Gobbler
Posts: 20 +0
Hi there!
I found this site while researching a problem that has just occurred on my desktop. As you have probably already guessed, I fell for the fake Adobe update and downloaded myself a heap of trouble instead. I'm not sure of the correct name for the virus is but the message in my post title comes up as soon as I log on and then everything shuts down before I can do anything. I think this is a common virus at the moment and hopefully the above is enough for you to identify it. I have Microsoft Security Essentials as my security and obviously it got around that as I ok'd the download. My Desktop is running Windows 7 32bit system. Please let me know if you need any further info. Many thanks!
I have followed the steps provided on this link up to the point where my logs need to be reviewed.
https://www.techspot.com/community/...ical-error-will-restart-in-one-minute.184335/
Below are my logs.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-11-2012
Ran by SYSTEM at 15-11-2012 21:57:40
Running from G:\
Windows 7 Ultimate (X86) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [1808784 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
HKU\Josh\...\Run: [PlayOn] C:\Program Files\MediaMall\PlayOn.exe [x]
HKU\Josh\...\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59240 2012-02-23] (Apple Inc.)
HKU\Josh\...\Run: [Plex Media Server] "C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe" [2495056 2011-07-26] (Plex, Inc.)
HKU\Josh\...\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\Josh\...\RunOnce: [Application Restart #2] C:\Program Files\Google\Chrome Frame\Application\chrome.exe --automation-channel=ChromeTestingInterface:4292.1 --chrome-frame --no-first-run --disable-background-mode --disable-popup-blocking --disable-print-preview --chrome-frame-shutdown-delay=30 --user-data-dir="C:\Users\Josh\AppData\Local\Google\Chrome Frame\User Data\iexplore" --chrome-version=19.0.1084.56 --lang=en-US --flag-switches-begin --flag-switches-end --restore-last-session [1242136 2012-10-31] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Startup: C:\Users\Josh\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
==================== Services (Whitelisted) ===================
2 MBAMScheduler; "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [11552 2012-03-26] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [214952 2012-03-26] (Microsoft Corporation)
2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-21] (NVIDIA Corporation)
2 3combootp; C:\Windows\System32\HSFHWALI.dll [x]
2 3comtftp; C:\Windows\System32\mediaviewer.dll [x]
2 abnetmon; C:\Windows\System32\aeclienthostservice.dll [x]
2 ACDaemon; C:\Windows\System32\emAudio.dll [x]
2 admjoy; C:\Windows\System32\WD_FireWire_HID.dll [x]
2 adsservice; C:\Windows\System32\vwlogger.dll [x]
2 aexnsclient; C:\Windows\System32\bgs_sdservice.dll [x]
2 ami0nt; C:\Windows\System32\nuvvid2.dll [x]
2 Amsmpu4p; C:\Windows\System32\a016bus.dll [x]
2 apache2; C:\Windows\System32\prfldsvc.dll [x]
2 application; C:\Windows\System32\w810mgmt.dll [x]
2 ARCSOFTVIRTUALCAPTURE; C:\Windows\System32\w810mgmt.dll [x]
2 armoucfltr; C:\Windows\System32\NETGEAR_MA111.dll [x]
2 arp1394; C:\Windows\System32\AVRec.dll [x]
2 aslm75; C:\Windows\System32\vmusb.dll [x]
2 aswtdi; C:\Windows\System32\vtserver.dll [x]
2 atchksrv; C:\Windows\System32\STV672.dll [x]
2 ATIBTXBAR; C:\Windows\System32\w3svc.dll [x]
2 ATKGFNEXSrv; C:\Windows\System32\igfx.dll [x]
2 atksgt; C:\Windows\System32\lmimaint.dll [x]
2 Atmuni; C:\Windows\System32\epsonstatusagent2.dll [x]
2 avc; C:\Windows\System32\wdm_au8820.dll [x]
2 avg7rsw; C:\Windows\System32\db2.dll [x]
2 avsinc; C:\Windows\System32\euq_monitor.dll [x]
2 avsvcmonitor; C:\Windows\System32\vaiomediaplatform-photoserver-appserver.dll [x]
2 b57w2k; C:\Windows\System32\TSHWMDTCP.dll [x]
2 backupclientsvc; C:\Windows\System32\S7oppilx.dll [x]
2 backupexecrpcservice; C:\Windows\System32\rimusb.dll [x]
2 bb-run; C:\Windows\System32\ATIVXSTW.dll [x]
2 bdrsdrv; C:\Windows\System32\Ld51ocnucsnp.dll [x]
2 bgmainsvc; C:\Windows\System32\mnmsrvc.dll [x]
2 bgsvcgen; C:\Windows\System32\nhcDriverDevice.dll [x]
2 bmuservice; C:\Windows\System32\AKSIFDH.dll [x]
2 bocdrive; C:\Windows\System32\anio.dll [x]
2 btcsrusb; C:\Windows\System32\xpadminserver.dll [x]
2 bthpan; C:\Windows\System32\sfhlp01.dll [x]
2 caccprovsp; C:\Windows\System32\nuvvid2.dll [x]
2 cbidf; C:\Windows\System32\usbvideo.dll [x]
2 CcmExec; C:\Windows\System32\PSSdk21.dll [x]
2 CdaC15BA; C:\Windows\System32\pxfhserd.dll [x]
2 CDRPDACC; C:\Windows\System32\MXOPSWD.dll [x]
2 CE3; C:\Windows\System32\CnxTrLan.dll [x]
2 centennialiptransferagent; C:\Windows\System32\asapiw2k.dll [x]
2 cfsvcs; C:\Windows\System32\nscirda.dll [x]
2 client32; C:\Windows\System32\mysql.dll [x]
2 CnxTrUsb; C:\Windows\System32\raspti.dll [x]
2 CoachVc; C:\Windows\System32\NICM.dll [x]
2 contentfilter; C:\Windows\System32\i2omgmt.dll [x]
2 contentindex; C:\Windows\System32\xpadminserver.dll [x]
2 cpqdmi; C:\Windows\System32\revudfservice.dll [x]
2 cpqvcagent; C:\Windows\System32\Xyz777s.dll [x]
2 cpsvc; C:\Windows\System32\wmdmpmsn.dll [x]
2 cq_mem; C:\Windows\System32\asapiw2k.dll [x]
2 crystaloutputfileserver; C:\Windows\System32\rupsmon.dll [x]
2 CTHWIUT.DLL; C:\Windows\System32\DN2AKNET.dll [x]
2 CTMMOUNT; C:\Windows\System32\V0070VID.dll [x]
2 ctusfsyn; C:\Windows\System32\epsonbidirectionalservice.dll [x]
2 curtainssyssvc; C:\Windows\System32\PSSdk23.dll [x]
2 CVPNDRVA; C:\Windows\System32\CTDevice_Srv.dll [x]
2 d-link_st3402; C:\Windows\System32\ageremodemaudio.dll [x]
2 db2; C:\Windows\System32\RecAgent.dll [x]
2 dbmanagerscheduler; C:\Windows\System32\btkrnl.dll [x]
2 dbmang; C:\Windows\System32\papyjoy.dll [x]
2 DcCam; C:\Windows\System32\ZY202_XP.dll [x]
2 DeviceScanner; C:\Windows\System32\fsks.dll [x]
2 Dfs; C:\Windows\System32\omniusbl.dll [x]
2 digictrl; C:\Windows\System32\pavdrv.dll [x]
2 DivisCTP; C:\Windows\System32\itmrtsvc.dll [x]
2 dklogger; C:\Windows\System32\SMCB000.dll [x]
2 dlbx_device; C:\Windows\System32\aslm75.dll [x]
2 dmload; C:\Windows\System32\symc8xx.dll [x]
2 DNE; C:\Windows\System32\naimagent32.dll [x]
2 dot4ufd; C:\Windows\System32\vulfnths.dll [x]
2 dpc_srv_webcast; C:\Windows\System32\kl1.dll [x]
2 driverhardwarev2; C:\Windows\System32\gusvc.dll [x]
2 DSI_SiUSBXp_3_1; C:\Windows\System32\mraid35x.dll [x]
2 dsncservice; C:\Windows\System32\snare.dll [x]
2 dvd-ram_service; C:\Windows\System32\ifxspmgtsrv.dll [x]
2 dwusbdnt; C:\Windows\System32\pavfnsvr.dll [x]
2 eeyeevnt; C:\Windows\System32\comhost.dll [x]
2 ELacpi; C:\Windows\System32\disk.dll [x]
2 epfwtdi; C:\Windows\System32\sfng32.dll [x]
2 F700imd; C:\Windows\System32\oracleservicelocalora.dll [x]
2 fasttrackinstallerservice; C:\Windows\System32\s125bus.dll [x]
2 FireTDI; C:\Windows\System32\GTSCSER.dll [x]
2 flashpnt; C:\Windows\System32\se2Cnd5.dll [x]
2 FTDIBUS; C:\Windows\System32\RadProbe.dll [x]
2 ftrtsvc; C:\Windows\System32\ARPolicy.dll [x]
2 FVXSCSI; C:\Windows\System32\ultra66.dll [x]
2 gs30s; C:\Windows\System32\hamachi.dll [x]
2 GVCplDrv; C:\Windows\System32\snpstd2.dll [x]
2 HabuFltr; C:\Windows\System32\lanmanserver.dll [x]
2 hap17v2k; C:\Windows\System32\lxce_device.dll [x]
2 hcmon; C:\Windows\System32\s616mdfl.dll [x]
2 hf30service; C:\Windows\System32\bt3cser.dll [x]
2 hpqddsvc; C:\Windows\System32\msmpsvc.dll [x]
2 hpwirelessmgr; C:\Windows\System32\mcredirector.dll [x]
2 hsfhwazl; C:\Windows\System32\rslinxng.dll [x]
2 hSONYPVh; C:\Windows\System32\cwafreportscheduler.dll [x]
2 HssSrv; C:\Windows\System32\https-admserv61.dll [x]
2 hsvcmod; C:\Windows\System32\k750mdfl.dll [x]
2 HSX_DP; C:\Windows\System32\HFACSVC.dll [x]
2 HWIONT; C:\Windows\System32\volsnap.dll [x]
2 i2omgmt; C:\Windows\System32\redbook.dll [x]
2 iaantmon; C:\Windows\System32\gv3.dll [x]
2 iAimFP7; C:\Windows\System32\ProcObsrv.dll [x]
2 icraplus; C:\Windows\System32\MA-620.dll [x]
2 ifp800; C:\Windows\System32\vulfntrs.dll [x]
2 ifxspmgtsrv; C:\Windows\System32\ZSMC301b.dll [x]
2 ikfilesec; C:\Windows\System32\akshasp.dll [x]
2 ikhlayer; C:\Windows\System32\RVIEG01.dll [x]
2 imonitor; C:\Windows\System32\lirsgt.dll [x]
2 ino_flpy; C:\Windows\System32\SymIM.dll [x]
2 Invoker; C:\Windows\System32\hkmsvc.dll [x]
2 iolodmv; C:\Windows\System32\ibmasrex.dll [x]
2 iolo_srv; C:\Windows\System32\USIUDF.dll [x]
2 JiaoCap; C:\Windows\System32\VIAPFD.dll [x]
2 JRAID; C:\Windows\System32\vpctcom.dll [x]
2 jsdaemon; C:\Windows\System32\WmHidLo.dll [x]
2 k750bus; C:\Windows\System32\licensemanagersocket.dll [x]
2 KLOGNT; C:\Windows\System32\avfilter.dll [x]
2 kpf4; C:\Windows\System32\bwmservice.dll [x]
2 kwatchsvc; C:\Windows\System32\admservice.dll [x]
2 L1e; C:\Windows\System32\scanwscs.dll [x]
2 ldlcserv; C:\Windows\System32\lxrjd31s.dll [x]
2 lhidflt2; C:\Windows\System32\rsvchost.dll [x]
2 LHidKe; C:\Windows\System32\avidsdmservice.dll [x]
2 lirsgt; C:\Windows\System32\sentinel.dll [x]
2 LKbdFlt2; C:\Windows\System32\NWUSBPort.dll [x]
2 LMouKE; C:\Windows\System32\MXOPSWD.dll [x]
2 lp6nds35; C:\Windows\System32\pae_avs.dll [x]
2 LPDSVC; C:\Windows\System32\raidmagt.dll [x]
2 ltxred; C:\Windows\System32\bdftdif.dll [x]
2 lvcomser; C:\Windows\System32\sit_mdm.dll [x]
2 lvhidsvc; C:\Windows\System32\Ktp.dll [x]
2 lwwlicenseservice; C:\Windows\System32\earthlinksafeconnectagent.dll [x]
2 lxbu_device; C:\Windows\System32\sis315.dll [x]
2 M3AD; C:\Windows\System32\cdr4_xp.dll [x]
2 mail2ec; C:\Windows\System32\hidgame.dll [x]
2 maxbackserviceint; C:\Windows\System32\oracle_load_balancer_60_client-forms6ip14.dll [x]
2 mcdbus; C:\Windows\System32\wlluc48.dll [x]
2 mcods; C:\Windows\System32\atitool.dll [x]
2 mdvrmng; C:\Windows\System32\atimtag.dll [x]
2 meiudf; C:\Windows\System32\dladresm.dll [x]
2 merakpop3; C:\Windows\System32\httpfilter.dll [x]
2 mfeavfk; C:\Windows\System32\iwebmsg.dll [x]
2 minilog; C:\Windows\System32\prosync1.dll [x]
2 modemcsa; C:\Windows\System32\trufos.dll [x]
2 motoswitchservice; C:\Windows\System32\symlcbrd.dll [x]
2 mpfirewl; C:\Windows\System32\QV2KUX.dll [x]
2 mqdmmdm; C:\Windows\System32\NVR0Dev.dll [x]
2 MREMP50a64; C:\Windows\System32\ppa3.dll [x]
2 MRENDIS5; C:\Windows\System32\nvax.dll [x]
2 mrobeservice; C:\Windows\System32\siside.dll [x]
2 MSFWDrv; C:\Windows\System32\armoucfltr.dll [x]
2 MSFWHLPR; C:\Windows\System32\ELacpi.dll [x]
2 mvserver; C:\Windows\System32\F700imd.dll [x]
2 mxserver; C:\Windows\System32\ZSMC301b.dll [x]
2 n558; C:\Windows\System32\symantecantibotshim.dll [x]
2 Ncrc710; C:\Windows\System32\ulcdrhlp.dll [x]
2 ndassvc; C:\Windows\System32\ZDCNDIS5.dll [x]
2 netdetect; C:\Windows\System32\asp.net_1.1.4322.dll [x]
2 ngserver; C:\Windows\System32\noipducservice.dll [x]
2 nidomainservice; C:\Windows\System32\dashsvc.dll [x]
2 nimcrpcsu; C:\Windows\System32\WinDriver6.dll [x]
2 NITaggerService; C:\Windows\System32\pxfhmdfl.dll [x]
2 Nsynas32; C:\Windows\System32\atiavaiw.dll [x]
2 ntiopnp; C:\Windows\System32\sony_ssm.sys.dll [x]
2 ntsecure; C:\Windows\System32\kl1.dll [x]
2 nvedavt; C:\Windows\System32\xusb21.dll [x]
2 nwlnkipx; C:\Windows\System32\s3savagemx.dll [x]
2 nwlnkspx; C:\Windows\System32\se59unic.dll [x]
2 NWSIPX32; C:\Windows\System32\SrvcEPECioctl.dll [x]
2 NxFsMon; C:\Windows\System32\npkcrypt.dll [x]
2 O2SCBUS; C:\Windows\System32\lockmgr.dll [x]
2 odserv; C:\Windows\System32\dsbrokerservice.dll [x]
2 ooclevercacheagent; C:\Windows\System32\s116mgmt.dll [x]
2 OracleOraHome92ClientCache; C:\Windows\System32\ovt519.dll [x]
2 ovt519; C:\Windows\System32\wpsscannersvc.dll [x]
2 p2pgasvc; C:\Windows\System32\XDva004.dll [x]
2 p3; C:\Windows\System32\nhcDriverDevice.dll [x]
2 parallel; C:\Windows\System32\fsssvc.dll [x]
2 Pctspk; C:\Windows\System32\trackcam4.dll [x]
2 PdiPorts; C:\Windows\System32\spcstb.dll [x]
2 penrendezvous; C:\Windows\System32\toshidpt.dll [x]
2 pmsveh; C:\Windows\System32\wmp54gsvc.dll [x]
2 prism_a02; C:\Windows\System32\Intels51.dll [x]
2 procmon10; C:\Windows\System32\iaimfp3.dll [x]
2 prosync1; C:\Windows\System32\emproxy.dll [x]
2 PTproct; C:\Windows\System32\p1110vid.dll [x]
2 Ptserlp; C:\Windows\System32\USB_RNDIS_XP.dll [x]
2 pxhelp20; C:\Windows\System32\pvservice.dll [x]
2 ql1080; C:\Windows\System32\v124.dll [x]
2 QPCapSvc; C:\Windows\System32\qcmerced.dll [x]
2 R300; C:\Windows\System32\procexp90.dll [x]
2 retroexplauncher; C:\Windows\System32\avidsdmservice.dll [x]
2 rimvserport; C:\Windows\System32\ql1080.dll [x]
2 roxupnprenderer; C:\Windows\System32\nvport.dll [x]
2 rt2500; C:\Windows\System32\DXEC02.dll [x]
2 RTHDMIAzAudService; C:\Windows\System32\VC4CB104.dll [x]
2 rtl8023; C:\Windows\System32\suservice.dll [x]
2 RTL8169; C:\Windows\System32\bb-run.dll [x]
2 rxfilter; C:\Windows\System32\slee_503_service.dll [x]
2 s616mgmt; C:\Windows\System32\FETNDISB.dll [x]
2 SaiMini; C:\Windows\System32\vclone.dll [x]
2 sddmi2; C:\Windows\System32\EpmShd.dll [x]
2 SE26obex; C:\Windows\System32\lockmgr.dll [x]
2 SE27mdm; C:\Windows\System32\dlbx_device.dll [x]
2 se2Bunic; C:\Windows\System32\mqdmbus.dll [x]
2 SE2Cmgmt; C:\Windows\System32\SPCtl.dll [x]
2 SE2Emgmt; C:\Windows\System32\guardian2.dll [x]
2 se2End5; C:\Windows\System32\n3900.dll [x]
2 se44obex; C:\Windows\System32\ELhid.dll [x]
2 sentinel; C:\Windows\System32\p17.dll [x]
2 shdserv; C:\Windows\System32\WmBEnum.dll [x]
2 Shockprf; C:\Windows\System32\cfgwzsvc.dll [x]
2 simbad; C:\Windows\System32\MREMP50a64.dll [x]
2 SimpTcp; C:\Windows\System32\avgntflt.dll [x]
2 sit_mdm; C:\Windows\System32\MxlW2k.dll [x]
2 slapd-data52; C:\Windows\System32\s125mdfl.dll [x]
2 Slntamr; C:\Windows\System32\vpcbus.dll [x]
2 smrt; C:\Windows\System32\Epiusb.dll [x]
2 smwdm; C:\Windows\System32\ELhid.dll [x]
2 snapman; C:\Windows\System32\nod32krn.dll [x]
2 SNC; C:\Windows\System32\profos.dll [x]
2 snoopfree; C:\Windows\System32\dsbrokerservice.dll [x]
2 spcsutilityservice; C:\Windows\System32\pavfnsvr.dll [x]
2 speedfan; C:\Windows\System32\amdagp.dll [x]
2 sscdmdm; C:\Windows\System32\pelmouse.dll [x]
2 ssrvc; C:\Windows\System32\ovmsmaccessmanager.dll [x]
2 streamloadservice; C:\Windows\System32\VrAcFil.dll [x]
2 stunnel; C:\Windows\System32\digictrl.dll [x]
2 stylexpservice; C:\Windows\System32\thinkpadmodemservice.dll [x]
2 susbser; C:\Windows\System32\viamraid.dll [x]
2 symantecantibotagent; C:\Windows\System32\cdralw2k.dll [x]
2 symantecantibotwatcher; C:\Windows\System32\addfiltr.dll [x]
2 symc810; C:\Windows\System32\Ptserlp.dll [x]
2 symc8xx; C:\Windows\System32\usnjsvc.dll [x]
2 sym_u3; C:\Windows\System32\vet-rec.dll [x]
2 sysdown; C:\Windows\System32\sqlserveragent.dll [x]
2 Tablet2k; C:\Windows\System32\wanarp.dll [x]
2 tappsrv; C:\Windows\System32\SRTSP.dll [x]
2 tfsnboio; C:\Windows\System32\s716nd5.dll [x]
2 thotkey; C:\Windows\System32\tifm21.dll [x]
2 thpsrv; C:\Windows\System32\AMDPCI.dll [x]
2 TMBUS; C:\Windows\System32\kpfwsvc.dll [x]
2 tme3srv; C:\Windows\System32\coste.dll [x]
2 tomcatcws3; C:\Windows\System32\tfsnudfa.dll [x]
2 toshidpt; C:\Windows\System32\intelroam.dll [x]
2 tosrfusb; C:\Windows\System32\CADlink.dll [x]
2 tphdexlgsvc; C:\Windows\System32\mwsejcap.dll [x]
2 TPM; C:\Windows\System32\service.dll [x]
2 transactional; C:\Windows\System32\JL2005C.dll [x]
2 TuneUp.Defrag; C:\Windows\System32\vclone.dll [x]
2 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\EMSCR.dll [x]
2 tunmp; C:\Windows\System32\KMWDFilter.dll [x]
2 tvichw32; C:\Windows\System32\DM9102.dll [x]
2 U81xobex; C:\Windows\System32\d-link_st3402.dll [x]
2 UCTblHid; C:\Windows\System32\WUSB54Gv4SVC.dll [x]
2 ultra66; C:\Windows\System32\NWADI.dll [x]
2 upsentry_smart; C:\Windows\System32\DSDrv4.dll [x]
2 us30sys; C:\Windows\System32\winvnc.dll [x]
2 usb20l; C:\Windows\System32\smservauth.dll [x]
2 V0070VID; C:\Windows\System32\SABProcEnum.dll [x]
2 v124; C:\Windows\System32\pdlnsx25.dll [x]
2 VAIOMediaPlatform-PhotoServer-HTTP; C:\Windows\System32\ACDaemon.dll [x]
2 vaiomediaplatform-videoserver-appserver; C:\Windows\System32\aswlsvc.dll [x]
2 vcomm; C:\Windows\System32\AVerBDA.dll [x]
2 VirtualCam; C:\Windows\System32\fltmgr.dll [x]
2 VirtualFD; C:\Windows\System32\nvmd.dll [x]
2 vncdrv; C:\Windows\System32\websensewfreportserver.dll [x]
2 vproeventmonitor; C:\Windows\System32\tifsfilter.dll [x]
2 VrAcFil; C:\Windows\System32\SrvcSSIOMngr.dll [x]
2 vrmonsvc; C:\Windows\System32\aiclient.dll [x]
2 vulfnths; C:\Windows\System32\ELmon.dll [x]
2 w800obex; C:\Windows\System32\emAudio.dll [x]
3 wampapache; "c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe" -k runservice [x]
3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe wampmysqld [x]
2 webrootcommagentservice; C:\Windows\System32\cltnetcnservice.dll [x]
2 wfxsvc; C:\Windows\System32\bridge.dll [x]
2 WGX; C:\Windows\System32\schscnt.dll [x]
2 wlidsvc; C:\Windows\System32\dlacdbhm.dll [x]
2 wmccds; C:\Windows\System32\amfilter.dll [x]
2 wps; C:\Windows\System32\nv.dll [x]
2 XilinxPC4Driver; C:\Windows\System32\pxhelp20.dll [x]
2 z525bus; C:\Windows\System32\mgabg.dll [x]
2 zdeviceservice; C:\Windows\System32\MSMQTriggers.dll [x]
2 ZDPNDIS5; C:\Windows\System32\qmofiltr.dll [x]
2 ZDPSp50; C:\Windows\System32\se26nd5.dll [x]
2 zebrceb; C:\Windows\System32\ino_flpy.dll [x]
2 zntport; C:\Windows\System32\WBHWDOCT.dll [x]
2 ZSMC211; C:\Windows\System32\CAMCAUD.dll [x]
2 ZY202_XP; C:\Windows\System32\aswrdr.dll [x]
2 {6080a529-897e-4629-a488-aba0c29b635e}; C:\Windows\System32\nv_agp.dll [x]
==================== Drivers (Whitelisted) ====================
1 cbaltlhf; \??\C:\Windows\system32\drivers\cbaltlhf.sys [43480 2012-11-15] (Microsoft Corporation)
3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22856 2012-09-29] (Malwarebytes Corporation)
3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2012-11-15] (Malwarebytes Corporation)
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [23920 2010-04-29] (MediaMall Technologies, Inc.)
3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [552448 2007-08-16] (Ralink Technology Corp.)
1 shsdulsr; \??\C:\Windows\system32\drivers\shsdulsr.sys [43480 2012-11-15] (Microsoft Corporation)
1 nwtawkmn; \??\C:\Windows\system32\drivers\nwtawkmn.sys [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
NETSVC: ami0nt -> C:\Windows\system32\nuvvid2.dll ==> No File.
NETSVC: tomcatcws3 -> C:\Windows\system32\tfsnudfa.dll ==> No File.
NETSVC: aswtdi -> C:\Windows\system32\vtserver.dll ==> No File.
NETSVC: mxserver -> C:\Windows\system32\ZSMC301b.dll ==> No File.
NETSVC: retroexplauncher -> C:\Windows\system32\avidsdmservice.dll ==> No File.
NETSVC: NITaggerService -> C:\Windows\system32\pxfhmdfl.dll ==> No File.
NETSVC: iAimFP7 -> C:\Windows\system32\ProcObsrv.dll ==> No File.
NETSVC: hf30service -> C:\Windows\system32\bt3cser.dll ==> No File.
NETSVC: TPM -> C:\Windows\system32\service.dll ==> No File.
NETSVC: symantecantibotwatcher -> C:\Windows\system32\addfiltr.dll ==> No File.
NETSVC: R300 -> C:\Windows\system32\procexp90.dll ==> No File.
NETSVC: HabuFltr -> C:\Windows\system32\lanmanserver.dll ==> No File.
NETSVC: lxbu_device -> C:\Windows\system32\sis315.dll ==> No File.
NETSVC: ifp800 -> C:\Windows\system32\vulfntrs.dll ==> No File.
NETSVC: flashpnt -> C:\Windows\system32\se2Cnd5.dll ==> No File.
NETSVC: atchksrv -> C:\Windows\system32\STV672.dll ==> No File.
NETSVC: ZDPNDIS5 -> C:\Windows\system32\qmofiltr.dll ==> No File.
NETSVC: kwatchsvc -> C:\Windows\system32\admservice.dll ==> No File.
NETSVC: lirsgt -> C:\Windows\system32\sentinel.dll ==> No File.
NETSVC: bocdrive -> C:\Windows\system32\anio.dll ==> No File.
NETSVC: vaiomediaplatform-videoserver-appserver -> C:\Windows\system32\aswlsvc.dll ==> No File.
NETSVC: RTHDMIAzAudService -> C:\Windows\system32\VC4CB104.dll ==> No File.
NETSVC: bb-run -> C:\Windows\system32\ATIVXSTW.dll ==> No File.
NETSVC: kpf4 -> C:\Windows\system32\bwmservice.dll ==> No File.
NETSVC: vcomm -> C:\Windows\system32\AVerBDA.dll ==> No File.
NETSVC: SNC -> C:\Windows\system32\profos.dll ==> No File.
NETSVC: zdeviceservice -> C:\Windows\system32\MSMQTriggers.dll ==> No File.
NETSVC: ZDPSp50 -> C:\Windows\system32\se26nd5.dll ==> No File.
NETSVC: curtainssyssvc -> C:\Windows\system32\PSSdk23.dll ==> No File.
NETSVC: ATKGFNEXSrv -> C:\Windows\system32\igfx.dll ==> No File.
NETSVC: apache2 -> C:\Windows\system32\prfldsvc.dll ==> No File.
NETSVC: fasttrackinstallerservice -> C:\Windows\system32\s125bus.dll ==> No File.
NETSVC: mdvrmng -> C:\Windows\system32\atimtag.dll ==> No File.
NETSVC: simbad -> C:\Windows\system32\MREMP50a64.dll ==> No File.
NETSVC: dpc_srv_webcast -> C:\Windows\system32\kl1.dll ==> No File.
NETSVC: webrootcommagentservice -> C:\Windows\system32\cltnetcnservice.dll ==> No File.
NETSVC: avc -> C:\Windows\system32\wdm_au8820.dll ==> No File.
NETSVC: vproeventmonitor -> C:\Windows\system32\tifsfilter.dll ==> No File.
NETSVC: tphdexlgsvc -> C:\Windows\system32\mwsejcap.dll ==> No File.
NETSVC: ovt519 -> C:\Windows\system32\wpsscannersvc.dll ==> No File.
NETSVC: tvichw32 -> C:\Windows\system32\DM9102.dll ==> No File.
NETSVC: avsvcmonitor -> C:\Windows\system32\vaiomediaplatform-photoserver-appserver.dll ==> No File.
NETSVC: LKbdFlt2 -> C:\Windows\system32\NWUSBPort.dll ==> No File.
NETSVC: cpqvcagent -> C:\Windows\system32\Xyz777s.dll ==> No File.
NETSVC: se44obex -> C:\Windows\system32\ELhid.dll ==> No File.
NETSVC: driverhardwarev2 -> C:\Windows\system32\gusvc.dll ==> No File.
NETSVC: NxFsMon -> C:\Windows\system32\npkcrypt.dll ==> No File.
NETSVC: sddmi2 -> C:\Windows\system32\EpmShd.dll ==> No File.
NETSVC: v124 -> C:\Windows\system32\pdlnsx25.dll ==> No File.
NETSVC: n558 -> C:\Windows\system32\symantecantibotshim.dll ==> No File.
NETSVC: ultra66 -> C:\Windows\system32\NWADI.dll ==> No File.
NETSVC: VirtualFD -> C:\Windows\system32\nvmd.dll ==> No File.
NETSVC: snapman -> C:\Windows\system32\nod32krn.dll ==> No File.
NETSVC: Dfs -> C:\Windows\system32\omniusbl.dll ==> No File.
NETSVC: thpsrv -> C:\Windows\system32\AMDPCI.dll ==> No File.
NETSVC: mqdmmdm -> C:\Windows\system32\NVR0Dev.dll ==> No File.
NETSVC: ZSMC211 -> C:\Windows\system32\CAMCAUD.dll ==> No File.
NETSVC: backupexecrpcservice -> C:\Windows\system32\rimusb.dll ==> No File.
NETSVC: nvedavt -> C:\Windows\system32\xusb21.dll ==> No File.
NETSVC: cq_mem -> C:\Windows\system32\asapiw2k.dll ==> No File.
NETSVC: penrendezvous -> C:\Windows\system32\toshidpt.dll ==> No File.
NETSVC: b57w2k -> C:\Windows\system32\TSHWMDTCP.dll ==> No File.
NETSVC: ntiopnp -> C:\Windows\system32\sony_ssm.sys.dll ==> No File.
NETSVC: zebrceb -> C:\Windows\system32\ino_flpy.dll ==> No File.
NETSVC: dot4ufd -> C:\Windows\system32\vulfnths.dll ==> No File.
NETSVC: aslm75 -> C:\Windows\system32\vmusb.dll ==> No File.
NETSVC: dklogger -> C:\Windows\system32\SMCB000.dll ==> No File.
NETSVC: sentinel -> C:\Windows\system32\p17.dll ==> No File.
NETSVC: SE27mdm -> C:\Windows\system32\dlbx_device.dll ==> No File.
NETSVC: F700imd -> C:\Windows\system32\oracleservicelocalora.dll ==> No File.
NETSVC: nidomainservice -> C:\Windows\system32\dashsvc.dll ==> No File.
NETSVC: O2SCBUS -> C:\Windows\system32\lockmgr.dll ==> No File.
NETSVC: shdserv -> C:\Windows\system32\WmBEnum.dll ==> No File.
NETSVC: OracleOraHome92ClientCache -> C:\Windows\system32\ovt519.dll ==> No File.
NETSVC: cpsvc -> C:\Windows\system32\wmdmpmsn.dll ==> No File.
NETSVC: VrAcFil -> C:\Windows\system32\SrvcSSIOMngr.dll ==> No File.
NETSVC: Atmuni -> C:\Windows\system32\epsonstatusagent2.dll ==> No File.
NETSVC: Ptserlp -> C:\Windows\system32\USB_RNDIS_XP.dll ==> No File.
NETSVC: bgsvcgen -> C:\Windows\system32\nhcDriverDevice.dll ==> No File.
NETSVC: DivisCTP -> C:\Windows\system32\itmrtsvc.dll ==> No File.
NETSVC: merakpop3 -> C:\Windows\system32\httpfilter.dll ==> No File.
NETSVC: Tablet2k -> C:\Windows\system32\wanarp.dll ==> No File.
NETSVC: DcCam -> C:\Windows\system32\ZY202_XP.dll ==> No File.
NETSVC: gs30s -> C:\Windows\system32\hamachi.dll ==> No File.
NETSVC: CcmExec -> C:\Windows\system32\PSSdk21.dll ==> No File.
NETSVC: rt2500 -> C:\Windows\system32\DXEC02.dll ==> No File.
NETSVC: admjoy -> C:\Windows\system32\WD_FireWire_HID.dll ==> No File.
NETSVC: upsentry_smart -> C:\Windows\system32\DSDrv4.dll ==> No File.
NETSVC: nimcrpcsu -> C:\Windows\system32\WinDriver6.dll ==> No File.
NETSVC: MSFWDrv -> C:\Windows\system32\armoucfltr.dll ==> No File.
NETSVC: crystaloutputfileserver -> C:\Windows\system32\rupsmon.dll ==> No File.
NETSVC: tunmp -> C:\Windows\system32\KMWDFilter.dll ==> No File.
NETSVC: JRAID -> C:\Windows\system32\vpctcom.dll ==> No File.
NETSVC: Shockprf -> C:\Windows\system32\cfgwzsvc.dll ==> No File.
NETSVC: ctusfsyn -> C:\Windows\system32\epsonbidirectionalservice.dll ==> No File.
NETSVC: FVXSCSI -> C:\Windows\system32\ultra66.dll ==> No File.
NETSVC: application -> C:\Windows\system32\w810mgmt.dll ==> No File.
NETSVC: tosrfusb -> C:\Windows\system32\CADlink.dll ==> No File.
NETSVC: btcsrusb -> C:\Windows\system32\xpadminserver.dll ==> No File.
NETSVC: PdiPorts -> C:\Windows\system32\spcstb.dll ==> No File.
NETSVC: M3AD -> C:\Windows\system32\cdr4_xp.dll ==> No File.
NETSVC: ntsecure -> C:\Windows\system32\kl1.dll ==> No File.
NETSVC: hpwirelessmgr -> C:\Windows\system32\mcredirector.dll ==> No File.
NETSVC: vncdrv -> C:\Windows\system32\websensewfreportserver.dll ==> No File.
NETSVC: contentindex -> C:\Windows\system32\xpadminserver.dll ==> No File.
NETSVC: lp6nds35 -> C:\Windows\system32\pae_avs.dll ==> No File.
NETSVC: 3comtftp -> C:\Windows\system32\mediaviewer.dll ==> No File.
NETSVC: stylexpservice -> C:\Windows\system32\thinkpadmodemservice.dll ==> No File.
NETSVC: SaiMini -> C:\Windows\system32\vclone.dll ==> No File.
NETSVC: toshidpt -> C:\Windows\system32\intelroam.dll ==> No File.
NETSVC: digictrl -> C:\Windows\system32\pavdrv.dll ==> No File.
NETSVC: TMBUS -> C:\Windows\system32\kpfwsvc.dll ==> No File.
NETSVC: k750bus -> C:\Windows\system32\licensemanagersocket.dll ==> No File.
NETSVC: atksgt -> C:\Windows\system32\lmimaint.dll ==> No File.
NETSVC: speedfan -> C:\Windows\system32\amdagp.dll ==> No File.
NETSVC: streamloadservice -> C:\Windows\system32\VrAcFil.dll ==> No File.
NETSVC: imonitor -> C:\Windows\system32\lirsgt.dll ==> No File.
NETSVC: ZY202_XP -> C:\Windows\system32\aswrdr.dll ==> No File.
NETSVC: DeviceScanner -> C:\Windows\system32\fsks.dll ==> No File.
NETSVC: mail2ec -> C:\Windows\system32\hidgame.dll ==> No File.
NETSVC: sym_u3 -> C:\Windows\system32\vet-rec.dll ==> No File.
NETSVC: usb20l -> C:\Windows\system32\smservauth.dll ==> No File.
NETSVC: ldlcserv -> C:\Windows\system32\lxrjd31s.dll ==> No File.
NETSVC: ino_flpy -> C:\Windows\system32\SymIM.dll ==> No File.
NETSVC: jsdaemon -> C:\Windows\system32\WmHidLo.dll ==> No File.
NETSVC: ARCSOFTVIRTUALCAPTURE -> C:\Windows\system32\w810mgmt.dll ==> No File.
NETSVC: HssSrv -> C:\Windows\system32\https-admserv61.dll ==> No File.
NETSVC: hsfhwazl -> C:\Windows\system32\rslinxng.dll ==> No File.
NETSVC: bdrsdrv -> C:\Windows\system32\Ld51ocnucsnp.dll ==> No File.
NETSVC: FTDIBUS -> C:\Windows\system32\RadProbe.dll ==> No File.
NETSVC: VirtualCam -> C:\Windows\system32\fltmgr.dll ==> No File.
NETSVC: pxhelp20 -> C:\Windows\system32\pvservice.dll ==> No File.
NETSVC: mcdbus -> C:\Windows\system32\wlluc48.dll ==> No File.
NETSVC: contentfilter -> C:\Windows\system32\i2omgmt.dll ==> No File.
NETSVC: symc810 -> C:\Windows\system32\Ptserlp.dll ==> No File.
NETSVC: ndassvc -> C:\Windows\system32\ZDCNDIS5.dll ==> No File.
NETSVC: HWIONT -> C:\Windows\system32\volsnap.dll ==> No File.
NETSVC: DSI_SiUSBXp_3_1 -> C:\Windows\system32\mraid35x.dll ==> No File.
NETSVC: JiaoCap -> C:\Windows\system32\VIAPFD.dll ==> No File.
NETSVC: spcsutilityservice -> C:\Windows\system32\pavfnsvr.dll ==> No File.
NETSVC: z525bus -> C:\Windows\system32\mgabg.dll ==> No File.
NETSVC: 3combootp -> C:\Windows\system32\HSFHWALI.dll ==> No File.
NETSVC: centennialiptransferagent -> C:\Windows\system32\asapiw2k.dll ==> No File.
NETSVC: tappsrv -> C:\Windows\system32\SRTSP.dll ==> No File.
NETSVC: L1e -> C:\Windows\system32\scanwscs.dll ==> No File.
NETSVC: rimvserport -> C:\Windows\system32\ql1080.dll ==> No File.
NETSVC: dsncservice -> C:\Windows\system32\snare.dll ==> No File.
NETSVC: wps -> C:\Windows\system32\nv.dll ==> No File.
NETSVC: backupclientsvc -> C:\Windows\system32\S7oppilx.dll ==> No File.
NETSVC: U81xobex -> C:\Windows\system32\d-link_st3402.dll ==> No File.
NETSVC: icraplus -> C:\Windows\system32\MA-620.dll ==> No File.
NETSVC: zntport -> C:\Windows\system32\WBHWDOCT.dll ==> No File.
NETSVC: dbmang -> C:\Windows\system32\papyjoy.dll ==> No File.
NETSVC: avg7rsw -> C:\Windows\system32\db2.dll ==> No File.
NETSVC: UCTblHid -> C:\Windows\system32\WUSB54Gv4SVC.dll ==> No File.
NETSVC: KLOGNT -> C:\Windows\system32\avfilter.dll ==> No File.
NETSVC: TuneUp.ProgramStatisticsSvc -> C:\Windows\system32\EMSCR.dll ==> No File.
NETSVC: mpfirewl -> C:\Windows\system32\QV2KUX.dll ==> No File.
NETSVC: mrobeservice -> C:\Windows\system32\siside.dll ==> No File.
NETSVC: thotkey -> C:\Windows\system32\tifm21.dll ==> No File.
NETSVC: ql1080 -> C:\Windows\system32\v124.dll ==> No File.
NETSVC: caccprovsp -> C:\Windows\system32\nuvvid2.dll ==> No File.
NETSVC: CnxTrUsb -> C:\Windows\system32\raspti.dll ==> No File.
NETSVC: ifxspmgtsrv -> C:\Windows\system32\ZSMC301b.dll ==> No File.
NETSVC: HSX_DP -> C:\Windows\system32\HFACSVC.dll ==> No File.
NETSVC: cpqdmi -> C:\Windows\system32\revudfservice.dll ==> No File.
NETSVC: se2End5 -> C:\Windows\system32\n3900.dll ==> No File.
NETSVC: LMouKE -> C:\Windows\system32\MXOPSWD.dll ==> No File.
NETSVC: i2omgmt -> C:\Windows\system32\redbook.dll ==> No File.
NETSVC: XilinxPC4Driver -> C:\Windows\system32\pxhelp20.dll ==> No File.
NETSVC: bthpan -> C:\Windows\system32\sfhlp01.dll ==> No File.
NETSVC: CDRPDACC -> C:\Windows\system32\MXOPSWD.dll ==> No File.
NETSVC: symc8xx -> C:\Windows\system32\usnjsvc.dll ==> No File.
NETSVC: p3 -> C:\Windows\system32\nhcDriverDevice.dll ==> No File.
NETSVC: nwlnkipx -> C:\Windows\system32\s3savagemx.dll ==> No File.
NETSVC: CoachVc -> C:\Windows\system32\NICM.dll ==> No File.
NETSVC: avsinc -> C:\Windows\system32\euq_monitor.dll ==> No File.
NETSVC: hap17v2k -> C:\Windows\system32\lxce_device.dll ==> No File.
NETSVC: motoswitchservice -> C:\Windows\system32\symlcbrd.dll ==> No File.
NETSVC: iolo_srv -> C:\Windows\system32\USIUDF.dll ==> No File.
NETSVC: dmload -> C:\Windows\system32\symc8xx.dll ==> No File.
NETSVC: Slntamr -> C:\Windows\system32\vpcbus.dll ==> No File.
NETSVC: Amsmpu4p -> C:\Windows\system32\a016bus.dll ==> No File.
NETSVC: WGX -> C:\Windows\system32\schscnt.dll ==> No File.
NETSVC: p2pgasvc -> C:\Windows\system32\XDva004.dll ==> No File.
NETSVC: sit_mdm -> C:\Windows\system32\MxlW2k.dll ==> No File.
NETSVC: ATIBTXBAR -> C:\Windows\system32\w3svc.dll ==> No File.
NETSVC: hSONYPVh -> C:\Windows\system32\cwafreportscheduler.dll ==> No File.
NETSVC: tme3srv -> C:\Windows\system32\coste.dll ==> No File.
NETSVC: slapd-data52 -> C:\Windows\system32\s125mdfl.dll ==> No File.
NETSVC: dvd-ram_service -> C:\Windows\system32\ifxspmgtsrv.dll ==> No File.
NETSVC: arp1394 -> C:\Windows\system32\AVRec.dll ==> No File.
NETSVC: CVPNDRVA -> C:\Windows\system32\CTDevice_Srv.dll ==> No File.
NETSVC: snoopfree -> C:\Windows\system32\dsbrokerservice.dll ==> No File.
NETSVC: netdetect -> C:\Windows\system32\asp.net_1.1.4322.dll ==> No File.
NETSVC: Nsynas32 -> C:\Windows\system32\atiavaiw.dll ==> No File.
NETSVC: LHidKe -> C:\Windows\system32\avidsdmservice.dll ==> No File.
NETSVC: cfsvcs -> C:\Windows\system32\nscirda.dll ==> No File.
NETSVC: hpqddsvc -> C:\Windows\system32\msmpsvc.dll ==> No File.
NETSVC: SE2Emgmt -> C:\Windows\system32\guardian2.dll ==> No File.
NETSVC: lvcomser -> C:\Windows\system32\sit_mdm.dll ==> No File.
NETSVC: ELacpi -> C:\Windows\system32\disk.dll ==> No File.
NETSVC: ftrtsvc -> C:\Windows\system32\ARPolicy.dll ==> No File.
NETSVC: eeyeevnt -> C:\Windows\system32\comhost.dll ==> No File.
NETSVC: CdaC15BA -> C:\Windows\system32\pxfhserd.dll ==> No File.
NETSVC: PTproct -> C:\Windows\system32\p1110vid.dll ==> No File.
NETSVC: transactional -> C:\Windows\system32\JL2005C.dll ==> No File.
NETSVC: Invoker -> C:\Windows\system32\hkmsvc.dll ==> No File.
NETSVC: CE3 -> C:\Windows\system32\CnxTrLan.dll ==> No File.
NETSVC: vrmonsvc -> C:\Windows\system32\aiclient.dll ==> No File.
NETSVC: parallel -> C:\Windows\system32\fsssvc.dll ==> No File.
NETSVC: bmuservice -> C:\Windows\system32\AKSIFDH.dll ==> No File.
NETSVC: smrt -> C:\Windows\system32\Epiusb.dll ==> No File.
NETSVC: aexnsclient -> C:\Windows\system32\bgs_sdservice.dll ==> No File.
NETSVC: NWSIPX32 -> C:\Windows\system32\SrvcEPECioctl.dll ==> No File.
NETSVC: iaantmon -> C:\Windows\system32\gv3.dll ==> No File.
NETSVC: us30sys -> C:\Windows\system32\winvnc.dll ==> No File.
NETSVC: se2Bunic -> C:\Windows\system32\mqdmbus.dll ==> No File.
NETSVC: FireTDI -> C:\Windows\system32\GTSCSER.dll ==> No File.
NETSVC: QPCapSvc -> C:\Windows\system32\qcmerced.dll ==> No File.
NETSVC: mcods -> C:\Windows\system32\atitool.dll ==> No File.
NETSVC: ssrvc -> C:\Windows\system32\ovmsmaccessmanager.dll ==> No File.
NETSVC: prism_a02 -> C:\Windows\system32\Intels51.dll ==> No File.
NETSVC: SE26obex -> C:\Windows\system32\lockmgr.dll ==> No File.
NETSVC: sscdmdm -> C:\Windows\system32\pelmouse.dll ==> No File.
NETSVC: VAIOMediaPlatform-PhotoServer-HTTP -> C:\Windows\system32\ACDaemon.dll ==> No File.
NETSVC: d-link_st3402 -> C:\Windows\system32\ageremodemaudio.dll ==> No File.
NETSVC: hcmon -> C:\Windows\system32\s616mdfl.dll ==> No File.
NETSVC: ACDaemon -> C:\Windows\system32\emAudio.dll ==> No File.
NETSVC: cisvc -> No Registry Path.
NETSVC: lwwlicenseservice -> C:\Windows\system32\earthlinksafeconnectagent.dll ==> No File.
NETSVC: procmon10 -> C:\Windows\system32\iaimfp3.dll ==> No File.
NETSVC: MRENDIS5 -> C:\Windows\system32\nvax.dll ==> No File.
NETSVC: cbidf -> C:\Windows\system32\usbvideo.dll ==> No File.
NETSVC: adsservice -> C:\Windows\system32\vwlogger.dll ==> No File.
NETSVC: ngserver -> C:\Windows\system32\noipducservice.dll ==> No File.
NETSVC: iolodmv -> C:\Windows\system32\ibmasrex.dll ==> No File.
NETSVC: lhidflt2 -> C:\Windows\system32\rsvchost.dll ==> No File.
NETSVC: w800obex -> C:\Windows\system32\emAudio.dll ==> No File.
NETSVC: Ncrc710 -> C:\Windows\system32\ulcdrhlp.dll ==> No File.
NETSVC: wmccds -> C:\Windows\system32\amfilter.dll ==> No File.
NETSVC: {6080a529-897e-4629-a488-aba0c29b635e} -> C:\Windows\system32\nv_agp.dll ==> No File.
NETSVC: Pctspk -> C:\Windows\system32\trackcam4.dll ==> No File.
NETSVC: pmsveh -> C:\Windows\system32\wmp54gsvc.dll ==> No File.
NETSVC: vulfnths -> C:\Windows\system32\ELmon.dll ==> No File.
NETSVC: SimpTcp -> C:\Windows\system32\avgntflt.dll ==> No File.
NETSVC: CTHWIUT.DLL -> C:\Windows\system32\DN2AKNET.dll ==> No File.
NETSVC: abnetmon -> C:\Windows\system32\aeclienthostservice.dll ==> No File.
NETSVC: prosync1 -> C:\Windows\system32\emproxy.dll ==> No File.
NETSVC: LPDSVC -> C:\Windows\system32\raidmagt.dll ==> No File.
NETSVC: rxfilter -> C:\Windows\system32\slee_503_service.dll ==> No File.
NETSVC: epfwtdi -> C:\Windows\system32\sfng32.dll ==> No File.
NETSVC: RTL8169 -> C:\Windows\system32\bb-run.dll ==> No File.
NETSVC: TuneUp.Defrag -> C:\Windows\system32\vclone.dll ==> No File.
NETSVC: tfsnboio -> C:\Windows\system32\s716nd5.dll ==> No File.
NETSVC: symantecantibotagent -> C:\Windows\system32\cdralw2k.dll ==> No File.
NETSVC: ooclevercacheagent -> C:\Windows\system32\s116mgmt.dll ==> No File.
NETSVC: bgmainsvc -> C:\Windows\system32\mnmsrvc.dll ==> No File.
NETSVC: GVCplDrv -> C:\Windows\system32\snpstd2.dll ==> No File.
NETSVC: DNE -> C:\Windows\system32\naimagent32.dll ==> No File.
NETSVC: modemcsa -> C:\Windows\system32\trufos.dll ==> No File.
NETSVC: V0070VID -> C:\Windows\system32\SABProcEnum.dll ==> No File.
NETSVC: nwlnkspx -> C:\Windows\system32\se59unic.dll ==> No File.
NETSVC: ikfilesec -> C:\Windows\system32\akshasp.dll ==> No File.
NETSVC: rtl8023 -> C:\Windows\system32\suservice.dll ==> No File.
NETSVC: CTMMOUNT -> C:\Windows\system32\V0070VID.dll ==> No File.
NETSVC: dwusbdnt -> C:\Windows\system32\pavfnsvr.dll ==> No File.
NETSVC: dbmanagerscheduler -> C:\Windows\system32\btkrnl.dll ==> No File.
NETSVC: maxbackserviceint -> C:\Windows\system32\oracle_load_balancer_60_client-forms6ip14.dll ==> No File.
NETSVC: susbser -> C:\Windows\system32\viamraid.dll ==> No File.
NETSVC: wfxsvc -> C:\Windows\system32\bridge.dll ==> No File.
NETSVC: MREMP50a64 -> C:\Windows\system32\ppa3.dll ==> No File.
NETSVC: odserv -> C:\Windows\system32\dsbrokerservice.dll ==> No File.
NETSVC: roxupnprenderer -> C:\Windows\system32\nvport.dll ==> No File.
NETSVC: armoucfltr -> C:\Windows\system32\NETGEAR_MA111.dll ==> No File.
NETSVC: s616mgmt -> C:\Windows\system32\FETNDISB.dll ==> No File.
NETSVC: hsvcmod -> C:\Windows\system32\k750mdfl.dll ==> No File.
NETSVC: minilog -> C:\Windows\system32\prosync1.dll ==> No File.
NETSVC: db2 -> C:\Windows\system32\RecAgent.dll ==> No File.
NETSVC: dlbx_device -> C:\Windows\system32\aslm75.dll ==> No File.
NETSVC: MSFWHLPR -> C:\Windows\system32\ELacpi.dll ==> No File.
NETSVC: ikhlayer -> C:\Windows\system32\RVIEG01.dll ==> No File.
NETSVC: client32 -> C:\Windows\system32\mysql.dll ==> No File.
NETSVC: lvhidsvc -> C:\Windows\system32\Ktp.dll ==> No File.
NETSVC: meiudf -> C:\Windows\system32\dladresm.dll ==> No File.
NETSVC: stunnel -> C:\Windows\system32\digictrl.dll ==> No File.
NETSVC: sysdown -> C:\Windows\system32\sqlserveragent.dll ==> No File.
NETSVC: mvserver -> C:\Windows\system32\F700imd.dll ==> No File.
NETSVC: ltxred -> C:\Windows\system32\bdftdif.dll ==> No File.
NETSVC: smwdm -> C:\Windows\system32\ELhid.dll ==> No File.
NETSVC: SE2Cmgmt -> C:\Windows\system32\SPCtl.dll ==> No File.
NETSVC: mfeavfk -> C:\Windows\system32\iwebmsg.dll ==> No File.
==================== One Month Created Files and Folders ========
2012-11-15 21:54 - 2012-11-15 21:54 - 00000000 ____D C:\FRST
2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\shsdulsr.sys
2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cbaltlhf.sys
2012-11-15 21:36 - 2012-11-15 21:36 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
==================== One Month Modified Files and Folders ========
2012-11-15 21:54 - 2012-11-15 21:54 - 00000000 ____D C:\FRST
2012-11-15 21:48 - 2011-08-03 23:31 - 00733518 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\shsdulsr.sys
2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cbaltlhf.sys
2012-11-15 21:41 - 2012-01-13 22:48 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-15 21:40 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-15 21:40 - 2009-07-13 20:39 - 00067796 ____A C:\Windows\setupact.log
2012-11-15 21:36 - 2012-11-15 21:36 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2012-11-15 21:36 - 2012-01-13 22:48 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-15 21:32 - 2011-08-08 11:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-11-15 21:31 - 2009-07-13 20:34 - 00013936 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-15 21:31 - 2009-07-13 20:34 - 00013936 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-15 21:25 - 2011-08-03 23:21 - 01478198 ____A C:\Windows\WindowsUpdate.log
ZeroAccess:
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\@
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L\00000004.@
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L\201d3dde
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U\80000000.@
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U\80000032.@
ZeroAccess:
C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}
C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\@
C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L
C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\n
C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U
ZeroAccess:
C:\Windows\assembly\GAC\Desktop.ini
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe A302BBFF2A7278C0E239EE5D471D86A9 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-08-08 02:28:35
Restore point made on: 2012-08-15 23:00:22
Restore point made on: 2012-08-17 13:29:06
==================== Memory info ===========================
Percentage of memory in use: 12%
Total physical RAM: 4029.93 MB
Available physical RAM: 3523.66 MB
Total Pagefile: 4028.2 MB
Available Pagefile: 3529.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.62 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:465.66 GB) (Free:102.95 GB) NTFS
2 Drive d: (Big Daddy) (Fixed) (Total:1863.01 GB) (Free:649.82 GB) NTFS
4 Drive g: (GB) (Removable) (Total:0.99 GB) (Free:0.98 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 1863 GB 0 B
Disk 2 Online 1009 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 465 GB 101 MB
=========================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 465 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1863 GB 1024 KB
=========================================================
Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D Big Daddy NTFS Partition 1863 GB Healthy
=========================================================
Partitions of Disk 2:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1009 MB 16 KB
=========================================================
Disk: 2
Partition 1
Type : 06
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G GB FAT Removable 1009 MB Healthy
=========================================================
Last Boot: 2012-08-16 23:03
==================== End Of Log ============================
Farbar Recovery Scan Tool (x86) Version: 12-11-2012
Ran by SYSTEM at 2012-11-15 21:58:59
Running from G:\
================== Search: "services.exe" ===================
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2009-07-13 15:11] - [2009-07-13 17:14] - 0259072 ____A (Microsoft Corporation) 5F1B6A9C35D3D5CA72D6D6FDEF9747D6
C:\Windows\System32\services.exe
[2009-07-13 15:11] - [2012-08-19 20:42] - 0259072 ____A (Microsoft Corporation) A302BBFF2A7278C0E239EE5D471D86A9
=== End Of Search ===
I found this site while researching a problem that has just occurred on my desktop. As you have probably already guessed, I fell for the fake Adobe update and downloaded myself a heap of trouble instead. I'm not sure of the correct name for the virus is but the message in my post title comes up as soon as I log on and then everything shuts down before I can do anything. I think this is a common virus at the moment and hopefully the above is enough for you to identify it. I have Microsoft Security Essentials as my security and obviously it got around that as I ok'd the download. My Desktop is running Windows 7 32bit system. Please let me know if you need any further info. Many thanks!
I have followed the steps provided on this link up to the point where my logs need to be reviewed.
https://www.techspot.com/community/...ical-error-will-restart-in-one-minute.184335/
Below are my logs.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-11-2012
Ran by SYSTEM at 15-11-2012 21:57:40
Running from G:\
Windows 7 Ultimate (X86) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [1808784 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-05-30] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\iTunesHelper.exe" [421776 2012-06-07] (Apple Inc.)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [931200 2012-03-26] (Microsoft Corporation)
HKU\Josh\...\Run: [PlayOn] C:\Program Files\MediaMall\PlayOn.exe [x]
HKU\Josh\...\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59240 2012-02-23] (Apple Inc.)
HKU\Josh\...\Run: [Plex Media Server] "C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe" [2495056 2011-07-26] (Plex, Inc.)
HKU\Josh\...\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\Josh\...\RunOnce: [Application Restart #2] C:\Program Files\Google\Chrome Frame\Application\chrome.exe --automation-channel=ChromeTestingInterface:4292.1 --chrome-frame --no-first-run --disable-background-mode --disable-popup-blocking --disable-print-preview --chrome-frame-shutdown-delay=30 --user-data-dir="C:\Users\Josh\AppData\Local\Google\Chrome Frame\User Data\iexplore" --chrome-version=19.0.1084.56 --lang=en-US --flag-switches-begin --flag-switches-end --restore-last-session [1242136 2012-10-31] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Startup: C:\Users\Josh\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
==================== Services (Whitelisted) ===================
2 MBAMScheduler; "C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe" [399432 2012-09-29] (Malwarebytes Corporation)
2 MBAMService; "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" [676936 2012-09-29] (Malwarebytes Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [11552 2012-03-26] (Microsoft Corporation)
3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [214952 2012-03-26] (Microsoft Corporation)
2 nvUpdatusService; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504 2011-05-21] (NVIDIA Corporation)
2 3combootp; C:\Windows\System32\HSFHWALI.dll [x]
2 3comtftp; C:\Windows\System32\mediaviewer.dll [x]
2 abnetmon; C:\Windows\System32\aeclienthostservice.dll [x]
2 ACDaemon; C:\Windows\System32\emAudio.dll [x]
2 admjoy; C:\Windows\System32\WD_FireWire_HID.dll [x]
2 adsservice; C:\Windows\System32\vwlogger.dll [x]
2 aexnsclient; C:\Windows\System32\bgs_sdservice.dll [x]
2 ami0nt; C:\Windows\System32\nuvvid2.dll [x]
2 Amsmpu4p; C:\Windows\System32\a016bus.dll [x]
2 apache2; C:\Windows\System32\prfldsvc.dll [x]
2 application; C:\Windows\System32\w810mgmt.dll [x]
2 ARCSOFTVIRTUALCAPTURE; C:\Windows\System32\w810mgmt.dll [x]
2 armoucfltr; C:\Windows\System32\NETGEAR_MA111.dll [x]
2 arp1394; C:\Windows\System32\AVRec.dll [x]
2 aslm75; C:\Windows\System32\vmusb.dll [x]
2 aswtdi; C:\Windows\System32\vtserver.dll [x]
2 atchksrv; C:\Windows\System32\STV672.dll [x]
2 ATIBTXBAR; C:\Windows\System32\w3svc.dll [x]
2 ATKGFNEXSrv; C:\Windows\System32\igfx.dll [x]
2 atksgt; C:\Windows\System32\lmimaint.dll [x]
2 Atmuni; C:\Windows\System32\epsonstatusagent2.dll [x]
2 avc; C:\Windows\System32\wdm_au8820.dll [x]
2 avg7rsw; C:\Windows\System32\db2.dll [x]
2 avsinc; C:\Windows\System32\euq_monitor.dll [x]
2 avsvcmonitor; C:\Windows\System32\vaiomediaplatform-photoserver-appserver.dll [x]
2 b57w2k; C:\Windows\System32\TSHWMDTCP.dll [x]
2 backupclientsvc; C:\Windows\System32\S7oppilx.dll [x]
2 backupexecrpcservice; C:\Windows\System32\rimusb.dll [x]
2 bb-run; C:\Windows\System32\ATIVXSTW.dll [x]
2 bdrsdrv; C:\Windows\System32\Ld51ocnucsnp.dll [x]
2 bgmainsvc; C:\Windows\System32\mnmsrvc.dll [x]
2 bgsvcgen; C:\Windows\System32\nhcDriverDevice.dll [x]
2 bmuservice; C:\Windows\System32\AKSIFDH.dll [x]
2 bocdrive; C:\Windows\System32\anio.dll [x]
2 btcsrusb; C:\Windows\System32\xpadminserver.dll [x]
2 bthpan; C:\Windows\System32\sfhlp01.dll [x]
2 caccprovsp; C:\Windows\System32\nuvvid2.dll [x]
2 cbidf; C:\Windows\System32\usbvideo.dll [x]
2 CcmExec; C:\Windows\System32\PSSdk21.dll [x]
2 CdaC15BA; C:\Windows\System32\pxfhserd.dll [x]
2 CDRPDACC; C:\Windows\System32\MXOPSWD.dll [x]
2 CE3; C:\Windows\System32\CnxTrLan.dll [x]
2 centennialiptransferagent; C:\Windows\System32\asapiw2k.dll [x]
2 cfsvcs; C:\Windows\System32\nscirda.dll [x]
2 client32; C:\Windows\System32\mysql.dll [x]
2 CnxTrUsb; C:\Windows\System32\raspti.dll [x]
2 CoachVc; C:\Windows\System32\NICM.dll [x]
2 contentfilter; C:\Windows\System32\i2omgmt.dll [x]
2 contentindex; C:\Windows\System32\xpadminserver.dll [x]
2 cpqdmi; C:\Windows\System32\revudfservice.dll [x]
2 cpqvcagent; C:\Windows\System32\Xyz777s.dll [x]
2 cpsvc; C:\Windows\System32\wmdmpmsn.dll [x]
2 cq_mem; C:\Windows\System32\asapiw2k.dll [x]
2 crystaloutputfileserver; C:\Windows\System32\rupsmon.dll [x]
2 CTHWIUT.DLL; C:\Windows\System32\DN2AKNET.dll [x]
2 CTMMOUNT; C:\Windows\System32\V0070VID.dll [x]
2 ctusfsyn; C:\Windows\System32\epsonbidirectionalservice.dll [x]
2 curtainssyssvc; C:\Windows\System32\PSSdk23.dll [x]
2 CVPNDRVA; C:\Windows\System32\CTDevice_Srv.dll [x]
2 d-link_st3402; C:\Windows\System32\ageremodemaudio.dll [x]
2 db2; C:\Windows\System32\RecAgent.dll [x]
2 dbmanagerscheduler; C:\Windows\System32\btkrnl.dll [x]
2 dbmang; C:\Windows\System32\papyjoy.dll [x]
2 DcCam; C:\Windows\System32\ZY202_XP.dll [x]
2 DeviceScanner; C:\Windows\System32\fsks.dll [x]
2 Dfs; C:\Windows\System32\omniusbl.dll [x]
2 digictrl; C:\Windows\System32\pavdrv.dll [x]
2 DivisCTP; C:\Windows\System32\itmrtsvc.dll [x]
2 dklogger; C:\Windows\System32\SMCB000.dll [x]
2 dlbx_device; C:\Windows\System32\aslm75.dll [x]
2 dmload; C:\Windows\System32\symc8xx.dll [x]
2 DNE; C:\Windows\System32\naimagent32.dll [x]
2 dot4ufd; C:\Windows\System32\vulfnths.dll [x]
2 dpc_srv_webcast; C:\Windows\System32\kl1.dll [x]
2 driverhardwarev2; C:\Windows\System32\gusvc.dll [x]
2 DSI_SiUSBXp_3_1; C:\Windows\System32\mraid35x.dll [x]
2 dsncservice; C:\Windows\System32\snare.dll [x]
2 dvd-ram_service; C:\Windows\System32\ifxspmgtsrv.dll [x]
2 dwusbdnt; C:\Windows\System32\pavfnsvr.dll [x]
2 eeyeevnt; C:\Windows\System32\comhost.dll [x]
2 ELacpi; C:\Windows\System32\disk.dll [x]
2 epfwtdi; C:\Windows\System32\sfng32.dll [x]
2 F700imd; C:\Windows\System32\oracleservicelocalora.dll [x]
2 fasttrackinstallerservice; C:\Windows\System32\s125bus.dll [x]
2 FireTDI; C:\Windows\System32\GTSCSER.dll [x]
2 flashpnt; C:\Windows\System32\se2Cnd5.dll [x]
2 FTDIBUS; C:\Windows\System32\RadProbe.dll [x]
2 ftrtsvc; C:\Windows\System32\ARPolicy.dll [x]
2 FVXSCSI; C:\Windows\System32\ultra66.dll [x]
2 gs30s; C:\Windows\System32\hamachi.dll [x]
2 GVCplDrv; C:\Windows\System32\snpstd2.dll [x]
2 HabuFltr; C:\Windows\System32\lanmanserver.dll [x]
2 hap17v2k; C:\Windows\System32\lxce_device.dll [x]
2 hcmon; C:\Windows\System32\s616mdfl.dll [x]
2 hf30service; C:\Windows\System32\bt3cser.dll [x]
2 hpqddsvc; C:\Windows\System32\msmpsvc.dll [x]
2 hpwirelessmgr; C:\Windows\System32\mcredirector.dll [x]
2 hsfhwazl; C:\Windows\System32\rslinxng.dll [x]
2 hSONYPVh; C:\Windows\System32\cwafreportscheduler.dll [x]
2 HssSrv; C:\Windows\System32\https-admserv61.dll [x]
2 hsvcmod; C:\Windows\System32\k750mdfl.dll [x]
2 HSX_DP; C:\Windows\System32\HFACSVC.dll [x]
2 HWIONT; C:\Windows\System32\volsnap.dll [x]
2 i2omgmt; C:\Windows\System32\redbook.dll [x]
2 iaantmon; C:\Windows\System32\gv3.dll [x]
2 iAimFP7; C:\Windows\System32\ProcObsrv.dll [x]
2 icraplus; C:\Windows\System32\MA-620.dll [x]
2 ifp800; C:\Windows\System32\vulfntrs.dll [x]
2 ifxspmgtsrv; C:\Windows\System32\ZSMC301b.dll [x]
2 ikfilesec; C:\Windows\System32\akshasp.dll [x]
2 ikhlayer; C:\Windows\System32\RVIEG01.dll [x]
2 imonitor; C:\Windows\System32\lirsgt.dll [x]
2 ino_flpy; C:\Windows\System32\SymIM.dll [x]
2 Invoker; C:\Windows\System32\hkmsvc.dll [x]
2 iolodmv; C:\Windows\System32\ibmasrex.dll [x]
2 iolo_srv; C:\Windows\System32\USIUDF.dll [x]
2 JiaoCap; C:\Windows\System32\VIAPFD.dll [x]
2 JRAID; C:\Windows\System32\vpctcom.dll [x]
2 jsdaemon; C:\Windows\System32\WmHidLo.dll [x]
2 k750bus; C:\Windows\System32\licensemanagersocket.dll [x]
2 KLOGNT; C:\Windows\System32\avfilter.dll [x]
2 kpf4; C:\Windows\System32\bwmservice.dll [x]
2 kwatchsvc; C:\Windows\System32\admservice.dll [x]
2 L1e; C:\Windows\System32\scanwscs.dll [x]
2 ldlcserv; C:\Windows\System32\lxrjd31s.dll [x]
2 lhidflt2; C:\Windows\System32\rsvchost.dll [x]
2 LHidKe; C:\Windows\System32\avidsdmservice.dll [x]
2 lirsgt; C:\Windows\System32\sentinel.dll [x]
2 LKbdFlt2; C:\Windows\System32\NWUSBPort.dll [x]
2 LMouKE; C:\Windows\System32\MXOPSWD.dll [x]
2 lp6nds35; C:\Windows\System32\pae_avs.dll [x]
2 LPDSVC; C:\Windows\System32\raidmagt.dll [x]
2 ltxred; C:\Windows\System32\bdftdif.dll [x]
2 lvcomser; C:\Windows\System32\sit_mdm.dll [x]
2 lvhidsvc; C:\Windows\System32\Ktp.dll [x]
2 lwwlicenseservice; C:\Windows\System32\earthlinksafeconnectagent.dll [x]
2 lxbu_device; C:\Windows\System32\sis315.dll [x]
2 M3AD; C:\Windows\System32\cdr4_xp.dll [x]
2 mail2ec; C:\Windows\System32\hidgame.dll [x]
2 maxbackserviceint; C:\Windows\System32\oracle_load_balancer_60_client-forms6ip14.dll [x]
2 mcdbus; C:\Windows\System32\wlluc48.dll [x]
2 mcods; C:\Windows\System32\atitool.dll [x]
2 mdvrmng; C:\Windows\System32\atimtag.dll [x]
2 meiudf; C:\Windows\System32\dladresm.dll [x]
2 merakpop3; C:\Windows\System32\httpfilter.dll [x]
2 mfeavfk; C:\Windows\System32\iwebmsg.dll [x]
2 minilog; C:\Windows\System32\prosync1.dll [x]
2 modemcsa; C:\Windows\System32\trufos.dll [x]
2 motoswitchservice; C:\Windows\System32\symlcbrd.dll [x]
2 mpfirewl; C:\Windows\System32\QV2KUX.dll [x]
2 mqdmmdm; C:\Windows\System32\NVR0Dev.dll [x]
2 MREMP50a64; C:\Windows\System32\ppa3.dll [x]
2 MRENDIS5; C:\Windows\System32\nvax.dll [x]
2 mrobeservice; C:\Windows\System32\siside.dll [x]
2 MSFWDrv; C:\Windows\System32\armoucfltr.dll [x]
2 MSFWHLPR; C:\Windows\System32\ELacpi.dll [x]
2 mvserver; C:\Windows\System32\F700imd.dll [x]
2 mxserver; C:\Windows\System32\ZSMC301b.dll [x]
2 n558; C:\Windows\System32\symantecantibotshim.dll [x]
2 Ncrc710; C:\Windows\System32\ulcdrhlp.dll [x]
2 ndassvc; C:\Windows\System32\ZDCNDIS5.dll [x]
2 netdetect; C:\Windows\System32\asp.net_1.1.4322.dll [x]
2 ngserver; C:\Windows\System32\noipducservice.dll [x]
2 nidomainservice; C:\Windows\System32\dashsvc.dll [x]
2 nimcrpcsu; C:\Windows\System32\WinDriver6.dll [x]
2 NITaggerService; C:\Windows\System32\pxfhmdfl.dll [x]
2 Nsynas32; C:\Windows\System32\atiavaiw.dll [x]
2 ntiopnp; C:\Windows\System32\sony_ssm.sys.dll [x]
2 ntsecure; C:\Windows\System32\kl1.dll [x]
2 nvedavt; C:\Windows\System32\xusb21.dll [x]
2 nwlnkipx; C:\Windows\System32\s3savagemx.dll [x]
2 nwlnkspx; C:\Windows\System32\se59unic.dll [x]
2 NWSIPX32; C:\Windows\System32\SrvcEPECioctl.dll [x]
2 NxFsMon; C:\Windows\System32\npkcrypt.dll [x]
2 O2SCBUS; C:\Windows\System32\lockmgr.dll [x]
2 odserv; C:\Windows\System32\dsbrokerservice.dll [x]
2 ooclevercacheagent; C:\Windows\System32\s116mgmt.dll [x]
2 OracleOraHome92ClientCache; C:\Windows\System32\ovt519.dll [x]
2 ovt519; C:\Windows\System32\wpsscannersvc.dll [x]
2 p2pgasvc; C:\Windows\System32\XDva004.dll [x]
2 p3; C:\Windows\System32\nhcDriverDevice.dll [x]
2 parallel; C:\Windows\System32\fsssvc.dll [x]
2 Pctspk; C:\Windows\System32\trackcam4.dll [x]
2 PdiPorts; C:\Windows\System32\spcstb.dll [x]
2 penrendezvous; C:\Windows\System32\toshidpt.dll [x]
2 pmsveh; C:\Windows\System32\wmp54gsvc.dll [x]
2 prism_a02; C:\Windows\System32\Intels51.dll [x]
2 procmon10; C:\Windows\System32\iaimfp3.dll [x]
2 prosync1; C:\Windows\System32\emproxy.dll [x]
2 PTproct; C:\Windows\System32\p1110vid.dll [x]
2 Ptserlp; C:\Windows\System32\USB_RNDIS_XP.dll [x]
2 pxhelp20; C:\Windows\System32\pvservice.dll [x]
2 ql1080; C:\Windows\System32\v124.dll [x]
2 QPCapSvc; C:\Windows\System32\qcmerced.dll [x]
2 R300; C:\Windows\System32\procexp90.dll [x]
2 retroexplauncher; C:\Windows\System32\avidsdmservice.dll [x]
2 rimvserport; C:\Windows\System32\ql1080.dll [x]
2 roxupnprenderer; C:\Windows\System32\nvport.dll [x]
2 rt2500; C:\Windows\System32\DXEC02.dll [x]
2 RTHDMIAzAudService; C:\Windows\System32\VC4CB104.dll [x]
2 rtl8023; C:\Windows\System32\suservice.dll [x]
2 RTL8169; C:\Windows\System32\bb-run.dll [x]
2 rxfilter; C:\Windows\System32\slee_503_service.dll [x]
2 s616mgmt; C:\Windows\System32\FETNDISB.dll [x]
2 SaiMini; C:\Windows\System32\vclone.dll [x]
2 sddmi2; C:\Windows\System32\EpmShd.dll [x]
2 SE26obex; C:\Windows\System32\lockmgr.dll [x]
2 SE27mdm; C:\Windows\System32\dlbx_device.dll [x]
2 se2Bunic; C:\Windows\System32\mqdmbus.dll [x]
2 SE2Cmgmt; C:\Windows\System32\SPCtl.dll [x]
2 SE2Emgmt; C:\Windows\System32\guardian2.dll [x]
2 se2End5; C:\Windows\System32\n3900.dll [x]
2 se44obex; C:\Windows\System32\ELhid.dll [x]
2 sentinel; C:\Windows\System32\p17.dll [x]
2 shdserv; C:\Windows\System32\WmBEnum.dll [x]
2 Shockprf; C:\Windows\System32\cfgwzsvc.dll [x]
2 simbad; C:\Windows\System32\MREMP50a64.dll [x]
2 SimpTcp; C:\Windows\System32\avgntflt.dll [x]
2 sit_mdm; C:\Windows\System32\MxlW2k.dll [x]
2 slapd-data52; C:\Windows\System32\s125mdfl.dll [x]
2 Slntamr; C:\Windows\System32\vpcbus.dll [x]
2 smrt; C:\Windows\System32\Epiusb.dll [x]
2 smwdm; C:\Windows\System32\ELhid.dll [x]
2 snapman; C:\Windows\System32\nod32krn.dll [x]
2 SNC; C:\Windows\System32\profos.dll [x]
2 snoopfree; C:\Windows\System32\dsbrokerservice.dll [x]
2 spcsutilityservice; C:\Windows\System32\pavfnsvr.dll [x]
2 speedfan; C:\Windows\System32\amdagp.dll [x]
2 sscdmdm; C:\Windows\System32\pelmouse.dll [x]
2 ssrvc; C:\Windows\System32\ovmsmaccessmanager.dll [x]
2 streamloadservice; C:\Windows\System32\VrAcFil.dll [x]
2 stunnel; C:\Windows\System32\digictrl.dll [x]
2 stylexpservice; C:\Windows\System32\thinkpadmodemservice.dll [x]
2 susbser; C:\Windows\System32\viamraid.dll [x]
2 symantecantibotagent; C:\Windows\System32\cdralw2k.dll [x]
2 symantecantibotwatcher; C:\Windows\System32\addfiltr.dll [x]
2 symc810; C:\Windows\System32\Ptserlp.dll [x]
2 symc8xx; C:\Windows\System32\usnjsvc.dll [x]
2 sym_u3; C:\Windows\System32\vet-rec.dll [x]
2 sysdown; C:\Windows\System32\sqlserveragent.dll [x]
2 Tablet2k; C:\Windows\System32\wanarp.dll [x]
2 tappsrv; C:\Windows\System32\SRTSP.dll [x]
2 tfsnboio; C:\Windows\System32\s716nd5.dll [x]
2 thotkey; C:\Windows\System32\tifm21.dll [x]
2 thpsrv; C:\Windows\System32\AMDPCI.dll [x]
2 TMBUS; C:\Windows\System32\kpfwsvc.dll [x]
2 tme3srv; C:\Windows\System32\coste.dll [x]
2 tomcatcws3; C:\Windows\System32\tfsnudfa.dll [x]
2 toshidpt; C:\Windows\System32\intelroam.dll [x]
2 tosrfusb; C:\Windows\System32\CADlink.dll [x]
2 tphdexlgsvc; C:\Windows\System32\mwsejcap.dll [x]
2 TPM; C:\Windows\System32\service.dll [x]
2 transactional; C:\Windows\System32\JL2005C.dll [x]
2 TuneUp.Defrag; C:\Windows\System32\vclone.dll [x]
2 TuneUp.ProgramStatisticsSvc; C:\Windows\System32\EMSCR.dll [x]
2 tunmp; C:\Windows\System32\KMWDFilter.dll [x]
2 tvichw32; C:\Windows\System32\DM9102.dll [x]
2 U81xobex; C:\Windows\System32\d-link_st3402.dll [x]
2 UCTblHid; C:\Windows\System32\WUSB54Gv4SVC.dll [x]
2 ultra66; C:\Windows\System32\NWADI.dll [x]
2 upsentry_smart; C:\Windows\System32\DSDrv4.dll [x]
2 us30sys; C:\Windows\System32\winvnc.dll [x]
2 usb20l; C:\Windows\System32\smservauth.dll [x]
2 V0070VID; C:\Windows\System32\SABProcEnum.dll [x]
2 v124; C:\Windows\System32\pdlnsx25.dll [x]
2 VAIOMediaPlatform-PhotoServer-HTTP; C:\Windows\System32\ACDaemon.dll [x]
2 vaiomediaplatform-videoserver-appserver; C:\Windows\System32\aswlsvc.dll [x]
2 vcomm; C:\Windows\System32\AVerBDA.dll [x]
2 VirtualCam; C:\Windows\System32\fltmgr.dll [x]
2 VirtualFD; C:\Windows\System32\nvmd.dll [x]
2 vncdrv; C:\Windows\System32\websensewfreportserver.dll [x]
2 vproeventmonitor; C:\Windows\System32\tifsfilter.dll [x]
2 VrAcFil; C:\Windows\System32\SrvcSSIOMngr.dll [x]
2 vrmonsvc; C:\Windows\System32\aiclient.dll [x]
2 vulfnths; C:\Windows\System32\ELmon.dll [x]
2 w800obex; C:\Windows\System32\emAudio.dll [x]
3 wampapache; "c:\wamp\bin\apache\apache2.2.17\bin\httpd.exe" -k runservice [x]
3 wampmysqld; c:\wamp\bin\mysql\mysql5.5.8\bin\mysqld.exe wampmysqld [x]
2 webrootcommagentservice; C:\Windows\System32\cltnetcnservice.dll [x]
2 wfxsvc; C:\Windows\System32\bridge.dll [x]
2 WGX; C:\Windows\System32\schscnt.dll [x]
2 wlidsvc; C:\Windows\System32\dlacdbhm.dll [x]
2 wmccds; C:\Windows\System32\amfilter.dll [x]
2 wps; C:\Windows\System32\nv.dll [x]
2 XilinxPC4Driver; C:\Windows\System32\pxhelp20.dll [x]
2 z525bus; C:\Windows\System32\mgabg.dll [x]
2 zdeviceservice; C:\Windows\System32\MSMQTriggers.dll [x]
2 ZDPNDIS5; C:\Windows\System32\qmofiltr.dll [x]
2 ZDPSp50; C:\Windows\System32\se26nd5.dll [x]
2 zebrceb; C:\Windows\System32\ino_flpy.dll [x]
2 zntport; C:\Windows\System32\WBHWDOCT.dll [x]
2 ZSMC211; C:\Windows\System32\CAMCAUD.dll [x]
2 ZY202_XP; C:\Windows\System32\aswrdr.dll [x]
2 {6080a529-897e-4629-a488-aba0c29b635e}; C:\Windows\System32\nv_agp.dll [x]
==================== Drivers (Whitelisted) ====================
1 cbaltlhf; \??\C:\Windows\system32\drivers\cbaltlhf.sys [43480 2012-11-15] (Microsoft Corporation)
3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-05] (Intel Corporation)
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [22856 2012-09-29] (Malwarebytes Corporation)
3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2012-11-15] (Malwarebytes Corporation)
0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [171064 2012-03-20] (Microsoft Corporation)
3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [23920 2010-04-29] (MediaMall Technologies, Inc.)
3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [552448 2007-08-16] (Ralink Technology Corp.)
1 shsdulsr; \??\C:\Windows\system32\drivers\shsdulsr.sys [43480 2012-11-15] (Microsoft Corporation)
1 nwtawkmn; \??\C:\Windows\system32\drivers\nwtawkmn.sys [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
NETSVC: ami0nt -> C:\Windows\system32\nuvvid2.dll ==> No File.
NETSVC: tomcatcws3 -> C:\Windows\system32\tfsnudfa.dll ==> No File.
NETSVC: aswtdi -> C:\Windows\system32\vtserver.dll ==> No File.
NETSVC: mxserver -> C:\Windows\system32\ZSMC301b.dll ==> No File.
NETSVC: retroexplauncher -> C:\Windows\system32\avidsdmservice.dll ==> No File.
NETSVC: NITaggerService -> C:\Windows\system32\pxfhmdfl.dll ==> No File.
NETSVC: iAimFP7 -> C:\Windows\system32\ProcObsrv.dll ==> No File.
NETSVC: hf30service -> C:\Windows\system32\bt3cser.dll ==> No File.
NETSVC: TPM -> C:\Windows\system32\service.dll ==> No File.
NETSVC: symantecantibotwatcher -> C:\Windows\system32\addfiltr.dll ==> No File.
NETSVC: R300 -> C:\Windows\system32\procexp90.dll ==> No File.
NETSVC: HabuFltr -> C:\Windows\system32\lanmanserver.dll ==> No File.
NETSVC: lxbu_device -> C:\Windows\system32\sis315.dll ==> No File.
NETSVC: ifp800 -> C:\Windows\system32\vulfntrs.dll ==> No File.
NETSVC: flashpnt -> C:\Windows\system32\se2Cnd5.dll ==> No File.
NETSVC: atchksrv -> C:\Windows\system32\STV672.dll ==> No File.
NETSVC: ZDPNDIS5 -> C:\Windows\system32\qmofiltr.dll ==> No File.
NETSVC: kwatchsvc -> C:\Windows\system32\admservice.dll ==> No File.
NETSVC: lirsgt -> C:\Windows\system32\sentinel.dll ==> No File.
NETSVC: bocdrive -> C:\Windows\system32\anio.dll ==> No File.
NETSVC: vaiomediaplatform-videoserver-appserver -> C:\Windows\system32\aswlsvc.dll ==> No File.
NETSVC: RTHDMIAzAudService -> C:\Windows\system32\VC4CB104.dll ==> No File.
NETSVC: bb-run -> C:\Windows\system32\ATIVXSTW.dll ==> No File.
NETSVC: kpf4 -> C:\Windows\system32\bwmservice.dll ==> No File.
NETSVC: vcomm -> C:\Windows\system32\AVerBDA.dll ==> No File.
NETSVC: SNC -> C:\Windows\system32\profos.dll ==> No File.
NETSVC: zdeviceservice -> C:\Windows\system32\MSMQTriggers.dll ==> No File.
NETSVC: ZDPSp50 -> C:\Windows\system32\se26nd5.dll ==> No File.
NETSVC: curtainssyssvc -> C:\Windows\system32\PSSdk23.dll ==> No File.
NETSVC: ATKGFNEXSrv -> C:\Windows\system32\igfx.dll ==> No File.
NETSVC: apache2 -> C:\Windows\system32\prfldsvc.dll ==> No File.
NETSVC: fasttrackinstallerservice -> C:\Windows\system32\s125bus.dll ==> No File.
NETSVC: mdvrmng -> C:\Windows\system32\atimtag.dll ==> No File.
NETSVC: simbad -> C:\Windows\system32\MREMP50a64.dll ==> No File.
NETSVC: dpc_srv_webcast -> C:\Windows\system32\kl1.dll ==> No File.
NETSVC: webrootcommagentservice -> C:\Windows\system32\cltnetcnservice.dll ==> No File.
NETSVC: avc -> C:\Windows\system32\wdm_au8820.dll ==> No File.
NETSVC: vproeventmonitor -> C:\Windows\system32\tifsfilter.dll ==> No File.
NETSVC: tphdexlgsvc -> C:\Windows\system32\mwsejcap.dll ==> No File.
NETSVC: ovt519 -> C:\Windows\system32\wpsscannersvc.dll ==> No File.
NETSVC: tvichw32 -> C:\Windows\system32\DM9102.dll ==> No File.
NETSVC: avsvcmonitor -> C:\Windows\system32\vaiomediaplatform-photoserver-appserver.dll ==> No File.
NETSVC: LKbdFlt2 -> C:\Windows\system32\NWUSBPort.dll ==> No File.
NETSVC: cpqvcagent -> C:\Windows\system32\Xyz777s.dll ==> No File.
NETSVC: se44obex -> C:\Windows\system32\ELhid.dll ==> No File.
NETSVC: driverhardwarev2 -> C:\Windows\system32\gusvc.dll ==> No File.
NETSVC: NxFsMon -> C:\Windows\system32\npkcrypt.dll ==> No File.
NETSVC: sddmi2 -> C:\Windows\system32\EpmShd.dll ==> No File.
NETSVC: v124 -> C:\Windows\system32\pdlnsx25.dll ==> No File.
NETSVC: n558 -> C:\Windows\system32\symantecantibotshim.dll ==> No File.
NETSVC: ultra66 -> C:\Windows\system32\NWADI.dll ==> No File.
NETSVC: VirtualFD -> C:\Windows\system32\nvmd.dll ==> No File.
NETSVC: snapman -> C:\Windows\system32\nod32krn.dll ==> No File.
NETSVC: Dfs -> C:\Windows\system32\omniusbl.dll ==> No File.
NETSVC: thpsrv -> C:\Windows\system32\AMDPCI.dll ==> No File.
NETSVC: mqdmmdm -> C:\Windows\system32\NVR0Dev.dll ==> No File.
NETSVC: ZSMC211 -> C:\Windows\system32\CAMCAUD.dll ==> No File.
NETSVC: backupexecrpcservice -> C:\Windows\system32\rimusb.dll ==> No File.
NETSVC: nvedavt -> C:\Windows\system32\xusb21.dll ==> No File.
NETSVC: cq_mem -> C:\Windows\system32\asapiw2k.dll ==> No File.
NETSVC: penrendezvous -> C:\Windows\system32\toshidpt.dll ==> No File.
NETSVC: b57w2k -> C:\Windows\system32\TSHWMDTCP.dll ==> No File.
NETSVC: ntiopnp -> C:\Windows\system32\sony_ssm.sys.dll ==> No File.
NETSVC: zebrceb -> C:\Windows\system32\ino_flpy.dll ==> No File.
NETSVC: dot4ufd -> C:\Windows\system32\vulfnths.dll ==> No File.
NETSVC: aslm75 -> C:\Windows\system32\vmusb.dll ==> No File.
NETSVC: dklogger -> C:\Windows\system32\SMCB000.dll ==> No File.
NETSVC: sentinel -> C:\Windows\system32\p17.dll ==> No File.
NETSVC: SE27mdm -> C:\Windows\system32\dlbx_device.dll ==> No File.
NETSVC: F700imd -> C:\Windows\system32\oracleservicelocalora.dll ==> No File.
NETSVC: nidomainservice -> C:\Windows\system32\dashsvc.dll ==> No File.
NETSVC: O2SCBUS -> C:\Windows\system32\lockmgr.dll ==> No File.
NETSVC: shdserv -> C:\Windows\system32\WmBEnum.dll ==> No File.
NETSVC: OracleOraHome92ClientCache -> C:\Windows\system32\ovt519.dll ==> No File.
NETSVC: cpsvc -> C:\Windows\system32\wmdmpmsn.dll ==> No File.
NETSVC: VrAcFil -> C:\Windows\system32\SrvcSSIOMngr.dll ==> No File.
NETSVC: Atmuni -> C:\Windows\system32\epsonstatusagent2.dll ==> No File.
NETSVC: Ptserlp -> C:\Windows\system32\USB_RNDIS_XP.dll ==> No File.
NETSVC: bgsvcgen -> C:\Windows\system32\nhcDriverDevice.dll ==> No File.
NETSVC: DivisCTP -> C:\Windows\system32\itmrtsvc.dll ==> No File.
NETSVC: merakpop3 -> C:\Windows\system32\httpfilter.dll ==> No File.
NETSVC: Tablet2k -> C:\Windows\system32\wanarp.dll ==> No File.
NETSVC: DcCam -> C:\Windows\system32\ZY202_XP.dll ==> No File.
NETSVC: gs30s -> C:\Windows\system32\hamachi.dll ==> No File.
NETSVC: CcmExec -> C:\Windows\system32\PSSdk21.dll ==> No File.
NETSVC: rt2500 -> C:\Windows\system32\DXEC02.dll ==> No File.
NETSVC: admjoy -> C:\Windows\system32\WD_FireWire_HID.dll ==> No File.
NETSVC: upsentry_smart -> C:\Windows\system32\DSDrv4.dll ==> No File.
NETSVC: nimcrpcsu -> C:\Windows\system32\WinDriver6.dll ==> No File.
NETSVC: MSFWDrv -> C:\Windows\system32\armoucfltr.dll ==> No File.
NETSVC: crystaloutputfileserver -> C:\Windows\system32\rupsmon.dll ==> No File.
NETSVC: tunmp -> C:\Windows\system32\KMWDFilter.dll ==> No File.
NETSVC: JRAID -> C:\Windows\system32\vpctcom.dll ==> No File.
NETSVC: Shockprf -> C:\Windows\system32\cfgwzsvc.dll ==> No File.
NETSVC: ctusfsyn -> C:\Windows\system32\epsonbidirectionalservice.dll ==> No File.
NETSVC: FVXSCSI -> C:\Windows\system32\ultra66.dll ==> No File.
NETSVC: application -> C:\Windows\system32\w810mgmt.dll ==> No File.
NETSVC: tosrfusb -> C:\Windows\system32\CADlink.dll ==> No File.
NETSVC: btcsrusb -> C:\Windows\system32\xpadminserver.dll ==> No File.
NETSVC: PdiPorts -> C:\Windows\system32\spcstb.dll ==> No File.
NETSVC: M3AD -> C:\Windows\system32\cdr4_xp.dll ==> No File.
NETSVC: ntsecure -> C:\Windows\system32\kl1.dll ==> No File.
NETSVC: hpwirelessmgr -> C:\Windows\system32\mcredirector.dll ==> No File.
NETSVC: vncdrv -> C:\Windows\system32\websensewfreportserver.dll ==> No File.
NETSVC: contentindex -> C:\Windows\system32\xpadminserver.dll ==> No File.
NETSVC: lp6nds35 -> C:\Windows\system32\pae_avs.dll ==> No File.
NETSVC: 3comtftp -> C:\Windows\system32\mediaviewer.dll ==> No File.
NETSVC: stylexpservice -> C:\Windows\system32\thinkpadmodemservice.dll ==> No File.
NETSVC: SaiMini -> C:\Windows\system32\vclone.dll ==> No File.
NETSVC: toshidpt -> C:\Windows\system32\intelroam.dll ==> No File.
NETSVC: digictrl -> C:\Windows\system32\pavdrv.dll ==> No File.
NETSVC: TMBUS -> C:\Windows\system32\kpfwsvc.dll ==> No File.
NETSVC: k750bus -> C:\Windows\system32\licensemanagersocket.dll ==> No File.
NETSVC: atksgt -> C:\Windows\system32\lmimaint.dll ==> No File.
NETSVC: speedfan -> C:\Windows\system32\amdagp.dll ==> No File.
NETSVC: streamloadservice -> C:\Windows\system32\VrAcFil.dll ==> No File.
NETSVC: imonitor -> C:\Windows\system32\lirsgt.dll ==> No File.
NETSVC: ZY202_XP -> C:\Windows\system32\aswrdr.dll ==> No File.
NETSVC: DeviceScanner -> C:\Windows\system32\fsks.dll ==> No File.
NETSVC: mail2ec -> C:\Windows\system32\hidgame.dll ==> No File.
NETSVC: sym_u3 -> C:\Windows\system32\vet-rec.dll ==> No File.
NETSVC: usb20l -> C:\Windows\system32\smservauth.dll ==> No File.
NETSVC: ldlcserv -> C:\Windows\system32\lxrjd31s.dll ==> No File.
NETSVC: ino_flpy -> C:\Windows\system32\SymIM.dll ==> No File.
NETSVC: jsdaemon -> C:\Windows\system32\WmHidLo.dll ==> No File.
NETSVC: ARCSOFTVIRTUALCAPTURE -> C:\Windows\system32\w810mgmt.dll ==> No File.
NETSVC: HssSrv -> C:\Windows\system32\https-admserv61.dll ==> No File.
NETSVC: hsfhwazl -> C:\Windows\system32\rslinxng.dll ==> No File.
NETSVC: bdrsdrv -> C:\Windows\system32\Ld51ocnucsnp.dll ==> No File.
NETSVC: FTDIBUS -> C:\Windows\system32\RadProbe.dll ==> No File.
NETSVC: VirtualCam -> C:\Windows\system32\fltmgr.dll ==> No File.
NETSVC: pxhelp20 -> C:\Windows\system32\pvservice.dll ==> No File.
NETSVC: mcdbus -> C:\Windows\system32\wlluc48.dll ==> No File.
NETSVC: contentfilter -> C:\Windows\system32\i2omgmt.dll ==> No File.
NETSVC: symc810 -> C:\Windows\system32\Ptserlp.dll ==> No File.
NETSVC: ndassvc -> C:\Windows\system32\ZDCNDIS5.dll ==> No File.
NETSVC: HWIONT -> C:\Windows\system32\volsnap.dll ==> No File.
NETSVC: DSI_SiUSBXp_3_1 -> C:\Windows\system32\mraid35x.dll ==> No File.
NETSVC: JiaoCap -> C:\Windows\system32\VIAPFD.dll ==> No File.
NETSVC: spcsutilityservice -> C:\Windows\system32\pavfnsvr.dll ==> No File.
NETSVC: z525bus -> C:\Windows\system32\mgabg.dll ==> No File.
NETSVC: 3combootp -> C:\Windows\system32\HSFHWALI.dll ==> No File.
NETSVC: centennialiptransferagent -> C:\Windows\system32\asapiw2k.dll ==> No File.
NETSVC: tappsrv -> C:\Windows\system32\SRTSP.dll ==> No File.
NETSVC: L1e -> C:\Windows\system32\scanwscs.dll ==> No File.
NETSVC: rimvserport -> C:\Windows\system32\ql1080.dll ==> No File.
NETSVC: dsncservice -> C:\Windows\system32\snare.dll ==> No File.
NETSVC: wps -> C:\Windows\system32\nv.dll ==> No File.
NETSVC: backupclientsvc -> C:\Windows\system32\S7oppilx.dll ==> No File.
NETSVC: U81xobex -> C:\Windows\system32\d-link_st3402.dll ==> No File.
NETSVC: icraplus -> C:\Windows\system32\MA-620.dll ==> No File.
NETSVC: zntport -> C:\Windows\system32\WBHWDOCT.dll ==> No File.
NETSVC: dbmang -> C:\Windows\system32\papyjoy.dll ==> No File.
NETSVC: avg7rsw -> C:\Windows\system32\db2.dll ==> No File.
NETSVC: UCTblHid -> C:\Windows\system32\WUSB54Gv4SVC.dll ==> No File.
NETSVC: KLOGNT -> C:\Windows\system32\avfilter.dll ==> No File.
NETSVC: TuneUp.ProgramStatisticsSvc -> C:\Windows\system32\EMSCR.dll ==> No File.
NETSVC: mpfirewl -> C:\Windows\system32\QV2KUX.dll ==> No File.
NETSVC: mrobeservice -> C:\Windows\system32\siside.dll ==> No File.
NETSVC: thotkey -> C:\Windows\system32\tifm21.dll ==> No File.
NETSVC: ql1080 -> C:\Windows\system32\v124.dll ==> No File.
NETSVC: caccprovsp -> C:\Windows\system32\nuvvid2.dll ==> No File.
NETSVC: CnxTrUsb -> C:\Windows\system32\raspti.dll ==> No File.
NETSVC: ifxspmgtsrv -> C:\Windows\system32\ZSMC301b.dll ==> No File.
NETSVC: HSX_DP -> C:\Windows\system32\HFACSVC.dll ==> No File.
NETSVC: cpqdmi -> C:\Windows\system32\revudfservice.dll ==> No File.
NETSVC: se2End5 -> C:\Windows\system32\n3900.dll ==> No File.
NETSVC: LMouKE -> C:\Windows\system32\MXOPSWD.dll ==> No File.
NETSVC: i2omgmt -> C:\Windows\system32\redbook.dll ==> No File.
NETSVC: XilinxPC4Driver -> C:\Windows\system32\pxhelp20.dll ==> No File.
NETSVC: bthpan -> C:\Windows\system32\sfhlp01.dll ==> No File.
NETSVC: CDRPDACC -> C:\Windows\system32\MXOPSWD.dll ==> No File.
NETSVC: symc8xx -> C:\Windows\system32\usnjsvc.dll ==> No File.
NETSVC: p3 -> C:\Windows\system32\nhcDriverDevice.dll ==> No File.
NETSVC: nwlnkipx -> C:\Windows\system32\s3savagemx.dll ==> No File.
NETSVC: CoachVc -> C:\Windows\system32\NICM.dll ==> No File.
NETSVC: avsinc -> C:\Windows\system32\euq_monitor.dll ==> No File.
NETSVC: hap17v2k -> C:\Windows\system32\lxce_device.dll ==> No File.
NETSVC: motoswitchservice -> C:\Windows\system32\symlcbrd.dll ==> No File.
NETSVC: iolo_srv -> C:\Windows\system32\USIUDF.dll ==> No File.
NETSVC: dmload -> C:\Windows\system32\symc8xx.dll ==> No File.
NETSVC: Slntamr -> C:\Windows\system32\vpcbus.dll ==> No File.
NETSVC: Amsmpu4p -> C:\Windows\system32\a016bus.dll ==> No File.
NETSVC: WGX -> C:\Windows\system32\schscnt.dll ==> No File.
NETSVC: p2pgasvc -> C:\Windows\system32\XDva004.dll ==> No File.
NETSVC: sit_mdm -> C:\Windows\system32\MxlW2k.dll ==> No File.
NETSVC: ATIBTXBAR -> C:\Windows\system32\w3svc.dll ==> No File.
NETSVC: hSONYPVh -> C:\Windows\system32\cwafreportscheduler.dll ==> No File.
NETSVC: tme3srv -> C:\Windows\system32\coste.dll ==> No File.
NETSVC: slapd-data52 -> C:\Windows\system32\s125mdfl.dll ==> No File.
NETSVC: dvd-ram_service -> C:\Windows\system32\ifxspmgtsrv.dll ==> No File.
NETSVC: arp1394 -> C:\Windows\system32\AVRec.dll ==> No File.
NETSVC: CVPNDRVA -> C:\Windows\system32\CTDevice_Srv.dll ==> No File.
NETSVC: snoopfree -> C:\Windows\system32\dsbrokerservice.dll ==> No File.
NETSVC: netdetect -> C:\Windows\system32\asp.net_1.1.4322.dll ==> No File.
NETSVC: Nsynas32 -> C:\Windows\system32\atiavaiw.dll ==> No File.
NETSVC: LHidKe -> C:\Windows\system32\avidsdmservice.dll ==> No File.
NETSVC: cfsvcs -> C:\Windows\system32\nscirda.dll ==> No File.
NETSVC: hpqddsvc -> C:\Windows\system32\msmpsvc.dll ==> No File.
NETSVC: SE2Emgmt -> C:\Windows\system32\guardian2.dll ==> No File.
NETSVC: lvcomser -> C:\Windows\system32\sit_mdm.dll ==> No File.
NETSVC: ELacpi -> C:\Windows\system32\disk.dll ==> No File.
NETSVC: ftrtsvc -> C:\Windows\system32\ARPolicy.dll ==> No File.
NETSVC: eeyeevnt -> C:\Windows\system32\comhost.dll ==> No File.
NETSVC: CdaC15BA -> C:\Windows\system32\pxfhserd.dll ==> No File.
NETSVC: PTproct -> C:\Windows\system32\p1110vid.dll ==> No File.
NETSVC: transactional -> C:\Windows\system32\JL2005C.dll ==> No File.
NETSVC: Invoker -> C:\Windows\system32\hkmsvc.dll ==> No File.
NETSVC: CE3 -> C:\Windows\system32\CnxTrLan.dll ==> No File.
NETSVC: vrmonsvc -> C:\Windows\system32\aiclient.dll ==> No File.
NETSVC: parallel -> C:\Windows\system32\fsssvc.dll ==> No File.
NETSVC: bmuservice -> C:\Windows\system32\AKSIFDH.dll ==> No File.
NETSVC: smrt -> C:\Windows\system32\Epiusb.dll ==> No File.
NETSVC: aexnsclient -> C:\Windows\system32\bgs_sdservice.dll ==> No File.
NETSVC: NWSIPX32 -> C:\Windows\system32\SrvcEPECioctl.dll ==> No File.
NETSVC: iaantmon -> C:\Windows\system32\gv3.dll ==> No File.
NETSVC: us30sys -> C:\Windows\system32\winvnc.dll ==> No File.
NETSVC: se2Bunic -> C:\Windows\system32\mqdmbus.dll ==> No File.
NETSVC: FireTDI -> C:\Windows\system32\GTSCSER.dll ==> No File.
NETSVC: QPCapSvc -> C:\Windows\system32\qcmerced.dll ==> No File.
NETSVC: mcods -> C:\Windows\system32\atitool.dll ==> No File.
NETSVC: ssrvc -> C:\Windows\system32\ovmsmaccessmanager.dll ==> No File.
NETSVC: prism_a02 -> C:\Windows\system32\Intels51.dll ==> No File.
NETSVC: SE26obex -> C:\Windows\system32\lockmgr.dll ==> No File.
NETSVC: sscdmdm -> C:\Windows\system32\pelmouse.dll ==> No File.
NETSVC: VAIOMediaPlatform-PhotoServer-HTTP -> C:\Windows\system32\ACDaemon.dll ==> No File.
NETSVC: d-link_st3402 -> C:\Windows\system32\ageremodemaudio.dll ==> No File.
NETSVC: hcmon -> C:\Windows\system32\s616mdfl.dll ==> No File.
NETSVC: ACDaemon -> C:\Windows\system32\emAudio.dll ==> No File.
NETSVC: cisvc -> No Registry Path.
NETSVC: lwwlicenseservice -> C:\Windows\system32\earthlinksafeconnectagent.dll ==> No File.
NETSVC: procmon10 -> C:\Windows\system32\iaimfp3.dll ==> No File.
NETSVC: MRENDIS5 -> C:\Windows\system32\nvax.dll ==> No File.
NETSVC: cbidf -> C:\Windows\system32\usbvideo.dll ==> No File.
NETSVC: adsservice -> C:\Windows\system32\vwlogger.dll ==> No File.
NETSVC: ngserver -> C:\Windows\system32\noipducservice.dll ==> No File.
NETSVC: iolodmv -> C:\Windows\system32\ibmasrex.dll ==> No File.
NETSVC: lhidflt2 -> C:\Windows\system32\rsvchost.dll ==> No File.
NETSVC: w800obex -> C:\Windows\system32\emAudio.dll ==> No File.
NETSVC: Ncrc710 -> C:\Windows\system32\ulcdrhlp.dll ==> No File.
NETSVC: wmccds -> C:\Windows\system32\amfilter.dll ==> No File.
NETSVC: {6080a529-897e-4629-a488-aba0c29b635e} -> C:\Windows\system32\nv_agp.dll ==> No File.
NETSVC: Pctspk -> C:\Windows\system32\trackcam4.dll ==> No File.
NETSVC: pmsveh -> C:\Windows\system32\wmp54gsvc.dll ==> No File.
NETSVC: vulfnths -> C:\Windows\system32\ELmon.dll ==> No File.
NETSVC: SimpTcp -> C:\Windows\system32\avgntflt.dll ==> No File.
NETSVC: CTHWIUT.DLL -> C:\Windows\system32\DN2AKNET.dll ==> No File.
NETSVC: abnetmon -> C:\Windows\system32\aeclienthostservice.dll ==> No File.
NETSVC: prosync1 -> C:\Windows\system32\emproxy.dll ==> No File.
NETSVC: LPDSVC -> C:\Windows\system32\raidmagt.dll ==> No File.
NETSVC: rxfilter -> C:\Windows\system32\slee_503_service.dll ==> No File.
NETSVC: epfwtdi -> C:\Windows\system32\sfng32.dll ==> No File.
NETSVC: RTL8169 -> C:\Windows\system32\bb-run.dll ==> No File.
NETSVC: TuneUp.Defrag -> C:\Windows\system32\vclone.dll ==> No File.
NETSVC: tfsnboio -> C:\Windows\system32\s716nd5.dll ==> No File.
NETSVC: symantecantibotagent -> C:\Windows\system32\cdralw2k.dll ==> No File.
NETSVC: ooclevercacheagent -> C:\Windows\system32\s116mgmt.dll ==> No File.
NETSVC: bgmainsvc -> C:\Windows\system32\mnmsrvc.dll ==> No File.
NETSVC: GVCplDrv -> C:\Windows\system32\snpstd2.dll ==> No File.
NETSVC: DNE -> C:\Windows\system32\naimagent32.dll ==> No File.
NETSVC: modemcsa -> C:\Windows\system32\trufos.dll ==> No File.
NETSVC: V0070VID -> C:\Windows\system32\SABProcEnum.dll ==> No File.
NETSVC: nwlnkspx -> C:\Windows\system32\se59unic.dll ==> No File.
NETSVC: ikfilesec -> C:\Windows\system32\akshasp.dll ==> No File.
NETSVC: rtl8023 -> C:\Windows\system32\suservice.dll ==> No File.
NETSVC: CTMMOUNT -> C:\Windows\system32\V0070VID.dll ==> No File.
NETSVC: dwusbdnt -> C:\Windows\system32\pavfnsvr.dll ==> No File.
NETSVC: dbmanagerscheduler -> C:\Windows\system32\btkrnl.dll ==> No File.
NETSVC: maxbackserviceint -> C:\Windows\system32\oracle_load_balancer_60_client-forms6ip14.dll ==> No File.
NETSVC: susbser -> C:\Windows\system32\viamraid.dll ==> No File.
NETSVC: wfxsvc -> C:\Windows\system32\bridge.dll ==> No File.
NETSVC: MREMP50a64 -> C:\Windows\system32\ppa3.dll ==> No File.
NETSVC: odserv -> C:\Windows\system32\dsbrokerservice.dll ==> No File.
NETSVC: roxupnprenderer -> C:\Windows\system32\nvport.dll ==> No File.
NETSVC: armoucfltr -> C:\Windows\system32\NETGEAR_MA111.dll ==> No File.
NETSVC: s616mgmt -> C:\Windows\system32\FETNDISB.dll ==> No File.
NETSVC: hsvcmod -> C:\Windows\system32\k750mdfl.dll ==> No File.
NETSVC: minilog -> C:\Windows\system32\prosync1.dll ==> No File.
NETSVC: db2 -> C:\Windows\system32\RecAgent.dll ==> No File.
NETSVC: dlbx_device -> C:\Windows\system32\aslm75.dll ==> No File.
NETSVC: MSFWHLPR -> C:\Windows\system32\ELacpi.dll ==> No File.
NETSVC: ikhlayer -> C:\Windows\system32\RVIEG01.dll ==> No File.
NETSVC: client32 -> C:\Windows\system32\mysql.dll ==> No File.
NETSVC: lvhidsvc -> C:\Windows\system32\Ktp.dll ==> No File.
NETSVC: meiudf -> C:\Windows\system32\dladresm.dll ==> No File.
NETSVC: stunnel -> C:\Windows\system32\digictrl.dll ==> No File.
NETSVC: sysdown -> C:\Windows\system32\sqlserveragent.dll ==> No File.
NETSVC: mvserver -> C:\Windows\system32\F700imd.dll ==> No File.
NETSVC: ltxred -> C:\Windows\system32\bdftdif.dll ==> No File.
NETSVC: smwdm -> C:\Windows\system32\ELhid.dll ==> No File.
NETSVC: SE2Cmgmt -> C:\Windows\system32\SPCtl.dll ==> No File.
NETSVC: mfeavfk -> C:\Windows\system32\iwebmsg.dll ==> No File.
==================== One Month Created Files and Folders ========
2012-11-15 21:54 - 2012-11-15 21:54 - 00000000 ____D C:\FRST
2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\shsdulsr.sys
2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cbaltlhf.sys
2012-11-15 21:36 - 2012-11-15 21:36 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
==================== One Month Modified Files and Folders ========
2012-11-15 21:54 - 2012-11-15 21:54 - 00000000 ____D C:\FRST
2012-11-15 21:48 - 2011-08-03 23:31 - 00733518 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\shsdulsr.sys
2012-11-15 21:44 - 2012-11-15 21:44 - 00043480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cbaltlhf.sys
2012-11-15 21:41 - 2012-01-13 22:48 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-15 21:40 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-15 21:40 - 2009-07-13 20:39 - 00067796 ____A C:\Windows\setupact.log
2012-11-15 21:36 - 2012-11-15 21:36 - 00040776 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys
2012-11-15 21:36 - 2012-01-13 22:48 - 00000882 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-15 21:32 - 2011-08-08 11:48 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2012-11-15 21:31 - 2009-07-13 20:34 - 00013936 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-15 21:31 - 2009-07-13 20:34 - 00013936 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-15 21:25 - 2011-08-03 23:21 - 01478198 ____A C:\Windows\WindowsUpdate.log
ZeroAccess:
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\@
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L\00000004.@
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L\201d3dde
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U\80000000.@
C:\Windows\Installer\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U\80000032.@
ZeroAccess:
C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}
C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\@
C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\L
C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\n
C:\Users\Josh\AppData\Local\{e607dfe8-3289-2710-0a52-1b6a9c07c350}\U
ZeroAccess:
C:\Windows\assembly\GAC\Desktop.ini
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe A302BBFF2A7278C0E239EE5D471D86A9 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-08-08 02:28:35
Restore point made on: 2012-08-15 23:00:22
Restore point made on: 2012-08-17 13:29:06
==================== Memory info ===========================
Percentage of memory in use: 12%
Total physical RAM: 4029.93 MB
Available physical RAM: 3523.66 MB
Total Pagefile: 4028.2 MB
Available Pagefile: 3529.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.62 MB
==================== Partitions =============================
1 Drive c: () (Fixed) (Total:465.66 GB) (Free:102.95 GB) NTFS
2 Drive d: (Big Daddy) (Fixed) (Total:1863.01 GB) (Free:649.82 GB) NTFS
4 Drive g: (GB) (Removable) (Total:0.99 GB) (Free:0.98 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 1863 GB 0 B
Disk 2 Online 1009 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 465 GB 101 MB
=========================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 465 GB Healthy
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1863 GB 1024 KB
=========================================================
Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D Big Daddy NTFS Partition 1863 GB Healthy
=========================================================
Partitions of Disk 2:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1009 MB 16 KB
=========================================================
Disk: 2
Partition 1
Type : 06
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G GB FAT Removable 1009 MB Healthy
=========================================================
Last Boot: 2012-08-16 23:03
==================== End Of Log ============================
Farbar Recovery Scan Tool (x86) Version: 12-11-2012
Ran by SYSTEM at 2012-11-15 21:58:59
Running from G:\
================== Search: "services.exe" ===================
C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2009-07-13 15:11] - [2009-07-13 17:14] - 0259072 ____A (Microsoft Corporation) 5F1B6A9C35D3D5CA72D6D6FDEF9747D6
C:\Windows\System32\services.exe
[2009-07-13 15:11] - [2012-08-19 20:42] - 0259072 ____A (Microsoft Corporation) A302BBFF2A7278C0E239EE5D471D86A9
=== End Of Search ===