:31.0034 4232 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
    04:07:31.0096 4232 WinRM - ok
    04:07:31.0143 4232 wintab32 - ok
    04:07:31.0159 4232 WinVd32 - ok
    04:07:31.0221 4232 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
    04:07:31.0221 4232 Wlansvc - ok
    04:07:31.0252 4232 wlluc48 - ok
    04:07:31.0268 4232 wlluc48b - ok
    04:07:31.0284 4232 wltrysvc - ok
    04:07:31.0299 4232 wm - ok
    04:07:31.0330 4232 wmdmpmsp - ok
    04:07:31.0346 4232 wmi - ok
    04:07:31.0424 4232 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    04:07:31.0455 4232 WmiAcpi - ok
    04:07:31.0549 4232 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
    04:07:31.0564 4232 wmiApSrv - ok
    04:07:31.0705 4232 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
    04:07:31.0720 4232 WMPNetworkSvc - ok
    04:07:31.0767 4232 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
    04:07:31.0783 4232 WPCSvc - ok
    04:07:31.0830 4232 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
    04:07:31.0830 4232 WPDBusEnum - ok
    04:07:31.0892 4232 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    04:07:31.0923 4232 WpdUsb - ok
    04:07:32.0048 4232 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    04:07:32.0110 4232 WPFFontCache_v0400 - ok
    04:07:32.0142 4232 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    04:07:32.0157 4232 ws2ifsl - ok
    04:07:32.0220 4232 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
    04:07:32.0220 4232 wscsvc - ok
    04:07:32.0235 4232 WSearch - ok
    04:07:32.0360 4232 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
    04:07:32.0376 4232 wuauserv - ok
    04:07:32.0516 4232 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    04:07:32.0532 4232 WUDFRd - ok
    04:07:32.0563 4232 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
    04:07:32.0578 4232 wudfsvc - ok
    04:07:32.0594 4232 wuolservice - ok
    04:07:32.0610 4232 WUSB54GPV4SRV - ok
    04:07:32.0641 4232 z800mgmt - ok
    04:07:32.0656 4232 z800obex - ok
    04:07:32.0672 4232 zebrbus - ok
    04:07:32.0688 4232 zpsc - ok
    04:07:32.0719 4232 {95808DC4-FA4A-4c74-92FE-5B863F82066B} - ok
    04:07:32.0734 4232 {a7447300-8075-4b0d-83f1-3d75c8ebc623} - ok
    04:07:32.0812 4232 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    04:07:32.0844 4232 \Device\Harddisk0\DR0 - ok
    04:07:32.0844 4232 Boot (0x1200) (3f21510acf7eac540a7a1c69083c2ce0) \Device\Harddisk0\DR0\Partition0
    04:07:32.0844 4232 \Device\Harddisk0\DR0\Partition0 - ok
    04:07:32.0859 4232 Boot (0x1200) (9f3edab57323961243649d12d8a28921) \Device\Harddisk0\DR0\Partition1
    04:07:32.0859 4232 \Device\Harddisk0\DR0\Partition1 - ok
    04:07:32.0859 4232 ============================================================
    04:07:32.0859 4232 Scan finished
    04:07:32.0859 4232 ============================================================
    04:07:32.0875 4488 Detected object count: 1
    04:07:32.0875 4488 Actual detected object count: 1
    04:07:43.0764 4488 C:\Windows\system32\DRIVERS\netbt.sys - copied to quarantine
    04:07:45.0090 4488 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\netbt.sys) error 1813
    04:07:49.0130 4488 Backup copy found, using it..
    04:07:49.0192 4488 C:\Windows\system32\DRIVERS\netbt.sys - will be cured on reboot
    04:07:51.0782 4488 netbt ( Virus.Win32.ZAccess.k ) - User select action: Cure
    04:07:57.0913 3376 Deinitialize success
  17. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Very well :)

    Re-run Combofix one more time.
  18. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    the above 2 post are from a log file I found after the rerun but was dated earlier ! probably the original scan log ! sorry!

    the next 2 post are from the rerun of scan!

    13:46:09.0026 0872 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
    13:46:09.0390 0872 ============================================================
    13:46:09.0390 0872 Current date / time: 2012/05/16 13:46:09.0390
    13:46:09.0390 0872 SystemInfo:
    13:46:09.0390 0872
    13:46:09.0390 0872 OS Version: 6.0.6002 ServicePack: 2.0
    13:46:09.0390 0872 Product type: Workstation
    13:46:09.0390 0872 ComputerName: WILLIAM-PC
    13:46:09.0391 0872 UserName: William
    13:46:09.0391 0872 Windows directory: C:\Windows
    13:46:09.0391 0872 System windows directory: C:\Windows
    13:46:09.0391 0872 Processor architecture: Intel x86
    13:46:09.0391 0872 Number of processors: 2
    13:46:09.0391 0872 Page size: 0x1000
    13:46:09.0391 0872 Boot type: Normal boot
    13:46:09.0391 0872 ============================================================
    13:46:10.0326 0872 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    13:46:10.0329 0872 ============================================================
    13:46:10.0329 0872 \Device\Harddisk0\DR0:
    13:46:10.0329 0872 MBR partitions:
    13:46:10.0329 0872 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x119B3FD4
    13:46:10.0329 0872 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x119B4013, BlocksNum 0x1064AAE
    13:46:10.0329 0872 ============================================================
    13:46:10.0350 0872 C: <-> \Device\Harddisk0\DR0\Partition0
    13:46:10.0397 0872 D: <-> \Device\Harddisk0\DR0\Partition1
    13:46:10.0397 0872 ============================================================
    13:46:10.0397 0872 Initialize success
    13:46:10.0397 0872 ============================================================
    13:46:11.0865 2320 ============================================================
    13:46:11.0865 2320 Scan started
    13:46:11.0865 2320 Mode: Manual;
    13:46:11.0865 2320 ============================================================
    13:46:13.0255 2320 70080763 - ok
    13:46:13.0270 2320 a016mgmt - ok
    13:46:13.0278 2320 acermemusagecheckservice - ok
    13:46:13.0302 2320 aclient - ok
    13:46:13.0365 2320 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    13:46:13.0374 2320 ACPI - ok
    13:46:13.0383 2320 acprfmgrsvc - ok
    13:46:13.0392 2320 AcronisOSSReinstallSvc - ok
    13:46:13.0414 2320 AdobeActiveFileMonitor6.0 - ok
    13:46:13.0738 2320 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    13:46:13.0742 2320 AdobeFlashPlayerUpdateSvc - ok
    13:46:13.0810 2320 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
    13:46:13.0857 2320 adp94xx - ok
    13:46:13.0895 2320 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
    13:46:13.0977 2320 adpahci - ok
    13:46:14.0005 2320 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
    13:46:14.0050 2320 adpu160m - ok
    13:46:14.0075 2320 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
    13:46:14.0150 2320 adpu320 - ok
    13:46:14.0193 2320 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
    13:46:14.0195 2320 AeLookupSvc - ok
    13:46:14.0227 2320 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
    13:46:14.0249 2320 AFD - ok
    13:46:14.0253 2320 ageremodemaudio - ok
    13:46:14.0296 2320 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
    13:46:14.0334 2320 agp440 - ok
    13:46:14.0362 2320 agrsrvce - ok
    13:46:14.0403 2320 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    13:46:14.0424 2320 aic78xx - ok
    13:46:14.0428 2320 AKSIFDH - ok
    13:46:14.0471 2320 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
    13:46:14.0474 2320 ALG - ok
    13:46:14.0500 2320 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
    13:46:14.0520 2320 aliide - ok
    13:46:14.0551 2320 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
    13:46:14.0589 2320 amdagp - ok
    13:46:14.0622 2320 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
    13:46:14.0642 2320 amdide - ok
    13:46:14.0667 2320 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
    13:46:14.0704 2320 AmdK7 - ok
    13:46:14.0730 2320 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
    13:46:14.0751 2320 AmdK8 - ok
    13:46:14.0760 2320 Angel2 - ok
    13:46:14.0804 2320 AnyDVD (eb9a88895a822c13aa2bbc9dcd44280f) C:\Windows\system32\Drivers\AnyDVD.sys
    13:46:14.0825 2320 AnyDVD - ok
    13:46:14.0863 2320 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
    13:46:14.0865 2320 Appinfo - ok
    13:46:14.0885 2320 Appn - ok
    13:46:14.0937 2320 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
    13:46:14.0976 2320 arc - ok
    13:46:15.0004 2320 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
    13:46:15.0042 2320 arcsas - ok
    13:46:15.0047 2320 array_utility_service4,0,1,3 - ok
    13:46:15.0055 2320 artourservice - ok
    13:46:15.0079 2320 askernel - ok
    13:46:15.0086 2320 ASNDIS5 - ok
    13:46:15.0105 2320 aswrdr - ok
    13:46:15.0139 2320 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    13:46:15.0159 2320 AsyncMac - ok
    13:46:15.0165 2320 atalk - ok
    13:46:15.0207 2320 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    13:46:15.0208 2320 atapi - ok
    13:46:15.0212 2320 athr - ok
    13:46:15.0224 2320 atixsaudio - ok
    13:46:15.0235 2320 atkkeyboardservice - ok
    13:46:15.0245 2320 ATMsrvc - ok
    13:46:15.0253 2320 ATWPKT2 - ok
    13:46:15.0296 2320 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    13:46:15.0301 2320 AudioEndpointBuilder - ok
    13:46:15.0307 2320 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    13:46:15.0311 2320 Audiosrv - ok
    13:46:15.0325 2320 avg7rsw - ok
    13:46:15.0342 2320 axsaki - ok
    13:46:15.0350 2320 backupexecalertserver - ok
    13:46:15.0357 2320 bantext - ok
    13:46:15.0377 2320 BCM42RLY - ok
    13:46:15.0447 2320 BCM43XX (cdf7f28ffd693b1b4137845dd1ef1ccc) C:\Windows\system32\DRIVERS\bcmwl6.sys
    13:46:15.0483 2320 BCM43XX - ok
    13:46:15.0516 2320 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
    13:46:15.0557 2320 bcm4sbxp - ok
    13:46:15.0609 2320 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    13:46:15.0630 2320 Beep - ok
    13:46:15.0722 2320 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
    13:46:15.0727 2320 BFE - ok
    13:46:15.0790 2320 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
    13:46:15.0800 2320 BITS - ok
    13:46:15.0805 2320 blbdrive - ok
    13:46:15.0836 2320 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
    13:46:15.0875 2320 bowser - ok
    13:46:15.0901 2320 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    13:46:15.0904 2320 BrFiltLo - ok
    13:46:15.0917 2320 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    13:46:15.0919 2320 BrFiltUp - ok
    13:46:15.0941 2320 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
    13:46:15.0944 2320 Browser - ok
    13:46:15.0963 2320 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    13:46:15.0967 2320 Brserid - ok
    13:46:15.0986 2320 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    13:46:15.0989 2320 BrSerWdm - ok
    13:46:16.0009 2320 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    13:46:16.0011 2320 BrUsbMdm - ok
    13:46:16.0027 2320 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    13:46:16.0030 2320 BrUsbSer - ok
    13:46:16.0052 2320 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    13:46:16.0072 2320 BTHMODEM - ok
    13:46:16.0083 2320 bthusb - ok
    13:46:16.0090 2320 btnetfilter - ok
    13:46:16.0099 2320 BTSLBCSP - ok
    13:46:16.0114 2320 btwusb - ok
    13:46:16.0246 2320 catchme - ok
    13:46:16.0260 2320 ccflic0 - ok
    13:46:16.0315 2320 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    13:46:16.0336 2320 cdfs - ok
    13:46:16.0386 2320 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    13:46:16.0424 2320 cdrom - ok
    13:46:16.0429 2320 cebdaldr - ok
    13:46:16.0490 2320 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    13:46:16.0492 2320 CertPropSvc - ok
    13:46:16.0497 2320 cicssfs.scmmc223 - ok
    13:46:16.0528 2320 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
    13:46:16.0565 2320 circlass - ok
    13:46:16.0606 2320 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    13:46:16.0613 2320 CLFS - ok
    13:46:16.0690 2320 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    13:46:16.0694 2320 clr_optimization_v2.0.50727_32 - ok
    13:46:16.0763 2320 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    13:46:16.0766 2320 clr_optimization_v4.0.30319_32 - ok
    13:46:16.0800 2320 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    13:46:16.0802 2320 CmBatt - ok
    13:46:16.0827 2320 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
    13:46:16.0849 2320 cmdide - ok
    13:46:16.0890 2320 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    13:46:16.0893 2320 Compbatt - ok
    13:46:16.0899 2320 COMSysApp - ok
    13:46:16.0915 2320 cpucoolserver - ok
    13:46:16.0926 2320 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
    13:46:16.0956 2320 crcdisk - ok
    13:46:16.0977 2320 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
    13:46:17.0021 2320 Crusoe - ok
    13:46:17.0064 2320 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
    13:46:17.0067 2320 CryptSvc - ok
    13:46:17.0072 2320 ctljystk - ok
    13:46:17.0157 2320 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    13:46:17.0163 2320 DcomLaunch - ok
    13:46:17.0169 2320 defwatch - ok
    13:46:17.0204 2320 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
    13:46:17.0224 2320 DfsC - ok
    13:46:17.0346 2320 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
    13:46:17.0368 2320 DFSR - ok
    13:46:17.0484 2320 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
    13:46:17.0486 2320 Dhcp - ok
    13:46:17.0493 2320 digictrl - ok
    13:46:17.0523 2320 DirectUpdate - ok
    13:46:17.0596 2320 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    13:46:17.0621 2320 disk - ok
    13:46:17.0636 2320 dlba_device - ok
    13:46:17.0651 2320 dlcf_device - ok
    13:46:17.0666 2320 dmio - ok
    13:46:17.0676 2320 DNE - ok
    13:46:17.0708 2320 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
    13:46:17.0712 2320 Dnscache - ok
    13:46:17.0756 2320 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
    13:46:17.0760 2320 dot3svc - ok
    13:46:17.0793 2320 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
    13:46:17.0797 2320 DPS - ok
    13:46:17.0821 2320 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    13:46:17.0840 2320 drmkaud - ok
    13:46:17.0917 2320 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    13:46:17.0924 2320 DXGKrnl - ok
    13:46:17.0930 2320 e1express - ok
    13:46:17.0969 2320 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
    13:46:18.0007 2320 E1G60 - ok
    13:46:18.0012 2320 EACSvrMngr - ok
    13:46:18.0072 2320 eamonm (04cba07e73f152970fc34d66d3892e2a) C:\Windows\system32\DRIVERS\eamonm.sys
    13:46:18.0094 2320 eamonm - ok
    13:46:18.0136 2320 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
    13:46:18.0139 2320 EapHost - ok
    13:46:18.0181 2320 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    13:46:18.0186 2320 Ecache - ok
    13:46:18.0209 2320 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\Windows\system32\DRIVERS\ehdrv.sys
    13:46:18.0233 2320 ehdrv - ok
    13:46:18.0305 2320 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
    13:46:18.0311 2320 ehRecvr - ok
    13:46:18.0343 2320 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
    13:46:18.0348 2320 ehSched - ok
    13:46:18.0381 2320 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
    13:46:18.0384 2320 ehstart - ok
    13:46:18.0477 2320 EhttpSrv (68d91a34ce51cf15c45dd68f7f1257e8) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
    13:46:18.0483 2320 EhttpSrv - ok
    13:46:18.0545 2320 ekrn (191d8eccc40f05b52fac0513f35ba01d) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    13:46:18.0556 2320 ekrn - ok
    13:46:18.0609 2320 EL2000 - ok
    13:46:18.0624 2320 el90xbc - ok
    13:46:18.0710 2320 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys
    13:46:18.0770 2320 ElbyCDIO - ok
    13:46:18.0883 2320 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
    13:46:18.0924 2320 elxstor - ok
    13:46:18.0977 2320 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
    13:46:18.0984 2320 EMDMgmt - ok
    13:46:18.0993 2320 emupia - ok
    13:46:19.0033 2320 epfw (73411c14a8c6062bb6a510772cf2f38c) C:\Windows\system32\DRIVERS\epfw.sys
    13:46:19.0037 2320 epfw - ok
    13:46:19.0056 2320 Epfwndis (490329bf80f333e788df9596a752a915) C:\Windows\system32\DRIVERS\Epfwndis.sys
    13:46:19.0093 2320 Epfwndis - ok
    13:46:19.0143 2320 epfwwfp (c62068dab6e2510fb231286d3da63dfa) C:\Windows\system32\DRIVERS\epfwwfp.sys
    13:46:19.0164 2320 epfwwfp - ok
    13:46:19.0173 2320 eskerlicensecontrol - ok
    13:46:19.0243 2320 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
    13:46:19.0246 2320 EventSystem - ok
    13:46:19.0283 2320 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    13:46:19.0325 2320 exfat - ok
    13:46:19.0362 2320 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    13:46:19.0383 2320 fastfat - ok
    13:46:19.0420 2320 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
    13:46:19.0458 2320 fdc - ok
    13:46:19.0488 2320 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
    13:46:19.0490 2320 fdPHost - ok
    13:46:19.0522 2320 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
    13:46:19.0525 2320 FDResPub - ok
    13:46:19.0579 2320 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    13:46:19.0617 2320 FileInfo - ok
    13:46:19.0638 2320 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    13:46:19.0658 2320 Filetrace - ok
    13:46:19.0665 2320 flashcom - ok
    13:46:19.0697 2320 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
    13:46:19.0718 2320 flpydisk - ok
    13:46:19.0752 2320 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    13:46:19.0791 2320 FltMgr - ok
    13:46:19.0857 2320 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
    13:46:19.0866 2320 FontCache - ok
    13:46:19.0962 2320 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    13:46:19.0964 2320 FontCache3.0.0.0 - ok
    13:46:19.0974 2320 freebsd - ok
    13:46:19.0982 2320 freepops - ok
    13:46:19.0991 2320 fshttps - ok
    13:46:20.0023 2320 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
    13:46:20.0043 2320 Fs_Rec - ok
    13:46:20.0085 2320 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
    13:46:20.0106 2320 gagp30kx - ok
    13:46:20.0116 2320 gearaspiwdm - ok
    13:46:20.0192 2320 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
    13:46:20.0198 2320 gpsvc - ok
    13:46:20.0209 2320 GTPTSER - ok
    13:46:20.0218 2320 GTSCSER - ok
    13:46:20.0327 2320 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
    13:46:20.0331 2320 gupdate - ok
    13:46:20.0345 2320 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
    13:46:20.0347 2320 gupdatem - ok
    13:46:20.0355 2320 gv3 - ok
    13:46:20.0364 2320 GV600_4 - ok
    13:46:20.0373 2320 harmony - ok
    13:46:20.0384 2320 haspnt - ok
    13:46:20.0393 2320 hclinetd - ok
    13:46:20.0439 2320 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
    13:46:20.0464 2320 HdAudAddService - ok
    13:46:20.0522 2320 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    13:46:20.0551 2320 HDAudBus - ok
    13:46:20.0560 2320 hibernation - ok
    13:46:20.0590 2320 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    13:46:20.0614 2320 HidBth - ok
    13:46:20.0638 2320 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    13:46:20.0662 2320 HidIr - ok
    13:46:20.0698 2320 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
    13:46:20.0702 2320 hidserv - ok
    13:46:20.0710 2320 HIDSwvd - ok
    13:46:20.0742 2320 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
    13:46:20.0766 2320 HidUsb - ok
    13:46:20.0793 2320 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
    13:46:20.0796 2320 hkmsvc - ok
    13:46:20.0804 2320 hmonitor - ok
    13:46:20.0814 2320 Hotkey - ok
    13:46:20.0854 2320 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
    13:46:20.0900 2320 HpCISSs - ok
    13:46:20.0907 2320 HPFECP20 - ok
    13:46:20.0918 2320 hpqddsvc - ok
    13:46:20.0959 2320 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    13:46:20.0999 2320 HSFHWAZL - ok
    13:46:21.0006 2320 HSFHWICH - ok
    13:46:21.0015 2320 hsf_dp - ok
    13:46:21.0074 2320 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
    13:46:21.0084 2320 HSF_DPV - ok
    13:46:21.0179 2320 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
    13:46:21.0202 2320 HTTP - ok
    13:46:21.0209 2320 https-admserv61 - ok
    13:46:21.0220 2320 hwpsgt - ok
    13:46:21.0263 2320 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
    13:46:21.0284 2320 i2omp - ok
    13:46:21.0311 2320 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    13:46:21.0332 2320 i8042prt - ok
    13:46:21.0339 2320 i81x - ok
    13:46:21.0350 2320 iaimfp1 - ok
    13:46:21.0377 2320 iAimTV5 - ok
    13:46:21.0395 2320 iap - ok
    13:46:21.0411 2320 iastor - ok
    13:46:21.0457 2320 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
    13:46:21.0463 2320 iaStorV - ok
    13:46:21.0472 2320 ibmcicstransactiongateway - ok
    13:46:21.0607 2320 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    13:46:21.0618 2320 idsvc - ok
    13:46:21.0630 2320 IFPUSB - ok
    13:46:21.0645 2320 ifxspmgtsrv - ok
    13:46:21.0660 2320 ifxtcs - ok
    13:46:21.0819 2320 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
    13:46:21.0843 2320 igfx - ok
    13:46:21.0983 2320 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    13:46:22.0010 2320 iirsp - ok
    13:46:22.0058 2320 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
    13:46:22.0064 2320 IKEEXT - ok
    13:46:22.0072 2320 ikhfile - ok
    13:46:22.0084 2320 iksyssec - ok
    13:46:22.0094 2320 imagesrv - ok
    13:46:22.0105 2320 incdfs - ok
    13:46:22.0121 2320 inorpc - ok
    13:46:22.0132 2320 inotask - ok
    13:46:22.0145 2320 ino_flpy - ok
    13:46:22.0189 2320 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    13:46:22.0213 2320 intelide - ok
    13:46:22.0233 2320 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    13:46:22.0257 2320 intelppm - ok
    13:46:22.0344 2320 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    13:46:22.0347 2320 IntuitUpdateServiceV4 - ok
    13:46:22.0355 2320 iPassP - ok
    13:46:22.0365 2320 iPassPeriodicUpdateApp - ok
    13:46:22.0376 2320 iPassPeriodicUpdateService - ok
    13:46:22.0422 2320 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
    13:46:22.0426 2320 IPBusEnum - ok
    13:46:22.0449 2320 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    13:46:22.0474 2320 IpFilterDriver - ok
    13:46:22.0522 2320 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
    13:46:22.0528 2320 iphlpsvc - ok
    13:46:22.0536 2320 IpInIp - ok
    13:46:22.0574 2320 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
    13:46:22.0597 2320 IPMIDRV - ok
    13:46:22.0624 2320 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    13:46:22.0645 2320 IPNAT - ok
    13:46:22.0668 2320 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    13:46:22.0688 2320 IRENUM - ok
    13:46:22.0696 2320 ISAMSvc - ok
    13:46:22.0706 2320 isapisearch - ok
    13:46:22.0728 2320 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
    13:46:22.0748 2320 isapnp - ok
    13:46:22.0793 2320 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    13:46:22.0816 2320 iScsiPrt - ok
    13:46:22.0833 2320 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    13:46:22.0871 2320 iteatapi - ok
    13:46:22.0900 2320 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    13:46:22.0938 2320 iteraid - ok
    13:46:22.0946 2320 iviaspi - ok
    13:46:22.0955 2320 iwebmsg - ok
    13:46:22.0966 2320 jaguar - ok
    13:46:22.0979 2320 Jukebox - ok
    13:46:22.0989 2320 k750mdfl - ok
    13:46:22.0999 2320 k750mdm - ok
    13:46:23.0046 2320 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    13:46:23.0084 2320 kbdclass - ok
    13:46:23.0107 2320 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
    13:46:23.0127 2320 kbdhid - ok
    13:46:23.0153 2320 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    13:46:23.0157 2320 KeyIso - ok
    13:46:23.0164 2320 klif - ok
    13:46:23.0204 2320 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
    13:46:23.0214 2320 KSecDD - ok
    13:46:23.0264 2320 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
    13:46:23.0269 2320 KtmRm - ok
    13:46:23.0308 2320 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
    13:46:23.0314 2320 LanmanServer - ok
    13:46:23.0345 2320 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
    13:46:23.0350 2320 LanmanWorkstation - ok
    13:46:23.0364 2320 license - ok
    13:46:23.0374 2320 licensemanagersocket - ok
    13:46:23.0385 2320 LKbdFlt2 - ok
    13:46:23.0396 2320 lktimesync - ok
    13:46:23.0436 2320 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    13:46:23.0457 2320 lltdio - ok
    13:46:23.0486 2320 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
    13:46:23.0490 2320 lltdsvc - ok
    13:46:23.0501 2320 lmab_device - ok
    13:46:23.0544 2320 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
    13:46:23.0547 2320 lmhosts - ok
    13:46:23.0555 2320 lockmgr - ok
    13:46:23.0565 2320 lp6nds35 - ok
    13:46:23.0593 2320 lpx - ok
    13:46:23.0643 2320 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
    13:46:23.0665 2320 LSI_FC - ok
    13:46:23.0692 2320 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
    13:46:23.0713 2320 LSI_SAS - ok
    13:46:23.0727 2320 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
    13:46:23.0748 2320 LSI_SCSI - ok
    13:46:23.0917 2320 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    13:46:23.0937 2320 luafv - ok
    13:46:23.0946 2320 lvprcsrv - ok
    13:46:23.0957 2320 LVRS - ok
    13:46:23.0973 2320 lxbs_device - ok
    13:46:23.0985 2320 lxbu_device - ok
    13:46:23.0996 2320 lxcj_device - ok
    13:46:24.0008 2320 lxrjd31d - ok
    13:46:24.0020 2320 MA8032U - ok
    13:46:24.0032 2320 mapserver6.3 - ok
    13:46:24.0043 2320 ma_cmidi_installerservice - ok
    13:46:24.0091 2320 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
    13:46:24.0093 2320 MBAMProtector - ok
    13:46:24.0211 2320 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    13:46:24.0216 2320 MBAMService - ok
    13:46:24.0224 2320 mcdbus - ok
    13:46:24.0240 2320 mcnasvc - ok
    13:46:24.0258 2320 mcsysmon - ok
    13:46:24.0270 2320 mctskshd.exe - ok
    13:46:24.0302 2320 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
    13:46:24.0305 2320 Mcx2Svc - ok
    13:46:24.0331 2320 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
    13:46:24.0352 2320 megasas - ok
    13:46:24.0360 2320 mfeavfk - ok
    13:46:24.0371 2320 mfehidk - ok
    13:46:24.0382 2320 mfesmfk - ok
    13:46:24.0392 2320 mks_scan - ok
    13:46:24.0421 2320 mlkkbdntdriver - ok
    13:46:24.0461 2320 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    13:46:24.0464 2320 MMCSS - ok
    13:46:24.0472 2320 MobilePreInstallerService - ok
    13:46:24.0496 2320 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    13:46:24.0516 2320 Modem - ok
    13:46:24.0524 2320 modemcsa - ok
    13:46:24.0536 2320 monfilt - ok
    13:46:24.0588 2320 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    13:46:24.0609 2320 monitor - ok
    13:46:24.0641 2320 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    13:46:24.0665 2320 mouclass - ok
    13:46:24.0698 2320 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    13:46:24.0718 2320 mouhid - ok
    13:46:24.0751 2320 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    13:46:24.0772 2320 MountMgr - ok
    13:46:24.0806 2320 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
    13:46:24.0828 2320 mpio - ok
    13:46:24.0849 2320 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    13:46:24.0912 2320 mpsdrv - ok
    13:46:24.0977 2320 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
    13:46:24.0982 2320 MpsSvc - ok
    13:46:25.0012 2320 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    13:46:25.0034 2320 Mraid35x - ok
    13:46:25.0066 2320 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    13:46:25.0090 2320 MRxDAV - ok
    13:46:25.0119 2320 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    13:46:25.0141 2320 mrxsmb - ok
    13:46:25.0169 2320 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    13:46:25.0194 2320 mrxsmb10 - ok
    13:46:25.0208 2320 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    13:46:25.0231 2320 mrxsmb20 - ok
    13:46:25.0268 2320 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
    13:46:25.0289 2320 msahci - ok
    13:46:25.0326 2320 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
    13:46:25.0373 2320 msdsm - ok
    13:46:25.0398 2320 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
    13:46:25.0404 2320 MSDTC - ok
    13:46:25.0469 2320 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    13:46:25.0489 2320 Msfs - ok
    13:46:25.0498 2320 msftpsvc - ok
    13:46:25.0537 2320 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    13:46:25.0557 2320 msisadrv - ok
    13:46:25.0603 2320 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
    13:46:25.0606 2320 MSiSCSI - ok
    13:46:25.0632 2320 msiserver - ok
    13:46:25.0662 2320 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    13:46:25.0689 2320 MSKSSRV - ok
    13:46:25.0713 2320 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    13:46:25.0715 2320 MSPCLOCK - ok
    13:46:25.0743 2320 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    13:46:25.0745 2320 MSPQM - ok
    13:46:25.0799 2320 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    13:46:25.0802 2320 MsRPC - ok
    13:46:25.0855 2320 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    13:46:25.0875 2320 mssmbios - ok
    13:46:25.0886 2320 mssql$sqlexpress - ok
    13:46:25.0895 2320 mssqlserverolapservice - ok
    13:46:25.0918 2320 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    13:46:25.0939 2320 MSTEE - ok
    13:46:25.0977 2320 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    13:46:26.0001 2320 Mup - ok
    13:46:26.0022 2320 mwspollserver - ok
    13:46:26.0037 2320 mwstick - ok
    13:46:26.0060 2320 mxnic - ok
    13:46:26.0077 2320 mysqlinventime - ok
    13:46:26.0145 2320 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
    13:46:26.0151 2320 napagent - ok
    13:46:26.0193 2320 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    13:46:26.0224 2320 NativeWifiP - ok
    13:46:26.0233 2320 nbservice - ok
    13:46:26.0245 2320 Ncrc710 - ok
    13:46:26.0332 2320 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    13:46:26.0359 2320 NDIS - ok
    13:46:26.0394 2320 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    13:46:26.0396 2320 NdisTapi - ok
    13:46:26.0413 2320 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    13:46:26.0435 2320 Ndisuio - ok
    13:46:26.0484 2320 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    13:46:26.0515 2320 NdisWan - ok
    13:46:26.0569 2320 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    13:46:26.0617 2320 NDProxy - ok
    13:46:26.0664 2320 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    13:46:26.0694 2320 NetBIOS - ok
    13:46:26.0712 2320 netbt - ok
    13:46:26.0750 2320 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    13:46:26.0752 2320 Netlogon - ok
    13:46:26.0806 2320 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
    13:46:26.0812 2320 Netman - ok
    13:46:26.0847 2320 netmdsb - ok
    13:46:26.0913 2320 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
    13:46:26.0919 2320 netprofm - ok
    13:46:27.0019 2320 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    13:46:27.0022 2320 NetTcpPortSharing - ok
    13:46:27.0032 2320 NETw3v32 - ok
    13:46:27.0049 2320 nfmservice - ok
    13:46:27.0097 2320 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    13:46:27.0119 2320 nfrd960 - ok
    13:46:27.0130 2320 nimcdfxk - ok
    13:46:27.0147 2320 nimcrpcsu - ok
    13:46:27.0163 2320 NIPALK - ok
    13:46:27.0177 2320 NITaggerService - ok
    13:46:27.0216 2320 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
    13:46:27.0221 2320 NlaSvc - ok
    13:46:27.0230 2320 nmsaccess - ok
    13:46:27.0244 2320 nmservice - ok
    13:46:27.0256 2320 nmwcdc - ok
    13:46:27.0269 2320 noipducservice - ok
    13:46:27.0326 2320 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    13:46:27.0346 2320 Npfs - ok
    13:46:27.0402 2320 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
    13:46:27.0408 2320 nsi - ok
    13:46:27.0436 2320 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    13:46:27.0461 2320 nsiproxy - ok
    13:46:27.0471 2320 NsTrcNT - ok
    13:46:27.0488 2320 ntcharge - ok
    13:46:27.0590 2320 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    13:46:27.0620 2320 Ntfs - ok
    13:46:27.0634 2320 NTIDrvr - ok
    13:46:27.0643 2320 ntmssvc - ok
    13:46:27.0657 2320 ntpr_nic_service2 - ok
    13:46:27.0709 2320 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    13:46:27.0733 2320 ntrigdigi - ok
    13:46:27.0756 2320 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
    13:46:27.0777 2320 NuidFltr - ok
    13:46:27.0826 2320 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    13:46:27.0846 2320 Null - ok
    13:46:27.0856 2320 nvcap - ok
    13:46:27.0869 2320 NVENET - ok
    13:46:27.0881 2320 nvmpu401 - ok
    13:46:27.0895 2320 NVR0Dev - ok
    13:46:27.0947 2320 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
    13:46:27.0970 2320 nvraid - ok
    13:46:27.0979 2320 nvsmu - ok
    13:46:28.0006 2320 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
    13:46:28.0030 2320 nvstor - ok
    13:46:28.0040 2320 nvstor32 - ok
    13:46:28.0053 2320 NVTCP - ok
    13:46:28.0084 2320 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
    13:46:28.0106 2320 nv_agp - ok
    13:46:28.0116 2320 NwlnkFlt - ok
    13:46:28.0128 2320 NwlnkFwd - ok
    13:46:28.0141 2320 nwlnkspx - ok
    13:46:28.0153 2320 NxSysMon - ok
    13:46:28.0192 2320 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
    13:46:28.0199 2320 ohci1394 - ok
    13:46:28.0209 2320 olapserver - ok
    13:46:28.0226 2320 omniusbl - ok
    13:46:28.0236 2320 omsad - ok
    13:46:28.0252 2320 ood2000 - ok
    13:46:28.0268 2320 openldap-slapd - ok
    13:46:28.0284 2320 openvpnservice - ok
    13:46:28.0301 2320 oracleorahomehttpserver - ok
    13:46:28.0318 2320 oraclewebassistant - ok
  19. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    13:46:28.0336 2320 oracle_load_balancer_60_client-forms6ip14 - ok
    13:46:28.0352 2320 oracle_load_balancer_60_client-forms6ip9 - ok
    13:46:28.0370 2320 outpostfirewall - ok
    13:46:28.0383 2320 ovsecurityserver - ok
    13:46:28.0395 2320 p2k - ok
    13:46:28.0483 2320 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    13:46:28.0492 2320 p2pimsvc - ok
    13:46:28.0507 2320 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    13:46:28.0515 2320 p2psvc - ok
    13:46:28.0531 2320 papycpu2 - ok
    13:46:28.0549 2320 papyjoy - ok
    13:46:28.0644 2320 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    13:46:28.0670 2320 Parport - ok
    13:46:28.0719 2320 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
    13:46:28.0739 2320 partmgr - ok
    13:46:28.0763 2320 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    13:46:28.0783 2320 Parvdm - ok
    13:46:28.0816 2320 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
    13:46:28.0819 2320 PcaSvc - ok
    13:46:28.0861 2320 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    13:46:28.0883 2320 pci - ok
    13:46:28.0892 2320 pcidump - ok
    13:46:29.0094 2320 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
    13:46:29.0114 2320 pciide - ok
    13:46:29.0144 2320 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    13:46:29.0170 2320 pcmcia - ok
    13:46:29.0181 2320 pcradminserver - ok
    13:46:29.0196 2320 Pctspk - ok
    13:46:29.0210 2320 PD0620VID - ok
    13:46:29.0227 2320 pdframe - ok
    13:46:29.0242 2320 pdlnatcm - ok
    13:46:29.0281 2320 pdlnsx25 - ok
    13:46:29.0292 2320 pduip6000dmemcrdmgr - ok
    13:46:29.0354 2320 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    13:46:29.0362 2320 PEAUTH - ok
    13:46:29.0372 2320 penrendezvous - ok
    13:46:29.0384 2320 perc2 - ok
    13:46:29.0426 2320 persfw - ok
    13:46:29.0439 2320 pfc - ok
    13:46:29.0454 2320 PGPdisk - ok
    13:46:29.0466 2320 PGPsdkDriver - ok
    13:46:29.0479 2320 picturetaker - ok
    13:46:29.0576 2320 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
    13:46:29.0590 2320 pla - ok
    13:46:29.0717 2320 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
    13:46:29.0722 2320 PlugPlay - ok
    13:46:29.0733 2320 pml - ok
    13:46:29.0829 2320 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    13:46:29.0836 2320 PNRPAutoReg - ok
    13:46:29.0853 2320 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    13:46:29.0861 2320 PNRPsvc - ok
    13:46:29.0913 2320 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
    13:46:29.0920 2320 PolicyAgent - ok
    13:46:30.0013 2320 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    13:46:30.0038 2320 PptpMiniport - ok
    13:46:30.0049 2320 prism_a02 - ok
    13:46:30.0094 2320 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
    13:46:30.0140 2320 Processor - ok
    13:46:30.0151 2320 procexp90 - ok
    13:46:30.0189 2320 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
    13:46:30.0195 2320 ProfSvc - ok
    13:46:30.0248 2320 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    13:46:30.0250 2320 ProtectedStorage - ok
    13:46:30.0261 2320 protexislicensing - ok
    13:46:30.0276 2320 proxyhostservice - ok
    13:46:30.0312 2320 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    13:46:30.0336 2320 PSched - ok
    13:46:30.0347 2320 PTDCBus - ok
    13:46:30.0359 2320 PTDCVsp - ok
    13:46:30.0371 2320 qbfcservice - ok
    13:46:30.0385 2320 qkbfiltr - ok
    13:46:30.0399 2320 ql1280 - ok
    13:46:30.0460 2320 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
    13:46:30.0506 2320 ql2300 - ok
    13:46:30.0543 2320 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    13:46:30.0564 2320 ql40xx - ok
    13:46:30.0574 2320 qmofiltr - ok
    13:46:30.0587 2320 queuemgr - ok
    13:46:30.0633 2320 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
    13:46:30.0637 2320 QWAVE - ok
    13:46:30.0669 2320 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    13:46:30.0690 2320 QWAVEdrv - ok
    13:46:30.0700 2320 ramaint - ok
    13:46:30.0731 2320 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    13:46:30.0752 2320 RasAcd - ok
    13:46:30.0877 2320 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
    13:46:30.0880 2320 RasAuto - ok
    13:46:30.0925 2320 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    13:46:30.0968 2320 Rasl2tp - ok
    13:46:31.0012 2320 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
    13:46:31.0018 2320 RasMan - ok
    13:46:31.0057 2320 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    13:46:31.0081 2320 RasPppoe - ok
    13:46:31.0118 2320 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    13:46:31.0143 2320 RasSstp - ok
    13:46:31.0153 2320 rca - ok
    13:46:31.0171 2320 rchost - ok
    13:46:31.0211 2320 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    13:46:31.0215 2320 rdbss - ok
    13:46:31.0226 2320 RDID1027 - ok
    13:46:31.0277 2320 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    13:46:31.0297 2320 RDPCDD - ok
    13:46:31.0369 2320 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
    13:46:31.0409 2320 rdpdr - ok
    13:46:31.0470 2320 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    13:46:31.0490 2320 RDPENCDD - ok
    13:46:31.0548 2320 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
    13:46:31.0570 2320 RDPWD - ok
    13:46:31.0581 2320 regspy - ok
    13:46:31.0644 2320 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
    13:46:31.0647 2320 RemoteAccess - ok
    13:46:31.0700 2320 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
    13:46:31.0706 2320 RemoteRegistry - ok
    13:46:31.0716 2320 RESMGR - ok
    13:46:31.0730 2320 retroexplauncher - ok
    13:46:31.0744 2320 rfcomm - ok
    13:46:31.0783 2320 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
    13:46:31.0803 2320 rimmptsk - ok
    13:46:31.0902 2320 rimsptsk (d7e09bc852684a7b1fc0f74fe090d45a) C:\Windows\system32\DRIVERS\rimsptsk.sys
    13:46:31.0923 2320 rimsptsk - ok
    13:46:31.0935 2320 rimusb - ok
    13:46:31.0949 2320 rimvserport - ok
    13:46:31.0984 2320 rismxdp (b0a7494a9ba7909efac64e05d3f160db) C:\Windows\system32\DRIVERS\rixdptsk.sys
    13:46:32.0004 2320 rismxdp - ok
    13:46:32.0015 2320 RMCAST - ok
    13:46:32.0028 2320 rnadiagnosticsservice - ok
    13:46:32.0042 2320 ROB_A - ok
    13:46:32.0055 2320 roxupnpserver - ok
    13:46:32.0103 2320 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
    13:46:32.0106 2320 RpcLocator - ok
    13:46:32.0159 2320 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    13:46:32.0165 2320 RpcSs - ok
    13:46:32.0176 2320 rppkt - ok
    13:46:32.0189 2320 RSAFAL - ok
    13:46:32.0233 2320 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    13:46:32.0254 2320 rspndr - ok
    13:46:32.0264 2320 rtl8139 - ok
    13:46:32.0277 2320 s116mdm - ok
    13:46:32.0292 2320 s125obex - ok
    13:46:32.0310 2320 s217mdm - ok
    13:46:32.0329 2320 s217nd5 - ok
    13:46:32.0344 2320 S3GIGP - ok
    13:46:32.0360 2320 s3ssavage - ok
    13:46:32.0376 2320 s616unic - ok
    13:46:32.0391 2320 s716nd5 - ok
    13:46:32.0404 2320 s7oppitx - ok
    13:46:32.0417 2320 s7otranx - ok
    13:46:32.0431 2320 SABSVC - ok
    13:46:32.0446 2320 SaiNtSub - ok
    13:46:32.0460 2320 SaiU040B - ok
    13:46:32.0491 2320 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    13:46:32.0493 2320 SamSs - ok
    13:46:32.0506 2320 sandboxu - ok
    13:46:32.0542 2320 sbhooksvc - ok
    13:46:32.0581 2320 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    13:46:32.0602 2320 sbp2port - ok
    13:46:32.0639 2320 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
    13:46:32.0643 2320 SCardSvr - ok
    13:46:32.0657 2320 ScFBPNT3 - ok
    13:46:32.0713 2320 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
    13:46:32.0719 2320 Schedule - ok
    13:46:32.0757 2320 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    13:46:32.0758 2320 SCPolicySvc - ok
    13:46:32.0772 2320 screadspool - ok
    13:46:32.0791 2320 scsk4 - ok
    13:46:32.0832 2320 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
    13:46:32.0857 2320 sdbus - ok
    13:46:32.0870 2320 sdcoreservice - ok
    13:46:32.0886 2320 SDdriver - ok
    13:46:32.0946 2320 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
    13:46:32.0951 2320 SDRSVC - ok
    13:46:32.0965 2320 SE26mgmt - ok
    13:46:32.0982 2320 se26unic - ok
    13:46:32.0998 2320 SE2Bmdfl - ok
    13:46:33.0013 2320 se2Bnd5 - ok
    13:46:33.0029 2320 se2Bunic - ok
    13:46:33.0045 2320 SE2Dbus - ok
    13:46:33.0059 2320 SE2Eobex - ok
    13:46:33.0072 2320 se44bus - ok
    13:46:33.0086 2320 se44nd5 - ok
    13:46:33.0127 2320 se45mgmt - ok
    13:46:33.0144 2320 se45nd5 - ok
    13:46:33.0161 2320 se58unic - ok
    13:46:33.0174 2320 se59nd5 - ok
    13:46:33.0209 2320 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    13:46:33.0229 2320 secdrv - ok
    13:46:33.0250 2320 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
    13:46:33.0254 2320 seclogon - ok
    13:46:33.0266 2320 SED133x - ok
    13:46:33.0295 2320 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
    13:46:33.0297 2320 SENS - ok
    13:46:33.0308 2320 sentinel - ok
    13:46:33.0322 2320 ser2pl - ok
    13:46:33.0352 2320 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    13:46:33.0372 2320 Serenum - ok
    13:46:33.0412 2320 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    13:46:33.0433 2320 Serial - ok
    13:46:33.0469 2320 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    13:46:33.0490 2320 sermouse - ok
    13:46:33.0506 2320 server - ok
    13:46:33.0581 2320 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
    13:46:33.0586 2320 SessionEnv - ok
    13:46:33.0598 2320 SetupSys - ok
    13:46:33.0646 2320 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
    13:46:33.0666 2320 sffdisk - ok
    13:46:33.0697 2320 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
    13:46:33.0719 2320 sffp_mmc - ok
    13:46:33.0748 2320 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
    13:46:33.0769 2320 sffp_sd - ok
    13:46:33.0787 2320 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    13:46:33.0809 2320 sfloppy - ok
    13:46:33.0820 2320 sglogplayer - ok
    13:46:33.0904 2320 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
    13:46:33.0909 2320 SharedAccess - ok
    13:46:33.0977 2320 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
    13:46:33.0983 2320 ShellHWDetection - ok
    13:46:33.0994 2320 sifilter - ok
    13:46:34.0009 2320 SimpTcp - ok
    13:46:34.0023 2320 sis315 - ok
    13:46:34.0062 2320 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
    13:46:34.0101 2320 sisagp - ok
    13:46:34.0112 2320 sisnic - ok
    13:46:34.0164 2320 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
    13:46:34.0202 2320 SiSRaid2 - ok
    13:46:34.0236 2320 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
    13:46:34.0257 2320 SiSRaid4 - ok
    13:46:34.0269 2320 slabbus - ok
    13:46:34.0283 2320 slabser - ok
    13:46:34.0297 2320 slee_503_service - ok
    13:46:34.0311 2320 Slntamr - ok
    13:46:34.0326 2320 Slpsvdr - ok
    13:46:34.0507 2320 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
    13:46:34.0533 2320 slsvc - ok
    13:46:34.0649 2320 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
    13:46:34.0654 2320 SLUINotify - ok
    13:46:34.0666 2320 smartwiservice - ok
    13:46:34.0737 2320 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    13:46:34.0761 2320 Smb - ok
    13:46:34.0776 2320 SMCB000 - ok
    13:46:34.0807 2320 smsmdd - ok
    13:46:34.0878 2320 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
    13:46:34.0882 2320 SNMPTRAP - ok
    13:46:34.0898 2320 snmptrapdservice - ok
    13:46:34.0909 2320 SNP2STD - ok
    13:46:34.0942 2320 sonytvc - ok
    13:46:34.0956 2320 spbbcsvc - ok
    13:46:34.0972 2320 spcsutilityservice - ok
    13:46:34.0989 2320 SPFDRV - ok
    13:46:35.0031 2320 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    13:46:35.0051 2320 spldr - ok
    13:46:35.0063 2320 splitter - ok
    13:46:35.0077 2320 spmd - ok
    13:46:35.0116 2320 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
    13:46:35.0122 2320 Spooler - ok
    13:46:35.0134 2320 sprtsvc_smartagent - ok
    13:46:35.0148 2320 SQLWriter - ok
    13:46:35.0163 2320 srescan - ok
    13:46:35.0179 2320 SRS_SSCFilter - ok
    13:46:35.0195 2320 SRTSP - ok
    13:46:35.0247 2320 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
    13:46:35.0287 2320 srv - ok
    13:46:35.0323 2320 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
    13:46:35.0344 2320 srv2 - ok
    13:46:35.0356 2320 srvdpi - ok
    13:46:35.0393 2320 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
    13:46:35.0414 2320 srvnet - ok
    13:46:35.0460 2320 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
    13:46:35.0466 2320 SSDPSRV - ok
    13:46:35.0481 2320 ssfs0509 - ok
    13:46:35.0496 2320 sshrmd - ok
    13:46:35.0510 2320 ssm_bus - ok
    13:46:35.0526 2320 ssm_mdm - ok
    13:46:35.0556 2320 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
    13:46:35.0560 2320 SstpSvc - ok
    13:46:35.0573 2320 ss_mdfl - ok
    13:46:35.0588 2320 stacsv - ok
    13:46:35.0650 2320 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
    13:46:35.0657 2320 stisvc - ok
    13:46:35.0669 2320 STV680 - ok
    13:46:35.0685 2320 STV680m - ok
    13:46:35.0701 2320 Subsonic - ok
    13:46:35.0721 2320 SunkFilt - ok
    13:46:35.0735 2320 SunkFilt39 - ok
    13:46:35.0751 2320 svv - ok
    13:46:35.0786 2320 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    13:46:35.0789 2320 swenum - ok
    13:46:35.0804 2320 SWMX00 - ok
    13:46:35.0822 2320 SWNC5E00 - ok
    13:46:35.0879 2320 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
    13:46:35.0884 2320 swprv - ok
    13:46:35.0897 2320 SWUMX51 - ok
    13:46:35.0947 2320 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    13:46:35.0973 2320 Symc8xx - ok
    13:46:36.0001 2320 symids - ok
    13:46:36.0017 2320 symmpi - ok
    13:46:36.0066 2320 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    13:46:36.0086 2320 Sym_hi - ok
    13:46:36.0112 2320 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    13:46:36.0132 2320 Sym_u3 - ok
    13:46:36.0145 2320 syntp - ok
    13:46:36.0199 2320 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
    13:46:36.0207 2320 SysMain - ok
    13:46:36.0259 2320 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
    13:46:36.0263 2320 TabletInputService - ok
    13:46:36.0276 2320 tandpl - ok
    13:46:36.0290 2320 tapeware - ok
    13:46:36.0343 2320 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
    13:46:36.0349 2320 TapiSrv - ok
    13:46:36.0363 2320 tavsvc - ok
    13:46:36.0381 2320 tbhsd - ok
    13:46:36.0439 2320 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
    13:46:36.0443 2320 TBS - ok
    13:46:36.0527 2320 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
    13:46:36.0537 2320 Tcpip - ok
    13:46:36.0579 2320 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
    13:46:36.0586 2320 Tcpip6 - ok
    13:46:36.0633 2320 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
    13:46:36.0670 2320 tcpipreg - ok
    13:46:36.0693 2320 tcsd_win32.exe - ok
    13:46:36.0709 2320 tdimsys - ok
    13:46:36.0753 2320 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    13:46:36.0773 2320 TDPIPE - ok
    13:46:36.0810 2320 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    13:46:36.0848 2320 TDTCP - ok
    13:46:36.0887 2320 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    13:46:36.0907 2320 tdx - ok
    13:46:36.0977 2320 TeamViewer4 (392e619012f752d071910917e9307cc9) C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
    13:46:36.0982 2320 TeamViewer4 - ok
    13:46:36.0998 2320 telnet - ok
    13:46:37.0046 2320 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    13:46:37.0071 2320 TermDD - ok
    13:46:37.0137 2320 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
    13:46:37.0145 2320 TermService - ok
    13:46:37.0161 2320 tfsnudf - ok
    13:46:37.0178 2320 tgsrvc_smartagent - ok
    13:46:37.0230 2320 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
    13:46:37.0235 2320 Themes - ok
    13:46:37.0310 2320 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    13:46:37.0312 2320 THREADORDER - ok
    13:46:37.0327 2320 timounter - ok
    13:46:37.0342 2320 TMKEmu - ok
    13:46:37.0358 2320 tmmbd - ok
    13:46:37.0374 2320 tmtdi - ok
    13:46:37.0389 2320 TNaviSrv - ok
    13:46:37.0405 2320 tng-dts - ok
    13:46:37.0421 2320 TOSHIBASoftModem - ok
    13:46:37.0436 2320 tosrfnds - ok
    13:46:37.0452 2320 tosrfsnd - ok
    13:46:37.0468 2320 trackcam4 - ok
    13:46:37.0484 2320 transarcafsdaemon - ok
    13:46:37.0500 2320 trioservice - ok
    13:46:37.0548 2320 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
    13:46:37.0552 2320 TrkWks - ok
    13:46:37.0621 2320 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
    13:46:37.0624 2320 TrustedInstaller - ok
    13:46:37.0652 2320 tsdhd - ok
    13:46:37.0678 2320 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    13:46:37.0698 2320 tssecsrv - ok
    13:46:37.0711 2320 TuneUp.Defrag - ok
    13:46:37.0746 2320 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    13:46:37.0766 2320 tunmp - ok
    13:46:37.0799 2320 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    13:46:37.0837 2320 tunnel - ok
    13:46:37.0849 2320 TVALG - ok
    13:46:37.0865 2320 tvs - ok
    13:46:37.0892 2320 U81xobex - ok
    13:46:37.0932 2320 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
    13:46:37.0972 2320 uagp35 - ok
    13:46:37.0985 2320 uclauncherservice - ok
    13:46:38.0036 2320 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    13:46:38.0057 2320 udfs - ok
    13:46:38.0117 2320 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
    13:46:38.0122 2320 UI0Detect - ok
    13:46:38.0135 2320 uleadburninghelper - ok
    13:46:38.0174 2320 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
    13:46:38.0195 2320 uliagpkx - ok
    13:46:38.0227 2320 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
    13:46:38.0249 2320 uliahci - ok
    13:46:38.0282 2320 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    13:46:38.0320 2320 UlSata - ok
    13:46:38.0354 2320 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    13:46:38.0375 2320 ulsata2 - ok
    13:46:38.0412 2320 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    13:46:38.0414 2320 umbus - ok
    13:46:38.0428 2320 UMPass - ok
    13:46:38.0444 2320 UNDPX2A - ok
    13:46:38.0460 2320 UpdateCenterService - ok
    13:46:38.0477 2320 uploadmgr - ok
    13:46:38.0538 2320 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
    13:46:38.0544 2320 upnphost - ok
    13:46:38.0557 2320 upsmonservice - ok
    13:46:38.0573 2320 us30service - ok
    13:46:38.0600 2320 USB11LDR - ok
    13:46:38.0616 2320 usb20l - ok
    13:46:38.0659 2320 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    13:46:38.0681 2320 usbccgp - ok
    13:46:38.0726 2320 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    13:46:38.0747 2320 usbcir - ok
    13:46:38.0786 2320 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    13:46:38.0808 2320 usbehci - ok
    13:46:38.0853 2320 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    13:46:38.0875 2320 usbhub - ok
    13:46:38.0915 2320 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
    13:46:38.0935 2320 usbohci - ok
    13:46:38.0976 2320 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
    13:46:38.0997 2320 usbprint - ok
    13:46:39.0041 2320 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
    13:46:39.0061 2320 usbscan - ok
    13:46:39.0101 2320 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    13:46:39.0122 2320 USBSTOR - ok
    13:46:39.0164 2320 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    13:46:39.0188 2320 usbuhci - ok
    13:46:39.0204 2320 USB_RNDIS - ok
    13:46:39.0223 2320 USB_RNDIS_XP - ok
    13:46:39.0244 2320 useraccess7 - ok
    13:46:39.0261 2320 UVCFTR - ok
    13:46:39.0280 2320 UWProSys - ok
    13:46:39.0328 2320 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
    13:46:39.0332 2320 UxSms - ok
    13:46:39.0347 2320 UxTuneUp - ok
    13:46:39.0367 2320 VAIOMediaPlatform-MusicServer-HTTP - ok
    13:46:39.0387 2320 vc5secs - ok
    13:46:39.0406 2320 vcommmgr - ok
    13:46:39.0462 2320 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
    13:46:39.0469 2320 vds - ok
    13:46:39.0482 2320 vetmsgnt - ok
    13:46:39.0523 2320 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
    13:46:39.0542 2320 vga - ok
    13:46:39.0590 2320 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    13:46:39.0627 2320 VgaSave - ok
    13:46:39.0641 2320 Via4in1 - ok
    13:46:39.0668 2320 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
    13:46:39.0688 2320 viaagp - ok
    13:46:39.0702 2320 viaagp1 - ok
    13:46:39.0741 2320 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
    13:46:39.0762 2320 ViaC7 - ok
    13:46:39.0781 2320 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
    13:46:39.0802 2320 viaide - ok
    13:46:39.0817 2320 VICESYS - ok
    13:46:39.0833 2320 vncdrv - ok
    13:46:39.0849 2320 VNUSB - ok
    13:46:39.0897 2320 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    13:46:39.0918 2320 volmgr - ok
    13:46:39.0959 2320 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    13:46:39.0981 2320 volmgrx - ok
    13:46:40.0023 2320 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    13:46:40.0044 2320 volsnap - ok
    13:46:40.0058 2320 vsapint - ok
    13:46:40.0073 2320 vsdatant - ok
    13:46:40.0107 2320 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
    13:46:40.0128 2320 vsmraid - ok
    13:46:40.0204 2320 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
    13:46:40.0215 2320 VSS - ok
    13:46:40.0231 2320 vvoice - ok
    13:46:40.0249 2320 VX3000 - ok
    13:46:40.0266 2320 vzcdbsvc - ok
    13:46:40.0283 2320 w200bus - ok
    13:46:40.0330 2320 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
    13:46:40.0336 2320 W32Time - ok
    13:46:40.0361 2320 W55U01 - ok
    13:46:40.0378 2320 w800mdfl - ok
    13:46:40.0413 2320 w800mdm - ok
    13:46:40.0482 2320 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    13:46:40.0502 2320 WacomPen - ok
    13:46:40.0517 2320 wampmysqld - ok
    13:46:40.0561 2320 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    13:46:40.0599 2320 Wanarp - ok
    13:46:40.0612 2320 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    13:46:40.0613 2320 Wanarpv6 - ok
    13:46:40.0628 2320 WaveFDE - ok
    13:46:40.0645 2320 WBHWDOCT - ok
    13:46:40.0692 2320 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
    13:46:40.0699 2320 wcncsvc - ok
    13:46:40.0737 2320 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
    13:46:40.0742 2320 WcsPlugInService - ok
    13:46:40.0775 2320 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
    13:46:40.0795 2320 Wd - ok
    13:46:40.0857 2320 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    13:46:40.0898 2320 Wdf01000 - ok
    13:46:40.0913 2320 wdica - ok
    13:46:40.0944 2320 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    13:46:40.0949 2320 WdiServiceHost - ok
    13:46:40.0963 2320 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    13:46:40.0967 2320 WdiSystemHost - ok
    13:46:40.0981 2320 WD_FireWire_HID - ok
    13:46:41.0036 2320 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
    13:46:41.0041 2320 WebClient - ok
    13:46:41.0056 2320 webdriveservice - ok
    13:46:41.0073 2320 webrootenterpriseclientservice - ok
    13:46:41.0128 2320 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
    13:46:41.0132 2320 Wecsvc - ok
    13:46:41.0175 2320 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
    13:46:41.0179 2320 wercplsupport - ok
    13:46:41.0223 2320 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
    13:46:41.0227 2320 WerSvc - ok
    13:46:41.0242 2320 wg111nd5 - ok
    13:46:41.0262 2320 win32sl - ok
    13:46:41.0334 2320 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
    13:46:41.0365 2320 winachsf - ok
    13:46:41.0454 2320 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
    13:46:41.0458 2320 WinDefend - ok
    13:46:41.0490 2320 WinHttpAutoProxySvc - ok
    13:46:41.0597 2320 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
    13:46:41.0602 2320 Winmgmt - ok
    13:46:41.0623 2320 winpower - ok
    13:46:41.0647 2320 winpowerrmi - ok
    13:46:41.0671 2320 winpppoverethernet - ok
    13:46:41.0769 2320 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
    13:46:41.0785 2320 WinRM - ok
    13:46:41.0845 2320 wintab32 - ok
    13:46:41.0863 2320 WinVd32 - ok
    13:46:41.0922 2320 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
    13:46:41.0929 2320 Wlansvc - ok
    13:46:41.0947 2320 wlluc48 - ok
    13:46:41.0961 2320 wlluc48b - ok
    13:46:41.0979 2320 wltrysvc - ok
    13:46:41.0996 2320 wm - ok
    13:46:42.0014 2320 wmdmpmsp - ok
    13:46:42.0031 2320 wmi - ok
    13:46:42.0103 2320 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    13:46:42.0123 2320 WmiAcpi - ok
    13:46:42.0207 2320 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
    13:46:42.0212 2320 wmiApSrv - ok
    13:46:42.0338 2320 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
    13:46:42.0349 2320 WMPNetworkSvc - ok
    13:46:42.0401 2320 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
    13:46:42.0406 2320 WPCSvc - ok
    13:46:42.0453 2320 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
    13:46:42.0458 2320 WPDBusEnum - ok
    13:46:42.0523 2320 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    13:46:42.0551 2320 WpdUsb - ok
    13:46:42.0705 2320 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    13:46:42.0716 2320 WPFFontCache_v0400 - ok
    13:46:42.0759 2320 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    13:46:42.0789 2320 ws2ifsl - ok
    13:46:42.0850 2320 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
    13:46:42.0858 2320 wscsvc - ok
    13:46:42.0879 2320 WSearch - ok
    13:46:43.0024 2320 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
    13:46:43.0042 2320 wuauserv - ok
    13:46:43.0180 2320 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    13:46:43.0183 2320 WUDFRd - ok
    13:46:43.0207 2320 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
    13:46:43.0212 2320 wudfsvc - ok
    13:46:43.0228 2320 wuolservice - ok
    13:46:43.0245 2320 WUSB54GPV4SRV - ok
    13:46:43.0276 2320 z800mgmt - ok
    13:46:43.0294 2320 z800obex - ok
    13:46:43.0314 2320 zebrbus - ok
    13:46:43.0331 2320 zpsc - ok
    13:46:43.0362 2320 {95808DC4-FA4A-4c74-92FE-5B863F82066B} - ok
    13:46:43.0380 2320 {a7447300-8075-4b0d-83f1-3d75c8ebc623} - ok
    13:46:43.0461 2320 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    13:46:43.0647 2320 \Device\Harddisk0\DR0 - ok
    13:46:43.0651 2320 Boot (0x1200) (3f21510acf7eac540a7a1c69083c2ce0) \Device\Harddisk0\DR0\Partition0
    13:46:43.0652 2320 \Device\Harddisk0\DR0\Partition0 - ok
    13:46:43.0680 2320 Boot (0x1200) (9f3edab57323961243649d12d8a28921) \Device\Harddisk0\DR0\Partition1
    13:46:43.0682 2320 \Device\Harddisk0\DR0\Partition1 - ok
    13:46:43.0682 2320 ============================================================
    13:46:43.0682 2320 Scan finished
    13:46:43.0682 2320 ============================================================
    13:46:43.0696 5912 Detected object count: 0
    13:46:43.0696 5912 Actual detected object count: 0
  20. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    OK. Re-run Combofix one more time.
  21. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    ComboFix 12-05-17.02 - William 05/17/2012 4:13.2.2 - x86
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.2102 [GMT -4:00]
    Running from: c:\users\William\Desktop\ComboFix.exe
    AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
    FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
    SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Resident AV is active
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\windows\$NtUninstallKB37865$
    c:\windows\system32\drivers\etc\hosts.ics
    c:\windows\system32\usbcm.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    -------\Service_regspy
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-04-17 to 2012-05-17 )))))))))))))))))))))))))))))))
    .
    .
    2012-05-17 08:27 . 2012-05-17 08:30 -------- d-----w- c:\users\William\AppData\Local\temp
    2012-05-17 08:27 . 2012-05-17 08:27 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-05-16 08:11 . 2012-05-16 08:11 -------- d-----w- C:\found.001
    2012-05-16 08:07 . 2012-05-16 08:07 -------- d-----w- C:\TDSSKiller_Quarantine
    2012-05-15 09:54 . 2012-04-18 07:06 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE8DEF1D-B252-40EE-A322-05E15EFDA7C7}\mpengine.dll
    2012-05-13 23:46 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-05-13 23:46 . 2012-05-13 23:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-05-13 17:41 . 2012-05-13 17:41 -------- d-----w- c:\users\William\AppData\Local\ESET
    2012-05-13 17:30 . 2012-05-13 17:30 -------- d-----w- c:\program files\Windows Resource Kits
    2012-05-12 23:11 . 2012-05-12 23:11 -------- d-----w- c:\program files\ESET
    2012-05-11 01:11 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-11 01:11 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-05 22:42 . 2012-05-05 22:43 -------- d-----w- c:\program files\Sherlock Holmes and the Hound of the Baskervilles
    2012-04-22 23:44 . 2012-04-22 23:44 -------- d-----w- C:\found.000
    2012-04-22 19:14 . 2012-04-22 19:14 -------- d-----w- c:\programdata\Kaspersky Lab
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-05-16 08:08 . 2011-12-23 05:19 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
    2012-05-05 16:58 . 2012-04-04 17:05 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-05-05 16:58 . 2011-12-23 00:38 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-04-03 18:42 . 2012-04-03 18:42 652296 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
    2012-04-03 18:42 . 2012-04-03 18:42 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2012-04-03 18:42 . 2012-04-03 18:42 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
    2012-04-02 13:36 . 2012-05-11 01:11 2044928 ----a-w- c:\windows\system32\win32k.sys
    2012-03-28 16:09 . 2012-03-20 23:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2012-02-29 15:11 . 2012-04-12 07:13 5120 ----a-w- c:\windows\system32\wmi.dll
    2012-02-29 15:11 . 2012-04-12 07:13 172032 ----a-w- c:\windows\system32\wintrust.dll
    2012-02-29 15:09 . 2012-04-12 07:13 157696 ----a-w- c:\windows\system32\imagehlp.dll
    2012-02-29 13:32 . 2012-04-12 07:13 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
    2012-02-28 01:18 . 2012-04-12 07:14 1799168 ----a-w- c:\windows\system32\jscript9.dll
    2012-02-28 01:11 . 2012-04-12 07:14 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
    2012-02-28 01:11 . 2012-04-12 07:14 1127424 ----a-w- c:\windows\system32\wininet.dll
    2012-02-28 01:03 . 2012-04-12 07:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
    2012-02-25 19:19 . 2012-02-25 19:19 121208 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
    2012-02-23 14:18 . 2011-12-16 16:56 237072 ------w- c:\windows\system32\MpSigStub.exe
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
    "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
    "egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
    "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableLUA"= 0 (0x0)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Turbo Tourney 2012 Scheduler.lnk]
    backup=c:\windows\pss\Turbo Tourney 2012 Scheduler.lnk.CommonStartup
    backupExtension=.CommonStartup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
    2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
    2008-02-12 01:13 141848 ----a-w- c:\windows\System32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
    2008-02-12 01:13 133656 ----a-w- c:\windows\System32\igfxpers.exe
    .
    R0 70080763;70080763;c:\windows\system32\drivers\98925466.sys [x]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
    .
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    se2Bunic
    ofcpfwsvc
    upsmonservice
    nmservice
    atkkeyboardservice
    SE2Bmdfl
    SE2Dbus
    omsad
    tmtdi
    wscsvc
    wm
    UNDPX2A
    sdcoreservice
    EIO_XP
    ErrDev
    qfcoresvc
    mcdetect.exe
    pelusblf
    DS1410D
    CTMFLT
    EMATCORE
    CVirtA
    mssqlserverolapservice
    pgpsdkservice
    PTDCVsp
    dsNcAdpt
    sisnic
    btnetfilter
    nimcdfxk
    MTC0001_ESB
    SprintRcAppSvc
    pcx1unic
    RDID1027
    pwkntmon
    axsaki
    mwagent
    oracle_load_balancer_60_server-forms6ip9
    rslinxng
    mysql
    teefer
    atixsaudio
    adminserver
    mvserver
    spmd
    bc_filter
    atiavaiw
    UimBus
    sisperf
    imapiservice
    s716mdm
    rt2500usb
    ppped
    tfsnboio
    dlartl_n
    vstor2-ws60
    iPassPeriodicUpdateService
    speakerphone
    ZDPNDIS5
    ISAMSvc
    plsremotesvc
    smartwiservice
    mcdbus
    se45mgmt
    ccflic0
    webdriveservice
    wlluc48b
    webrootenterpriseclientservice
    imagesrv
    flashcom
    ssm_bus
    olapserver
    wintab32
    a016mgmt
    MRV6X32P
    EACSvrMngr
    sglogplayer
    AcronisOSSReinstallSvc
    atdisk
    bantext
    nwlnkspx
    PBADRV
    oraclewebassistant
    sonytvc
    intelroam
    papyjoy
    tfsnudf
    U3sHlpDr
    npapimon
    comhost
    SetupSys
    pdlnatcm
    iPassP
    perc2
    statusagent
    ATWPKT2
    AdobeActiveFileMonitor6.0
    WD_FireWire_HID
    {a7447300-8075-4b0d-83f1-3d75c8ebc623}
    hclinetd
    i81x
    SWUMX51
    MQAC
    UsbserFilt
    dlbu_device
    szkg
    incdsrv
    acrotray
    rootmodem
    nwlnknb
    avgems
    datasvr
    NETw4v32
    cfgwzsvc
    tvtfilter
    USB_NDIS_51
    s125mdfl
    tng-dtmg
    vproeventmonitor
    wmconnectcds
    redbook
    DivisCTS
    NWSAP
    macformatservice
    sit_flt
    EL2000
    ssfs0509
    procexp90
    iksyssec
    starwindservice
    mnsframework
    bwcsrv
    aolservice
    crauto
    nvax
    mctskshd.exe
    ICAM5USB
    LC7981
    razerusb
    EagleNT
    elockservice
    xfilt
    ageremodemaudio
    MA8032U
    fshttps
    slabbus
    useraccess7
    ctljystk
    acermemusagecheckservice
    NVR0Dev
    rnadirectory
    netmdsb
    nm
    bc_pat_f
    MREMP50
    W700mdm
    oraclemtsrecoveryservice
    pduip6000dmemcrdmgr
    roxwatch
    svv
    SMCB000
    vncdrv
    tapeware
    Angel2
    qkbfiltr
    persfw
    cpucoolserver
    elnkservice
    btwusb
    STV680m
    msftpsvc
    mxnic
    ikhfile
    opcenum
    trioservice
    cebdaldr
    winpppoverethernet
    lpx
    TOSHIBASoftModem
    mssql$sqlexpress
    Hotkey
    NITaggerService
    dlcj_device
    slabser
    openldap-slapd
    diskeeper
    WinVd32
    rchost
    w800mdm
    NTIDrvr
    dlcc_device
    server
    SE26mgmt
    z800mgmt
    emitray
    aspi32
    S3GIGP
    tgsrvc_smartagent
    beatjamupnpmusicserver
    iaimfp1
    Slntamr
    defwatch
    sis315
    queuemgr
    penrendezvous
    lktimesync
    bthpan
    ATMsg
    ino_flpy
    cvslock
    dtsrvc
    noipducservice
    WaveFDE
    ntcharge
    se45nd5
    rfcomm
    tavsvc
    SABSVC
    screadspool
    GTSCSER
    mysqlinventime
    modemcsa
    timounter
    NETw3v32
    ma_cmidi_installerservice
    getPlusHelper
    nimxdfk
    tdimsys
    bdselfpr
    PD0620VID
    PGPdisk
    SimpTcp
    mfeavfk
    AVerTV
    SPFDRV
    btwhid
    pcradminserver
    audstub
    mlkkbdntdriver
    WBHWDOCT
    lvprcsrv
    uleadburninghelper
    mwstick
    vsdatant
    hibernation
    lmab_device
    rppkt
    mcsysmon
    UWProSys
    s217nd5
    CX88AUD
    pdlnshay
    monfilt
    lxcj_device
    ntpr_nic_service2
    a016mdm
    iAimTV5
    zpsc
    haspnt
    Jukebox
    VAIOMediaPlatform-MusicServer-HTTP
    FETNDIS
    scsk4
    outpostfirewall
    backupexecalertserver
    nmwcdc
    pavdrv
    sandboxu
    slee_503_service
    HIDSwvd
    ssm_mdm
    LVRS
    sifilter
    viaagp1
    ood2000
    STV680
    CnxTrLan
    win32sl
    s116mdm
    cwcwdm
    Pctspk
    jaguar
    ROB_A
    Appn
    hwpsgt
    AVCSTRM
    spcsutilityservice
    nvstor32
    mfesmfk
    roxupnpserver
    avg7rsw
    SWNC5E00
    DNE
    ovsecurityserver
    p2k
    ADIDTSFiltService
    wuolservice
    ggsemc
    winpowerrmi
    GoToAssist
    DgiVecp
    cccredmgr
    srvdpi
    db2das00
    spbbcsvc
    vcommmgr
    SNP2STD
    NIPALK
    hpqddsvc
    harmony
    sshrmd
    GT890x
    winpower
    Slpsvdr
    oracle_load_balancer_60_client-forms6ip9
    APLMp50
    TMKEmu
    HPFECP20
    pcidump
    ftsata2
    UVCFTR
    nbservice
    license
    oracleorahomehttpserver
    DirectUpdate
    PGPsdkDriver
    retroexplauncher
    nfmservice
    tng-dts
    SE2Eobex
    wampmysqld
    s217mdm
    dlcf_device
    rimvserport
    TNaviSrv
    el90xbc
    RESMGR
    SDdriver
    pdlnsx25
    gameenum
    wdica
    AR5523
    picturetaker
    Evian
    btwavdt
    rnadiagnosticsservice
    cusrvc
    Via4in1
    freepops
    nimcrpcsu
    dmio
    TuneUp.Defrag
    iPassPeriodicUpdateApp
    prism_a02
    IFPUSB
    bt3cser
    transarcafsdaemon
    k750mdfl
    USB_RNDIS
    SRTSP
    ifxtcs
    VICESYS
    PTDCBus
    tcsd_win32.exe
    pml
    ScFBPNT3
    UxTuneUp
    vc5secs
    tbhsd
    stacsv
    licensemanagersocket
    avgarcln
    tosrfnds
    ql1280
    s3ssavage
    hmonitor
    wlluc48
    tmmbd
    cbidf
    zebrbus
    dvd_2K
    vsapint
    w200bus
    awhost32
    filechecker
    NsTrcNT
    hsf_dp
    trackcam4
    arcltsrv
    dladresm
    WUSB54GPV4SRV
    us30service
    vvoice
    inotask
    inorpc
    VNUSB
    lxrjd31d
    Ncrc710
    rca
    s125obex
    NxSysMon
    VX3000
    srescan
    {95808DC4-FA4A-4c74-92FE-5B863F82066B}
    isapisearch
    lockmgr
    nvcap
    ss_mdfl
    SRS_SSCFilter
    klif
    DCamUSBSQTECH
    se26unic
    mks_scan
    s7otranx
    SED133x
    ibmcicstransactiongateway
    s7oppitx
    LKbdFlt2
    3comtftp
    UMPass
    U81xobex
    U2SP
    co_mon
    atierecord
    qbfcservice
    tosrfsnd
    openvpnservice
    AmdLLD
    freebsd
    atkdisplf
    se58unic
    RMCAST
    mcnasvc
    cdr4_2k
    avg7updsvc
    cvsnt
    k750mdm
    s616unic
    artourservice
    symmpi
    iastor
    aclient
    BTSLBCSP
    askernel
    acprfmgrsvc
    https-admserv61
    splitter
    SaiU040B
    proxyhostservice
    USB_RNDIS_XP
    nmsaccess
    mfehidk
    snmptrapdservice
    digictrl
    emupia
    rimusb
    array_utility_service4,0,1,3
    gearaspiwdm
    eskerlicensecontrol
    lxbs_device
    nimdbgk
    CTMSHD
    ihcservice
    pavreport
    ATKFUSService
    iomdisk
    se59mdfl
    pnkbstrb
    lp6nds35
    syntp
    SWMX00
    se2Bnd5
    e1express
    w800mdfl
    entech
    T6963C
    hnmsvc
    VCAM
    purgeieservice
    XFX_program
    smcservice
    ldlcserv
    PQNTDrv
    iviaspi
    enxpsvc
    DniVad
    acedrv07
    Subsonic
    iwebmsg
    qmofiltr
    agrsrvce
    SunkFilt39
    TcUsb
    MA_CMIDI
    trcboot
    smsmdd
    iam
    a016mdfl
    db2ntsecserver
    ec2007service
    sqlagent$sony_mediamgr
    soma
    tvs
    ipsraidn
    kservice
    Bcim
    amon
    axinstsv
    btwrchid
    bdfsdrv
    SE2Dmdfl
    MTsensor
    maya70docserver
    ctdvda2k
    wg111nd5
    nchssvad
    SaiNtSub
    cpqarray
    gv3
    UpdateCenterService
    MobilePreInstallerService
    SQLWriter
    iap
    usb20l
    s716nd5
    FireTDI
    pdframe
    HSFHWICH
    yukonwxp
    lvpopflt
    vzcdbsvc
    NVTCP
    SE27mdm
    atalk
    SunkFilt
    NVENET
    ctmmfilt
    cicssfs.scmmc223
    ifxspmgtsrv
    se44nd5
    agentsrv
    ATMsrvc
    nsengine
    s117obex
    aswrdr
    z800obex
    mwspollserver
    lxbu_device
    rtl8139
    se44bus
    USB11LDR
    ramaint
    pfc
    athr
    se59nd5
    sentinel
    ser2pl
    websenselogserver
    ltck000c
    ZuneWlanCfgSvc
    k750mgmt
    Nsynas32
    uclauncherservice
    ossrv
    sprtsvc_smartagent
    autocomplete
    sbhooksvc
    USBCamera
    TestHandler
    adiloader
    elotouchscreen
    cwafrmiregistry
    W55U01
    tvicport
    aec
    ino_fltr
    CTEDSPFX.DLL
    U81xmdm
    HFACSVC
    imaservice
    tmactmon
    MpFilter
    bthusb
    symids
    ASMMAP
    atchksrv
    AKSIFDH
    GV600_4
    nvmpu401
    ASNDIS5
    omniusbl
    papycpu2
    cpuz132
    HECI
    tsdhd
    protexislicensing
    slapd-data52
    tandpl
    dxdebug
    scanwscs
    ntrtscan
    mod7700
    TVALG
    oracle_load_balancer_60_client-forms6ip14
    telnet
    mapserver6.3
    incdfs
    eamon
    GTPTSER
    atmeltpm
    vetmsgnt
    nvsmu
    RSAFAL
    alertmanager
    sysmonlog
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 16:58]
    .
    2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-20 21:41]
    .
    2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2012-01-20 21:41]
    .
    2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
    - c:\users\William\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-23 04:45]
    .
    2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
    - c:\users\William\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-23 04:45]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = about:blank
    IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
    Trusted Zone: intuit.com\ttlc
    TCP: DhcpNameServer = 192.168.1.1
    .
    - - - - ORPHANS REMOVED - - - -
    .
    SafeBoot-70080763.sys
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-05-17 04:30
    Windows 6.0.6002 Service Pack 2 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\netbt]
    "ImagePath"="system32\drivers\tsk9AF1.tmp"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
    @Denied: (2) (LocalSystem)
    "{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
    27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
    "{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
    36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
    "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
    94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
    "{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
    ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
    @Denied: (2) (LocalSystem)
    "Timestamp"=hex:81,97,c7,74,c6,e0,cc,01
    .
    [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
    @Denied: (2) (LocalSystem)
    "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
    d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,44,3b,da,52,c0,a4,82,4f,a1,90,3e,\
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\windows\System32\WLTRYSVC.EXE
    c:\windows\System32\bcmwltry.exe
    c:\windows\system32\WLANExt.exe
    c:\windows\system32\dlbacoms.exe
    c:\program files\ESET\ESET Smart Security\ekrn.exe
    c:\program files\TeamViewer\Version4\TeamViewer_Service.exe
    c:\program files\TeamViewer\Version4\TeamViewer.exe
    c:\windows\system32\igfxsrvc.exe
    c:\windows\ehome\ehmsas.exe
    c:\program files\Windows Media Player\wmpnscfg.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
    .
    **************************************************************************
    .
    Completion time: 2012-05-17 04:39:27 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-05-17 08:39
    ComboFix2.txt 2012-05-15 08:45
    .
    Pre-Run: 47,050,002,432 bytes free
    Post-Run: 47,093,510,144 bytes free
    .
    - - End Of File - - 465FBB92983D187887138508D60CA266
  22. Broni

    Broni Malware Annihilator Posts: 46,179   +251

    Looks good :)

    How is computer doing?

    Download OTL to your Desktop.

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox.
    • Under the Custom Scan box paste this in:


    netsvcs
    drivers32
    %SYSTEMDRIVE%\*.*
    %systemroot%\Fonts\*.com
    %systemroot%\Fonts\*.dll
    %systemroot%\Fonts\*.ini
    %systemroot%\Fonts\*.ini2
    %systemroot%\Fonts\*.exe
    %systemroot%\system32\spool\prtprocs\w32x86\*.*
    %systemroot%\REPAIR\*.bak1
    %systemroot%\REPAIR\*.ini
    %systemroot%\system32\*.jpg
    %systemroot%\*.jpg
    %systemroot%\*.png
    %systemroot%\*.scr
    %systemroot%\*._sy
    %APPDATA%\Adobe\Update\*.*
    %ALLUSERSPROFILE%\Favorites\*.*
    %APPDATA%\Microsoft\*.*
    %PROGRAMFILES%\*.*
    %APPDATA%\Update\*.*
    %systemroot%\*. /mp /s
    CREATERESTOREPOINT
    %systemroot%\System32\config\*.sav
    %PROGRAMFILES%\bak. /s
    %systemroot%\system32\bak. /s
    %ALLUSERSPROFILE%\Start Menu\*.lnk /x
    %systemroot%\system32\config\systemprofile\*.dat /x
    %systemroot%\*.config
    %systemroot%\system32\*.db
    %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
    %USERPROFILE%\Desktop\*.exe
    %PROGRAMFILES%\Common Files\*.*
    %systemroot%\*.src
    %systemroot%\install\*.*
    %systemroot%\system32\DLL\*.*
    %systemroot%\system32\HelpFiles\*.*
    %systemroot%\tasks\*.*
    %systemroot%\system32\rundll\*.*
    %systemroot%\winn32\*.*
    %systemroot%\Java\*.*
    %systemroot%\system32\test\*.*
    %systemroot%\system32\Rundll32\*.*
    %systemroot%\AppPatch\Custom\*.*
    %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
    %PROGRAMFILES%\PC-Doctor\Downloads\*.*
    %PROGRAMFILES%\Internet Explorer\*.tmp
    %PROGRAMFILES%\Internet Explorer\*.dat
    %USERPROFILE%\My Documents\*.exe
    %USERPROFILE%\*.exe
    %systemroot%\ADDINS\*.*
    %systemroot%\assembly\*.bak2
    %systemroot%\Config\*.*
    %systemroot%\REPAIR\*.bak2
    %systemroot%\SECURITY\Database\*.sdb /x
    %systemroot%\SYSTEM\*.bak2
    %systemroot%\Web\*.bak2
    %systemroot%\Driver Cache\*.*
    %PROGRAMFILES%\Mozilla Firefox\0*.exe
    %ProgramFiles%\Microsoft Common\*.*
    %ProgramFiles%\TinyProxy.
    %USERPROFILE%\Favorites\*.url /x
    %systemroot%\system32\*.bk
    %systemroot%\*.te
    %systemroot%\system32\system32\*.*
    %ALLUSERSPROFILE%\*.dat /x
    %systemroot%\system32\drivers\*.rmv
    dir /b "%systemroot%\system32\*.exe" | find /I " " /c
    dir /b "%systemroot%\*.exe" | find /I " " /c
    %PROGRAMFILES%\Microsoft\*.*
    %systemroot%\System32\Wbem\proquota.exe
    %PROGRAMFILES%\Mozilla Firefox\*.dat
    %USERPROFILE%\Cookies\*.txt /x
    %SystemRoot%\system32\fonts\*.*
    %systemroot%\system32\winlog\*.*
    %systemroot%\system32\Language\*.*
    %systemroot%\system32\Settings\*.*
    %systemroot%\system32\*.quo
    %SYSTEMROOT%\AppPatch\*.exe
    %SYSTEMROOT%\inf\*.exe
    %SYSTEMROOT%\Installer\*.exe
    %systemroot%\system32\config\*.bak2
    %systemroot%\system32\Computers\*.*
    %SystemRoot%\system32\Sound\*.*
    %SystemRoot%\system32\SpecialImg\*.*
    %SystemRoot%\system32\code\*.*
    %SystemRoot%\system32\draft\*.*
    %SystemRoot%\system32\MSSSys\*.*
    %ProgramFiles%\Javascript\*.*
    %systemroot%\pchealth\helpctr\System\*.exe /s
    %systemroot%\Web\*.exe
    %systemroot%\system32\msn\*.*
    %systemroot%\system32\*.tro
    %AppData%\Microsoft\Installer\msupdates\*.*
    %ProgramFiles%\Messenger\*.*
    %systemroot%\system32\systhem32\*.*
    %systemroot%\system\*.exe
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
    /md5start
    /md5stop


    • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
  23. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    OTL logfile created on: 5/18/2012 3:51:28 AM - Run 1
    OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\William\Desktop
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 64.12% Memory free
    6.21 Gb Paging File | 4.99 Gb Available in Paging File | 80.44% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 140.85 Gb Total Space | 41.77 Gb Free Space | 29.65% Space Free | Partition Type: NTFS
    Drive D: | 8.20 Gb Total Space | 1.75 Gb Free Space | 21.39% Space Free | Partition Type: NTFS

    Computer Name: WILLIAM-PC | User Name: William | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2012/05/17 15:12:34 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
    PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
    PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
    PRC - [2011/01/12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
    PRC - [2009/10/07 09:04:44 | 003,872,552 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe
    PRC - [2009/10/07 08:50:26 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
    PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2007/03/05 20:57:30 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbacoms.exe


    ========== Modules (No Company Name) ==========

    MOD - [2012/05/11 05:03:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
    MOD - [2012/05/11 05:03:13 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
    MOD - [2012/05/11 04:52:33 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
    MOD - [2012/05/11 04:52:12 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
    MOD - [2007/12/08 15:34:10 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


    ========== Win32 Services (SafeList) ==========

    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxrsii1s.dll -- (zpsc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w200mgmt.dll -- (zebrbus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DSI_SiUSBXp_3_1.dll -- (z800obex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssscsisv.dll -- (z800mgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\db2ntsecserver.dll -- (WUSB54GPV4SRV)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SMPLSCSI.dll -- (wuolservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavsrv.dll -- (wmi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UWProSys.dll -- (wmdmpmsp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fingrd32.dll -- (wm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdralw2k.dll -- (wlluc48b)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iaantmon.dll -- (wlluc48)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iap.dll -- (WinVd32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omniserv.dll -- (wintab32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sptisrv.dll -- (winpppoverethernet)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\k750mdfl.dll -- (winpowerrmi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifm21.dll -- (winpower)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8139.dll -- (win32sl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trayman.dll -- (wg111nd5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se58mgmt.dll -- (webrootenterpriseclientservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tos_sps32.dll -- (webdriveservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elagopro.dll -- (wdica)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssm_bus.dll -- (WD_FireWire_HID)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\swwd.dll -- (WBHWDOCT)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kraidsvc.dll -- (WaveFDE)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tvtfilter.dll -- (wampmysqld)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\starwindservice.dll -- (w800mdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdfl.dll -- (w800mdfl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvstor64.dll -- (W55U01)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbsermptxp.dll -- (w200bus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032U.dll -- (vzcdbsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\irbus.dll -- (VX3000)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s217unic.dll -- (vvoice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sympxsvc.dll -- (vsdatant)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\termdd.dll -- (vsapint)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xusb21.dll -- (VNUSB)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\niorbk.dll -- (vncdrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\arkbcfltr.dll -- (VICESYS)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v2imount.dll -- (viaagp1)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aalogger.dll -- (Via4in1)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\navap.dll -- (vetmsgnt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NTIDrvr.dll -- (vcommmgr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\U3sHlpDr.dll -- (vc5secs)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DMUSBUSBDCam.dll -- (VAIOMediaPlatform-MusicServer-HTTP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdrbsvsd.dll -- (UxTuneUp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\prodrv06.dll -- (UWProSys)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\openvpnservice.dll -- (UVCFTR)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oraclexeclragent.dll -- (useraccess7)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cercsr6.dll -- (usb20l)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avgascln.dll -- (USB11LDR)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MREMP50.dll -- (USB_RNDIS_XP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hprfdev.dll -- (USB_RNDIS)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atapi.dll -- (us30service)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Cinemsup.dll -- (upsmonservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hsf_dpv.dll -- (uploadmgr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome92tnslistener.dll -- (UpdateCenterService)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hidgame.dll -- (UNDPX2A)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omniserv.dll -- (UMPass)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AdobeActiveFileMonitor6.0.dll -- (uleadburninghelper)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btwusb.dll -- (uclauncherservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032C.dll -- (U81xobex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\delldmi.dll -- (tvs)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iaimtv2.dll -- (TVALG)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Si3132.dll -- (TuneUp.Defrag)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndisip.dll -- (tsdhd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atkkeyboardservice.dll -- (trioservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dmgmt.dll -- (transarcafsdaemon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\stllssvr.dll -- (trackcam4)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tosporte.dll -- (tosrfsnd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\regservice.dll -- (tosrfnds)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dmio.dll -- (TOSHIBASoftModem)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\steamdvr.dll -- (tng-dts)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpnodecollector.dll -- (TNaviSrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\es1371.dll -- (tmtdi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\quickhealfirewall.dll -- (tmmbd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slee_81_service.dll -- (TMKEmu)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mscsptisrv.dll -- (timounter)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PciBus.dll -- (tgsrvc_smartagent)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FTDIBUS.dll -- (tfsnudf)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032C.dll -- (telnet)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\alcaudsl.dll -- (tdimsys)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hidusb.dll -- (tcsd_win32.exe)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rwbackupsrv.dll -- (tbhsd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lbrtfdc.dll -- (tavsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DcLps.dll -- (tapeware)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smservauth.dll -- (tandpl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQTECH905C.dll -- (syntp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlacdbhm.dll -- (symmpi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pca.dll -- (symids)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwafnotesservice.dll -- (SWUMX51)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CT20XUT.DLL.dll -- (SWNC5E00)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxdmCATSCustConnectService.dll -- (SWMX00)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdrframe.dll -- (svv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TClass2k.dll -- (SunkFilt39)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kerbkey.dll -- (SunkFilt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HECI.dll -- (Subsonic)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ccpwdsvc.dll -- (STV680m)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avidsdmservice.dll -- (STV680)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ntgrip.dll -- (stacsv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dot4print.dll -- (ssm_mdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MailService.dll -- (ssm_bus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxcgcustomerconnect.dll -- (sshrmd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SMCB000.dll -- (ssfs0509)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NetMsmqActivator.dll -- (ss_mdfl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ISAMSvc.dll -- (srvdpi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NSNDIS5.dll -- (SRTSP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cm102u32.dll -- (SRS_SSCFilter)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WUSB54Gv4SVC.dll -- (srescan)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w29n51.dll -- (SQLWriter)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdfsdrv.dll -- (sprtsvc_smartagent)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsunidrv.dll -- (spmd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backupexecagentaccelerator.dll -- (splitter)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SiSGbeXP.dll -- (SPFDRV)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tdtcp.dll -- (spcsutilityservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdfl.dll -- (spbbcsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NPPTNT.dll -- (sonytvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mbr.dll -- (SNP2STD)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SerTVOutCtlr.dll -- (snmptrapdservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VRFIL.dll -- (smsmdd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HECI.dll -- (SMCB000)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NICSer_WPC300N.dll -- (smartwiservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ipfilterdriver.dll -- (Slpsvdr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Invoker.dll -- (Slntamr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcidrv.dll -- (slee_503_service)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CoachUsb.dll -- (slabser)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\l8042pr2.dll -- (slabbus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snmptrapdservice.dll -- (sisnic)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wuauserv.dll -- (sis315)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ngdbserv.dll -- (SimpTcp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PCISys.dll -- (sifilter)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\roxupnpserver.dll -- (sglogplayer)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\c-dillasrv.dll -- (SetupSys)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NPDriver.dll -- (server)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DCamUSBGrandTek.dll -- (ser2pl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdss.dll -- (sentinel)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\psasrv.dll -- (SED133x)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\amfilter.dll -- (se59nd5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\OEM02Vfx.dll -- (se58unic)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bgsvcgen.dll -- (se45nd5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavprsrv.dll -- (se45mgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQTECH905C.dll -- (se44nd5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bthmodem.dll -- (se44bus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asapiw2k.dll -- (SE2Eobex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hdaudbus.dll -- (SE2Dbus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PciBus.dll -- (se2Bunic)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\scramby.dll -- (se2Bnd5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\afs2k.dll -- (SE2Bmdfl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GTSCSER.dll -- (se26unic)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirectory.dll -- (SE26mgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlacdbhm.dll -- (SDdriver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\konfig.dll -- (sdcoreservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ICM10USB.dll -- (scsk4)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ufdsvc.dll -- (screadspool)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirmultiplexor.dll -- (ScFBPNT3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DKbFltr.dll -- (sbhooksvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\odysseyIM4.dll -- (sandboxu)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndis.dll -- (SaiU040B)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SNMP.dll -- (SaiNtSub)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BoiHwsetup.dll -- (SABSVC)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lvuvc.dll -- (s7otranx)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w800mdm.dll -- (s7oppitx)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\spooler.dll -- (s716nd5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcbus.dll -- (s616unic)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sis162u.dll -- (s3ssavage)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BUFADPT.dll -- (S3GIGP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\scarddrv.dll -- (s217nd5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsndrct.dll -- (s217mdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\svv.dll -- (s125obex)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epoxusdm.dll -- (s116mdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZDPNDIS5.dll -- (rtl8139)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ErrDev.dll -- (RSAFAL)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ohci1394.dll -- (rppkt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rspndr.dll -- (roxupnpserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\portmapper.dll -- (ROB_A)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mksupdateint.dll -- (rnadiagnosticsservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tlntsvr.dll -- (RMCAST)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwcspud.dll -- (rimvserport)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\websensecpmcommunicationagent.dll -- (rimusb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smtpd32.dll -- (rfcomm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ccdecode.dll -- (retroexplauncher)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\shellhwdetection.dll -- (RESMGR)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\itchfltr.dll -- (RDID1027)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symc8xx.dll -- (rchost)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acdpowerservice.dll -- (rca)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome90agent.dll -- (ramaint)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\httpfilter.dll -- (queuemgr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\navap.dll -- (qmofiltr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RVIEG01.dll -- (ql1280)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usprserv.dll -- (qkbfiltr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SRTSPL.dll -- (qbfcservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SecureStorageService.dll -- (PTDCVsp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Ncrc710.dll -- (PTDCBus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netddedsdm.dll -- (proxyhostservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avsinc.dll -- (protexislicensing)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CE3.dll -- (procexp90)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdpredir.dll -- (prism_a02)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wdica.dll -- (pml)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aolservice.dll -- (picturetaker)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btwhid.dll -- (PGPsdkDriver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\toscosrv.dll -- (PGPdisk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlndtdl.dll -- (pfc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hnmsvc.dll -- (persfw)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HWSCtrl.dll -- (perc2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\venturi2.dll -- (penrendezvous)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slabser.dll -- (pduip6000dmemcrdmgr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LMIRfsDriver.dll -- (pdlnsx25)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\thpsrv.dll -- (pdlnatcm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WNCPKT.dll -- (pdframe)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oraclesnmppeerencapsulator.dll -- (PD0620VID)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mnmsrvc.dll -- (Pctspk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w29n51.dll -- (pcradminserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nic1394.dll -- (pcidump)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\quickhealfirewall.dll -- (papyjoy)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmHidLo.dll -- (papycpu2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dntus26.dll -- (p2k)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\jaguar.dll -- (ovsecurityserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atixsaudio.dll -- (outpostfirewall)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Video3D.dll -- (oraclewebassistant)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NSSvcMgr.dll -- (oracleorahomehttpserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FVXSCSI.dll -- (oracle_load_balancer_60_client-forms6ip9)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SED133x.dll -- (oracle_load_balancer_60_client-forms6ip14)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TIEHDUSB.dll -- (openvpnservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vstor2.dll -- (openldap-slapd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avg7updsvc.dll -- (ood2000)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WUSB54Gv4SVC.dll -- (omsad)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\knobserv.dll -- (omniusbl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mlkkbdntdriver.dll -- (olapserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GameConsoleService.dll -- (NxSysMon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcusb.dll -- (nwlnkspx)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\anydvd.dll -- (NVTCP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\6to4.dll -- (nvstor32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\npkcsvc.dll -- (nvsmu)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elagopro.dll -- (NVR0Dev)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mpe.dll -- (nvmpu401)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mfetdik.dll -- (NVENET)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NetwareWorkstation.dll -- (nvcap)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\beatjamupnpmusicserver.dll -- (ntpr_nic_service2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elaunidr.dll -- (ntmssvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxcccustomerconnect.dll -- (NTIDrvr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rp32service.dll -- (ntcharge)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asp.net.dll -- (NsTrcNT)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cisvc.dll -- (noipducservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZTEusbser6k.dll -- (nmwcdc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\portio.dll -- (nmservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mssql$microsoftbcm.dll -- (nmsaccess)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\shdserv.dll -- (NITaggerService)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTEXFIFX.DLL.dll -- (NIPALK)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aliadwdm.dll -- (nimcrpcsu)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bocdrive.dll -- (nimcdfxk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQLBrowser.dll -- (nfmservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tmtdi.dll -- (NETw3v32)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symantecantibotshim.dll -- (netmdsb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AtiPcie.dll -- (Ncrc710)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8023.dll -- (nbservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PcdrNt.dll -- (mysqlinventime)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rupsd.dll -- (mxnic)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bcm43xx.dll -- (mwstick)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfdrv01.dll -- (mwspollserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\networkx.dll -- (mssqlserverolapservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdudf_xp.dll -- (mssql$sqlexpress)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MKEMUSB.dll -- (msftpsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\server.dll -- (monfilt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sermouse.dll -- (modemcsa)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116mgmt.dll -- (MobilePreInstallerService)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sermouse.dll -- (mlkkbdntdriver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se26unic.dll -- (mks_scan)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcusb.dll -- (mfesmfk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slip.dll -- (mfehidk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\YahooAUService.dll -- (mfeavfk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msmpsvc.dll -- (mctskshd.exe)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tdcmdpst.dll -- (mcsysmon)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ltxred.dll -- (mcnasvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Cam5603C.dll -- (mcdbus)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HWIONT.dll -- (mapserver6.3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mferkdk.dll -- (MA8032U)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CiscoVpnInstallService.dll -- (ma_cmidi_installerservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mldserv.dll -- (lxrjd31d)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvsmu.dll -- (lxcj_device)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpsc.dll -- (lxbu_device)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sonicatheaterinstallerservice.dll -- (lxbs_device)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tcpip.dll -- (LVRS)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\crystalinputfileserver.dll -- (lvprcsrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dptrackerd.dll -- (lpx)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nmservice.dll -- (lp6nds35)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BrScnUsb.dll -- (lockmgr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vds.dll -- (lmab_device)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qhwscsvc.dll -- (lktimesync)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpqalert.dll -- (LKbdFlt2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sweepsrv.sys.dll -- (licensemanagersocket)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DellAMBrokerService.dll -- (license)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmaCVideo32.dll -- (klif)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvstor64.dll -- (k750mdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cis1284.dll -- (k750mdfl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\actser.dll -- (Jukebox)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\swmidi.dll -- (jaguar)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nsm1serd.dll -- (iwebmsg)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116bus.dll -- (iviaspi)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdm.dll -- (isapisearch)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQLWriter.dll -- (ISAMSvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MS1000.dll -- (iPassPeriodicUpdateService)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hSONYPVh.dll -- (iPassPeriodicUpdateApp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadiagnosticsservice.dll -- (iPassP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbvideo.dll -- (inotask)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bridge.dll -- (inorpc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\W8335XP.dll -- (ino_flpy)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rootmodem.dll -- (incdfs)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qbcfmonitorservice.dll -- (imagesrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AcronisOSSReinstallSvc.dll -- (iksyssec)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahomehttpserver.dll -- (ikhfile)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s616mgmt.dll -- (ifxtcs)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eeyeevnt.dll -- (ifxspmgtsrv)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\agpcpq.dll -- (IFPUSB)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mrobeservice.dll -- (ibmcicstransactiongateway)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\inetaccs.dll -- (iastor)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\twdns.dll -- (iap)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnemap.dll -- (iAimTV5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\procexp90.dll -- (iaimfp1)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kerbkey.dll -- (i81x)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\i8042prt.dll -- (hwpsgt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dptrackerd.dll -- (https-admserv61)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tappsrv.dll -- (HSFHWICH)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msgsrvservice.dll -- (hsf_dp)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\redbook.dll -- (hpqddsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vsmon.dll -- (HPFECP20)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mxserver.dll -- (Hotkey)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\buslogic.dll -- (hmonitor)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HIDSwvd.dll -- (HIDSwvd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elockservice.dll -- (hibernation)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xusb21.dll -- (hclinetd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DcCam.dll -- (haspnt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ADIDTSFiltService.dll -- (harmony)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\jobserver_report.dll -- (GV600_4)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\thkeys.dll -- (gv3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MRESP50.dll -- (GTSCSER)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pnmsrv.dll -- (GTPTSER)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usb_rndisx.dll -- (gearaspiwdm)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassPeriodicUpdateApp.dll -- (fshttps)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se2Eunic.dll -- (freepops)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\samss.dll -- (freebsd)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mfehidk.dll -- (flashcom)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kpfwsvc.dll -- (eskerlicensecontrol)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\srv.dll -- (emupia)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sbpci.dll -- (el90xbc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vet-filt.dll -- (EL2000)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116mdfl.dll -- (EACSvrMngr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\L1e.dll -- (e1express)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnemsg.dll -- (DNE)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smapint.dll -- (dmio)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SrvcEPIOMngr.dll -- (dlcf_device)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\issuser.dll -- (DirectUpdate)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pimsgss.dll -- (digictrl)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndasscsi.dll -- (defwatch)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tones.dll -- (ctljystk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ps2.dll -- (cpucoolserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sit_bus.dll -- (cicssfs.scmmc223)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\captureservice.dll -- (cebdaldr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netdde.dll -- (ccflic0)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\W8100PCI.dll -- (btwusb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\merakcontrol.dll -- (BTSLBCSP)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nfsds.dll -- (btnetfilter)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8029.dll -- (bthusb)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\akshhl.dll -- (bantext)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fsaa.dll -- (backupexecalertserver)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ati.dll -- (axsaki)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rpsupdaterr.dll -- (avg7rsw)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\apphostsvc.dll -- (ATWPKT2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cyberpowerups.dll -- (ATMsrvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tmesbs32.dll -- (atkkeyboardservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PCDCODEC.dll -- (atixsaudio)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w550mdm.dll -- (athr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cicssfs.scmmc223.dll -- (atalk)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RTHDMIAzAudService.dll -- (aswrdr)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmp54gv4svc.dll -- (ASNDIS5)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdagent.dll -- (askernel)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ShockMgr.dll -- (artourservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NTSIM.dll -- (array_utility_service4,0,1,3)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ultra66.dll -- (Appn)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ccispwdsvc.dll -- (Angel2)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Eobex.dll -- (AKSIFDH)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acpi.dll -- (agrsrvce)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\idsvc.dll -- (ageremodemaudio)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WinHttpAutoProxySvc.dll -- (AdobeActiveFileMonitor6.0)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TPM.dll -- (AcronisOSSReinstallSvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RIOXDRV.dll -- (acprfmgrsvc)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Dell1100_FUService.dll -- (aclient)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VAIOMediaPlatform-MusicServer-HTTP.dll -- (acermemusagecheckservice)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acrotray.dll -- (a016mgmt)
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ibmsmbus.dll -- ({a7447300-8075-4b0d-83f1-3d75c8ebc623})
    SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iAimFP7.dll -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
    SRV - [2012/05/05 12:58:23 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
    SRV - [2011/01/12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
    SRV - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
    SRV - [2009/10/07 08:50:26 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
    SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007/03/05 20:57:30 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbacoms.exe -- (dlba_device)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
    DRV - File not found [Kernel | System | Stopped] -- system32\drivers\tsk9AF1.tmp -- (netbt)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
    DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
    DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\BCM42RLY.sys -- (BCM42RLY)
    DRV - File not found [File_System | Boot | Stopped] -- system32\drivers\98925466.sys -- (70080763)
    DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2012/02/25 15:19:08 | 000,121,208 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
    DRV - [2010/12/21 15:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
    DRV - [2010/12/21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
    DRV - [2010/12/21 13:47:38 | 000,134,000 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
    DRV - [2010/12/21 13:47:38 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
    DRV - [2010/12/21 13:47:38 | 000,033,120 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
    DRV - [2009/06/25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
    DRV - [2008/10/11 15:56:00 | 000,045,056 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
    DRV - [2008/07/29 15:41:36 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
    DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
    IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\URLSearchHook: - No CLSID value found
    IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes,DefaultScope = {14333CD8-819C-402F-9905-1CF972A81140}
    IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
    IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{14333CD8-819C-402F-9905-1CF972A81140}: "URL" = http://search.yahoo.com/?ourmark=4&p={searchTerms}
    IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&sourceid=ie7&rlz=1I7ADRA_enUS469
    IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{C36B4AC8-F9D8-49D2-B38D-B809B2153AFC}: "URL" = http://websearch.ask.com/redirect?c...pn_sauid=8924FAAA-C73B-46DA-8F63-61EB8B029E1C
    IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


    ========== FireFox ==========

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
    FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\William\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\William\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/23 17:26:32 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/05/13 13:40:04 | 000,000,000 | ---D | M]

    [2012/03/24 20:23:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\William\AppData\Roaming\Mozilla\Firefox\Profiles\kxy542ye.default\extensions
    [2011/11/23 02:45:23 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
  24. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    ========== Chrome ==========

    CHR - default_search_provider: Bing (Enabled)
    CHR - default_search_provider: search_url = http://www.bing.com/search?setmkt=en-US&q={searchTerms}
    CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language},
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\William\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\William\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll
    CHR - plugin: Shockwave Flash (Disabled) = C:\Users\William\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
    CHR - plugin: Shockwave Flash (Disabled) = C:\Users\William\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
    CHR - plugin: Chrome Toolbox Plugin (Enabled) = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.32_0\plugin/convenience.dll
    CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
    CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
    CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - Extension: YouTube = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Google Search = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Chrome Toolbox (by Google) = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.32_0\
    CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
    CHR - Extension: Gmail = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2012/05/17 04:29:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
    O3 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
    O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
    O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
    O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O15 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{431E6B66-43D9-4C45-9390-7F4CABDE6BF8}: DhcpNameServer = 192.168.1.1
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - %systemroot%\system32\elaunidr.dll File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: se2Bunic - %systemroot%\system32\PciBus.dll File not found
    NetSvcs: ofcpfwsvc - File not found
    NetSvcs: upsmonservice - %systemroot%\system32\Cinemsup.dll File not found
    NetSvcs: nmservice - %systemroot%\system32\portio.dll File not found
    NetSvcs: atkkeyboardservice - %systemroot%\system32\tmesbs32.dll File not found
    NetSvcs: SE2Bmdfl - %systemroot%\system32\afs2k.dll File not found
    NetSvcs: SE2Dbus - %systemroot%\system32\hdaudbus.dll File not found
    NetSvcs: omsad - %systemroot%\system32\WUSB54Gv4SVC.dll File not found
    NetSvcs: tmtdi - %systemroot%\system32\es1371.dll File not found
    NetSvcs: wm - %systemroot%\system32\fingrd32.dll File not found
    NetSvcs: UNDPX2A - %systemroot%\system32\hidgame.dll File not found
    NetSvcs: sdcoreservice - %systemroot%\system32\konfig.dll File not found
    NetSvcs: EIO_XP - File not found
    NetSvcs: ErrDev - File not found
    NetSvcs: qfcoresvc - File not found
    NetSvcs: mcdetect.exe - File not found
    NetSvcs: pelusblf - File not found
    NetSvcs: DS1410D - File not found
    NetSvcs: CTMFLT - File not found
    NetSvcs: EMATCORE - File not found
    NetSvcs: CVirtA - File not found
    NetSvcs: mssqlserverolapservice - %systemroot%\system32\networkx.dll File not found
    NetSvcs: pgpsdkservice - File not found
    NetSvcs: PTDCVsp - %systemroot%\system32\SecureStorageService.dll File not found
    NetSvcs: dsNcAdpt - File not found
    NetSvcs: sisnic - %systemroot%\system32\snmptrapdservice.dll File not found
    NetSvcs: btnetfilter - %systemroot%\system32\nfsds.dll File not found
    NetSvcs: nimcdfxk - %systemroot%\system32\bocdrive.dll File not found
    NetSvcs: MTC0001_ESB - File not found
    NetSvcs: SprintRcAppSvc - File not found
    NetSvcs: pcx1unic - File not found
    NetSvcs: RDID1027 - %systemroot%\system32\itchfltr.dll File not found
    NetSvcs: pwkntmon - File not found
    NetSvcs: axsaki - %systemroot%\system32\ati.dll File not found
    NetSvcs: mwagent - File not found
    NetSvcs: oracle_load_balancer_60_server-forms6ip9 - File not found
    NetSvcs: rslinxng - File not found
    NetSvcs: mysql - File not found
    NetSvcs: teefer - File not found
    NetSvcs: atixsaudio - %systemroot%\system32\PCDCODEC.dll File not found
    NetSvcs: mvserver - File not found
    NetSvcs: spmd - %systemroot%\system32\dsunidrv.dll File not found
    NetSvcs: bc_filter - File not found
    NetSvcs: atiavaiw - File not found
    NetSvcs: UimBus - File not found
    NetSvcs: sisperf - File not found
    NetSvcs: imapiservice - File not found
    NetSvcs: s716mdm - File not found
    NetSvcs: rt2500usb - File not found
    NetSvcs: ppped - File not found
    NetSvcs: tfsnboio - File not found
    NetSvcs: dlartl_n - File not found
    NetSvcs: vstor2-ws60 - File not found
    NetSvcs: iPassPeriodicUpdateService - %systemroot%\system32\MS1000.dll File not found
    NetSvcs: speakerphone - File not found
    NetSvcs: ZDPNDIS5 - File not found
    NetSvcs: ISAMSvc - %systemroot%\system32\SQLWriter.dll File not found
    NetSvcs: plsremotesvc - File not found
    NetSvcs: smartwiservice - %systemroot%\system32\NICSer_WPC300N.dll File not found
    NetSvcs: mcdbus - %systemroot%\system32\Cam5603C.dll File not found
    NetSvcs: se45mgmt - %systemroot%\system32\pavprsrv.dll File not found
    NetSvcs: ccflic0 - %systemroot%\system32\netdde.dll File not found
    NetSvcs: webdriveservice - %systemroot%\system32\tos_sps32.dll File not found
    NetSvcs: wlluc48b - %systemroot%\system32\cdralw2k.dll File not found
    NetSvcs: webrootenterpriseclientservice - %systemroot%\system32\se58mgmt.dll File not found
    NetSvcs: imagesrv - %systemroot%\system32\qbcfmonitorservice.dll File not found
    NetSvcs: flashcom - %systemroot%\system32\mfehidk.dll File not found
    NetSvcs: ssm_bus - %systemroot%\system32\MailService.dll File not found
    NetSvcs: olapserver - %systemroot%\system32\mlkkbdntdriver.dll File not found
    NetSvcs: wintab32 - %systemroot%\system32\omniserv.dll File not found
    NetSvcs: a016mgmt - %systemroot%\system32\acrotray.dll File not found
    NetSvcs: MRV6X32P - File not found
    NetSvcs: EACSvrMngr - %systemroot%\system32\s116mdfl.dll File not found
    NetSvcs: sglogplayer - %systemroot%\system32\roxupnpserver.dll File not found
    NetSvcs: AcronisOSSReinstallSvc - %systemroot%\system32\TPM.dll File not found
    NetSvcs: atdisk - File not found
    NetSvcs: bantext - %systemroot%\system32\akshhl.dll File not found
    NetSvcs: nwlnkspx - %systemroot%\system32\vpcusb.dll File not found
    NetSvcs: PBADRV - File not found
    NetSvcs: oraclewebassistant - %systemroot%\system32\Video3D.dll File not found
    NetSvcs: sonytvc - %systemroot%\system32\NPPTNT.dll File not found
    NetSvcs: intelroam - File not found
    NetSvcs: papyjoy - %systemroot%\system32\quickhealfirewall.dll File not found
    NetSvcs: tfsnudf - %systemroot%\system32\FTDIBUS.dll File not found
    NetSvcs: U3sHlpDr - File not found
    NetSvcs: npapimon - File not found
    NetSvcs: comhost - File not found
    NetSvcs: SetupSys - %systemroot%\system32\c-dillasrv.dll File not found
    NetSvcs: pdlnatcm - %systemroot%\system32\thpsrv.dll File not found
    NetSvcs: iPassP - %systemroot%\system32\rnadiagnosticsservice.dll File not found
    NetSvcs: perc2 - %systemroot%\system32\HWSCtrl.dll File not found
    NetSvcs: statusagent - File not found
    NetSvcs: ATWPKT2 - %systemroot%\system32\apphostsvc.dll File not found
    NetSvcs: AdobeActiveFileMonitor6.0 - %systemroot%\system32\WinHttpAutoProxySvc.dll File not found
    NetSvcs: WD_FireWire_HID - %systemroot%\system32\ssm_bus.dll File not found
    NetSvcs: {a7447300-8075-4b0d-83f1-3d75c8ebc623} - %systemroot%\system32\ibmsmbus.dll File not found
    NetSvcs: hclinetd - %systemroot%\system32\xusb21.dll File not found
    NetSvcs: i81x - %systemroot%\system32\kerbkey.dll File not found
    NetSvcs: SWUMX51 - %systemroot%\system32\cwafnotesservice.dll File not found
    NetSvcs: MQAC - File not found
    NetSvcs: UsbserFilt - File not found
    NetSvcs: dlbu_device - File not found
    NetSvcs: szkg - File not found
    NetSvcs: incdsrv - File not found
    NetSvcs: acrotray - File not found
    NetSvcs: rootmodem - File not found
    NetSvcs: nwlnknb - File not found
    NetSvcs: avgems - File not found
    NetSvcs: datasvr - File not found
    NetSvcs: NETw4v32 - File not found
    NetSvcs: cfgwzsvc - File not found
    NetSvcs: tvtfilter - File not found
    NetSvcs: USB_NDIS_51 - File not found
    NetSvcs: s125mdfl - File not found
    NetSvcs: tng-dtmg - File not found
    NetSvcs: vproeventmonitor - File not found
    NetSvcs: wmconnectcds - File not found
    NetSvcs: redbook - File not found
    NetSvcs: DivisCTS - File not found
    NetSvcs: NWSAP - File not found
    NetSvcs: macformatservice - File not found
    NetSvcs: sit_flt - File not found
    NetSvcs: EL2000 - %systemroot%\system32\vet-filt.dll File not found
    NetSvcs: ssfs0509 - %systemroot%\system32\SMCB000.dll File not found
    NetSvcs: procexp90 - %systemroot%\system32\CE3.dll File not found
    NetSvcs: iksyssec - %systemroot%\system32\AcronisOSSReinstallSvc.dll File not found
    NetSvcs: starwindservice - File not found
    NetSvcs: mnsframework - File not found
    NetSvcs: aolservice - File not found
    NetSvcs: crauto - File not found
    NetSvcs: nvax - File not found
    NetSvcs: mctskshd.exe - %systemroot%\system32\msmpsvc.dll File not found
    NetSvcs: ICAM5USB - File not found
    NetSvcs: LC7981 - File not found
    NetSvcs: razerusb - File not found
    NetSvcs: EagleNT - File not found
    NetSvcs: xfilt - File not found
    NetSvcs: ageremodemaudio - %systemroot%\system32\idsvc.dll File not found
    NetSvcs: MA8032U - %systemroot%\system32\mferkdk.dll File not found
    NetSvcs: fshttps - %systemroot%\system32\iPassPeriodicUpdateApp.dll File not found
    NetSvcs: slabbus - %systemroot%\system32\l8042pr2.dll File not found
    NetSvcs: useraccess7 - %systemroot%\system32\oraclexeclragent.dll File not found
    NetSvcs: ctljystk - %systemroot%\system32\tones.dll File not found
    NetSvcs: acermemusagecheckservice - %systemroot%\system32\VAIOMediaPlatform-MusicServer-HTTP.dll File not found
    NetSvcs: NVR0Dev - %systemroot%\system32\elagopro.dll File not found
    NetSvcs: rnadirectory - File not found
    NetSvcs: netmdsb - %systemroot%\system32\symantecantibotshim.dll File not found
    NetSvcs: nm - File not found
    NetSvcs: bc_pat_f - File not found
    NetSvcs: MREMP50 - File not found
    NetSvcs: W700mdm - File not found
    NetSvcs: oraclemtsrecoveryservice - File not found
    NetSvcs: pduip6000dmemcrdmgr - %systemroot%\system32\slabser.dll File not found
    NetSvcs: roxwatch - File not found
    NetSvcs: svv - %systemroot%\system32\pdrframe.dll File not found
    NetSvcs: SMCB000 - %systemroot%\system32\HECI.dll File not found
    NetSvcs: vncdrv - %systemroot%\system32\niorbk.dll File not found
    NetSvcs: tapeware - %systemroot%\system32\DcLps.dll File not found
    NetSvcs: Angel2 - %systemroot%\system32\ccispwdsvc.dll File not found
    NetSvcs: qkbfiltr - %systemroot%\system32\usprserv.dll File not found
    NetSvcs: persfw - %systemroot%\system32\hnmsvc.dll File not found
    NetSvcs: cpucoolserver - %systemroot%\system32\ps2.dll File not found
    NetSvcs: btwusb - %systemroot%\system32\W8100PCI.dll File not found
    NetSvcs: STV680m - %systemroot%\system32\ccpwdsvc.dll File not found
    NetSvcs: msftpsvc - %systemroot%\system32\MKEMUSB.dll File not found
    NetSvcs: mxnic - %systemroot%\system32\rupsd.dll File not found
    NetSvcs: ikhfile - %systemroot%\system32\oracleorahomehttpserver.dll File not found
    NetSvcs: opcenum - File not found
    NetSvcs: trioservice - %systemroot%\system32\atkkeyboardservice.dll File not found
    NetSvcs: cebdaldr - %systemroot%\system32\captureservice.dll File not found
    NetSvcs: winpppoverethernet - %systemroot%\system32\sptisrv.dll File not found
    NetSvcs: lpx - %systemroot%\system32\dptrackerd.dll File not found
    NetSvcs: TOSHIBASoftModem - %systemroot%\system32\dmio.dll File not found
    NetSvcs: mssql$sqlexpress - %systemroot%\system32\cdudf_xp.dll File not found
    NetSvcs: Hotkey - %systemroot%\system32\mxserver.dll File not found
    NetSvcs: NITaggerService - %systemroot%\system32\shdserv.dll File not found
    NetSvcs: slabser - %systemroot%\system32\CoachUsb.dll File not found
    NetSvcs: openldap-slapd - %systemroot%\system32\vstor2.dll File not found
    NetSvcs: WinVd32 - %systemroot%\system32\iap.dll File not found
    NetSvcs: rchost - %systemroot%\system32\symc8xx.dll File not found
    NetSvcs: w800mdm - %systemroot%\system32\starwindservice.dll File not found
    NetSvcs: NTIDrvr - %systemroot%\system32\lxcccustomerconnect.dll File not found
    NetSvcs: server - %systemroot%\system32\NPDriver.dll File not found
    NetSvcs: SE26mgmt - %systemroot%\system32\rnadirectory.dll File not found
    NetSvcs: z800mgmt - %systemroot%\system32\ssscsisv.dll File not found
    NetSvcs: S3GIGP - %systemroot%\system32\BUFADPT.dll File not found
    NetSvcs: tgsrvc_smartagent - %systemroot%\system32\PciBus.dll File not found
    NetSvcs: iaimfp1 - %systemroot%\system32\procexp90.dll File not found
    NetSvcs: Slntamr - %systemroot%\system32\Invoker.dll File not found
    NetSvcs: defwatch - %systemroot%\system32\ndasscsi.dll File not found
    NetSvcs: sis315 - %systemroot%\system32\wuauserv.dll File not found
    NetSvcs: queuemgr - %systemroot%\system32\httpfilter.dll File not found
    NetSvcs: penrendezvous - %systemroot%\system32\venturi2.dll File not found
    NetSvcs: lktimesync - %systemroot%\system32\qhwscsvc.dll File not found
    NetSvcs: ino_flpy - %systemroot%\system32\W8335XP.dll File not found
    NetSvcs: noipducservice - %systemroot%\system32\cisvc.dll File not found
    NetSvcs: WaveFDE - %systemroot%\system32\kraidsvc.dll File not found
    NetSvcs: ntcharge - %systemroot%\system32\rp32service.dll File not found
    NetSvcs: se45nd5 - %systemroot%\system32\bgsvcgen.dll File not found
    NetSvcs: rfcomm - %systemroot%\system32\smtpd32.dll File not found
    NetSvcs: tavsvc - %systemroot%\system32\lbrtfdc.dll File not found
    NetSvcs: SABSVC - %systemroot%\system32\BoiHwsetup.dll File not found
    NetSvcs: screadspool - %systemroot%\system32\ufdsvc.dll File not found
    NetSvcs: GTSCSER - %systemroot%\system32\MRESP50.dll File not found
    NetSvcs: mysqlinventime - %systemroot%\system32\PcdrNt.dll File not found
    NetSvcs: modemcsa - %systemroot%\system32\sermouse.dll File not found
    NetSvcs: timounter - %systemroot%\system32\mscsptisrv.dll File not found
    NetSvcs: NETw3v32 - %systemroot%\system32\tmtdi.dll File not found
    NetSvcs: ma_cmidi_installerservice - %systemroot%\system32\CiscoVpnInstallService.dll File not found
    NetSvcs: nimxdfk - File not found
    NetSvcs: tdimsys - %systemroot%\system32\alcaudsl.dll File not found
    NetSvcs: PD0620VID - %systemroot%\system32\oraclesnmppeerencapsulator.dll File not found
    NetSvcs: PGPdisk - %systemroot%\system32\toscosrv.dll File not found
    NetSvcs: SimpTcp - %systemroot%\system32\ngdbserv.dll File not found
    NetSvcs: mfeavfk - %systemroot%\system32\YahooAUService.dll File not found
    NetSvcs: SPFDRV - %systemroot%\system32\SiSGbeXP.dll File not found
    NetSvcs: pcradminserver - %systemroot%\system32\w29n51.dll File not found
    NetSvcs: mlkkbdntdriver - %systemroot%\system32\sermouse.dll File not found
    NetSvcs: WBHWDOCT - %systemroot%\system32\swwd.dll File not found
    NetSvcs: lvprcsrv - %systemroot%\system32\crystalinputfileserver.dll File not found
    NetSvcs: uleadburninghelper - %systemroot%\system32\AdobeActiveFileMonitor6.0.dll File not found
    NetSvcs: mwstick - %systemroot%\system32\bcm43xx.dll File not found
    NetSvcs: vsdatant - %systemroot%\system32\sympxsvc.dll File not found
    NetSvcs: hibernation - %systemroot%\system32\elockservice.dll File not found
    NetSvcs: lmab_device - %systemroot%\system32\vds.dll File not found
    NetSvcs: rppkt - %systemroot%\system32\ohci1394.dll File not found
    NetSvcs: mcsysmon - %systemroot%\system32\tdcmdpst.dll File not found
    NetSvcs: UWProSys - %systemroot%\system32\prodrv06.dll File not found
    NetSvcs: s217nd5 - %systemroot%\system32\scarddrv.dll File not found
    NetSvcs: monfilt - %systemroot%\system32\server.dll File not found
    NetSvcs: lxcj_device - %systemroot%\system32\nvsmu.dll File not found
    NetSvcs: ntpr_nic_service2 - %systemroot%\system32\beatjamupnpmusicserver.dll File not found
    NetSvcs: iAimTV5 - %systemroot%\system32\pdlnemap.dll File not found
    NetSvcs: zpsc - %systemroot%\system32\lxrsii1s.dll File not found
    NetSvcs: haspnt - %systemroot%\system32\DcCam.dll File not found
    NetSvcs: Jukebox - %systemroot%\system32\actser.dll File not found
    NetSvcs: VAIOMediaPlatform-MusicServer-HTTP - %systemroot%\system32\DMUSBUSBDCam.dll File not found
    NetSvcs: scsk4 - %systemroot%\system32\ICM10USB.dll File not found
    NetSvcs: outpostfirewall - %systemroot%\system32\atixsaudio.dll File not found
    NetSvcs: backupexecalertserver - %systemroot%\system32\fsaa.dll File not found
    NetSvcs: nmwcdc - %systemroot%\system32\ZTEusbser6k.dll File not found
    NetSvcs: pavdrv - File not found
    NetSvcs: sandboxu - %systemroot%\system32\odysseyIM4.dll File not found
    NetSvcs: slee_503_service - %systemroot%\system32\pcidrv.dll File not found
    NetSvcs: wmi - %systemroot%\system32\pavsrv.dll File not found
    NetSvcs: HIDSwvd - %systemroot%\system32\HIDSwvd.dll File not found
    NetSvcs: ssm_mdm - %systemroot%\system32\dot4print.dll File not found
    NetSvcs: LVRS - %systemroot%\system32\tcpip.dll File not found
    NetSvcs: sifilter - %systemroot%\system32\PCISys.dll File not found
    NetSvcs: viaagp1 - %systemroot%\system32\v2imount.dll File not found
    NetSvcs: ood2000 - %systemroot%\system32\avg7updsvc.dll File not found
    NetSvcs: STV680 - %systemroot%\system32\avidsdmservice.dll File not found
    NetSvcs: win32sl - %systemroot%\system32\rtl8139.dll File not found
    NetSvcs: s116mdm - %systemroot%\system32\epoxusdm.dll File not found
    NetSvcs: Pctspk - %systemroot%\system32\mnmsrvc.dll File not found
    NetSvcs: jaguar - %systemroot%\system32\swmidi.dll File not found
    NetSvcs: ROB_A - %systemroot%\system32\portmapper.dll File not found
    NetSvcs: Appn - %systemroot%\system32\ultra66.dll File not found
    NetSvcs: hwpsgt - %systemroot%\system32\i8042prt.dll File not found
    NetSvcs: spcsutilityservice - %systemroot%\system32\tdtcp.dll File not found
    NetSvcs: nvstor32 - %systemroot%\system32\6to4.dll File not found
    NetSvcs: mfesmfk - %systemroot%\system32\vpcusb.dll File not found
    NetSvcs: roxupnpserver - %systemroot%\system32\rspndr.dll File not found
    NetSvcs: avg7rsw - %systemroot%\system32\rpsupdaterr.dll File not found
    NetSvcs: SWNC5E00 - %systemroot%\system32\CT20XUT.DLL.dll File not found
    NetSvcs: DNE - %systemroot%\system32\pdlnemsg.dll File not found
    NetSvcs: ovsecurityserver - %systemroot%\system32\jaguar.dll File not found
    NetSvcs: p2k - %systemroot%\system32\dntus26.dll File not found
    NetSvcs: wuolservice - %systemroot%\system32\SMPLSCSI.dll File not found
    NetSvcs: winpowerrmi - %systemroot%\system32\k750mdfl.dll File not found
    NetSvcs: srvdpi - %systemroot%\system32\ISAMSvc.dll File not found
    NetSvcs: spbbcsvc - %systemroot%\system32\z525mdfl.dll File not found
    NetSvcs: vcommmgr - %systemroot%\system32\NTIDrvr.dll File not found
    NetSvcs: SNP2STD - %systemroot%\system32\mbr.dll File not found
    NetSvcs: NIPALK - %systemroot%\system32\CTEXFIFX.DLL.dll File not found
    NetSvcs: hpqddsvc - %systemroot%\system32\redbook.dll File not found
    NetSvcs: harmony - %systemroot%\system32\ADIDTSFiltService.dll File not found
    NetSvcs: sshrmd - %systemroot%\system32\lxcgcustomerconnect.dll File not found
    NetSvcs: winpower - %systemroot%\system32\tifm21.dll File not found
    NetSvcs: Slpsvdr - %systemroot%\system32\ipfilterdriver.dll File not found
    NetSvcs: oracle_load_balancer_60_client-forms6ip9 - %systemroot%\system32\FVXSCSI.dll File not found
    NetSvcs: TMKEmu - %systemroot%\system32\slee_81_service.dll File not found
    NetSvcs: HPFECP20 - %systemroot%\system32\vsmon.dll File not found
    NetSvcs: pcidump - %systemroot%\system32\nic1394.dll File not found
    NetSvcs: UVCFTR - %systemroot%\system32\openvpnservice.dll File not found
    NetSvcs: nbservice - %systemroot%\system32\rtl8023.dll File not found
    NetSvcs: license - %systemroot%\system32\DellAMBrokerService.dll File not found
    NetSvcs: oracleorahomehttpserver - %systemroot%\system32\NSSvcMgr.dll File not found
    NetSvcs: DirectUpdate - %systemroot%\system32\issuser.dll File not found
    NetSvcs: PGPsdkDriver - %systemroot%\system32\btwhid.dll File not found
    NetSvcs: retroexplauncher - %systemroot%\system32\ccdecode.dll File not found
    NetSvcs: nfmservice - %systemroot%\system32\SQLBrowser.dll File not found
    NetSvcs: tng-dts - %systemroot%\system32\steamdvr.dll File not found
    NetSvcs: SE2Eobex - %systemroot%\system32\asapiw2k.dll File not found
    NetSvcs: wampmysqld - %systemroot%\system32\tvtfilter.dll File not found
    NetSvcs: s217mdm - %systemroot%\system32\tfsndrct.dll File not found
    NetSvcs: dlcf_device - %systemroot%\system32\SrvcEPIOMngr.dll File not found
    NetSvcs: rimvserport - %systemroot%\system32\cwcspud.dll File not found
    NetSvcs: TNaviSrv - %systemroot%\system32\zpnodecollector.dll File not found
    NetSvcs: el90xbc - %systemroot%\system32\sbpci.dll File not found
    NetSvcs: RESMGR - %systemroot%\system32\shellhwdetection.dll File not found
    NetSvcs: SDdriver - %systemroot%\system32\dlacdbhm.dll File not found
    NetSvcs: pdlnsx25 - %systemroot%\system32\LMIRfsDriver.dll File not found
    NetSvcs: wdica - %systemroot%\system32\elagopro.dll File not found
    NetSvcs: wmdmpmsp - %systemroot%\system32\UWProSys.dll File not found
    NetSvcs: picturetaker - %systemroot%\system32\aolservice.dll File not found
    NetSvcs: rnadiagnosticsservice - %systemroot%\system32\mksupdateint.dll File not found
    NetSvcs: Via4in1 - %systemroot%\system32\aalogger.dll File not found
    NetSvcs: freepops - %systemroot%\system32\se2Eunic.dll File not found
    NetSvcs: nimcrpcsu - %systemroot%\system32\aliadwdm.dll File not found
    NetSvcs: dmio - %systemroot%\system32\smapint.dll File not found
    NetSvcs: TuneUp.Defrag - %systemroot%\system32\Si3132.dll File not found
    NetSvcs: iPassPeriodicUpdateApp - %systemroot%\system32\hSONYPVh.dll File not found
    NetSvcs: prism_a02 - %systemroot%\system32\bdpredir.dll File not found
    NetSvcs: IFPUSB - %systemroot%\system32\agpcpq.dll File not found
    NetSvcs: transarcafsdaemon - %systemroot%\system32\SE2Dmgmt.dll File not found
    NetSvcs: k750mdfl - %systemroot%\system32\cis1284.dll File not found
    NetSvcs: USB_RNDIS - %systemroot%\system32\hprfdev.dll File not found
    NetSvcs: SRTSP - %systemroot%\system32\NSNDIS5.dll File not found
    NetSvcs: ifxtcs - %systemroot%\system32\s616mgmt.dll File not found
    NetSvcs: VICESYS - %systemroot%\system32\arkbcfltr.dll File not found
    NetSvcs: PTDCBus - %systemroot%\system32\Ncrc710.dll File not found
    NetSvcs: tcsd_win32.exe - %systemroot%\system32\hidusb.dll File not found
    NetSvcs: pml - %systemroot%\system32\wdica.dll File not found
    NetSvcs: ScFBPNT3 - %systemroot%\system32\rnadirmultiplexor.dll File not found
    NetSvcs: UxTuneUp - %systemroot%\system32\cdrbsvsd.dll File not found
    NetSvcs: vc5secs - %systemroot%\system32\U3sHlpDr.dll File not found
    NetSvcs: tbhsd - %systemroot%\system32\rwbackupsrv.dll File not found
    NetSvcs: stacsv - %systemroot%\system32\ntgrip.dll File not found
    NetSvcs: licensemanagersocket - %systemroot%\system32\sweepsrv.sys.dll File not found
    NetSvcs: tosrfnds - %systemroot%\system32\regservice.dll File not found
    NetSvcs: ql1280 - %systemroot%\system32\RVIEG01.dll File not found
    NetSvcs: s3ssavage - %systemroot%\system32\sis162u.dll File not found
    NetSvcs: hmonitor - %systemroot%\system32\buslogic.dll File not found
    NetSvcs: wlluc48 - %systemroot%\system32\iaantmon.dll File not found
    NetSvcs: tmmbd - %systemroot%\system32\quickhealfirewall.dll File not found
    NetSvcs: zebrbus - %systemroot%\system32\w200mgmt.dll File not found
    NetSvcs: vsapint - %systemroot%\system32\termdd.dll File not found
    NetSvcs: w200bus - %systemroot%\system32\usbsermptxp.dll File not found
    NetSvcs: NsTrcNT - %systemroot%\system32\asp.net.dll File not found
    NetSvcs: hsf_dp - %systemroot%\system32\msgsrvservice.dll File not found
    NetSvcs: trackcam4 - %systemroot%\system32\stllssvr.dll File not found
    NetSvcs: WUSB54GPV4SRV - %systemroot%\system32\db2ntsecserver.dll File not found
    NetSvcs: us30service - %systemroot%\system32\atapi.dll File not found
    NetSvcs: vvoice - %systemroot%\system32\s217unic.dll File not found
    NetSvcs: inotask - %systemroot%\system32\usbvideo.dll File not found
    NetSvcs: inorpc - %systemroot%\system32\bridge.dll File not found
    NetSvcs: VNUSB - %systemroot%\system32\xusb21.dll File not found
    NetSvcs: lxrjd31d - %systemroot%\system32\mldserv.dll File not found
    NetSvcs: Ncrc710 - %systemroot%\system32\AtiPcie.dll File not found
    NetSvcs: rca - %systemroot%\system32\acdpowerservice.dll File not found
    NetSvcs: s125obex - %systemroot%\system32\svv.dll File not found
    NetSvcs: NxSysMon - %systemroot%\system32\GameConsoleService.dll File not found
    NetSvcs: VX3000 - %systemroot%\system32\irbus.dll File not found
    NetSvcs: srescan - %systemroot%\system32\WUSB54Gv4SVC.dll File not found
    NetSvcs: {95808DC4-FA4A-4c74-92FE-5B863F82066B} - %systemroot%\system32\iAimFP7.dll File not found
    NetSvcs: isapisearch - %systemroot%\system32\z525mdm.dll File not found
    NetSvcs: lockmgr - %systemroot%\system32\BrScnUsb.dll File not found
    NetSvcs: nvcap - %systemroot%\system32\NetwareWorkstation.dll File not found
    NetSvcs: ss_mdfl - %systemroot%\system32\NetMsmqActivator.dll File not found
    NetSvcs: SRS_SSCFilter - %systemroot%\system32\cm102u32.dll File not found
    NetSvcs: klif - %systemroot%\system32\WmaCVideo32.dll File not found
    NetSvcs: se26unic - %systemroot%\system32\GTSCSER.dll File not found
    NetSvcs: mks_scan - %systemroot%\system32\se26unic.dll File not found
    NetSvcs: s7otranx - %systemroot%\system32\lvuvc.dll File not found
    NetSvcs: SED133x - %systemroot%\system32\psasrv.dll File not found
    NetSvcs: ibmcicstransactiongateway - %systemroot%\system32\mrobeservice.dll File not found
    NetSvcs: s7oppitx - %systemroot%\system32\w800mdm.dll File not found
    NetSvcs: LKbdFlt2 - %systemroot%\system32\cpqalert.dll File not found
    NetSvcs: UMPass - %systemroot%\system32\omniserv.dll File not found
    NetSvcs: U81xobex - %systemroot%\system32\MA8032C.dll File not found
    NetSvcs: qbfcservice - %systemroot%\system32\SRTSPL.dll File not found
    NetSvcs: tosrfsnd - %systemroot%\system32\tosporte.dll File not found
    NetSvcs: openvpnservice - %systemroot%\system32\TIEHDUSB.dll File not found
    NetSvcs: freebsd - %systemroot%\system32\samss.dll File not found
    NetSvcs: se58unic - %systemroot%\system32\OEM02Vfx.dll File not found
    NetSvcs: RMCAST - %systemroot%\system32\tlntsvr.dll File not found
    NetSvcs: mcnasvc - %systemroot%\system32\ltxred.dll File not found
    NetSvcs: k750mdm - %systemroot%\system32\nvstor64.dll File not found
    NetSvcs: s616unic - %systemroot%\system32\vpcbus.dll File not found
    NetSvcs: artourservice - %systemroot%\system32\ShockMgr.dll File not found
    NetSvcs: symmpi - %systemroot%\system32\dlacdbhm.dll File not found
  25. billyd

    billyd Newcomer, in training Topic Starter Posts: 60

    NetSvcs: iastor - %systemroot%\system32\inetaccs.dll File not found
    NetSvcs: aclient - %systemroot%\system32\Dell1100_FUService.dll File not found
    NetSvcs: BTSLBCSP - %systemroot%\system32\merakcontrol.dll File not found
    NetSvcs: askernel - %systemroot%\system32\pdagent.dll File not found
    NetSvcs: acprfmgrsvc - %systemroot%\system32\RIOXDRV.dll File not found
    NetSvcs: https-admserv61 - %systemroot%\system32\dptrackerd.dll File not found
    NetSvcs: splitter - %systemroot%\system32\backupexecagentaccelerator.dll File not found
    NetSvcs: SaiU040B - %systemroot%\system32\ndis.dll File not found
    NetSvcs: proxyhostservice - %systemroot%\system32\netddedsdm.dll File not found
    NetSvcs: USB_RNDIS_XP - %systemroot%\system32\MREMP50.dll File not found
    NetSvcs: nmsaccess - %systemroot%\system32\mssql$microsoftbcm.dll File not found
    NetSvcs: mfehidk - %systemroot%\system32\slip.dll File not found
    NetSvcs: snmptrapdservice - %systemroot%\system32\SerTVOutCtlr.dll File not found
    NetSvcs: digictrl - %systemroot%\system32\pimsgss.dll File not found
    NetSvcs: emupia - %systemroot%\system32\srv.dll File not found
    NetSvcs: rimusb - %systemroot%\system32\websensecpmcommunicationagent.dll File not found
    NetSvcs: array_utility_service4 - File not found
    NetSvcs: 0 - File not found
    NetSvcs: 1 - File not found
    NetSvcs: 3 - File not found
    NetSvcs: gearaspiwdm - %systemroot%\system32\usb_rndisx.dll File not found
    NetSvcs: eskerlicensecontrol - %systemroot%\system32\kpfwsvc.dll File not found
    NetSvcs: lxbs_device - %systemroot%\system32\sonicatheaterinstallerservice.dll File not found
    NetSvcs: nimdbgk - File not found
    NetSvcs: CTMSHD - File not found
    NetSvcs: ihcservice - File not found
    NetSvcs: pavreport - File not found
    NetSvcs: ATKFUSService - File not found
    NetSvcs: iomdisk - File not found
    NetSvcs: se59mdfl - File not found
    NetSvcs: pnkbstrb - File not found
    NetSvcs: lp6nds35 - %systemroot%\system32\nmservice.dll File not found
    NetSvcs: syntp - %systemroot%\system32\SQTECH905C.dll File not found
    NetSvcs: SWMX00 - %systemroot%\system32\lxdmCATSCustConnectService.dll File not found
    NetSvcs: se2Bnd5 - %systemroot%\system32\scramby.dll File not found
    NetSvcs: e1express - %systemroot%\system32\L1e.dll File not found
    NetSvcs: w800mdfl - %systemroot%\system32\z525mdfl.dll File not found
    NetSvcs: entech - File not found
    NetSvcs: hnmsvc - File not found
    NetSvcs: VCAM - File not found
    NetSvcs: purgeieservice - File not found
    NetSvcs: XFX_program - File not found
    NetSvcs: smcservice - File not found
    NetSvcs: ldlcserv - File not found
    NetSvcs: PQNTDrv - File not found
    NetSvcs: iviaspi - %systemroot%\system32\s116bus.dll File not found
    NetSvcs: enxpsvc - File not found
    NetSvcs: DniVad - File not found
    NetSvcs: acedrv07 - File not found
    NetSvcs: Subsonic - %systemroot%\system32\HECI.dll File not found
    NetSvcs: iwebmsg - %systemroot%\system32\nsm1serd.dll File not found
    NetSvcs: qmofiltr - %systemroot%\system32\navap.dll File not found
    NetSvcs: agrsrvce - %systemroot%\system32\acpi.dll File not found
    NetSvcs: SunkFilt39 - %systemroot%\system32\TClass2k.dll File not found
    NetSvcs: TcUsb - File not found
    NetSvcs: MA_CMIDI - File not found
    NetSvcs: trcboot - File not found
    NetSvcs: smsmdd - %systemroot%\system32\VRFIL.dll File not found
    NetSvcs: iam - File not found
    NetSvcs: a016mdfl - File not found
    NetSvcs: db2ntsecserver - File not found
    NetSvcs: ec2007service - File not found
    NetSvcs: sqlagent$sony_mediamgr - File not found
    NetSvcs: soma - File not found
    NetSvcs: tvs - %systemroot%\system32\delldmi.dll File not found
    NetSvcs: ipsraidn - File not found
    NetSvcs: kservice - File not found
    NetSvcs: Bcim - File not found
    NetSvcs: amon - File not found
    NetSvcs: axinstsv - File not found
    NetSvcs: btwrchid - File not found
    NetSvcs: bdfsdrv - File not found
    NetSvcs: SE2Dmdfl - File not found
    NetSvcs: MTsensor - File not found
    NetSvcs: maya70docserver - File not found
    NetSvcs: ctdvda2k - File not found
    NetSvcs: wg111nd5 - %systemroot%\system32\trayman.dll File not found
    NetSvcs: nchssvad - File not found
    NetSvcs: SaiNtSub - %systemroot%\system32\SNMP.dll File not found
    NetSvcs: gv3 - %systemroot%\system32\thkeys.dll File not found
    NetSvcs: UpdateCenterService - %systemroot%\system32\oracleorahome92tnslistener.dll File not found
    NetSvcs: MobilePreInstallerService - %systemroot%\system32\s116mgmt.dll File not found
    NetSvcs: SQLWriter - %systemroot%\system32\w29n51.dll File not found
    NetSvcs: iap - %systemroot%\system32\twdns.dll File not found
    NetSvcs: usb20l - %systemroot%\system32\cercsr6.dll File not found
    NetSvcs: s716nd5 - %systemroot%\system32\spooler.dll File not found
    NetSvcs: FireTDI - File not found
    NetSvcs: pdframe - %systemroot%\system32\WNCPKT.dll File not found
    NetSvcs: HSFHWICH - %systemroot%\system32\tappsrv.dll File not found
    NetSvcs: yukonwxp - File not found
    NetSvcs: lvpopflt - File not found
    NetSvcs: vzcdbsvc - %systemroot%\system32\MA8032U.dll File not found
    NetSvcs: NVTCP - %systemroot%\system32\anydvd.dll File not found
    NetSvcs: SE27mdm - File not found
    NetSvcs: atalk - %systemroot%\system32\cicssfs.scmmc223.dll File not found
    NetSvcs: SunkFilt - %systemroot%\system32\kerbkey.dll File not found
    NetSvcs: NVENET - %systemroot%\system32\mfetdik.dll File not found
    NetSvcs: ctmmfilt - File not found
    NetSvcs: cicssfs.scmmc223 - %systemroot%\system32\sit_bus.dll File not found
    NetSvcs: ifxspmgtsrv - %systemroot%\system32\eeyeevnt.dll File not found
    NetSvcs: se44nd5 - %systemroot%\system32\SQTECH905C.dll File not found
    NetSvcs: agentsrv - File not found
    NetSvcs: ATMsrvc - %systemroot%\system32\cyberpowerups.dll File not found
    NetSvcs: nsengine - File not found
    NetSvcs: s117obex - File not found
    NetSvcs: aswrdr - %systemroot%\system32\RTHDMIAzAudService.dll File not found
    NetSvcs: z800obex - %systemroot%\system32\DSI_SiUSBXp_3_1.dll File not found
    NetSvcs: mwspollserver - %systemroot%\system32\sfdrv01.dll File not found
    NetSvcs: lxbu_device - %systemroot%\system32\zpsc.dll File not found
    NetSvcs: rtl8139 - %systemroot%\system32\ZDPNDIS5.dll File not found
    NetSvcs: se44bus - %systemroot%\system32\bthmodem.dll File not found
    NetSvcs: USB11LDR - %systemroot%\system32\avgascln.dll File not found
    NetSvcs: ramaint - %systemroot%\system32\oracleorahome90agent.dll File not found
    NetSvcs: pfc - %systemroot%\system32\pdlndtdl.dll File not found
    NetSvcs: athr - %systemroot%\system32\w550mdm.dll File not found
    NetSvcs: se59nd5 - %systemroot%\system32\amfilter.dll File not found
    NetSvcs: sentinel - %systemroot%\system32\bdss.dll File not found
    NetSvcs: ser2pl - %systemroot%\system32\DCamUSBGrandTek.dll File not found
    NetSvcs: websenselogserver - File not found
    NetSvcs: ltck000c - File not found
    NetSvcs: ZuneWlanCfgSvc - File not found
    NetSvcs: k750mgmt - File not found
    NetSvcs: Nsynas32 - File not found
    NetSvcs: uclauncherservice - %systemroot%\system32\btwusb.dll File not found
    NetSvcs: ossrv - File not found
    NetSvcs: sprtsvc_smartagent - %systemroot%\system32\bdfsdrv.dll File not found
    NetSvcs: autocomplete - File not found
    NetSvcs: sbhooksvc - %systemroot%\system32\DKbFltr.dll File not found
    NetSvcs: USBCamera - File not found
    NetSvcs: TestHandler - File not found
    NetSvcs: adiloader - File not found
    NetSvcs: cwafrmiregistry - File not found
    NetSvcs: W55U01 - %systemroot%\system32\nvstor64.dll File not found
    NetSvcs: tvicport - File not found
    NetSvcs: aec - File not found
    NetSvcs: ino_fltr - File not found
    NetSvcs: CTEDSPFX.DLL - File not found
    NetSvcs: U81xmdm - File not found
    NetSvcs: HFACSVC - File not found
    NetSvcs: imaservice - File not found
    NetSvcs: tmactmon - File not found
    NetSvcs: MpFilter - File not found
    NetSvcs: ntmssvc - %systemroot%\system32\elaunidr.dll File not found
    NetSvcs: bthusb - %systemroot%\system32\rtl8029.dll File not found
    NetSvcs: symids - %systemroot%\system32\pca.dll File not found
    NetSvcs: ASMMAP - File not found
    NetSvcs: atchksrv - File not found
    NetSvcs: AKSIFDH - %systemroot%\system32\SE2Eobex.dll File not found
    NetSvcs: GV600_4 - %systemroot%\system32\jobserver_report.dll File not found
    NetSvcs: nvmpu401 - %systemroot%\system32\mpe.dll File not found
    NetSvcs: ASNDIS5 - %systemroot%\system32\wmp54gv4svc.dll File not found
    NetSvcs: omniusbl - %systemroot%\system32\knobserv.dll File not found
    NetSvcs: papycpu2 - %systemroot%\system32\WmHidLo.dll File not found
    NetSvcs: cpuz132 - File not found
    NetSvcs: HECI - File not found
    NetSvcs: tsdhd - %systemroot%\system32\ndisip.dll File not found
    NetSvcs: protexislicensing - %systemroot%\system32\avsinc.dll File not found
    NetSvcs: slapd-data52 - File not found
    NetSvcs: tandpl - %systemroot%\system32\smservauth.dll File not found
    NetSvcs: dxdebug - File not found
    NetSvcs: scanwscs - File not found
    NetSvcs: ntrtscan - File not found
    NetSvcs: mod7700 - File not found
    NetSvcs: TVALG - %systemroot%\system32\iaimtv2.dll File not found
    NetSvcs: oracle_load_balancer_60_client-forms6ip14 - %systemroot%\system32\SED133x.dll File not found
    NetSvcs: telnet - %systemroot%\system32\MA8032C.dll File not found
    NetSvcs: mapserver6.3 - %systemroot%\system32\HWIONT.dll File not found
    NetSvcs: incdfs - %systemroot%\system32\rootmodem.dll File not found
    NetSvcs: eamon - File not found
    NetSvcs: GTPTSER - %systemroot%\system32\pnmsrv.dll File not found
    NetSvcs: atmeltpm - File not found
    NetSvcs: vetmsgnt - %systemroot%\system32\navap.dll File not found
    NetSvcs: nvsmu - %systemroot%\system32\npkcsvc.dll File not found
    NetSvcs: RSAFAL - %systemroot%\system32\ErrDev.dll File not found
    NetSvcs: alertmanager - File not found
    NetSvcs: sysmonlog - File not found
    NetSvcs: Wmi - %systemroot%\system32\pavsrv.dll File not found
    NetSvcs: WmdmPmSp - %systemroot%\system32\UWProSys.dll File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - %systemroot%\system32\hsf_dpv.dll File not found

    Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
    Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/05/17 17:54:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2012/05/17 14:26:51 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
    [2012/05/17 05:04:39 | 000,000,000 | ---D | C] -- C:\Users\William\Desktop\War Horse 2011 XviD iNT FL4X
    [2012/05/17 04:40:19 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Local\temp
    [2012/05/17 04:30:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2012/05/17 04:05:15 | 000,000,000 | ---D | C] -- C:\ComboFix
    [2012/05/16 06:46:41 | 002,126,424 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\William\Desktop\TDSSKiller.exe
    [2012/05/16 04:11:03 | 000,000,000 | ---D | C] -- C:\found.001
    [2012/05/16 04:07:43 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
    [2012/05/15 03:48:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2012/05/15 03:48:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2012/05/15 03:48:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2012/05/15 03:48:13 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2012/05/15 03:39:17 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2012/05/15 02:49:56 | 004,495,594 | R--- | C] (Swearware) -- C:\Users\William\Desktop\ComboFix.exe
    [2012/05/14 00:03:48 | 000,083,968 | ---- | C] (Esage Lab) -- C:\Users\William\Desktop\boot_cleaner.exe
    [2012/05/13 23:33:04 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\William\Desktop\aswMBR.exe
    [2012/05/13 19:46:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/05/13 19:46:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2012/05/13 19:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2012/05/13 13:41:45 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Roaming\ESET
    [2012/05/13 13:41:45 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Local\ESET
    [2012/05/13 13:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
    [2012/05/13 13:32:22 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support Logs
    [2012/05/13 13:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Resource Kits
    [2012/05/12 19:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
    [2012/05/12 19:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
    [2012/05/09 03:20:24 | 000,000,000 | ---D | C] -- C:\Users\William\Desktop\TV
    [2012/05/05 18:42:10 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes and the Hound of the Baskervilles
    [2012/05/05 18:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes and the Hound of the Baskervilles
    [2012/05/05 18:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Sherlock Holmes and the Hound of the Baskervilles
    [2012/04/24 21:51:46 | 000,000,000 | ---D | C] -- C:\Users\William\Desktop\lola
    [2012/04/22 19:44:40 | 000,000,000 | ---D | C] -- C:\found.000
    [2012/04/22 15:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab

    ========== Files - Modified Within 30 Days ==========

    [2012/05/18 03:54:48 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/05/18 03:54:48 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/05/18 03:02:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/05/18 03:00:57 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
    [2012/05/18 02:58:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/05/17 22:01:19 | 000,001,057 | ---- | M] () -- C:\Users\William\AppData\Roaming\vso_ts_preview.xml
    [2012/05/17 21:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/05/17 17:56:36 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
    [2012/05/17 17:54:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/05/17 17:54:35 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
    [2012/05/17 17:54:34 | 263,780,575 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2012/05/17 17:02:10 | 000,027,136 | ---- | M] () -- C:\Users\William\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/05/17 15:12:34 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
    [2012/05/17 15:00:03 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
    [2012/05/17 14:41:00 | 158,097,764 | ---- | M] () -- C:\Users\William\Desktop\Person.of.Interest.S01E22[TEH-SONG].mkv
    [2012/05/17 04:29:41 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
    [2012/05/17 04:03:55 | 004,495,594 | R--- | M] (Swearware) -- C:\Users\William\Desktop\ComboFix.exe
    [2012/05/16 07:40:44 | 002,126,424 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\William\Desktop\TDSSKiller.exe
    [2012/05/14 21:06:50 | 000,606,556 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2012/05/14 21:06:50 | 000,105,022 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2012/05/14 00:00:46 | 000,000,512 | ---- | M] () -- C:\Users\William\Desktop\MBR.dat
    [2012/05/13 23:33:38 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\William\Desktop\aswMBR.exe
    [2012/05/13 19:58:28 | 000,302,592 | ---- | M] () -- C:\Users\William\Desktop\oibfjxod.exe
    [2012/05/13 19:46:04 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/05/11 07:58:02 | 000,008,627 | ---- | M] () -- C:\Windows\System32\PAV_FOG.OPC
    [2012/05/11 04:47:51 | 000,236,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [2012/05/05 18:43:08 | 000,002,113 | ---- | M] () -- C:\Users\Public\Desktop\Play Sherlock Holmes and the Hound of the Baskervilles.lnk
    [2012/05/05 18:43:08 | 000,001,264 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
    [2012/04/29 20:22:03 | 000,000,166 | -HS- | M] () -- C:\ProgramData\.zreglib
    [2012/04/27 20:15:21 | 000,000,260 | ---- | M] () -- C:\Windows\dellstat.ini
    [2012/04/22 20:02:08 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
    [2012/04/22 20:02:08 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
    [2012/04/20 16:53:22 | 000,049,772 | ---- | M] () -- C:\Users\William\Desktop\captain_dylan_hunt.jpg

    ========== Files Created - No Company Name ==========

    [2012/05/17 14:22:24 | 158,097,764 | ---- | C] () -- C:\Users\William\Desktop\Person.of.Interest.S01E22[TEH-SONG].mkv
    [2012/05/17 04:53:28 | 000,001,057 | ---- | C] () -- C:\Users\William\AppData\Roaming\vso_ts_preview.xml
    [2012/05/15 03:48:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2012/05/15 03:48:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2012/05/15 03:48:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2012/05/15 03:48:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2012/05/15 03:48:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2012/05/14 00:00:46 | 000,000,512 | ---- | C] () -- C:\Users\William\Desktop\MBR.dat
    [2012/05/13 19:58:28 | 000,302,592 | ---- | C] () -- C:\Users\William\Desktop\oibfjxod.exe
    [2012/05/13 19:46:04 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/05/05 18:43:08 | 000,002,113 | ---- | C] () -- C:\Users\Public\Desktop\Play Sherlock Holmes and the Hound of the Baskervilles.lnk
    [2012/05/05 18:43:08 | 000,001,264 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
    [2012/04/22 19:22:48 | 3210,784,768 | -HS- | C] () -- C:\hiberfil.sys
    [2012/04/22 19:15:21 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
    [2012/04/22 19:15:21 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
    [2012/04/20 16:53:28 | 000,049,772 | ---- | C] () -- C:\Users\William\Desktop\captain_dylan_hunt.jpg
    [2012/03/20 11:38:01 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
    [2012/03/17 01:40:34 | 000,000,260 | ---- | C] () -- C:\Windows\dellstat.ini
    [2012/01/13 19:11:06 | 000,000,451 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
    [2011/12/23 01:20:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2011/12/23 01:20:16 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2011/12/22 23:36:02 | 000,027,136 | ---- | C] () -- C:\Users\William\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/12/22 21:18:07 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
    [2011/12/22 21:11:40 | 000,000,166 | -HS- | C] () -- C:\ProgramData\.zreglib
    [2011/12/22 20:49:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
    [2011/12/22 19:54:56 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
    [2011/12/22 19:54:55 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
    [2011/12/16 11:12:10 | 000,000,680 | ---- | C] () -- C:\Users\William\AppData\Local\d3d9caps.dat

    ========== LOP Check ==========

    [2012/04/12 19:38:18 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Boomzap
    [2012/03/29 14:36:18 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Canneverbe Limited
    [2012/01/22 05:00:53 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\DVDFab
    [2012/01/13 22:22:15 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\ERS Game Studios
    [2012/05/13 13:41:45 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\ESET
    [2012/02/03 14:32:17 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Foxit Software
    [2011/12/23 00:54:56 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\ImgBurn
    [2011/12/24 01:33:23 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\quickclick
    [2011/12/27 12:50:31 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\SumatraPDF
    [2011/12/22 22:54:32 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\TeamViewer
    [2012/03/14 13:47:41 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\theSideline.com
    [2012/03/10 01:08:44 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Vast Studios
    [2012/05/17 22:01:20 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Vso
    [2012/05/17 04:28:33 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Custom Scans ==========

    < %SYSTEMDRIVE%\*.* >
    [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
    [2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
    [2011/12/14 15:05:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
    [2012/05/17 04:39:36 | 000,017,259 | ---- | M] () -- C:\ComboFix.txt
    [2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
    [2011/12/22 19:51:58 | 056,396,264 | ---- | M] () -- C:\Dell_multi-device_A17_R174292.exe
    [2012/05/17 17:54:35 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
    [2011/12/22 19:54:44 | 000,022,729 | ---- | M] () -- C:\newfile.enc
    [2011/12/22 19:54:44 | 000,022,729 | ---- | M] () -- C:\newkey
    [2012/05/17 17:54:34 | 3524,587,520 | -HS- | M] () -- C:\pagefile.sys
    [2012/05/16 04:06:40 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_04.06.34_log.txt
    [2012/05/16 04:07:57 | 000,137,436 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_04.06.55_log.txt
    [2012/05/16 06:41:39 | 000,003,692 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_06.37.52_log.txt
    [2012/05/16 06:46:21 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_06.46.13_log.txt
    [2012/05/16 06:47:58 | 000,136,264 | ---- | M] () -- C:\TDSSKiller.2.7.35.0_16.05.2012_06.47.16_log.txt
    [2012/05/16 14:04:24 | 000,136,264 | ---- | M] () -- C:\TDSSKiller.2.7.35.0_16.05.2012_13.46.09_log.txt
    [2011/03/11 05:49:22 | 455,611,504 | ---- | M] (Microsoft Corporation) -- C:\Vista SP1.exe
    [2011/02/26 13:27:44 | 365,230,920 | ---- | M] (Microsoft Corporation) -- C:\Vista SP2.exe

    < %systemroot%\Fonts\*.com >
    [2006/11/02 08:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
    [2006/11/02 08:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
    [2006/11/02 08:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
    [2011/12/23 01:56:25 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

    < %systemroot%\Fonts\*.dll >

    < %systemroot%\Fonts\*.ini >
    [2006/09/18 17:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

    < %systemroot%\Fonts\*.ini2 >

    < %systemroot%\Fonts\*.exe >

    < %systemroot%\system32\spool\prtprocs\w32x86\*.* >
    [2007/02/20 12:27:50 | 000,102,400 | ---- | M] () -- C:\Windows\system32\spool\prtprocs\w32x86\dlbapp5c.dll
    [2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll

    < %systemroot%\REPAIR\*.bak1 >

    < %systemroot%\REPAIR\*.ini >

    < %systemroot%\system32\*.jpg >

    < %systemroot%\*.jpg >

    < %systemroot%\*.png >

    < %systemroot%\*.scr >

    < %systemroot%\*._sy >

    < %APPDATA%\Adobe\Update\*.* >

    < %ALLUSERSPROFILE%\Favorites\*.* >

    < %APPDATA%\Microsoft\*.* >

    < %PROGRAMFILES%\*.* >
    [2011/12/16 15:36:11 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

    < %APPDATA%\Update\*.* >

    < %systemroot%\*. /mp /s >

    < %systemroot%\System32\config\*.sav >
    [2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
    [2006/11/02 06:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
    [2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
    [2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
    [2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

    < %PROGRAMFILES%\bak. /s >

    < %systemroot%\system32\bak. /s >

    < %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

    < %systemroot%\system32\config\systemprofile\*.dat /x >

    < %systemroot%\*.config >

    < %systemroot%\system32\*.db >

    < %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
    [2011/12/24 05:43:03 | 000,000,286 | -HS- | M] () -- C:\Users\William\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

    < %USERPROFILE%\Desktop\*.exe >
    [2012/05/13 23:33:38 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\William\Desktop\aswMBR.exe
    [2011/09/20 03:02:40 | 000,083,968 | ---- | M] (Esage Lab) -- C:\Users\William\Desktop\boot_cleaner.exe
    [2012/05/17 04:03:55 | 004,495,594 | R--- | M] (Swearware) -- C:\Users\William\Desktop\ComboFix.exe
    [2012/05/13 19:58:28 | 000,302,592 | ---- | M] () -- C:\Users\William\Desktop\oibfjxod.exe
    [2012/05/17 15:12:34 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
    [2012/05/16 07:40:44 | 002,126,424 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\William\Desktop\TDSSKiller.exe

    < %PROGRAMFILES%\Common Files\*.* >

    < %systemroot%\*.src >

    < %systemroot%\install\*.* >

    < %systemroot%\system32\DLL\*.* >

    < %systemroot%\system32\HelpFiles\*.* >

    < %systemroot%\tasks\*.* >
    [2012/05/18 03:58:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/05/17 21:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/05/18 03:02:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/05/17 15:00:03 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
    [2012/05/18 03:00:57 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
    [2012/05/17 17:54:50 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
    [2012/05/17 04:28:33 | 000,032,644 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT

    < %systemroot%\system32\rundll\*.* >

    < %systemroot%\winn32\*.* >

    < %systemroot%\Java\*.* >

    < %systemroot%\system32\test\*.* >

    < %systemroot%\system32\Rundll32\*.* >

    < %systemroot%\AppPatch\Custom\*.* >

    < %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

    < %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

    < %PROGRAMFILES%\Internet Explorer\*.tmp >

    < %PROGRAMFILES%\Internet Explorer\*.dat >

    < %USERPROFILE%\My Documents\*.exe >

    < %USERPROFILE%\*.exe >

    < %systemroot%\ADDINS\*.* >

    < %systemroot%\assembly\*.bak2 >

    < %systemroot%\Config\*.* >

    < %systemroot%\REPAIR\*.bak2 >

    < %systemroot%\SECURITY\Database\*.sdb /x >
    [2011/12/23 02:11:59 | 000,008,192 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.chk
    [2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.log
    [2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00001.jrs
    [2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00002.jrs
    [2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbtmp.log

    < %systemroot%\SYSTEM\*.bak2 >

    < %systemroot%\Web\*.bak2 >

    < %systemroot%\Driver Cache\*.* >

    < %PROGRAMFILES%\Mozilla Firefox\0*.exe >

    < %ProgramFiles%\Microsoft Common\*.* >

    < %ProgramFiles%\TinyProxy. >

    < %USERPROFILE%\Favorites\*.url /x >
    [2011/12/16 11:12:49 | 000,000,402 | -HS- | M] () -- C:\Users\William\Favorites\desktop.ini

    < %systemroot%\system32\*.bk >

    < %systemroot%\*.te >

    < %systemroot%\system32\system32\*.* >

    < %ALLUSERSPROFILE%\*.dat /x >
    [2012/04/29 20:22:03 | 000,000,166 | -HS- | M] () -- C:\ProgramData\.zreglib
    [2012/01/20 16:56:19 | 000,000,451 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

    < %systemroot%\system32\drivers\*.rmv >

    < dir /b "%systemroot%\system32\*.exe" | find /I " " /c >

    < dir /b "%systemroot%\*.exe" | find /I " " /c >

    < %PROGRAMFILES%\Microsoft\*.* >

    < %systemroot%\System32\Wbem\proquota.exe >

    < %PROGRAMFILES%\Mozilla Firefox\*.dat >

    < %USERPROFILE%\Cookies\*.txt /x >

    < %SystemRoot%\system32\fonts\*.* >

    < %systemroot%\system32\winlog\*.* >

    < %systemroot%\system32\Language\*.* >

    < %systemroot%\system32\Settings\*.* >

    < %systemroot%\system32\*.quo >

    < %SYSTEMROOT%\AppPatch\*.exe >

    < %SYSTEMROOT%\inf\*.exe >

    < %SYSTEMROOT%\Installer\*.exe >

    < %systemroot%\system32\config\*.bak2 >

    < %systemroot%\system32\Computers\*.* >

    < %SystemRoot%\system32\Sound\*.* >

    < %SystemRoot%\system32\SpecialImg\*.* >

    < %SystemRoot%\system32\code\*.* >

    < %SystemRoot%\system32\draft\*.* >

    < %SystemRoot%\system32\MSSSys\*.* >

    < %ProgramFiles%\Javascript\*.* >

    < %systemroot%\pchealth\helpctr\System\*.exe /s >

    < %systemroot%\Web\*.exe >

    < %systemroot%\system32\msn\*.* >

    < %systemroot%\system32\*.tro >

    < %AppData%\Microsoft\Installer\msupdates\*.* >

    < %ProgramFiles%\Messenger\*.* >

    < %systemroot%\system32\systhem32\*.* >

    < %systemroot%\system\*.exe >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

    < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-05-15 09:54:44

    < >

    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 921 bytes -> C:\Users\William\Desktop\Panda Security #PS# - Case number_ 03349629.eml:OECustomProperty
    @Alternate Data Stream - 921 bytes -> C:\Users\William\Desktop\#1Panda Security #PS# - Case number_ 03349629.eml:OECustomProperty
    @Alternate Data Stream - 230 bytes -> C:\ProgramData\TEMP:025DF3DE
    @Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:E6C6EB3B
    @Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:3B454A5C
    @Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:206470A5
    @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:AFC732F7
    < End of report >


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.