Solved Malware problem maybe more?

billyd · May 13, 2012

hi,

a couple of months ago I switched from microsoft essentials to panda global protection! I started having BSOD crashes . after a short time working with panda problem was not solved. but happened alot less often. as time went on I noticed other things acting up . mouse going right click all the time , redirects on web pages. decided panda wasn't cutting it so bought ESET Sart security! installed today. scan found somethings it couldn't remove.

billyd · May 13, 2012

malwarebytes quick scan log

Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.05.13.04
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
William :: WILLIAM-PC [administrator]
Protection: Disabled
5/13/2012 7:47:18 PM
mbam-log-2012-05-13 (19-47-18).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 186045
Time elapsed: 6 minute(s), 51 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

billyd · May 13, 2012

GMER log let me know if I'm doing this wrong!

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-05-13 20:01:35
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 ST9160821AS rev.3.BHD
Running: oibfjxod.exe; Driver: C:\Users\William\AppData\Local\Temp\pwriyfod.sys

---- Processes - GMER 1.0.15 ----
Process PING.EXE (*** hidden *** ) 3076
Process PING.EXE (*** hidden *** ) 5420
---- EOF - GMER 1.0.15 ----

billyd · May 13, 2012

dds logs

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by William at 20:59:15 on 2012-05-13
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.1092 [GMT -4:00]
.
AV: Panda Global Protection 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
SP: Panda Global Protection 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
.
============== Running Processes ===============
.
C:\Windows\SYSTEM32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\dlbacoms.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\Dwm.exe
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Windows\SYSTEM32\taskeng.exe
C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\TeamViewer\Version4\TeamViewer.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\mobsync.exe
C:\Windows\System32\alg.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uWindow Title = Microsoft Internet Explorer
uURLSearchHooks: H - No File
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [Google Update] "c:\users\william\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\ssv.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
LSP: mswsock.dll
Trusted Zone: intuit.com\ttlc
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{431E6B66-43D9-4C45-9390-7F4CABDE6BF8} : DhcpNameServer = 192.168.1.1
Notify: igfxcui - igfxdev.dll
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-12-21 115008]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2010-12-21 41336]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-5-13 40776]
S2 avg7rsw;Aec;c:\windows\system32\svchost.exe -k netsvcs [2011-12-16 21504]
S2 avg7updsvc;HBtnKey;c:\windows\system32\svchost.exe -k netsvcs [2011-12-16 21504]
S2 avgarcln;SE2Cmdfl;c:\windows\system32\svchost.exe -k netsvcs [2011-12-16 21504]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-4 257696]
.
=============== Created Last 30 ================
.
2012-05-14 00:49:18 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-05-13 23:46:03 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-13 23:46:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-13 17:41:45 -------- d-----w- c:\users\william\appdata\roaming\ESET
2012-05-13 17:41:45 -------- d-----w- c:\users\william\appdata\local\ESET
2012-05-13 17:30:42 -------- d-----w- c:\program files\Windows Resource Kits
2012-05-12 23:11:37 -------- d-----w- c:\program files\ESET
2012-05-11 01:11:52 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-11 01:11:52 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-11 01:11:51 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-05-05 22:42:10 -------- d-----w- c:\program files\Sherlock Holmes and the Hound of the Baskervilles
2012-04-22 23:44:40 -------- d-sh--w- C:\found.000
2012-04-22 19:14:07 -------- d-----w- c:\programdata\Kaspersky Lab
.
==================== Find3M ====================
.
2012-05-13 23:35:22 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-05-05 16:58:21 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-05 16:58:21 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-03-30 12:39:11 914304 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-03-29 13:39:19 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-03-28 16:09:16 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-20 23:28:50 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-03-01 14:46:01 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2012-03-01 14:46:01 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2012-02-29 15:11:45 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-29 15:11:42 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 15:09:53 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 14:08:47 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2012-02-29 13:44:50 683008 ----a-w- c:\windows\system32\d2d1.dll
2012-02-29 13:41:40 1069056 ----a-w- c:\windows\system32\DWrite.dll
2012-02-29 13:32:37 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-02-28 01:18:55 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-25 19:19:08 121208 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2012-02-23 14:18:36 237072 ------w- c:\windows\system32\MpSigStub.exe
.
============= FINISH: 21:01:32.04 ===============

billyd · May 13, 2012

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/14/2011 2:09:22 PM
System Uptime: 5/13/2012 7:34:44 PM (2 hours ago)
.
Motherboard: Dell Inc. | | 0UK439
Processor: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz | Microprocessor | 2000/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 141 GiB total, 38.999 GiB free.
D: is FIXED (NTFS) - 8 GiB total, 1.753 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP196: 5/9/2012 1:24:09 AM - Scheduled Checkpoint
RP197: 5/11/2012 3:00:13 AM - Windows Update
RP198: 5/11/2012 9:34:31 PM - Scheduled Checkpoint
RP200: 5/12/2012 7:10:16 PM - Installed ESET Smart Security
RP201: 5/12/2012 7:17:07 PM - Installed ESET Smart Security
RP202: 5/12/2012 7:24:48 PM - Installed ESET Smart Security
RP203: 5/12/2012 7:31:05 PM - Installed ESET Smart Security
RP204: 5/12/2012 7:38:55 PM - Installed ESET Smart Security
RP205: 5/12/2012 7:42:13 PM - Installed ESET Smart Security
RP206: 5/12/2012 7:43:24 PM - Windows Update
RP207: 5/12/2012 7:55:54 PM - Installed ESET Smart Security
RP208: 5/12/2012 8:02:40 PM - Installed ESET Smart Security
RP209: 5/12/2012 8:24:09 PM - Installed ESET Smart Security
RP210: 5/12/2012 8:27:38 PM - Installed ESET Smart Security
RP211: 5/12/2012 8:44:47 PM - Installed ESET Smart Security
RP212: 5/13/2012 1:00:05 PM - Installed ESET Smart Security
RP213: 5/13/2012 1:29:47 PM - Installed Windows Resource Kit Tools - SubInAcl.exe
RP214: 5/13/2012 1:38:23 PM - Installed ESET Smart Security
.
==== Installed Programs ======================
.
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.6
AirXonix version 1.40
AnyDVD
Application Verifier
Awakening: The Dreamless Castle
Ball Breaker 3D
Big Fish Games: Game Manager
CCleaner
CDBurnerXP
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CleanUp!
CloneDVD2
ConvertXtoDVD 4.1.19.365
Debugging Tools for Windows (x86)
Defraggler
Dell Wireless WLAN Card
DivX Setup
DVDFab 8.1.5.9 (20/01/2012) Qt
DX-Ball 2 v1.25
Elven Mists
ESET Smart Security
Foxit Reader 5.1
FrostWire 5.3.2
Google Chrome
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
ImgBurn
Intel(R) Graphics Media Accelerator Driver
Java(TM) 6 Update 31
K-Lite Codec Pack 5.2.0 (Standard)
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Choice Guard
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Windows Performance Toolkit
Microsoft Windows SDK for Windows 7 (7.1)
Microsoft Windows SDK for Windows 7 Common Utilities (30514)
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514)
Microsoft Windows SDK for Windows 7 Samples (30514)
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514)
Nightfall Mysteries: Asylum Conspiracy
QuickPar 0.9
RICOH Media Driver ver.2.07.01.04
RICOH R5U8xx Media Driver ver.3.62.02
SCREENSEVEN GAME CENTER
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Sherlock Holmes and the Hound of the Baskervilles
swMSM
TeamViewer 4
Temple of Life: The Legend of Four Elements Collector's Edition
Treasure Island 2
Turbo Tourney 2012
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wohiper
TurboTax 2011 wrapper
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VC80CRTRedist - 8.0.50727.6195
WinASO Registry Optimizer 4.7.5
Windows Live Essentials
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Live Writer
Windows Resource Kit Tools - SubInAcl.exe
WinRAR archiver
Wonderlines
.
==== Event Viewer Messages From Past Week ========
.
5/9/2012 9:57:58 AM, Error: EventLog [6008] - The previous system shutdown at 9:56:48 AM on 5/9/2012 was unexpected.
5/8/2012 4:33:51 AM, Error: EventLog [6008] - The previous system shutdown at 4:32:20 AM on 5/8/2012 was unexpected.
5/8/2012 4:15:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service v4 service to connect.
5/8/2012 4:15:47 PM, Error: Service Control Manager [7000] - The Intuit Update Service v4 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/8/2012 4:11:51 PM, Error: EventLog [6008] - The previous system shutdown at 4:10:26 PM on 5/8/2012 was unexpected.
5/8/2012 3:39:38 AM, Error: Schannel [36874] - An SSL connection request was received from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed.
5/8/2012 2:45:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
5/8/2012 2:45:22 PM, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/8/2012 2:40:34 PM, Error: EventLog [6008] - The previous system shutdown at 2:38:46 PM on 5/8/2012 was unexpected.
5/7/2012 7:02:23 PM, Error: EventLog [6008] - The previous system shutdown at 6:45:25 PM on 5/7/2012 was unexpected.
5/7/2012 6:42:38 PM, Error: EventLog [6008] - The previous system shutdown at 6:41:07 PM on 5/7/2012 was unexpected.
5/7/2012 1:34:10 PM, Error: Service Control Manager [7022] - The Panda On-Access Anti-Malware Service service hung on starting.
5/7/2012 1:32:12 PM, Error: EventLog [6008] - The previous system shutdown at 1:24:47 PM on 5/7/2012 was unexpected.
5/6/2012 8:44:55 AM, Error: EventLog [6008] - The previous system shutdown at 8:42:27 AM on 5/6/2012 was unexpected.
5/13/2012 9:01:08 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume \Device\HarddiskVolume1.
5/13/2012 8:07:18 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ZTEusbnmea service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Zppinger service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Zebrsce service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ZBackupAssistService service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The XTrapD12 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The XFX_program service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The WUSB54Gv4SVC service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wudfpf service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wpsscannersvc service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The WmVirHid service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wmp54gv4svc service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The WMIService service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wmconnectcds service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wg111nd5 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Websensecamreportserver service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Webrootspysweeperservice service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wceusbsh service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Wanatw service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The W810obex service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vulfnths service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vtserver service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vmx86 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vmparport service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vmnetadapter service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Video3D service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Vhidmini service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The USBVCD service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Usbio service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The UMPass service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The UDFReadr service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Tsmapip service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Toscosrv service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The TNaviSrv service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The TMMEmu service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The TMBUS service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Tfsndrct service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The TcpipBM service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The TBPanel service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Tandpl service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sysmonlog service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Symtdi service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Suservice service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Streamip service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Stcagent service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Statusagent service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sscdmdfl service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ss_mdm service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SrvcEPECioctl service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SRTSP service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Srservice service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Srescan service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sqlagent$sony_mediamgr service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SPFDRV service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sonypvs1 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SNTIE service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Snoopfreesvc service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Smtpd32 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sfilter service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sfhlp02 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Servicelayer service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SECYPUSB service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Se59unic service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Se59bus service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Se2Cnd5 service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SE2Cmdfl service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Se2Bnd5 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SE2Bmdm service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The SE26mdm service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ScanUSBEMPIA service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sandrathesrv service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Sandradatasrv service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The RVIEG01 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rupsd service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rt2500usb service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rrspy service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rrrspy service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Roxmediadb service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rollbackclientservice service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ROB_V service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The RIOUNIV service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Rfcomm service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Retroexplauncher service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The QV2KUX service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ql2100 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ql10wnt service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The PSSdk23 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Proxyhostmirrordisplay service terminated with the following error: The specified module could not be found.

billyd · May 13, 2012

cont.

5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Procexp111 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The PNDIS5 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Phnxvcdservice service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The PEVSystemStart service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Pepifilter service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Pdlnctdl service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Pdengine service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Padfsvr service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The P17xfilt service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ozoneinstallerservice service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The OVT511Plus service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Oracleformsserver-forms60server-oraform service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ooclevercacheagent service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Omnidrv service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Olregcap service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ofcpfwsvc service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The OEM02Vfx service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Odclientservice service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The NWUSBPort service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Nwcworkstation service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The NWADI service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Nvpvrmon service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Nvnetbus service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ntsyslog service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Nsm1bus service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Nipsvc service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Niorbk service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The NICSer_WPC300N service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The NETMDUSB service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mxssvr service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mvc25U870_VID_1262&PID_25FD service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mssql$pinnaclesys service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The MSSQL$MSSMLBIZ service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The MSMQTriggers service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Msmframework service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The MSFWDrv service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mscsptisrv service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mpe service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mnsframework service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mindrepair service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mi-raysat_3dsmax8 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mhndrv service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Merakpop3 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Mdmxsdk service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The McciCMService service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The MaRdPnp service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The MA_CMIDI service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Lxda_device service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Lxby_device service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Lxbt_device service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The LKbdFlt2 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Lilsgt service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The LHidFilt service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The L1e service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The K750mdfl service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The iwebmsg service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ISODrive service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ipsecmon service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The IPFilter service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The IOSLINK service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The IntuitUpdateService service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The InterBaseServer service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Interactivelogon service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Inorpc service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The InCDsrvR service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Igniteservice.exe service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Idisw2km service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ibmsmbus service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ibmasrex service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The IAimFP6 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Hcf_msft service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The HBtnKey service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The GT891x service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The FsVga service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Flutilssvc service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Fix service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Fasttx2k service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Fasttraksvc service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Fallback service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Exportit service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Evteng service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Eskerlicensecontrol service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Emu10k service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Elotouchscreen service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The DVDVRRdr_xp service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dtscsi service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dmserver service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dmio service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dmadmin service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The DLH5X service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Djsnetcn service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dcpflics service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dcfssvc service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The DCamUSBGrandTek service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dbmang service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Db2governor service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Datasvr service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Dac960nt service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cvintdrv service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ctprxy2k service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The CTAUDFX.DLL service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cqcpu service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The CoachAud service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cnxtdiag service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cltnetcnservice service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cebdaldr service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The CDRPDACC service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cdr4_xp service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The CdaD10BA service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The CdaC15BA service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ccs service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Ccproxy service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Carboncopy32 service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cacheserver service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Cachemgr service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Caboagp service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Btwdndis service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The BsHelpCS service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The BootScreen service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Blueservice service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The BLKWGU(Belkin) service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Bjmcmng service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Bdrsdrv service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Bcserver service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Basfipm service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Backupexecnamingservice service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Avipbb service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Avgmfx86 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Avfilter service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Automate6 service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ATKGFNEXSrv service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The ASUSVRC service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Asusgsb service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The AsDsm service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The As32svc service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Aha154x service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Aec service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The AEAudioService service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Adobeactivefilemonitor5.0 service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The Acpiec service terminated with the following error: The system cannot find the file specified.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The A8djusb service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7023] - The A016mgmt service terminated with the following error: The specified module could not be found.
5/13/2012 7:36:47 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
5/13/2012 2:22:08 PM, Error: Service Control Manager [7023] - The Msk80service service terminated with the following error: The specified module could not be found.
5/13/2012 2:22:08 PM, Error: Service Control Manager [7023] - The Freepops service terminated with the following error: The specified module could not be found.
5/13/2012 2:22:08 PM, Error: Service Control Manager [7023] - The CXAVXBAR service terminated with the following error: The specified module could not be found.
5/13/2012 2:22:08 PM, Error: Service Control Manager [7023] - The BoiHwsetup service terminated with the following error: The specified module could not be found.
5/13/2012 2:22:08 PM, Error: Service Control Manager [7023] - The A016mdfl service terminated with the following error: The specified module could not be found.
5/13/2012 2:20:34 PM, Error: EventLog [6008] - The previous system shutdown at 2:19:33 PM on 5/13/2012 was unexpected.
5/13/2012 12:57:10 PM, Error: Service Control Manager [7023] - The EL90X service terminated with the following error: The specified module could not be found.
5/13/2012 12:57:10 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
5/13/2012 12:55:41 PM, Error: EventLog [6008] - The previous system shutdown at 12:54:09 PM on 5/13/2012 was unexpected.
5/13/2012 1:53:25 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\SystemRoot\System32\Config\RegBack\COMPONENTS' was corrupted and it has been recovered. Some data might have been lost.
5/13/2012 1:41:19 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
5/13/2012 1:40:26 PM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Vpnva service terminated with the following error: The specified module could not be found.
5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Streamloadservice service terminated with the following error: The specified module could not be found.
5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Sr_service service terminated with the following error: The specified module could not be found.
5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Nm service terminated with the following error: The specified module could not be found.
5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Issvc service terminated with the following error: The specified module could not be found.
5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Ec2007service service terminated with the following error: The specified module could not be found.
5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The Dpfusmgr service terminated with the following error: The specified module could not be found.
5/13/2012 1:38:21 PM, Error: Service Control Manager [7023] - The CTSYN service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Zpjava service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Vmnetdhcp service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Uhcd service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The U81xmdfl service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The TcUsb service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Slapd-config52 service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The SANDRA service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Rp32service service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The R300 service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Pinetmgr service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The MobilityService service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Mgabgexe service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Lvsrvlauncher service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Ipodsrv service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Invoker service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Gdrv service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The FTSER2K service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Fsdfwd service terminated with the following error: The specified module could not be found.
5/13/2012 1:35:15 PM, Error: Service Control Manager [7023] - The Crystalaps service terminated with the following error: The specified module could not be found.
5/13/2012 1:02:06 PM, Error: Service Control Manager [7003] - The epfwwfp service depends the following service: BFE. This service might not be installed.
5/12/2012 9:14:41 PM, Error: Service Control Manager [7023] - The Rupsmon service terminated with the following error: The specified module could not be found.
5/12/2012 9:14:41 PM, Error: Service Control Manager [7023] - The Mwssched service terminated with the following error: The specified module could not be found.
5/12/2012 9:14:41 PM, Error: Service Control Manager [7023] - The Dmisrv service terminated with the following error: The specified module could not be found.
5/12/2012 9:14:41 PM, Error: Service Control Manager [7023] - The BCMWLNPF service terminated with the following error: The specified module could not be found.
5/12/2012 9:14:41 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
5/12/2012 9:13:00 PM, Error: EventLog [6008] - The previous system shutdown at 9:12:08 PM on 5/12/2012 was unexpected.
5/12/2012 7:07:17 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Installer service, but this action failed with the following error: An instance of the service is already running.
5/12/2012 7:05:17 PM, Error: Service Control Manager [7031] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
5/12/2012 6:43:45 PM, Error: Service Control Manager [7023] - The Videoacceleratorengine service terminated with the following error: The specified module could not be found.
5/12/2012 3:59:09 AM, Error: Service Control Manager [7000] - The BCM42RLY service failed to start due to the following error: The system cannot find the file specified.
5/12/2012 3:56:42 AM, Error: EventLog [6008] - The previous system shutdown at 3:55:02 AM on 5/12/2012 was unexpected.
5/11/2012 11:46:07 AM, Error: EventLog [6008] - The previous system shutdown at 11:44:05 AM on 5/11/2012 was unexpected.
5/10/2012 4:45:57 AM, Error: EventLog [6008] - The previous system shutdown at 4:44:45 AM on 5/10/2012 was unexpected.
5/10/2012 4:43:52 AM, Error: EventLog [6008] - The previous system shutdown at 4:41:43 AM on 5/10/2012 was unexpected.
5/10/2012 4:10:12 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
5/10/2012 4:10:12 AM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/10/2012 4:08:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
5/10/2012 4:08:50 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/10/2012 4:08:20 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect.
5/10/2012 4:08:20 AM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
5/10/2012 4:07:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
5/10/2012 4:04:51 AM, Error: EventLog [6008] - The previous system shutdown at 4:03:06 AM on 5/10/2012 was unexpected.
5/10/2012 3:51:41 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {9BA05972-F6A8-11CF-A442-00A0C90A8F39} to the user William-PC\William SID (S-1-5-21-1815498000-2833343681-1250068786-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
.
==== End Of File ===========================

Broni · May 13, 2012

Welcome aboard

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running tools or applying updates other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===========================================================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

======================================================================

Download Bootkit Remover to your desktop.

Unzip downloaded file to your Desktop.
Double-click on boot_cleaner.exe to run the program (Vista/7 users,right click on boot_cleaner.exe and click Run As Administrator).
It will show a Black screen with some data on it.
Right click on the screen and click Select All.
Press CTRL+C
Open a Notepad and press CTRL+V
Post the output back here.

billyd · May 14, 2012

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-13 23:40:10
-----------------------------
23:40:10.915 OS Version: Windows 6.0.6002 Service Pack 2
23:40:10.915 Number of processors: 2 586 0xF0D
23:40:10.917 ComputerName: WILLIAM-PC UserName: William
23:40:17.167 Initialize success
23:42:23.074 AVAST engine defs: 12051301
23:46:47.236 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
23:46:47.239 Disk 0 Vendor: ST9160821AS 3.BHD Size: 152627MB BusType: 3
23:46:47.266 Disk 0 MBR read successfully
23:46:47.269 Disk 0 MBR scan
23:46:47.277 Disk 0 Windows VISTA default MBR code
23:46:47.282 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 144231 MB offset 63
23:46:47.316 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 8393 MB offset 295387155
23:46:47.353 Disk 0 scanning sectors +312576705
23:46:47.527 Disk 0 scanning C:\Windows\system32\drivers
23:47:22.376 Service scanning
23:47:56.872 Modules scanning
23:48:16.490 Module: C:\Windows\System32\DRIVERS\netbt.sys **SUSPICIOUS**
23:48:26.189 Disk 0 trace - called modules:
23:48:26.253 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x86d19fd0]<<
23:48:26.262 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a99ac8]
23:48:26.271 3 CLASSPNP.SYS[8a5a78b3] -> nt!IofCallDriver -> [0x86bd2030]
23:48:26.279 \Driver\00001772[0x86b8adf0] -> IRP_MJ_CREATE -> 0x86d19fd0
23:48:28.853 AVAST engine scan C:\Windows
23:48:34.926 AVAST engine scan C:\Windows\system32
23:54:17.636 AVAST engine scan C:\Windows\system32\drivers
23:54:46.867 AVAST engine scan C:\Users\William
00:00:46.244 Disk 0 MBR has been saved successfully to "C:\Users\William\Desktop\MBR.dat"
00:00:46.264 The log file has been saved successfully to "C:\Users\William\Desktop\aswMBR.txt"

billyd · May 14, 2012

Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com
Program version: 1.2.0.1
OS Version: Microsoft Windows Vista Home Premium Edition Service Pack 2 (build 6
002), 32-bit
System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`00007e00
Boot sector MD5 is: 0ec6b2481fc707d1e901dc2a875f2826
Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)

Done;
Press any key to quit...

Broni · May 14, 2012

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

Never rename Combofix unless instructed.
Close any open browsers.
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
Close any open browsers.
WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
Double click on combofix.exe & follow the prompts.

NOTE1. If Combofix asks you to install Recovery Console, please allow it.
NOTE 2. If Combofix asks you to update the program, always do so.

When finished, it will produce a report for you.
Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.

Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.exe

Double-click on the Rkill icon to run the tool.
If using Vista or Windows 7 right-click on it and choose Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
Do not reboot until instructed.
If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

billyd · May 15, 2012

ComboFix 12-05-14.03 - William 05/15/2012 4:16.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.2074 [GMT -4:00]
Running from: c:\users\William\Desktop\ComboFix.exe
AV: Panda Global Protection 2012 *Enabled/Updated* {86971480-9989-6750-B122-681A86518D59}
FW: Panda Personal Firewall 2012 *Enabled* {BEAC95A5-D3E6-6608-9A7D-C12F7882CA22}
SP: Panda Global Protection 2012 *Enabled/Updated* {3DF6F564-BFB3-68DE-8B92-5368FDD6C7E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\William\AppData\Roaming\vso_ts_preview.xml
c:\windows\$NtUninstallKB37865$\3590362446
c:\windows\$NtUninstallKB37865$\4017323162\@
c:\windows\$NtUninstallKB37865$\4017323162\cfg.ini
c:\windows\$NtUninstallKB37865$\4017323162\Desktop.ini
c:\windows\$NtUninstallKB37865$\4017323162\L\qnbwvoto
c:\windows\$NtUninstallKB37865$\4017323162\oemid
c:\windows\$NtUninstallKB37865$\4017323162\U\00000001.@
c:\windows\$NtUninstallKB37865$\4017323162\U\00000002.@
c:\windows\$NtUninstallKB37865$\4017323162\U\00000004.@
c:\windows\$NtUninstallKB37865$\4017323162\U\80000000.@
c:\windows\$NtUninstallKB37865$\4017323162\U\80000004.@
c:\windows\$NtUninstallKB37865$\4017323162\U\80000032.@
c:\windows\$NtUninstallKB37865$\4017323162\version
c:\windows\security\Database\tmp.edb
c:\windows\system32\dds_trash_log.cmd
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\$NtUninstallKB37865$ . . . . Failed to delete
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_6to4
-------\Service_radiosvr
.
.
((((((((((((((((((((((((( Files Created from 2012-04-15 to 2012-05-15 )))))))))))))))))))))))))))))))
.
.
2012-05-15 08:30 . 2012-05-15 08:35 -------- d-----w- c:\users\William\AppData\Local\temp
2012-05-15 08:30 . 2012-05-15 08:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-13 23:46 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-13 23:46 . 2012-05-13 23:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-13 17:41 . 2012-05-13 17:41 -------- d-----w- c:\users\William\AppData\Local\ESET
2012-05-13 17:30 . 2012-05-13 17:30 -------- d-----w- c:\program files\Windows Resource Kits
2012-05-12 23:11 . 2012-05-12 23:11 -------- d-----w- c:\program files\ESET
2012-05-11 01:11 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-11 01:11 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 22:42 . 2012-05-05 22:43 -------- d-----w- c:\program files\Sherlock Holmes and the Hound of the Baskervilles
2012-04-22 23:44 . 2012-04-22 23:44 -------- d-----w- C:\found.000
2012-04-22 19:14 . 2012-04-22 19:14 -------- d-----w- c:\programdata\Kaspersky Lab
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 16:58 . 2012-04-04 17:05 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 16:58 . 2011-12-23 00:38 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-03 18:42 . 2012-04-03 18:42 652296 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-04-03 18:42 . 2012-04-03 18:42 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-04-03 18:42 . 2012-04-03 18:42 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
2012-04-02 13:36 . 2012-05-11 01:11 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-03-28 16:09 . 2012-03-20 23:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-03-20 05:50 . 2012-03-20 05:50 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E5EF829-F29F-45F4-AD4A-C33D507A9B4B}\offreg.dll
2012-02-29 15:11 . 2012-04-12 07:13 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-29 15:11 . 2012-04-12 07:13 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 15:09 . 2012-04-12 07:13 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 13:32 . 2012-04-12 07:13 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-02-28 01:18 . 2012-04-12 07:14 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11 . 2012-04-12 07:14 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11 . 2012-04-12 07:14 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03 . 2012-04-12 07:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-25 19:19 . 2012-02-25 19:19 121208 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2012-02-23 14:18 . 2011-12-16 16:56 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-02-20 06:05 . 2012-03-20 05:45 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E5EF829-F29F-45F4-AD4A-C33D507A9B4B}\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Turbo Tourney 2012 Scheduler.lnk]
backup=c:\windows\pss\Turbo Tourney 2012 Scheduler.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-12 01:13 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-12 01:13 133656 ----a-w- c:\windows\System32\igfxpers.exe
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
se2Bunic
ofcpfwsvc
upsmonservice
nmservice
atkkeyboardservice
SE2Bmdfl
SE2Dbus
omsad
tmtdi
wscsvc
wm
UNDPX2A
sdcoreservice
EIO_XP
ErrDev
qfcoresvc
mcdetect.exe
pelusblf
DS1410D
CTMFLT
EMATCORE
CVirtA
mssqlserverolapservice
pgpsdkservice
PTDCVsp
dsNcAdpt
sisnic
btnetfilter
nimcdfxk
MTC0001_ESB
SprintRcAppSvc
pcx1unic
RDID1027
pwkntmon
axsaki
mwagent
oracle_load_balancer_60_server-forms6ip9
rslinxng
mysql
teefer
atixsaudio
adminserver
mvserver
spmd
bc_filter
atiavaiw
UimBus
sisperf
imapiservice
s716mdm
rt2500usb
ppped
tfsnboio
dlartl_n
vstor2-ws60
iPassPeriodicUpdateService
speakerphone
ZDPNDIS5
ISAMSvc
plsremotesvc
smartwiservice
mcdbus
se45mgmt
ccflic0
webdriveservice
wlluc48b
webrootenterpriseclientservice
imagesrv
flashcom
ssm_bus
olapserver
wintab32
a016mgmt
MRV6X32P
EACSvrMngr
sglogplayer
AcronisOSSReinstallSvc
atdisk
bantext
nwlnkspx
PBADRV
oraclewebassistant
sonytvc
intelroam
papyjoy
tfsnudf
U3sHlpDr
npapimon
comhost
SetupSys
pdlnatcm
iPassP
perc2
statusagent
ATWPKT2
AdobeActiveFileMonitor6.0
WD_FireWire_HID
{a7447300-8075-4b0d-83f1-3d75c8ebc623}
hclinetd
i81x
SWUMX51
MQAC
UsbserFilt
dlbu_device
szkg
incdsrv
acrotray
rootmodem
nwlnknb
avgems
datasvr
NETw4v32
cfgwzsvc
tvtfilter
USB_NDIS_51
s125mdfl
tng-dtmg
vproeventmonitor
wmconnectcds
redbook
DivisCTS
NWSAP
macformatservice
sit_flt
EL2000
ssfs0509
procexp90
iksyssec
starwindservice
mnsframework
bwcsrv
aolservice
crauto
nvax
mctskshd.exe
ICAM5USB
LC7981
razerusb
EagleNT
elockservice
xfilt
ageremodemaudio
MA8032U
fshttps
slabbus
useraccess7
ctljystk
acermemusagecheckservice
NVR0Dev
rnadirectory
netmdsb
nm
bc_pat_f
MREMP50
W700mdm
oraclemtsrecoveryservice
pduip6000dmemcrdmgr
roxwatch
svv
SMCB000
vncdrv
tapeware
Angel2
qkbfiltr
persfw
cpucoolserver
elnkservice
btwusb
STV680m
msftpsvc
mxnic
ikhfile
opcenum
trioservice
cebdaldr
winpppoverethernet
lpx
TOSHIBASoftModem
mssql$sqlexpress
Hotkey
NITaggerService
dlcj_device
slabser
openldap-slapd
diskeeper
WinVd32
rchost
w800mdm
NTIDrvr
dlcc_device
server
SE26mgmt
z800mgmt
emitray
aspi32
S3GIGP
tgsrvc_smartagent
beatjamupnpmusicserver
iaimfp1
Slntamr
defwatch
sis315
queuemgr
penrendezvous
lktimesync
bthpan
ATMsg
ino_flpy
cvslock
dtsrvc
noipducservice
WaveFDE
ntcharge
se45nd5
rfcomm
tavsvc
SABSVC
screadspool
GTSCSER
mysqlinventime
modemcsa
timounter
NETw3v32
ma_cmidi_installerservice
getPlusHelper
nimxdfk
tdimsys
bdselfpr
PD0620VID
PGPdisk
SimpTcp
mfeavfk
AVerTV
SPFDRV
btwhid
pcradminserver
audstub
mlkkbdntdriver
WBHWDOCT
lvprcsrv
uleadburninghelper
mwstick
vsdatant
hibernation
lmab_device
rppkt
mcsysmon
UWProSys
s217nd5
CX88AUD
pdlnshay
monfilt
lxcj_device
ntpr_nic_service2
a016mdm
iAimTV5
zpsc
haspnt
Jukebox
VAIOMediaPlatform-MusicServer-HTTP
FETNDIS
scsk4
outpostfirewall
backupexecalertserver
nmwcdc
pavdrv
sandboxu
slee_503_service
HIDSwvd
ssm_mdm
LVRS
sifilter
viaagp1
ood2000
STV680
CnxTrLan
win32sl
s116mdm
cwcwdm
Pctspk
jaguar
ROB_A
Appn
hwpsgt
AVCSTRM
regspy
spcsutilityservice
nvstor32
mfesmfk
roxupnpserver
avg7rsw
SWNC5E00
DNE
ovsecurityserver
p2k
ADIDTSFiltService
wuolservice
ggsemc
winpowerrmi
GoToAssist
DgiVecp
cccredmgr
srvdpi
db2das00
spbbcsvc
vcommmgr
SNP2STD
NIPALK
hpqddsvc
harmony
sshrmd
GT890x
winpower
Slpsvdr
oracle_load_balancer_60_client-forms6ip9
APLMp50
TMKEmu
HPFECP20
pcidump
ftsata2
UVCFTR
nbservice
license
oracleorahomehttpserver
DirectUpdate
PGPsdkDriver
retroexplauncher
nfmservice
tng-dts
SE2Eobex
wampmysqld
s217mdm
dlcf_device
rimvserport
TNaviSrv
el90xbc
RESMGR
SDdriver
pdlnsx25
gameenum
wdica
AR5523
picturetaker
Evian
btwavdt
rnadiagnosticsservice
cusrvc
Via4in1
freepops
nimcrpcsu
dmio
TuneUp.Defrag
iPassPeriodicUpdateApp
prism_a02
IFPUSB
bt3cser
transarcafsdaemon
k750mdfl
USB_RNDIS
SRTSP
ifxtcs
VICESYS
PTDCBus
tcsd_win32.exe
pml
ScFBPNT3
UxTuneUp
vc5secs
tbhsd
stacsv
licensemanagersocket
avgarcln
tosrfnds
ql1280
s3ssavage
hmonitor
wlluc48
tmmbd
cbidf
zebrbus
dvd_2K
vsapint
w200bus
awhost32
filechecker
NsTrcNT
hsf_dp
trackcam4
arcltsrv
dladresm
WUSB54GPV4SRV
us30service
vvoice
inotask
inorpc
VNUSB
lxrjd31d
Ncrc710
rca
s125obex
NxSysMon
VX3000
srescan
{95808DC4-FA4A-4c74-92FE-5B863F82066B}
isapisearch
lockmgr
nvcap
ss_mdfl
SRS_SSCFilter
klif
DCamUSBSQTECH
se26unic
mks_scan
s7otranx
SED133x
ibmcicstransactiongateway
s7oppitx
LKbdFlt2
3comtftp
UMPass
U81xobex
U2SP
co_mon
atierecord
qbfcservice
tosrfsnd
openvpnservice
AmdLLD
freebsd
atkdisplf
se58unic
RMCAST
mcnasvc
cdr4_2k
avg7updsvc
cvsnt
k750mdm
s616unic
artourservice
symmpi
iastor
aclient
BTSLBCSP
askernel
acprfmgrsvc
https-admserv61
splitter
SaiU040B
proxyhostservice
USB_RNDIS_XP
nmsaccess
mfehidk
snmptrapdservice
digictrl
emupia
rimusb
array_utility_service4,0,1,3
gearaspiwdm
eskerlicensecontrol
lxbs_device
nimdbgk
CTMSHD
ihcservice
pavreport
ATKFUSService
iomdisk
se59mdfl
pnkbstrb
lp6nds35
syntp
SWMX00
se2Bnd5
e1express
w800mdfl
entech
T6963C
hnmsvc
VCAM
purgeieservice
XFX_program
smcservice
ldlcserv
PQNTDrv
iviaspi
enxpsvc
DniVad
acedrv07
Subsonic
iwebmsg
qmofiltr
agrsrvce
SunkFilt39
TcUsb
MA_CMIDI
trcboot
smsmdd
iam
a016mdfl
db2ntsecserver
ec2007service
sqlagent$sony_mediamgr
soma
tvs
ipsraidn
kservice
Bcim
amon
axinstsv
btwrchid
bdfsdrv
SE2Dmdfl
MTsensor
maya70docserver
ctdvda2k
wg111nd5
nchssvad
SaiNtSub
cpqarray
gv3
UpdateCenterService
MobilePreInstallerService
SQLWriter
iap
usb20l
s716nd5
FireTDI
pdframe
HSFHWICH
yukonwxp
lvpopflt
vzcdbsvc
NVTCP
SE27mdm
atalk
SunkFilt
NVENET
ctmmfilt
cicssfs.scmmc223
ifxspmgtsrv
se44nd5
agentsrv
ATMsrvc
nsengine
s117obex
aswrdr
z800obex
mwspollserver
lxbu_device
rtl8139
se44bus
USB11LDR
ramaint
pfc
athr
se59nd5
sentinel
ser2pl
websenselogserver
ltck000c
ZuneWlanCfgSvc
k750mgmt
Nsynas32
uclauncherservice
ossrv
sprtsvc_smartagent
autocomplete
sbhooksvc
USBCamera
TestHandler
adiloader
elotouchscreen
cwafrmiregistry
W55U01
tvicport
aec
ino_fltr
CTEDSPFX.DLL
U81xmdm
HFACSVC
imaservice
tmactmon
MpFilter
bthusb
symids
ASMMAP
atchksrv
AKSIFDH
GV600_4
nvmpu401
ASNDIS5
omniusbl
papycpu2
cpuz132
HECI
tsdhd
protexislicensing
slapd-data52
tandpl
dxdebug
scanwscs
ntrtscan
mod7700
TVALG
oracle_load_balancer_60_client-forms6ip14
telnet
mapserver6.3
incdfs
eamon
GTPTSER
atmeltpm
vetmsgnt
nvsmu
RSAFAL
alertmanager
sysmonlog
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 16:58]
.
2012-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-20 21:41]
.
2012-05-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-20 21:41]
.
2012-05-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
- c:\users\William\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-23 04:45]
.
2012-05-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
- c:\users\William\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-23 04:45]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-15 04:36
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:81,97,c7,74,c6,e0,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,44,3b,da,52,c0,a4,82,4f,a1,90,3e,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\bcmwltry.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\dlbacoms.exe
c:\program files\ESET\ESET Smart Security\ekrn.exe
c:\program files\TeamViewer\Version4\TeamViewer_Service.exe
c:\program files\TeamViewer\Version4\TeamViewer.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\windows\system32\DllHost.exe
.
**************************************************************************
.
Completion time: 2012-05-15 04:44:59 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-15 08:44
.
Pre-Run: 48,785,174,528 bytes free
Post-Run: 49,288,650,752 bytes free
.
- - End Of File - - ADCD2C6711C758428802EC4C4CA1C465

Broni · May 15, 2012

Download TDSSKiller and save it to your desktop.

Extract (unzip) its contents to your desktop.
Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

billyd · May 16, 2012

06:37:52.0921 3388 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
06:37:58.0896 3388 ============================================================
06:37:58.0896 3388 Current date / time: 2012/05/16 06:37:58.0896
06:37:58.0896 3388 SystemInfo:
06:37:58.0896 3388
06:37:58.0896 3388 OS Version: 6.0.6002 ServicePack: 2.0
06:37:58.0896 3388 Product type: Workstation
06:37:58.0896 3388 ComputerName: WILLIAM-PC
06:37:58.0896 3388 UserName: William
06:37:58.0896 3388 Windows directory: C:\Windows
06:37:58.0896 3388 System windows directory: C:\Windows
06:37:58.0896 3388 Processor architecture: Intel x86
06:37:58.0896 3388 Number of processors: 2
06:37:58.0896 3388 Page size: 0x1000
06:37:58.0896 3388 Boot type: Normal boot
06:37:58.0896 3388 ============================================================
06:37:59.0676 3388 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
06:37:59.0676 3388 ============================================================
06:37:59.0676 3388 \Device\Harddisk0\DR0:
06:37:59.0676 3388 MBR partitions:
06:37:59.0676 3388 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x119B3FD4
06:37:59.0676 3388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x119B4013, BlocksNum 0x1064AAE
06:37:59.0676 3388 ============================================================
06:37:59.0691 3388 C: <-> \Device\Harddisk0\DR0\Partition0
06:37:59.0738 3388 D: <-> \Device\Harddisk0\DR0\Partition1
06:37:59.0738 3388 ============================================================
06:37:59.0738 3388 Initialize success
06:37:59.0738 3388 ============================================================

Broni · May 16, 2012

It's incomplete.
Please try to run it again.

billyd · May 16, 2012

04:06:55.0591 5772 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
04:06:57.0806 5772 ============================================================
04:06:57.0806 5772 Current date / time: 2012/05/16 04:06:57.0806
04:06:57.0806 5772 SystemInfo:
04:06:57.0806 5772
04:06:57.0806 5772 OS Version: 6.0.6002 ServicePack: 2.0
04:06:57.0806 5772 Product type: Workstation
04:06:57.0806 5772 ComputerName: WILLIAM-PC
04:06:57.0806 5772 UserName: William
04:06:57.0806 5772 Windows directory: C:\Windows
04:06:57.0806 5772 System windows directory: C:\Windows
04:06:57.0806 5772 Processor architecture: Intel x86
04:06:57.0806 5772 Number of processors: 2
04:06:57.0806 5772 Page size: 0x1000
04:06:57.0806 5772 Boot type: Normal boot
04:06:57.0806 5772 ============================================================
04:06:58.0960 5772 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
04:06:58.0960 5772 ============================================================
04:06:58.0960 5772 \Device\Harddisk0\DR0:
04:06:58.0960 5772 MBR partitions:
04:06:58.0960 5772 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x119B3FD4
04:06:58.0960 5772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x119B4013, BlocksNum 0x1064AAE
04:06:58.0960 5772 ============================================================
04:06:58.0976 5772 C: <-> \Device\Harddisk0\DR0\Partition0
04:06:59.0023 5772 D: <-> \Device\Harddisk0\DR0\Partition1
04:06:59.0023 5772 ============================================================
04:06:59.0023 5772 Initialize success
04:06:59.0023 5772 ============================================================
04:07:00.0583 4232 ============================================================
04:07:00.0583 4232 Scan started
04:07:00.0583 4232 Mode: Manual;
04:07:00.0583 4232 ============================================================
04:07:02.0408 4232 a016mgmt - ok
04:07:02.0408 4232 acermemusagecheckservice - ok
04:07:02.0424 4232 aclient - ok
04:07:02.0517 4232 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
04:07:02.0548 4232 ACPI - ok
04:07:02.0564 4232 acprfmgrsvc - ok
04:07:02.0564 4232 AcronisOSSReinstallSvc - ok
04:07:02.0580 4232 AdobeActiveFileMonitor6.0 - ok
04:07:02.0658 4232 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
04:07:02.0658 4232 AdobeFlashPlayerUpdateSvc - ok
04:07:02.0704 4232 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
04:07:02.0704 4232 adp94xx - ok
04:07:02.0736 4232 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
04:07:02.0782 4232 adpahci - ok
04:07:02.0814 4232 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
04:07:02.0814 4232 adpu160m - ok
04:07:02.0829 4232 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
04:07:02.0876 4232 adpu320 - ok
04:07:02.0907 4232 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
04:07:02.0907 4232 AeLookupSvc - ok
04:07:02.0938 4232 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
04:07:02.0954 4232 AFD - ok
04:07:02.0954 4232 ageremodemaudio - ok
04:07:02.0985 4232 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
04:07:03.0016 4232 agp440 - ok
04:07:03.0032 4232 agrsrvce - ok
04:07:03.0048 4232 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
04:07:03.0079 4232 aic78xx - ok
04:07:03.0079 4232 AKSIFDH - ok
04:07:03.0110 4232 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
04:07:03.0110 4232 ALG - ok
04:07:03.0126 4232 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
04:07:03.0141 4232 aliide - ok
04:07:03.0172 4232 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
04:07:03.0204 4232 amdagp - ok
04:07:03.0219 4232 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
04:07:03.0219 4232 amdide - ok
04:07:03.0235 4232 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
04:07:03.0266 4232 AmdK7 - ok
04:07:03.0297 4232 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
04:07:03.0297 4232 AmdK8 - ok
04:07:03.0297 4232 Angel2 - ok
04:07:03.0344 4232 AnyDVD (eb9a88895a822c13aa2bbc9dcd44280f) C:\Windows\system32\Drivers\AnyDVD.sys
04:07:03.0375 4232 AnyDVD - ok
04:07:03.0406 4232 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
04:07:03.0406 4232 Appinfo - ok
04:07:03.0422 4232 Appn - ok
04:07:03.0453 4232 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
04:07:03.0453 4232 arc - ok
04:07:03.0469 4232 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
04:07:03.0484 4232 arcsas - ok
04:07:03.0484 4232 array_utility_service4,0,1,3 - ok
04:07:03.0484 4232 artourservice - ok
04:07:03.0500 4232 askernel - ok
04:07:03.0516 4232 ASNDIS5 - ok
04:07:03.0516 4232 aswrdr - ok
04:07:03.0562 4232 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
04:07:03.0578 4232 AsyncMac - ok
04:07:03.0578 4232 atalk - ok
04:07:03.0609 4232 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
04:07:03.0609 4232 atapi - ok
04:07:03.0625 4232 athr - ok
04:07:03.0625 4232 atixsaudio - ok
04:07:03.0640 4232 atkkeyboardservice - ok
04:07:03.0640 4232 ATMsrvc - ok
04:07:03.0656 4232 ATWPKT2 - ok
04:07:03.0703 4232 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
04:07:03.0703 4232 AudioEndpointBuilder - ok
04:07:03.0718 4232 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
04:07:03.0718 4232 Audiosrv - ok
04:07:03.0734 4232 avg7rsw - ok
04:07:03.0750 4232 axsaki - ok
04:07:03.0750 4232 backupexecalertserver - ok
04:07:03.0750 4232 bantext - ok
04:07:03.0781 4232 BCM42RLY - ok
04:07:03.0859 4232 BCM43XX (cdf7f28ffd693b1b4137845dd1ef1ccc) C:\Windows\system32\DRIVERS\bcmwl6.sys
04:07:03.0874 4232 BCM43XX - ok
04:07:03.0906 4232 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
04:07:03.0906 4232 bcm4sbxp - ok
04:07:03.0952 4232 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
04:07:03.0984 4232 Beep - ok
04:07:04.0062 4232 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
04:07:04.0062 4232 BFE - ok
04:07:04.0124 4232 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
04:07:04.0140 4232 BITS - ok
04:07:04.0140 4232 blbdrive - ok
04:07:04.0171 4232 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
04:07:04.0202 4232 bowser - ok
04:07:04.0233 4232 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
04:07:04.0233 4232 BrFiltLo - ok
04:07:04.0249 4232 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
04:07:04.0249 4232 BrFiltUp - ok
04:07:04.0264 4232 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
04:07:04.0280 4232 Browser - ok
04:07:04.0296 4232 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
04:07:04.0296 4232 Brserid - ok
04:07:04.0311 4232 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
04:07:04.0311 4232 BrSerWdm - ok
04:07:04.0327 4232 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
04:07:04.0327 4232 BrUsbMdm - ok
04:07:04.0342 4232 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
04:07:04.0342 4232 BrUsbSer - ok
04:07:04.0374 4232 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
04:07:04.0374 4232 BTHMODEM - ok
04:07:04.0374 4232 bthusb - ok
04:07:04.0389 4232 btnetfilter - ok
04:07:04.0389 4232 BTSLBCSP - ok
04:07:04.0405 4232 btwusb - ok
04:07:04.0561 4232 catchme - ok
04:07:04.0576 4232 ccflic0 - ok
04:07:04.0717 4232 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
04:07:04.0764 4232 cdfs - ok
04:07:04.0810 4232 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
04:07:04.0857 4232 cdrom - ok
04:07:04.0857 4232 cebdaldr - ok
04:07:04.0904 4232 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
04:07:04.0904 4232 CertPropSvc - ok
04:07:04.0920 4232 cicssfs.scmmc223 - ok
04:07:04.0951 4232 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
04:07:04.0982 4232 circlass - ok
04:07:05.0044 4232 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
04:07:05.0076 4232 CLFS - ok
04:07:05.0138 4232 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:07:05.0138 4232 clr_optimization_v2.0.50727_32 - ok
04:07:05.0216 4232 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
04:07:05.0232 4232 clr_optimization_v4.0.30319_32 - ok
04:07:05.0247 4232 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
04:07:05.0247 4232 CmBatt - ok
04:07:05.0278 4232 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
04:07:05.0294 4232 cmdide - ok
04:07:05.0325 4232 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
04:07:05.0325 4232 Compbatt - ok
04:07:05.0341 4232 COMSysApp - ok
04:07:05.0356 4232 cpucoolserver - ok
04:07:05.0356 4232 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
04:07:05.0372 4232 crcdisk - ok
04:07:05.0388 4232 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
04:07:05.0434 4232 Crusoe - ok
04:07:05.0466 4232 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
04:07:05.0466 4232 CryptSvc - ok
04:07:05.0481 4232 ctljystk - ok
04:07:05.0575 4232 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
04:07:05.0575 4232 DcomLaunch - ok
04:07:05.0590 4232 defwatch - ok
04:07:05.0622 4232 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
04:07:05.0637 4232 DfsC - ok
04:07:05.0762 4232 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
04:07:05.0824 4232 DFSR - ok
04:07:05.0934 4232 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
04:07:05.0934 4232 Dhcp - ok
04:07:05.0949 4232 digictrl - ok
04:07:05.0965 4232 DirectUpdate - ok
04:07:06.0027 4232 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
04:07:06.0043 4232 disk - ok
04:07:06.0043 4232 dlba_device - ok
04:07:06.0058 4232 dlcf_device - ok
04:07:06.0074 4232 dmio - ok
04:07:06.0074 4232 DNE - ok
04:07:06.0121 4232 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
04:07:06.0121 4232 Dnscache - ok
04:07:06.0168 4232 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
04:07:06.0168 4232 dot3svc - ok
04:07:06.0214 4232 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
04:07:06.0214 4232 DPS - ok
04:07:06.0230 4232 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
04:07:06.0261 4232 drmkaud - ok
04:07:06.0324 4232 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
04:07:06.0355 4232 DXGKrnl - ok
04:07:06.0370 4232 e1express - ok
04:07:06.0402 4232 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
04:07:06.0402 4232 E1G60 - ok
04:07:06.0417 4232 EACSvrMngr - ok
04:07:06.0480 4232 eamonm (04cba07e73f152970fc34d66d3892e2a) C:\Windows\system32\DRIVERS\eamonm.sys
04:07:06.0495 4232 eamonm - ok
04:07:06.0542 4232 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
04:07:06.0542 4232 EapHost - ok
04:07:06.0589 4232 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
04:07:06.0589 4232 Ecache - ok
04:07:06.0636 4232 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\Windows\system32\DRIVERS\ehdrv.sys
04:07:06.0636 4232 ehdrv - ok
04:07:06.0698 4232 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
04:07:06.0729 4232 ehRecvr - ok
04:07:06.0760 4232 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
04:07:06.0760 4232 ehSched - ok
04:07:06.0792 4232 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
04:07:06.0807 4232 ehstart - ok
04:07:06.0901 4232 EhttpSrv (68d91a34ce51cf15c45dd68f7f1257e8) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
04:07:06.0901 4232 EhttpSrv - ok
04:07:06.0963 4232 ekrn (191d8eccc40f05b52fac0513f35ba01d) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
04:07:06.0979 4232 ekrn - ok
04:07:07.0026 4232 EL2000 - ok
04:07:07.0041 4232 el90xbc - ok
04:07:07.0119 4232 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys
04:07:07.0166 4232 ElbyCDIO - ok
04:07:07.0228 4232 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
04:07:07.0244 4232 elxstor - ok
04:07:07.0291 4232 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
04:07:07.0306 4232 EMDMgmt - ok
04:07:07.0306 4232 emupia - ok
04:07:07.0353 4232 epfw (73411c14a8c6062bb6a510772cf2f38c) C:\Windows\system32\DRIVERS\epfw.sys
04:07:07.0353 4232 epfw - ok
04:07:07.0369 4232 Epfwndis (490329bf80f333e788df9596a752a915) C:\Windows\system32\DRIVERS\Epfwndis.sys
04:07:07.0369 4232 Epfwndis - ok
04:07:07.0416 4232 epfwwfp (c62068dab6e2510fb231286d3da63dfa) C:\Windows\system32\DRIVERS\epfwwfp.sys
04:07:07.0447 4232 epfwwfp - ok
04:07:07.0447 4232 eskerlicensecontrol - ok
04:07:07.0540 4232 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
04:07:07.0540 4232 EventSystem - ok
04:07:07.0587 4232 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
04:07:07.0650 4232 exfat - ok
04:07:07.0665 4232 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
04:07:07.0696 4232 fastfat - ok
04:07:07.0743 4232 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
04:07:07.0774 4232 fdc - ok
04:07:07.0806 4232 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
04:07:07.0806 4232 fdPHost - ok
04:07:07.0837 4232 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
04:07:07.0837 4232 FDResPub - ok
04:07:07.0884 4232 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
04:07:07.0930 4232 FileInfo - ok
04:07:07.0946 4232 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
04:07:07.0962 4232 Filetrace - ok
04:07:07.0977 4232 flashcom - ok
04:07:08.0008 4232 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
04:07:08.0008 4232 flpydisk - ok
04:07:08.0040 4232 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
04:07:08.0102 4232 FltMgr - ok
04:07:08.0164 4232 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
04:07:08.0180 4232 FontCache - ok
04:07:08.0274 4232 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
04:07:08.0274 4232 FontCache3.0.0.0 - ok
04:07:08.0274 4232 freebsd - ok
04:07:08.0289 4232 freepops - ok
04:07:08.0305 4232 fshttps - ok
04:07:08.0336 4232 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
04:07:08.0352 4232 Fs_Rec - ok
04:07:08.0398 4232 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
04:07:08.0398 4232 gagp30kx - ok
04:07:08.0398 4232 gearaspiwdm - ok
04:07:08.0476 4232 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
04:07:08.0476 4232 gpsvc - ok
04:07:08.0492 4232 GTPTSER - ok
04:07:08.0508 4232 GTSCSER - ok
04:07:08.0617 4232 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
04:07:08.0632 4232 gupdate - ok
04:07:08.0648 4232 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
04:07:08.0648 4232 gupdatem - ok
04:07:08.0664 4232 gv3 - ok
04:07:08.0664 4232 GV600_4 - ok
04:07:08.0679 4232 harmony - ok
04:07:08.0695 4232 haspnt - ok
04:07:08.0710 4232 hclinetd - ok
04:07:08.0742 4232 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
04:07:08.0804 4232 HdAudAddService - ok
04:07:08.0851 4232 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
04:07:08.0851 4232 HDAudBus - ok
04:07:08.0866 4232 hibernation - ok
04:07:08.0898 4232 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
04:07:08.0929 4232 HidBth - ok
04:07:08.0944 4232 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
04:07:08.0976 4232 HidIr - ok
04:07:09.0022 4232 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
04:07:09.0022 4232 hidserv - ok
04:07:09.0022 4232 HIDSwvd - ok
04:07:09.0054 4232 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
04:07:09.0069 4232 HidUsb - ok
04:07:09.0100 4232 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
04:07:09.0100 4232 hkmsvc - ok
04:07:09.0116 4232 hmonitor - ok
04:07:09.0116 4232 Hotkey - ok
04:07:09.0163 4232 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
04:07:09.0194 4232 HpCISSs - ok
04:07:09.0210 4232 HPFECP20 - ok
04:07:09.0210 4232 hpqddsvc - ok
04:07:09.0256 4232 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
04:07:09.0288 4232 HSFHWAZL - ok
04:07:09.0303 4232 HSFHWICH - ok
04:07:09.0303 4232 hsf_dp - ok
04:07:09.0366 4232 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
04:07:09.0381 4232 HSF_DPV - ok
04:07:09.0428 4232 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
04:07:09.0444 4232 HTTP - ok
04:07:09.0444 4232 https-admserv61 - ok
04:07:09.0459 4232 hwpsgt - ok
04:07:09.0490 4232 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
04:07:09.0490 4232 i2omp - ok
04:07:09.0522 4232 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
04:07:09.0537 4232 i8042prt - ok
04:07:09.0553 4232 i81x - ok
04:07:09.0553 4232 iaimfp1 - ok
04:07:09.0584 4232 iAimTV5 - ok
04:07:09.0600 4232 iap - ok
04:07:09.0615 4232 iastor - ok
04:07:09.0646 4232 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
04:07:09.0646 4232 iaStorV - ok
04:07:09.0662 4232 ibmcicstransactiongateway - ok
04:07:10.0380 4232 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
04:07:10.0411 4232 idsvc - ok
04:07:10.0442 4232 IFPUSB - ok
04:07:10.0458 4232 ifxspmgtsrv - ok
04:07:10.0458 4232 ifxtcs - ok
04:07:10.0910 4232 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
04:07:10.0926 4232 igfx - ok
04:07:11.0050 4232 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
04:07:11.0082 4232 iirsp - ok
04:07:11.0144 4232 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
04:07:11.0144 4232 IKEEXT - ok
04:07:11.0160 4232 ikhfile - ok
04:07:11.0175 4232 iksyssec - ok
04:07:11.0175 4232 imagesrv - ok
04:07:11.0191 4232 incdfs - ok
04:07:11.0206 4232 inorpc - ok
04:07:11.0222 4232 inotask - ok
04:07:11.0238 4232 ino_flpy - ok
04:07:11.0269 4232 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
04:07:11.0269 4232 intelide - ok
04:07:11.0300 4232 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
04:07:11.0300 4232 intelppm - ok
04:07:11.0378 4232 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
04:07:11.0394 4232 IntuitUpdateServiceV4 - ok
04:07:11.0394 4232 iPassP - ok
04:07:11.0409 4232 iPassPeriodicUpdateApp - ok
04:07:11.0425 4232 iPassPeriodicUpdateService - ok
04:07:11.0472 4232 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
04:07:11.0472 4232 IPBusEnum - ok
04:07:11.0503 4232 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:07:11.0518 4232 IpFilterDriver - ok
04:07:11.0565 4232 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
04:07:11.0565 4232 iphlpsvc - ok
04:07:11.0581 4232 IpInIp - ok
04:07:11.0612 4232 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
04:07:11.0612 4232 IPMIDRV - ok
04:07:11.0643 4232 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
04:07:11.0674 4232 IPNAT - ok
04:07:11.0690 4232 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
04:07:11.0706 4232 IRENUM - ok
04:07:11.0706 4232 ISAMSvc - ok
04:07:11.0721 4232 isapisearch - ok
04:07:11.0752 4232 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
04:07:11.0752 4232 isapnp - ok
04:07:11.0799 4232 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
04:07:11.0815 4232 iScsiPrt - ok
04:07:11.0846 4232 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
04:07:11.0877 4232 iteatapi - ok
04:07:11.0924 4232 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
04:07:11.0971 4232 iteraid - ok
04:07:12.0033 4232 iviaspi - ok
04:07:12.0033 4232 iwebmsg - ok
04:07:12.0049 4232 jaguar - ok
04:07:12.0064 4232 Jukebox - ok
04:07:12.0064 4232 k750mdfl - ok
04:07:12.0080 4232 k750mdm - ok
04:07:12.0376 4232 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
04:07:12.0423 4232 kbdclass - ok
04:07:12.0501 4232 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
04:07:12.0517 4232 kbdhid - ok
04:07:12.0595 4232 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
04:07:12.0595 4232 KeyIso - ok
04:07:12.0610 4232 klif - ok
04:07:12.0673 4232 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
04:07:12.0704 4232 KSecDD - ok
04:07:12.0751 4232 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
04:07:12.0798 4232 KtmRm - ok
04:07:12.0829 4232 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
04:07:12.0844 4232 LanmanServer - ok
04:07:12.0876 4232 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
04:07:12.0876 4232 LanmanWorkstation - ok
04:07:12.0891 4232 license - ok
04:07:12.0891 4232 licensemanagersocket - ok
04:07:12.0907 4232 LKbdFlt2 - ok
04:07:12.0922 4232 lktimesync - ok
04:07:12.0954 4232 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
04:07:12.0969 4232 lltdio - ok
04:07:13.0000 4232 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
04:07:13.0016 4232 lltdsvc - ok
04:07:13.0016 4232 lmab_device - ok
04:07:13.0063 4232 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
04:07:13.0063 4232 lmhosts - ok
04:07:13.0078 4232 lockmgr - ok
04:07:13.0078 4232 lp6nds35 - ok
04:07:13.0110 4232 lpx - ok
04:07:13.0156 4232 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
04:07:13.0188 4232 LSI_FC - ok
04:07:13.0203 4232 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
04:07:13.0234 4232 LSI_SAS - ok
04:07:13.0250 4232 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
04:07:13.0266 4232 LSI_SCSI - ok
04:07:13.0297 4232 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
04:07:13.0297 4232 luafv - ok
04:07:13.0312 4232 lvprcsrv - ok
04:07:13.0312 4232 LVRS - ok
04:07:13.0328 4232 lxbs_device - ok
04:07:13.0344 4232 lxbu_device - ok
04:07:13.0344 4232 lxcj_device - ok
04:07:13.0359 4232 lxrjd31d - ok
04:07:13.0375 4232 MA8032U - ok
04:07:13.0375 4232 mapserver6.3 - ok
04:07:13.0390 4232 ma_cmidi_installerservice - ok
04:07:13.0422 4232 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
04:07:13.0437 4232 MBAMProtector - ok
04:07:13.0546 4232 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
04:07:13.0562 4232 MBAMService - ok
04:07:13.0562 4232 mcdbus - ok
04:07:13.0578 4232 mcnasvc - ok
04:07:13.0578 4232 mcsysmon - ok
04:07:13.0593 4232 mctskshd.exe - ok
04:07:13.0624 4232 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
04:07:13.0640 4232 Mcx2Svc - ok
04:07:13.0656 4232 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
04:07:13.0687 4232 megasas - ok
04:07:13.0687 4232 mfeavfk - ok
04:07:13.0702 4232 mfehidk - ok
04:07:13.0718 4232 mfesmfk - ok
04:07:13.0718 4232 mks_scan - ok
04:07:13.0749 4232 mlkkbdntdriver - ok
04:07:13.0796 4232 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
04:07:13.0796 4232 MMCSS - ok
04:07:13.0796 4232 MobilePreInstallerService - ok
04:07:13.0827 4232 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
04:07:13.0843 4232 Modem - ok
04:07:13.0858 4232 modemcsa - ok
04:07:13.0858 4232 monfilt - ok
04:07:13.0921 4232 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
04:07:13.0921 4232 monitor - ok
04:07:13.0952 4232 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
04:07:13.0968 4232 mouclass - ok
04:07:13.0999 4232 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
04:07:14.0030 4232 mouhid - ok
04:07:14.0061 4232 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
04:07:14.0077 4232 MountMgr - ok
04:07:14.0108 4232 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
04:07:14.0108 4232 mpio - ok
04:07:14.0139 4232 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
04:07:14.0186 4232 mpsdrv - ok
04:07:14.0248 4232 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
04:07:14.0248 4232 MpsSvc - ok
04:07:14.0280 4232 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
04:07:14.0280 4232 Mraid35x - ok
04:07:14.0342 4232 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
04:07:14.0420 4232 MRxDAV - ok
04:07:14.0451 4232 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
04:07:14.0482 4232 mrxsmb - ok
04:07:14.0529 4232 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:07:14.0560 4232 mrxsmb10 - ok
04:07:14.0576 4232 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:07:14.0607 4232 mrxsmb20 - ok
04:07:14.0638 4232 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
04:07:14.0638 4232 msahci - ok
04:07:14.0670 4232 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
04:07:14.0716 4232 msdsm - ok
04:07:14.0748 4232 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
04:07:14.0763 4232 MSDTC - ok
04:07:14.0794 4232 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
04:07:14.0826 4232 Msfs - ok
04:07:14.0826 4232 msftpsvc - ok
04:07:14.0841 4232 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
04:07:14.0857 4232 msisadrv - ok
04:07:14.0904 4232 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
04:07:14.0904 4232 MSiSCSI - ok
04:07:14.0919 4232 msiserver - ok
04:07:14.0997 4232 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
04:07:15.0028 4232 MSKSSRV - ok
04:07:15.0060 4232 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
04:07:15.0091 4232 MSPCLOCK - ok
04:07:15.0153 4232 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
04:07:15.0169 4232 MSPQM - ok
04:07:15.0216 4232 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
04:07:15.0216 4232 MsRPC - ok
04:07:15.0262 4232 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
04:07:15.0262 4232 mssmbios - ok
04:07:15.0262 4232 mssql$sqlexpress - ok
04:07:15.0278 4232 mssqlserverolapservice - ok
04:07:15.0309 4232 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
04:07:15.0340 4232 MSTEE - ok
04:07:15.0387 4232 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
04:07:15.0403 4232 Mup - ok
04:07:15.0418 4232 mwspollserver - ok
04:07:15.0418 4232 mwstick - ok
04:07:15.0434 4232 mxnic - ok
04:07:15.0450 4232 mysqlinventime - ok
04:07:15.0512 4232 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
04:07:15.0543 4232 napagent - ok
04:07:15.0574 4232 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
04:07:15.0621 4232 NativeWifiP - ok
04:07:15.0621 4232 nbservice - ok
04:07:15.0637 4232 Ncrc710 - ok
04:07:15.0730 4232 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
04:07:15.0777 4232 NDIS - ok
04:07:15.0808 4232 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
04:07:15.0808 4232 NdisTapi - ok
04:07:15.0824 4232 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
04:07:15.0855 4232 Ndisuio - ok
04:07:15.0871 4232 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
04:07:15.0902 4232 NdisWan - ok
04:07:15.0949 4232 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
04:07:15.0980 4232 NDProxy - ok
04:07:16.0011 4232 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
04:07:16.0027 4232 NetBIOS - ok
04:07:16.0074 4232 netbt (b3a0ca5e3dbbc1d817d4478b915ecbac) C:\Windows\system32\DRIVERS\netbt.sys
04:07:16.0074 4232 netbt ( Virus.Win32.ZAccess.k ) - infected
04:07:16.0074 4232 netbt - detected Virus.Win32.ZAccess.k (0)
04:07:16.0105 4232 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
04:07:16.0105 4232 Netlogon - ok
04:07:16.0120 4232 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
04:07:16.0136 4232 Netman - ok
04:07:16.0136 4232 netmdsb - ok
04:07:16.0167 4232 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
04:07:16.0183 4232 netprofm - ok
04:07:16.0276 4232 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
04:07:16.0276 4232 NetTcpPortSharing - ok
04:07:16.0292 4232 NETw3v32 - ok
04:07:16.0308 4232 nfmservice - ok
04:07:16.0354 4232 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
04:07:16.0370 4232 nfrd960 - ok
04:07:16.0386 4232 nimcdfxk - ok
04:07:16.0401 4232 nimcrpcsu - ok
04:07:16.0401 4232 NIPALK - ok
04:07:16.0417 4232 NITaggerService - ok
04:07:16.0464 4232 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
04:07:16.0464 4232 NlaSvc - ok
04:07:16.0479 4232 nmsaccess - ok
04:07:16.0495 4232 nmservice - ok
04:07:16.0510 4232 nmwcdc - ok
04:07:16.0526 4232 noipducservice - ok
04:07:16.0557 4232 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
04:07:16.0573 4232 Npfs - ok
04:07:16.0620 4232 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
04:07:16.0620 4232 nsi - ok
04:07:16.0635 4232 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
04:07:16.0666 4232 nsiproxy - ok
04:07:16.0682 4232 NsTrcNT - ok
04:07:16.0682 4232 ntcharge - ok
04:07:16.0791 4232 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
04:07:16.0869 4232 Ntfs - ok
04:07:16.0885 4232 NTIDrvr - ok
04:07:16.0900 4232 ntmssvc - ok
04:07:16.0900 4232 ntpr_nic_service2 - ok
04:07:16.0932 4232 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
04:07:16.0963 4232 ntrigdigi - ok
04:07:16.0994 4232 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
04:07:17.0025 4232 NuidFltr - ok
04:07:17.0056 4232 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
04:07:17.0088 4232 Null - ok
04:07:17.0088 4232 nvcap - ok
04:07:17.0103 4232 NVENET - ok
04:07:17.0103 4232 nvmpu401 - ok
04:07:17.0119 4232 NVR0Dev - ok
04:07:17.0150 4232 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
04:07:17.0181 4232 nvraid - ok
04:07:17.0181 4232 nvsmu - ok
04:07:17.0197 4232 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
04:07:17.0228 4232 nvstor - ok
04:07:17.0228 4232 nvstor32 - ok
04:07:17.0244 4232 NVTCP - ok
04:07:17.0259 4232 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
04:07:17.0290 4232 nv_agp - ok
04:07:17.0306 4232 NwlnkFlt - ok
04:07:17.0322 4232 NwlnkFwd - ok
04:07:17.0322 4232 nwlnkspx - ok
04:07:17.0337 4232 NxSysMon - ok
04:07:17.0368 4232 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
04:07:17.0384 4232 ohci1394 - ok
04:07:17.0384 4232 olapserver - ok
04:07:17.0400 4232 omniusbl - ok
04:07:17.0415 4232 omsad - ok
04:07:17.0431 4232 ood2000 - ok
04:07:17.0446 4232 openldap-slapd - ok
04:07:17.0446 4232 openvpnservice - ok
04:07:17.0462 4232 oracleorahomehttpserver - ok
04:07:17.0478 4232 oraclewebassistant - ok
04:07:17.0493 4232 oracle_load_balancer_60_client-forms6ip14 - ok
04:07:17.0509 4232 oracle_load_balancer_60_client-forms6ip9 - ok
04:07:17.0524 4232 outpostfirewall - ok
04:07:17.0540 4232 ovsecurityserver - ok
04:07:17.0556 4232 p2k - ok
04:07:17.0618 4232 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
04:07:17.0665 4232 p2pimsvc - ok
04:07:17.0665 4232 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
04:07:17.0680 4232 p2psvc - ok
04:07:17.0680 4232 papycpu2 - ok
04:07:17.0696 4232 papyjoy - ok
04:07:17.0790 4232 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
04:07:17.0805 4232 Parport - ok
04:07:17.0852 4232 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
04:07:17.0868 4232 partmgr - ok
04:07:17.0899 4232 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
04:07:17.0899 4232 Parvdm - ok
04:07:17.0914 4232 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
04:07:17.0930 4232 PcaSvc - ok
04:07:17.0961 4232 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
04:07:17.0992 4232 pci - ok
04:07:18.0008 4232 pcidump - ok
04:07:18.0039 4232 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
04:07:18.0039 4232 pciide - ok
04:07:18.0086 4232 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
04:07:18.0133 4232 pcmcia - ok

billyd · May 16, 2012

04:07:18.0133 4232 pcradminserver - ok
04:07:18.0148 4232 Pctspk - ok
04:07:18.0164 4232 PD0620VID - ok
04:07:18.0164 4232 pdframe - ok
04:07:18.0180 4232 pdlnatcm - ok
04:07:18.0226 4232 pdlnsx25 - ok
04:07:18.0226 4232 pduip6000dmemcrdmgr - ok
04:07:18.0289 4232 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
04:07:18.0336 4232 PEAUTH - ok
04:07:18.0351 4232 penrendezvous - ok
04:07:18.0367 4232 perc2 - ok
04:07:18.0398 4232 persfw - ok
04:07:18.0414 4232 pfc - ok
04:07:18.0429 4232 PGPdisk - ok
04:07:18.0445 4232 PGPsdkDriver - ok
04:07:18.0445 4232 picturetaker - ok
04:07:18.0554 4232 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
04:07:18.0601 4232 pla - ok
04:07:18.0710 4232 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
04:07:18.0710 4232 PlugPlay - ok
04:07:18.0726 4232 pml - ok
04:07:18.0804 4232 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
04:07:18.0804 4232 PNRPAutoReg - ok
04:07:18.0819 4232 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
04:07:18.0819 4232 PNRPsvc - ok
04:07:18.0866 4232 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
04:07:18.0882 4232 PolicyAgent - ok
04:07:18.0960 4232 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
04:07:18.0991 4232 PptpMiniport - ok
04:07:18.0991 4232 prism_a02 - ok
04:07:19.0038 4232 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
04:07:19.0069 4232 Processor - ok
04:07:19.0084 4232 procexp90 - ok
04:07:19.0116 4232 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
04:07:19.0131 4232 ProfSvc - ok
04:07:19.0147 4232 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
04:07:19.0162 4232 ProtectedStorage - ok
04:07:19.0162 4232 protexislicensing - ok
04:07:19.0178 4232 proxyhostservice - ok
04:07:19.0225 4232 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
04:07:19.0240 4232 PSched - ok
04:07:19.0240 4232 PTDCBus - ok
04:07:19.0256 4232 PTDCVsp - ok
04:07:19.0272 4232 qbfcservice - ok
04:07:19.0287 4232 qkbfiltr - ok
04:07:19.0303 4232 ql1280 - ok
04:07:19.0350 4232 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
04:07:19.0396 4232 ql2300 - ok
04:07:19.0443 4232 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
04:07:19.0443 4232 ql40xx - ok
04:07:19.0443 4232 qmofiltr - ok
04:07:19.0459 4232 queuemgr - ok
04:07:19.0521 4232 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
04:07:19.0537 4232 QWAVE - ok
04:07:19.0568 4232 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
04:07:19.0599 4232 QWAVEdrv - ok
04:07:19.0599 4232 ramaint - ok
04:07:19.0646 4232 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
04:07:19.0646 4232 RasAcd - ok
04:07:19.0693 4232 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
04:07:19.0693 4232 RasAuto - ok
04:07:19.0724 4232 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
04:07:19.0771 4232 Rasl2tp - ok
04:07:19.0802 4232 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
04:07:19.0818 4232 RasMan - ok
04:07:19.0849 4232 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
04:07:19.0880 4232 RasPppoe - ok
04:07:19.0911 4232 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
04:07:19.0942 4232 RasSstp - ok
04:07:19.0942 4232 rca - ok
04:07:19.0958 4232 rchost - ok
04:07:20.0005 4232 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
04:07:20.0020 4232 rdbss - ok
04:07:20.0020 4232 RDID1027 - ok
04:07:20.0067 4232 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
04:07:20.0098 4232 RDPCDD - ok
04:07:20.0457 4232 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
04:07:20.0504 4232 rdpdr - ok
04:07:20.0535 4232 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
04:07:20.0551 4232 RDPENCDD - ok
04:07:20.0613 4232 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
04:07:20.0644 4232 RDPWD - ok
04:07:20.0660 4232 regspy - ok
04:07:20.0738 4232 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
04:07:20.0738 4232 RemoteAccess - ok
04:07:20.0800 4232 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
04:07:20.0800 4232 RemoteRegistry - ok
04:07:20.0816 4232 RESMGR - ok
04:07:20.0832 4232 retroexplauncher - ok
04:07:20.0847 4232 rfcomm - ok
04:07:20.0941 4232 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
04:07:20.0941 4232 rimmptsk - ok
04:07:20.0956 4232 rimsptsk (d7e09bc852684a7b1fc0f74fe090d45a) C:\Windows\system32\DRIVERS\rimsptsk.sys
04:07:20.0956 4232 rimsptsk - ok
04:07:20.0972 4232 rimusb - ok
04:07:20.0988 4232 rimvserport - ok
04:07:21.0003 4232 rismxdp (b0a7494a9ba7909efac64e05d3f160db) C:\Windows\system32\DRIVERS\rixdptsk.sys
04:07:21.0003 4232 rismxdp - ok
04:07:21.0019 4232 RMCAST - ok
04:07:21.0034 4232 rnadiagnosticsservice - ok
04:07:21.0050 4232 ROB_A - ok
04:07:21.0066 4232 roxupnpserver - ok
04:07:21.0097 4232 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
04:07:21.0097 4232 RpcLocator - ok
04:07:21.0159 4232 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
04:07:21.0159 4232 RpcSs - ok
04:07:21.0175 4232 rppkt - ok
04:07:21.0190 4232 RSAFAL - ok
04:07:21.0222 4232 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
04:07:21.0237 4232 rspndr - ok
04:07:21.0253 4232 rtl8139 - ok
04:07:21.0268 4232 s116mdm - ok
04:07:21.0268 4232 s125obex - ok
04:07:21.0284 4232 s217mdm - ok
04:07:21.0300 4232 s217nd5 - ok
04:07:21.0315 4232 S3GIGP - ok
04:07:21.0331 4232 s3ssavage - ok
04:07:21.0331 4232 s616unic - ok
04:07:21.0346 4232 s716nd5 - ok
04:07:21.0362 4232 s7oppitx - ok
04:07:21.0378 4232 s7otranx - ok
04:07:21.0393 4232 SABSVC - ok
04:07:21.0409 4232 SaiNtSub - ok
04:07:21.0409 4232 SaiU040B - ok
04:07:21.0502 4232 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
04:07:21.0502 4232 SamSs - ok
04:07:21.0518 4232 sandboxu - ok
04:07:21.0549 4232 sbhooksvc - ok
04:07:21.0580 4232 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
04:07:21.0580 4232 sbp2port - ok
04:07:21.0627 4232 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
04:07:21.0643 4232 SCardSvr - ok
04:07:21.0658 4232 ScFBPNT3 - ok
04:07:21.0721 4232 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
04:07:21.0721 4232 Schedule - ok
04:07:21.0736 4232 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
04:07:21.0736 4232 SCPolicySvc - ok
04:07:21.0752 4232 screadspool - ok
04:07:21.0768 4232 scsk4 - ok
04:07:21.0861 4232 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
04:07:21.0892 4232 sdbus - ok
04:07:21.0908 4232 sdcoreservice - ok
04:07:21.0908 4232 SDdriver - ok
04:07:21.0955 4232 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
04:07:21.0970 4232 SDRSVC - ok
04:07:21.0986 4232 SE26mgmt - ok
04:07:22.0002 4232 se26unic - ok
04:07:22.0002 4232 SE2Bmdfl - ok
04:07:22.0017 4232 se2Bnd5 - ok
04:07:22.0033 4232 se2Bunic - ok
04:07:22.0048 4232 SE2Dbus - ok
04:07:22.0064 4232 SE2Eobex - ok
04:07:22.0080 4232 se44bus - ok
04:07:22.0095 4232 se44nd5 - ok
04:07:22.0111 4232 se45mgmt - ok
04:07:22.0126 4232 se45nd5 - ok
04:07:22.0142 4232 se58unic - ok
04:07:22.0158 4232 se59nd5 - ok
04:07:22.0189 4232 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
04:07:22.0220 4232 secdrv - ok
04:07:22.0251 4232 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
04:07:22.0251 4232 seclogon - ok
04:07:22.0251 4232 SED133x - ok
04:07:22.0282 4232 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
04:07:22.0298 4232 SENS - ok
04:07:22.0298 4232 sentinel - ok
04:07:22.0314 4232 ser2pl - ok
04:07:22.0345 4232 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
04:07:22.0345 4232 Serenum - ok
04:07:22.0392 4232 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
04:07:22.0423 4232 Serial - ok
04:07:22.0454 4232 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
04:07:22.0470 4232 sermouse - ok
04:07:22.0485 4232 server - ok
04:07:22.0563 4232 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
04:07:22.0579 4232 SessionEnv - ok
04:07:22.0594 4232 SetupSys - ok
04:07:22.0641 4232 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
04:07:22.0672 4232 sffdisk - ok
04:07:22.0704 4232 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
04:07:22.0704 4232 sffp_mmc - ok
04:07:22.0735 4232 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
04:07:22.0750 4232 sffp_sd - ok
04:07:22.0782 4232 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
04:07:22.0813 4232 sfloppy - ok
04:07:22.0828 4232 sglogplayer - ok
04:07:22.0891 4232 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
04:07:22.0906 4232 SharedAccess - ok
04:07:22.0984 4232 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
04:07:22.0984 4232 ShellHWDetection - ok
04:07:23.0000 4232 sifilter - ok
04:07:23.0031 4232 SimpTcp - ok
04:07:23.0062 4232 sis315 - ok
04:07:23.0109 4232 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
04:07:23.0140 4232 sisagp - ok
04:07:23.0156 4232 sisnic - ok
04:07:23.0187 4232 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
04:07:23.0187 4232 SiSRaid2 - ok
04:07:23.0203 4232 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
04:07:23.0203 4232 SiSRaid4 - ok
04:07:23.0218 4232 slabbus - ok
04:07:23.0234 4232 slabser - ok
04:07:23.0250 4232 slee_503_service - ok
04:07:23.0265 4232 Slntamr - ok
04:07:23.0281 4232 Slpsvdr - ok
04:07:23.0437 4232 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
04:07:23.0468 4232 slsvc - ok
04:07:23.0577 4232 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
04:07:23.0577 4232 SLUINotify - ok
04:07:23.0608 4232 smartwiservice - ok
04:07:23.0671 4232 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
04:07:23.0671 4232 Smb - ok
04:07:23.0671 4232 SMCB000 - ok
04:07:23.0702 4232 smsmdd - ok
04:07:23.0764 4232 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
04:07:23.0764 4232 SNMPTRAP - ok
04:07:23.0780 4232 snmptrapdservice - ok
04:07:23.0796 4232 SNP2STD - ok
04:07:23.0827 4232 sonytvc - ok
04:07:23.0842 4232 spbbcsvc - ok
04:07:23.0858 4232 spcsutilityservice - ok
04:07:23.0874 4232 SPFDRV - ok
04:07:23.0920 4232 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
04:07:23.0936 4232 spldr - ok
04:07:23.0952 4232 splitter - ok
04:07:23.0967 4232 spmd - ok
04:07:23.0998 4232 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
04:07:23.0998 4232 Spooler - ok
04:07:24.0014 4232 sprtsvc_smartagent - ok
04:07:24.0030 4232 SQLWriter - ok
04:07:24.0045 4232 srescan - ok
04:07:24.0061 4232 SRS_SSCFilter - ok
04:07:24.0076 4232 SRTSP - ok
04:07:24.0123 4232 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
04:07:24.0170 4232 srv - ok
04:07:24.0217 4232 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
04:07:24.0232 4232 srv2 - ok
04:07:24.0248 4232 srvdpi - ok
04:07:24.0279 4232 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
04:07:24.0279 4232 srvnet - ok
04:07:24.0326 4232 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
04:07:24.0342 4232 SSDPSRV - ok
04:07:24.0357 4232 ssfs0509 - ok
04:07:24.0373 4232 sshrmd - ok
04:07:24.0373 4232 ssm_bus - ok
04:07:24.0388 4232 ssm_mdm - ok
04:07:24.0420 4232 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
04:07:24.0420 4232 SstpSvc - ok
04:07:24.0435 4232 ss_mdfl - ok
04:07:24.0451 4232 stacsv - ok
04:07:24.0498 4232 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
04:07:24.0529 4232 stisvc - ok
04:07:24.0544 4232 STV680 - ok
04:07:24.0544 4232 STV680m - ok
04:07:24.0560 4232 Subsonic - ok
04:07:24.0576 4232 SunkFilt - ok
04:07:24.0591 4232 SunkFilt39 - ok
04:07:24.0607 4232 svv - ok
04:07:24.0654 4232 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
04:07:24.0654 4232 swenum - ok
04:07:24.0669 4232 SWMX00 - ok
04:07:24.0685 4232 SWNC5E00 - ok
04:07:24.0732 4232 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
04:07:24.0747 4232 swprv - ok
04:07:24.0763 4232 SWUMX51 - ok
04:07:24.0810 4232 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
04:07:24.0841 4232 Symc8xx - ok
04:07:24.0856 4232 symids - ok
04:07:24.0872 4232 symmpi - ok
04:07:24.0903 4232 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
04:07:24.0934 4232 Sym_hi - ok
04:07:24.0966 4232 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
04:07:24.0981 4232 Sym_u3 - ok
04:07:24.0997 4232 syntp - ok
04:07:25.0044 4232 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
04:07:25.0059 4232 SysMain - ok
04:07:25.0106 4232 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
04:07:25.0122 4232 TabletInputService - ok
04:07:25.0122 4232 tandpl - ok
04:07:25.0137 4232 tapeware - ok
04:07:25.0200 4232 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
04:07:25.0215 4232 TapiSrv - ok
04:07:25.0231 4232 tavsvc - ok
04:07:25.0246 4232 tbhsd - ok
04:07:25.0293 4232 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
04:07:25.0309 4232 TBS - ok
04:07:25.0387 4232 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
04:07:25.0480 4232 Tcpip - ok
04:07:25.0527 4232 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
04:07:25.0527 4232 Tcpip6 - ok
04:07:25.0605 4232 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
04:07:25.0652 4232 tcpipreg - ok
04:07:25.0683 4232 tcsd_win32.exe - ok
04:07:25.0699 4232 tdimsys - ok
04:07:25.0730 4232 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
04:07:25.0761 4232 TDPIPE - ok
04:07:25.0792 4232 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
04:07:25.0824 4232 TDTCP - ok
04:07:25.0870 4232 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
04:07:25.0886 4232 tdx - ok
04:07:25.0964 4232 TeamViewer4 (392e619012f752d071910917e9307cc9) C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
04:07:25.0980 4232 TeamViewer4 - ok
04:07:25.0995 4232 telnet - ok
04:07:26.0104 4232 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
04:07:26.0104 4232 TermDD - ok
04:07:26.0292 4232 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
04:07:26.0307 4232 TermService - ok
04:07:26.0323 4232 tfsnudf - ok
04:07:26.0338 4232 tgsrvc_smartagent - ok
04:07:26.0385 4232 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
04:07:26.0385 4232 Themes - ok
04:07:26.0432 4232 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
04:07:26.0432 4232 THREADORDER - ok
04:07:26.0448 4232 timounter - ok
04:07:26.0463 4232 TMKEmu - ok
04:07:26.0479 4232 tmmbd - ok
04:07:26.0494 4232 tmtdi - ok
04:07:26.0510 4232 TNaviSrv - ok
04:07:26.0526 4232 tng-dts - ok
04:07:26.0541 4232 TOSHIBASoftModem - ok
04:07:26.0557 4232 tosrfnds - ok
04:07:26.0588 4232 tosrfsnd - ok
04:07:26.0604 4232 trackcam4 - ok
04:07:26.0619 4232 transarcafsdaemon - ok
04:07:26.0635 4232 trioservice - ok
04:07:26.0744 4232 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
04:07:26.0744 4232 TrkWks - ok
04:07:26.0822 4232 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
04:07:26.0822 4232 TrustedInstaller - ok
04:07:26.0853 4232 tsdhd - ok
04:07:26.0869 4232 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
04:07:26.0900 4232 tssecsrv - ok
04:07:26.0900 4232 TuneUp.Defrag - ok
04:07:26.0947 4232 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
04:07:26.0962 4232 tunmp - ok
04:07:26.0994 4232 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
04:07:27.0025 4232 tunnel - ok
04:07:27.0040 4232 TVALG - ok
04:07:27.0056 4232 tvs - ok
04:07:27.0087 4232 U81xobex - ok
04:07:27.0134 4232 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
04:07:27.0134 4232 uagp35 - ok
04:07:27.0150 4232 uclauncherservice - ok
04:07:27.0196 4232 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
04:07:27.0243 4232 udfs - ok
04:07:27.0306 4232 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
04:07:27.0306 4232 UI0Detect - ok
04:07:27.0321 4232 uleadburninghelper - ok
04:07:27.0352 4232 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
04:07:27.0384 4232 uliagpkx - ok
04:07:27.0415 4232 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
04:07:27.0430 4232 uliahci - ok
04:07:27.0462 4232 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
04:07:27.0477 4232 UlSata - ok
04:07:27.0508 4232 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
04:07:27.0540 4232 ulsata2 - ok
04:07:27.0571 4232 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
04:07:27.0571 4232 umbus - ok
04:07:27.0586 4232 UMPass - ok
04:07:27.0602 4232 UNDPX2A - ok
04:07:27.0618 4232 UpdateCenterService - ok
04:07:27.0633 4232 uploadmgr - ok
04:07:27.0680 4232 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
04:07:27.0680 4232 upnphost - ok
04:07:27.0696 4232 upsmonservice - ok
04:07:27.0711 4232 us30service - ok
04:07:27.0742 4232 USB11LDR - ok
04:07:27.0758 4232 usb20l - ok
04:07:27.0805 4232 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
04:07:27.0836 4232 usbccgp - ok
04:07:27.0883 4232 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
04:07:27.0898 4232 usbcir - ok
04:07:27.0930 4232 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
04:07:27.0961 4232 usbehci - ok
04:07:27.0976 4232 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
04:07:28.0023 4232 usbhub - ok
04:07:28.0054 4232 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
04:07:28.0070 4232 usbohci - ok
04:07:28.0101 4232 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
04:07:28.0117 4232 usbprint - ok
04:07:28.0164 4232 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
04:07:28.0195 4232 usbscan - ok
04:07:28.0226 4232 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:07:28.0257 4232 USBSTOR - ok
04:07:28.0288 4232 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
04:07:28.0320 4232 usbuhci - ok
04:07:28.0335 4232 USB_RNDIS - ok
04:07:28.0335 4232 USB_RNDIS_XP - ok
04:07:28.0366 4232 useraccess7 - ok
04:07:28.0382 4232 UVCFTR - ok
04:07:28.0398 4232 UWProSys - ok
04:07:28.0429 4232 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
04:07:28.0444 4232 UxSms - ok
04:07:28.0444 4232 UxTuneUp - ok
04:07:28.0476 4232 VAIOMediaPlatform-MusicServer-HTTP - ok
04:07:28.0491 4232 vc5secs - ok
04:07:28.0507 4232 vcommmgr - ok
04:07:28.0554 4232 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
04:07:28.0585 4232 vds - ok
04:07:28.0600 4232 vetmsgnt - ok
04:07:28.0647 4232 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
04:07:28.0663 4232 vga - ok
04:07:28.0710 4232 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
04:07:28.0741 4232 VgaSave - ok
04:07:28.0756 4232 Via4in1 - ok
04:07:28.0788 4232 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
04:07:28.0803 4232 viaagp - ok
04:07:28.0819 4232 viaagp1 - ok
04:07:28.0866 4232 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
04:07:28.0866 4232 ViaC7 - ok
04:07:28.0881 4232 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
04:07:28.0912 4232 viaide - ok
04:07:28.0928 4232 VICESYS - ok
04:07:28.0944 4232 vncdrv - ok
04:07:28.0959 4232 VNUSB - ok
04:07:29.0022 4232 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
04:07:29.0022 4232 volmgr - ok
04:07:29.0068 4232 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
04:07:29.0131 4232 volmgrx - ok
04:07:29.0162 4232 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
04:07:29.0193 4232 volsnap - ok
04:07:29.0209 4232 vsapint - ok
04:07:29.0224 4232 vsdatant - ok
04:07:29.0271 4232 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
04:07:29.0302 4232 vsmraid - ok
04:07:29.0380 4232 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
04:07:29.0396 4232 VSS - ok
04:07:29.0412 4232 vvoice - ok
04:07:29.0427 4232 VX3000 - ok
04:07:29.0443 4232 vzcdbsvc - ok
04:07:29.0458 4232 w200bus - ok
04:07:29.0521 4232 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
04:07:29.0521 4232 W32Time - ok
04:07:29.0552 4232 W55U01 - ok
04:07:29.0568 4232 w800mdfl - ok
04:07:29.0599 4232 w800mdm - ok
04:07:29.0661 4232 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
04:07:29.0692 4232 WacomPen - ok
04:07:29.0708 4232 wampmysqld - ok
04:07:29.0755 4232 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
04:07:29.0755 4232 Wanarp - ok
04:07:29.0770 4232 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
04:07:29.0770 4232 Wanarpv6 - ok
04:07:29.0786 4232 WaveFDE - ok
04:07:29.0802 4232 WBHWDOCT - ok
04:07:29.0848 4232 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
04:07:29.0880 4232 wcncsvc - ok
04:07:29.0926 4232 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
04:07:29.0926 4232 WcsPlugInService - ok
04:07:29.0958 4232 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
04:07:29.0973 4232 Wd - ok
04:07:30.0036 4232 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
04:07:30.0145 4232 Wdf01000 - ok
04:07:30.0160 4232 wdica - ok
04:07:30.0207 4232 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
04:07:30.0207 4232 WdiServiceHost - ok
04:07:30.0223 4232 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
04:07:30.0223 4232 WdiSystemHost - ok
04:07:30.0254 4232 WD_FireWire_HID - ok
04:07:30.0316 4232 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
04:07:30.0332 4232 WebClient - ok
04:07:30.0348 4232 webdriveservice - ok
04:07:30.0363 4232 webrootenterpriseclientservice - ok
04:07:30.0426 4232 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
04:07:30.0426 4232 Wecsvc - ok
04:07:30.0488 4232 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
04:07:30.0488 4232 wercplsupport - ok
04:07:30.0535 4232 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
04:07:30.0535 4232 WerSvc - ok
04:07:30.0550 4232 wg111nd5 - ok
04:07:30.0566 4232 win32sl - ok
04:07:30.0644 4232 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
04:07:30.0660 4232 winachsf - ok
04:07:30.0769 4232 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
04:07:30.0769 4232 WinDefend - ok
04:07:30.0800 4232 WinHttpAutoProxySvc - ok
04:07:30.0894 4232 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
04:07:30.0894 4232 Winmgmt - ok
04:07:30.0909 4232 winpower - ok
04:07:30.0925 4232 winpowerrmi - ok
04:07:30.0940 4232 winpppoverethernet - ok
04:07:31.0034 4232 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
04:07:31.0096 4232 WinRM - ok
04:07:31.0143 4232 wintab32 - ok
04:07:31.0159 4232 WinVd32 - ok
04:07:31.0221 4232 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
04:07:31.0221 4232 Wlansvc - ok
04:07:31.0252 4232 wlluc48 - ok
04:07:31.0268 4232 wlluc48b - ok
04:07:31.0284 4232 wltrysvc - ok
04:07:31.0299 4232 wm - ok
04:07:31.0330 4232 wmdmpmsp - ok
04:07:31.0346 4232 wmi - ok
04:07:31.0424 4232 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
04:07:31.0455 4232 WmiAcpi - ok
04:07:31.0549 4232 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
04:07:31.0564 4232 wmiApSrv - ok
04:07:31.0705 4232 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
04:07:31.0720 4232 WMPNetworkSvc - ok
04:07:31.0767 4232 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
04:07:31.0783 4232 WPCSvc - ok
04:07:31.0830 4232 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
04:07:31.0830 4232 WPDBusEnum - ok
04:07:31.0892 4232 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
04:07:31.0923 4232 WpdUsb - ok
04:07:32.0048 4232 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
04:07:32.0110 4232 WPFFontCache_v0400 - ok
04:07:32.0142 4232 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
04:07:32.0157 4232 ws2ifsl - ok
04:07:32.0220 4232 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
04:07:32.0220 4232 wscsvc - ok
04:07:32.0235 4232 WSearch - ok
04:07:32.0360 4232 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
04:07:32.0376 4232 wuauserv - ok
04:07:32.0516 4232 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
04:07:32.0532 4232 WUDFRd - ok
04:07:32.0563 4232 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
04:07:32.0578 4232 wudfsvc - ok
04:07:32.0594 4232 wuolservice - ok
04:07:32.0610 4232 WUSB54GPV4SRV - ok
04:07:32.0641 4232 z800mgmt - ok
04:07:32.0656 4232 z800obex - ok
04:07:32.0672 4232 zebrbus - ok
04:07:32.0688 4232 zpsc - ok
04:07:32.0719 4232 {95808DC4-FA4A-4c74-92FE-5B863F82066B} - ok
04:07:32.0734 4232 {a7447300-8075-4b0d-83f1-3d75c8ebc623} - ok
04:07:32.0812 4232 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
04:07:32.0844 4232 \Device\Harddisk0\DR0 - ok
04:07:32.0844 4232 Boot (0x1200) (3f21510acf7eac540a7a1c69083c2ce0) \Device\Harddisk0\DR0\Partition0
04:07:32.0844 4232 \Device\Harddisk0\DR0\Partition0 - ok
04:07:32.0859 4232 Boot (0x1200) (9f3edab57323961243649d12d8a28921) \Device\Harddisk0\DR0\Partition1
04:07:32.0859 4232 \Device\Harddisk0\DR0\Partition1 - ok
04:07:32.0859 4232 ============================================================
04:07:32.0859 4232 Scan finished
04:07:32.0859 4232 ============================================================
04:07:32.0875 4488 Detected object count: 1
04:07:32.0875 4488 Actual detected object count: 1
04:07:43.0764 4488 C:\Windows\system32\DRIVERS\netbt.sys - copied to quarantine
04:07:45.0090 4488 VerifyFileNameVersionInfo: GetFileVersionInfoSizeW(C:\Windows\system32\drivers\netbt.sys) error 1813
04:07:49.0130 4488 Backup copy found, using it..
04:07:49.0192 4488 C:\Windows\system32\DRIVERS\netbt.sys - will be cured on reboot
04:07:51.0782 4488 netbt ( Virus.Win32.ZAccess.k ) - User select action: Cure
04:07:57.0913 3376 Deinitialize success

Broni · May 16, 2012

Very well

Re-run Combofix one more time.

billyd · May 16, 2012

the above 2 post are from a log file I found after the rerun but was dated earlier ! probably the original scan log ! sorry!

the next 2 post are from the rerun of scan!

13:46:09.0026 0872 TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
13:46:09.0390 0872 ============================================================
13:46:09.0390 0872 Current date / time: 2012/05/16 13:46:09.0390
13:46:09.0390 0872 SystemInfo:
13:46:09.0390 0872
13:46:09.0390 0872 OS Version: 6.0.6002 ServicePack: 2.0
13:46:09.0390 0872 Product type: Workstation
13:46:09.0390 0872 ComputerName: WILLIAM-PC
13:46:09.0391 0872 UserName: William
13:46:09.0391 0872 Windows directory: C:\Windows
13:46:09.0391 0872 System windows directory: C:\Windows
13:46:09.0391 0872 Processor architecture: Intel x86
13:46:09.0391 0872 Number of processors: 2
13:46:09.0391 0872 Page size: 0x1000
13:46:09.0391 0872 Boot type: Normal boot
13:46:09.0391 0872 ============================================================
13:46:10.0326 0872 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:46:10.0329 0872 ============================================================
13:46:10.0329 0872 \Device\Harddisk0\DR0:
13:46:10.0329 0872 MBR partitions:
13:46:10.0329 0872 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x119B3FD4
13:46:10.0329 0872 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x119B4013, BlocksNum 0x1064AAE
13:46:10.0329 0872 ============================================================
13:46:10.0350 0872 C: <-> \Device\Harddisk0\DR0\Partition0
13:46:10.0397 0872 D: <-> \Device\Harddisk0\DR0\Partition1
13:46:10.0397 0872 ============================================================
13:46:10.0397 0872 Initialize success
13:46:10.0397 0872 ============================================================
13:46:11.0865 2320 ============================================================
13:46:11.0865 2320 Scan started
13:46:11.0865 2320 Mode: Manual;
13:46:11.0865 2320 ============================================================
13:46:13.0255 2320 70080763 - ok
13:46:13.0270 2320 a016mgmt - ok
13:46:13.0278 2320 acermemusagecheckservice - ok
13:46:13.0302 2320 aclient - ok
13:46:13.0365 2320 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:46:13.0374 2320 ACPI - ok
13:46:13.0383 2320 acprfmgrsvc - ok
13:46:13.0392 2320 AcronisOSSReinstallSvc - ok
13:46:13.0414 2320 AdobeActiveFileMonitor6.0 - ok
13:46:13.0738 2320 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:46:13.0742 2320 AdobeFlashPlayerUpdateSvc - ok
13:46:13.0810 2320 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
13:46:13.0857 2320 adp94xx - ok
13:46:13.0895 2320 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
13:46:13.0977 2320 adpahci - ok
13:46:14.0005 2320 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
13:46:14.0050 2320 adpu160m - ok
13:46:14.0075 2320 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
13:46:14.0150 2320 adpu320 - ok
13:46:14.0193 2320 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
13:46:14.0195 2320 AeLookupSvc - ok
13:46:14.0227 2320 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
13:46:14.0249 2320 AFD - ok
13:46:14.0253 2320 ageremodemaudio - ok
13:46:14.0296 2320 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
13:46:14.0334 2320 agp440 - ok
13:46:14.0362 2320 agrsrvce - ok
13:46:14.0403 2320 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:46:14.0424 2320 aic78xx - ok
13:46:14.0428 2320 AKSIFDH - ok
13:46:14.0471 2320 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
13:46:14.0474 2320 ALG - ok
13:46:14.0500 2320 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
13:46:14.0520 2320 aliide - ok
13:46:14.0551 2320 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
13:46:14.0589 2320 amdagp - ok
13:46:14.0622 2320 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
13:46:14.0642 2320 amdide - ok
13:46:14.0667 2320 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
13:46:14.0704 2320 AmdK7 - ok
13:46:14.0730 2320 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
13:46:14.0751 2320 AmdK8 - ok
13:46:14.0760 2320 Angel2 - ok
13:46:14.0804 2320 AnyDVD (eb9a88895a822c13aa2bbc9dcd44280f) C:\Windows\system32\Drivers\AnyDVD.sys
13:46:14.0825 2320 AnyDVD - ok
13:46:14.0863 2320 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
13:46:14.0865 2320 Appinfo - ok
13:46:14.0885 2320 Appn - ok
13:46:14.0937 2320 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
13:46:14.0976 2320 arc - ok
13:46:15.0004 2320 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
13:46:15.0042 2320 arcsas - ok
13:46:15.0047 2320 array_utility_service4,0,1,3 - ok
13:46:15.0055 2320 artourservice - ok
13:46:15.0079 2320 askernel - ok
13:46:15.0086 2320 ASNDIS5 - ok
13:46:15.0105 2320 aswrdr - ok
13:46:15.0139 2320 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:46:15.0159 2320 AsyncMac - ok
13:46:15.0165 2320 atalk - ok
13:46:15.0207 2320 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
13:46:15.0208 2320 atapi - ok
13:46:15.0212 2320 athr - ok
13:46:15.0224 2320 atixsaudio - ok
13:46:15.0235 2320 atkkeyboardservice - ok
13:46:15.0245 2320 ATMsrvc - ok
13:46:15.0253 2320 ATWPKT2 - ok
13:46:15.0296 2320 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:46:15.0301 2320 AudioEndpointBuilder - ok
13:46:15.0307 2320 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
13:46:15.0311 2320 Audiosrv - ok
13:46:15.0325 2320 avg7rsw - ok
13:46:15.0342 2320 axsaki - ok
13:46:15.0350 2320 backupexecalertserver - ok
13:46:15.0357 2320 bantext - ok
13:46:15.0377 2320 BCM42RLY - ok
13:46:15.0447 2320 BCM43XX (cdf7f28ffd693b1b4137845dd1ef1ccc) C:\Windows\system32\DRIVERS\bcmwl6.sys
13:46:15.0483 2320 BCM43XX - ok
13:46:15.0516 2320 bcm4sbxp (08015d34f6fdd0b355805bad978497c3) C:\Windows\system32\DRIVERS\bcm4sbxp.sys
13:46:15.0557 2320 bcm4sbxp - ok
13:46:15.0609 2320 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:46:15.0630 2320 Beep - ok
13:46:15.0722 2320 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
13:46:15.0727 2320 BFE - ok
13:46:15.0790 2320 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll
13:46:15.0800 2320 BITS - ok
13:46:15.0805 2320 blbdrive - ok
13:46:15.0836 2320 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
13:46:15.0875 2320 bowser - ok
13:46:15.0901 2320 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:46:15.0904 2320 BrFiltLo - ok
13:46:15.0917 2320 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:46:15.0919 2320 BrFiltUp - ok
13:46:15.0941 2320 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
13:46:15.0944 2320 Browser - ok
13:46:15.0963 2320 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:46:15.0967 2320 Brserid - ok
13:46:15.0986 2320 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:46:15.0989 2320 BrSerWdm - ok
13:46:16.0009 2320 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:46:16.0011 2320 BrUsbMdm - ok
13:46:16.0027 2320 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:46:16.0030 2320 BrUsbSer - ok
13:46:16.0052 2320 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:46:16.0072 2320 BTHMODEM - ok
13:46:16.0083 2320 bthusb - ok
13:46:16.0090 2320 btnetfilter - ok
13:46:16.0099 2320 BTSLBCSP - ok
13:46:16.0114 2320 btwusb - ok
13:46:16.0246 2320 catchme - ok
13:46:16.0260 2320 ccflic0 - ok
13:46:16.0315 2320 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:46:16.0336 2320 cdfs - ok
13:46:16.0386 2320 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:46:16.0424 2320 cdrom - ok
13:46:16.0429 2320 cebdaldr - ok
13:46:16.0490 2320 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:46:16.0492 2320 CertPropSvc - ok
13:46:16.0497 2320 cicssfs.scmmc223 - ok
13:46:16.0528 2320 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
13:46:16.0565 2320 circlass - ok
13:46:16.0606 2320 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:46:16.0613 2320 CLFS - ok
13:46:16.0690 2320 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:46:16.0694 2320 clr_optimization_v2.0.50727_32 - ok
13:46:16.0763 2320 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:46:16.0766 2320 clr_optimization_v4.0.30319_32 - ok
13:46:16.0800 2320 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
13:46:16.0802 2320 CmBatt - ok
13:46:16.0827 2320 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
13:46:16.0849 2320 cmdide - ok
13:46:16.0890 2320 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
13:46:16.0893 2320 Compbatt - ok
13:46:16.0899 2320 COMSysApp - ok
13:46:16.0915 2320 cpucoolserver - ok
13:46:16.0926 2320 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
13:46:16.0956 2320 crcdisk - ok
13:46:16.0977 2320 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
13:46:17.0021 2320 Crusoe - ok
13:46:17.0064 2320 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
13:46:17.0067 2320 CryptSvc - ok
13:46:17.0072 2320 ctljystk - ok
13:46:17.0157 2320 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:46:17.0163 2320 DcomLaunch - ok
13:46:17.0169 2320 defwatch - ok
13:46:17.0204 2320 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
13:46:17.0224 2320 DfsC - ok
13:46:17.0346 2320 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
13:46:17.0368 2320 DFSR - ok
13:46:17.0484 2320 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
13:46:17.0486 2320 Dhcp - ok
13:46:17.0493 2320 digictrl - ok
13:46:17.0523 2320 DirectUpdate - ok
13:46:17.0596 2320 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:46:17.0621 2320 disk - ok
13:46:17.0636 2320 dlba_device - ok
13:46:17.0651 2320 dlcf_device - ok
13:46:17.0666 2320 dmio - ok
13:46:17.0676 2320 DNE - ok
13:46:17.0708 2320 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
13:46:17.0712 2320 Dnscache - ok
13:46:17.0756 2320 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
13:46:17.0760 2320 dot3svc - ok
13:46:17.0793 2320 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
13:46:17.0797 2320 DPS - ok
13:46:17.0821 2320 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:46:17.0840 2320 drmkaud - ok
13:46:17.0917 2320 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
13:46:17.0924 2320 DXGKrnl - ok
13:46:17.0930 2320 e1express - ok
13:46:17.0969 2320 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:46:18.0007 2320 E1G60 - ok
13:46:18.0012 2320 EACSvrMngr - ok
13:46:18.0072 2320 eamonm (04cba07e73f152970fc34d66d3892e2a) C:\Windows\system32\DRIVERS\eamonm.sys
13:46:18.0094 2320 eamonm - ok
13:46:18.0136 2320 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
13:46:18.0139 2320 EapHost - ok
13:46:18.0181 2320 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:46:18.0186 2320 Ecache - ok
13:46:18.0209 2320 ehdrv (fe7824239d132ad9ebd8645fe1199b30) C:\Windows\system32\DRIVERS\ehdrv.sys
13:46:18.0233 2320 ehdrv - ok
13:46:18.0305 2320 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
13:46:18.0311 2320 ehRecvr - ok
13:46:18.0343 2320 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
13:46:18.0348 2320 ehSched - ok
13:46:18.0381 2320 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
13:46:18.0384 2320 ehstart - ok
13:46:18.0477 2320 EhttpSrv (68d91a34ce51cf15c45dd68f7f1257e8) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
13:46:18.0483 2320 EhttpSrv - ok
13:46:18.0545 2320 ekrn (191d8eccc40f05b52fac0513f35ba01d) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
13:46:18.0556 2320 ekrn - ok
13:46:18.0609 2320 EL2000 - ok
13:46:18.0624 2320 el90xbc - ok
13:46:18.0710 2320 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys
13:46:18.0770 2320 ElbyCDIO - ok
13:46:18.0883 2320 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
13:46:18.0924 2320 elxstor - ok
13:46:18.0977 2320 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
13:46:18.0984 2320 EMDMgmt - ok
13:46:18.0993 2320 emupia - ok
13:46:19.0033 2320 epfw (73411c14a8c6062bb6a510772cf2f38c) C:\Windows\system32\DRIVERS\epfw.sys
13:46:19.0037 2320 epfw - ok
13:46:19.0056 2320 Epfwndis (490329bf80f333e788df9596a752a915) C:\Windows\system32\DRIVERS\Epfwndis.sys
13:46:19.0093 2320 Epfwndis - ok
13:46:19.0143 2320 epfwwfp (c62068dab6e2510fb231286d3da63dfa) C:\Windows\system32\DRIVERS\epfwwfp.sys
13:46:19.0164 2320 epfwwfp - ok
13:46:19.0173 2320 eskerlicensecontrol - ok
13:46:19.0243 2320 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
13:46:19.0246 2320 EventSystem - ok
13:46:19.0283 2320 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:46:19.0325 2320 exfat - ok
13:46:19.0362 2320 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:46:19.0383 2320 fastfat - ok
13:46:19.0420 2320 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
13:46:19.0458 2320 fdc - ok
13:46:19.0488 2320 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
13:46:19.0490 2320 fdPHost - ok
13:46:19.0522 2320 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
13:46:19.0525 2320 FDResPub - ok
13:46:19.0579 2320 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:46:19.0617 2320 FileInfo - ok
13:46:19.0638 2320 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:46:19.0658 2320 Filetrace - ok
13:46:19.0665 2320 flashcom - ok
13:46:19.0697 2320 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
13:46:19.0718 2320 flpydisk - ok
13:46:19.0752 2320 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:46:19.0791 2320 FltMgr - ok
13:46:19.0857 2320 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
13:46:19.0866 2320 FontCache - ok
13:46:19.0962 2320 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:46:19.0964 2320 FontCache3.0.0.0 - ok
13:46:19.0974 2320 freebsd - ok
13:46:19.0982 2320 freepops - ok
13:46:19.0991 2320 fshttps - ok
13:46:20.0023 2320 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
13:46:20.0043 2320 Fs_Rec - ok
13:46:20.0085 2320 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
13:46:20.0106 2320 gagp30kx - ok
13:46:20.0116 2320 gearaspiwdm - ok
13:46:20.0192 2320 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
13:46:20.0198 2320 gpsvc - ok
13:46:20.0209 2320 GTPTSER - ok
13:46:20.0218 2320 GTSCSER - ok
13:46:20.0327 2320 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:20.0331 2320 gupdate - ok
13:46:20.0345 2320 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
13:46:20.0347 2320 gupdatem - ok
13:46:20.0355 2320 gv3 - ok
13:46:20.0364 2320 GV600_4 - ok
13:46:20.0373 2320 harmony - ok
13:46:20.0384 2320 haspnt - ok
13:46:20.0393 2320 hclinetd - ok
13:46:20.0439 2320 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
13:46:20.0464 2320 HdAudAddService - ok
13:46:20.0522 2320 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:46:20.0551 2320 HDAudBus - ok
13:46:20.0560 2320 hibernation - ok
13:46:20.0590 2320 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:46:20.0614 2320 HidBth - ok
13:46:20.0638 2320 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:46:20.0662 2320 HidIr - ok
13:46:20.0698 2320 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll
13:46:20.0702 2320 hidserv - ok
13:46:20.0710 2320 HIDSwvd - ok
13:46:20.0742 2320 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:46:20.0766 2320 HidUsb - ok
13:46:20.0793 2320 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
13:46:20.0796 2320 hkmsvc - ok
13:46:20.0804 2320 hmonitor - ok
13:46:20.0814 2320 Hotkey - ok
13:46:20.0854 2320 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
13:46:20.0900 2320 HpCISSs - ok
13:46:20.0907 2320 HPFECP20 - ok
13:46:20.0918 2320 hpqddsvc - ok
13:46:20.0959 2320 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
13:46:20.0999 2320 HSFHWAZL - ok
13:46:21.0006 2320 HSFHWICH - ok
13:46:21.0015 2320 hsf_dp - ok
13:46:21.0074 2320 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
13:46:21.0084 2320 HSF_DPV - ok
13:46:21.0179 2320 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:46:21.0202 2320 HTTP - ok
13:46:21.0209 2320 https-admserv61 - ok
13:46:21.0220 2320 hwpsgt - ok
13:46:21.0263 2320 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
13:46:21.0284 2320 i2omp - ok
13:46:21.0311 2320 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:46:21.0332 2320 i8042prt - ok
13:46:21.0339 2320 i81x - ok
13:46:21.0350 2320 iaimfp1 - ok
13:46:21.0377 2320 iAimTV5 - ok
13:46:21.0395 2320 iap - ok
13:46:21.0411 2320 iastor - ok
13:46:21.0457 2320 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
13:46:21.0463 2320 iaStorV - ok
13:46:21.0472 2320 ibmcicstransactiongateway - ok
13:46:21.0607 2320 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:46:21.0618 2320 idsvc - ok
13:46:21.0630 2320 IFPUSB - ok
13:46:21.0645 2320 ifxspmgtsrv - ok
13:46:21.0660 2320 ifxtcs - ok
13:46:21.0819 2320 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys
13:46:21.0843 2320 igfx - ok
13:46:21.0983 2320 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:46:22.0010 2320 iirsp - ok
13:46:22.0058 2320 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
13:46:22.0064 2320 IKEEXT - ok
13:46:22.0072 2320 ikhfile - ok
13:46:22.0084 2320 iksyssec - ok
13:46:22.0094 2320 imagesrv - ok
13:46:22.0105 2320 incdfs - ok
13:46:22.0121 2320 inorpc - ok
13:46:22.0132 2320 inotask - ok
13:46:22.0145 2320 ino_flpy - ok
13:46:22.0189 2320 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
13:46:22.0213 2320 intelide - ok
13:46:22.0233 2320 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:46:22.0257 2320 intelppm - ok
13:46:22.0344 2320 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
13:46:22.0347 2320 IntuitUpdateServiceV4 - ok
13:46:22.0355 2320 iPassP - ok
13:46:22.0365 2320 iPassPeriodicUpdateApp - ok
13:46:22.0376 2320 iPassPeriodicUpdateService - ok
13:46:22.0422 2320 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
13:46:22.0426 2320 IPBusEnum - ok
13:46:22.0449 2320 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:46:22.0474 2320 IpFilterDriver - ok
13:46:22.0522 2320 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
13:46:22.0528 2320 iphlpsvc - ok
13:46:22.0536 2320 IpInIp - ok
13:46:22.0574 2320 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
13:46:22.0597 2320 IPMIDRV - ok
13:46:22.0624 2320 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:46:22.0645 2320 IPNAT - ok
13:46:22.0668 2320 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:46:22.0688 2320 IRENUM - ok
13:46:22.0696 2320 ISAMSvc - ok
13:46:22.0706 2320 isapisearch - ok
13:46:22.0728 2320 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
13:46:22.0748 2320 isapnp - ok
13:46:22.0793 2320 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:46:22.0816 2320 iScsiPrt - ok
13:46:22.0833 2320 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:46:22.0871 2320 iteatapi - ok
13:46:22.0900 2320 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:46:22.0938 2320 iteraid - ok
13:46:22.0946 2320 iviaspi - ok
13:46:22.0955 2320 iwebmsg - ok
13:46:22.0966 2320 jaguar - ok
13:46:22.0979 2320 Jukebox - ok
13:46:22.0989 2320 k750mdfl - ok
13:46:22.0999 2320 k750mdm - ok
13:46:23.0046 2320 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:46:23.0084 2320 kbdclass - ok
13:46:23.0107 2320 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
13:46:23.0127 2320 kbdhid - ok
13:46:23.0153 2320 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:46:23.0157 2320 KeyIso - ok
13:46:23.0164 2320 klif - ok
13:46:23.0204 2320 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
13:46:23.0214 2320 KSecDD - ok
13:46:23.0264 2320 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
13:46:23.0269 2320 KtmRm - ok
13:46:23.0308 2320 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll
13:46:23.0314 2320 LanmanServer - ok
13:46:23.0345 2320 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
13:46:23.0350 2320 LanmanWorkstation - ok
13:46:23.0364 2320 license - ok
13:46:23.0374 2320 licensemanagersocket - ok
13:46:23.0385 2320 LKbdFlt2 - ok
13:46:23.0396 2320 lktimesync - ok
13:46:23.0436 2320 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:46:23.0457 2320 lltdio - ok
13:46:23.0486 2320 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
13:46:23.0490 2320 lltdsvc - ok
13:46:23.0501 2320 lmab_device - ok
13:46:23.0544 2320 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
13:46:23.0547 2320 lmhosts - ok
13:46:23.0555 2320 lockmgr - ok
13:46:23.0565 2320 lp6nds35 - ok
13:46:23.0593 2320 lpx - ok
13:46:23.0643 2320 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
13:46:23.0665 2320 LSI_FC - ok
13:46:23.0692 2320 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
13:46:23.0713 2320 LSI_SAS - ok
13:46:23.0727 2320 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
13:46:23.0748 2320 LSI_SCSI - ok
13:46:23.0917 2320 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:46:23.0937 2320 luafv - ok
13:46:23.0946 2320 lvprcsrv - ok
13:46:23.0957 2320 LVRS - ok
13:46:23.0973 2320 lxbs_device - ok
13:46:23.0985 2320 lxbu_device - ok
13:46:23.0996 2320 lxcj_device - ok
13:46:24.0008 2320 lxrjd31d - ok
13:46:24.0020 2320 MA8032U - ok
13:46:24.0032 2320 mapserver6.3 - ok
13:46:24.0043 2320 ma_cmidi_installerservice - ok
13:46:24.0091 2320 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
13:46:24.0093 2320 MBAMProtector - ok
13:46:24.0211 2320 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:46:24.0216 2320 MBAMService - ok
13:46:24.0224 2320 mcdbus - ok
13:46:24.0240 2320 mcnasvc - ok
13:46:24.0258 2320 mcsysmon - ok
13:46:24.0270 2320 mctskshd.exe - ok
13:46:24.0302 2320 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
13:46:24.0305 2320 Mcx2Svc - ok
13:46:24.0331 2320 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
13:46:24.0352 2320 megasas - ok
13:46:24.0360 2320 mfeavfk - ok
13:46:24.0371 2320 mfehidk - ok
13:46:24.0382 2320 mfesmfk - ok
13:46:24.0392 2320 mks_scan - ok
13:46:24.0421 2320 mlkkbdntdriver - ok
13:46:24.0461 2320 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:46:24.0464 2320 MMCSS - ok
13:46:24.0472 2320 MobilePreInstallerService - ok
13:46:24.0496 2320 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:46:24.0516 2320 Modem - ok
13:46:24.0524 2320 modemcsa - ok
13:46:24.0536 2320 monfilt - ok
13:46:24.0588 2320 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:46:24.0609 2320 monitor - ok
13:46:24.0641 2320 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:46:24.0665 2320 mouclass - ok
13:46:24.0698 2320 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:46:24.0718 2320 mouhid - ok
13:46:24.0751 2320 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:46:24.0772 2320 MountMgr - ok
13:46:24.0806 2320 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
13:46:24.0828 2320 mpio - ok
13:46:24.0849 2320 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:46:24.0912 2320 mpsdrv - ok
13:46:24.0977 2320 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
13:46:24.0982 2320 MpsSvc - ok
13:46:25.0012 2320 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:46:25.0034 2320 Mraid35x - ok
13:46:25.0066 2320 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:46:25.0090 2320 MRxDAV - ok
13:46:25.0119 2320 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:46:25.0141 2320 mrxsmb - ok
13:46:25.0169 2320 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:46:25.0194 2320 mrxsmb10 - ok
13:46:25.0208 2320 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:46:25.0231 2320 mrxsmb20 - ok
13:46:25.0268 2320 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
13:46:25.0289 2320 msahci - ok
13:46:25.0326 2320 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
13:46:25.0373 2320 msdsm - ok
13:46:25.0398 2320 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
13:46:25.0404 2320 MSDTC - ok
13:46:25.0469 2320 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:46:25.0489 2320 Msfs - ok
13:46:25.0498 2320 msftpsvc - ok
13:46:25.0537 2320 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:46:25.0557 2320 msisadrv - ok
13:46:25.0603 2320 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
13:46:25.0606 2320 MSiSCSI - ok
13:46:25.0632 2320 msiserver - ok
13:46:25.0662 2320 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:46:25.0689 2320 MSKSSRV - ok
13:46:25.0713 2320 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:46:25.0715 2320 MSPCLOCK - ok
13:46:25.0743 2320 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:46:25.0745 2320 MSPQM - ok
13:46:25.0799 2320 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:46:25.0802 2320 MsRPC - ok
13:46:25.0855 2320 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:46:25.0875 2320 mssmbios - ok
13:46:25.0886 2320 mssql$sqlexpress - ok
13:46:25.0895 2320 mssqlserverolapservice - ok
13:46:25.0918 2320 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:46:25.0939 2320 MSTEE - ok
13:46:25.0977 2320 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:46:26.0001 2320 Mup - ok
13:46:26.0022 2320 mwspollserver - ok
13:46:26.0037 2320 mwstick - ok
13:46:26.0060 2320 mxnic - ok
13:46:26.0077 2320 mysqlinventime - ok
13:46:26.0145 2320 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
13:46:26.0151 2320 napagent - ok
13:46:26.0193 2320 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:46:26.0224 2320 NativeWifiP - ok
13:46:26.0233 2320 nbservice - ok
13:46:26.0245 2320 Ncrc710 - ok
13:46:26.0332 2320 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:46:26.0359 2320 NDIS - ok
13:46:26.0394 2320 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:46:26.0396 2320 NdisTapi - ok
13:46:26.0413 2320 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:46:26.0435 2320 Ndisuio - ok
13:46:26.0484 2320 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:46:26.0515 2320 NdisWan - ok
13:46:26.0569 2320 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:46:26.0617 2320 NDProxy - ok
13:46:26.0664 2320 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:46:26.0694 2320 NetBIOS - ok
13:46:26.0712 2320 netbt - ok
13:46:26.0750 2320 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:46:26.0752 2320 Netlogon - ok
13:46:26.0806 2320 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
13:46:26.0812 2320 Netman - ok
13:46:26.0847 2320 netmdsb - ok
13:46:26.0913 2320 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
13:46:26.0919 2320 netprofm - ok
13:46:27.0019 2320 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:46:27.0022 2320 NetTcpPortSharing - ok
13:46:27.0032 2320 NETw3v32 - ok
13:46:27.0049 2320 nfmservice - ok
13:46:27.0097 2320 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:46:27.0119 2320 nfrd960 - ok
13:46:27.0130 2320 nimcdfxk - ok
13:46:27.0147 2320 nimcrpcsu - ok
13:46:27.0163 2320 NIPALK - ok
13:46:27.0177 2320 NITaggerService - ok
13:46:27.0216 2320 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
13:46:27.0221 2320 NlaSvc - ok
13:46:27.0230 2320 nmsaccess - ok
13:46:27.0244 2320 nmservice - ok
13:46:27.0256 2320 nmwcdc - ok
13:46:27.0269 2320 noipducservice - ok
13:46:27.0326 2320 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:46:27.0346 2320 Npfs - ok
13:46:27.0402 2320 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
13:46:27.0408 2320 nsi - ok
13:46:27.0436 2320 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:46:27.0461 2320 nsiproxy - ok
13:46:27.0471 2320 NsTrcNT - ok
13:46:27.0488 2320 ntcharge - ok
13:46:27.0590 2320 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:46:27.0620 2320 Ntfs - ok
13:46:27.0634 2320 NTIDrvr - ok
13:46:27.0643 2320 ntmssvc - ok
13:46:27.0657 2320 ntpr_nic_service2 - ok
13:46:27.0709 2320 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:46:27.0733 2320 ntrigdigi - ok
13:46:27.0756 2320 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\Windows\system32\DRIVERS\NuidFltr.sys
13:46:27.0777 2320 NuidFltr - ok
13:46:27.0826 2320 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:46:27.0846 2320 Null - ok
13:46:27.0856 2320 nvcap - ok
13:46:27.0869 2320 NVENET - ok
13:46:27.0881 2320 nvmpu401 - ok
13:46:27.0895 2320 NVR0Dev - ok
13:46:27.0947 2320 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
13:46:27.0970 2320 nvraid - ok
13:46:27.0979 2320 nvsmu - ok
13:46:28.0006 2320 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
13:46:28.0030 2320 nvstor - ok
13:46:28.0040 2320 nvstor32 - ok
13:46:28.0053 2320 NVTCP - ok
13:46:28.0084 2320 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
13:46:28.0106 2320 nv_agp - ok
13:46:28.0116 2320 NwlnkFlt - ok
13:46:28.0128 2320 NwlnkFwd - ok
13:46:28.0141 2320 nwlnkspx - ok
13:46:28.0153 2320 NxSysMon - ok
13:46:28.0192 2320 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
13:46:28.0199 2320 ohci1394 - ok
13:46:28.0209 2320 olapserver - ok
13:46:28.0226 2320 omniusbl - ok
13:46:28.0236 2320 omsad - ok
13:46:28.0252 2320 ood2000 - ok
13:46:28.0268 2320 openldap-slapd - ok
13:46:28.0284 2320 openvpnservice - ok
13:46:28.0301 2320 oracleorahomehttpserver - ok
13:46:28.0318 2320 oraclewebassistant - ok

billyd · May 16, 2012

13:46:28.0336 2320 oracle_load_balancer_60_client-forms6ip14 - ok
13:46:28.0352 2320 oracle_load_balancer_60_client-forms6ip9 - ok
13:46:28.0370 2320 outpostfirewall - ok
13:46:28.0383 2320 ovsecurityserver - ok
13:46:28.0395 2320 p2k - ok
13:46:28.0483 2320 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:46:28.0492 2320 p2pimsvc - ok
13:46:28.0507 2320 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:46:28.0515 2320 p2psvc - ok
13:46:28.0531 2320 papycpu2 - ok
13:46:28.0549 2320 papyjoy - ok
13:46:28.0644 2320 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:46:28.0670 2320 Parport - ok
13:46:28.0719 2320 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
13:46:28.0739 2320 partmgr - ok
13:46:28.0763 2320 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:46:28.0783 2320 Parvdm - ok
13:46:28.0816 2320 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
13:46:28.0819 2320 PcaSvc - ok
13:46:28.0861 2320 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:46:28.0883 2320 pci - ok
13:46:28.0892 2320 pcidump - ok
13:46:29.0094 2320 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
13:46:29.0114 2320 pciide - ok
13:46:29.0144 2320 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:46:29.0170 2320 pcmcia - ok
13:46:29.0181 2320 pcradminserver - ok
13:46:29.0196 2320 Pctspk - ok
13:46:29.0210 2320 PD0620VID - ok
13:46:29.0227 2320 pdframe - ok
13:46:29.0242 2320 pdlnatcm - ok
13:46:29.0281 2320 pdlnsx25 - ok
13:46:29.0292 2320 pduip6000dmemcrdmgr - ok
13:46:29.0354 2320 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:46:29.0362 2320 PEAUTH - ok
13:46:29.0372 2320 penrendezvous - ok
13:46:29.0384 2320 perc2 - ok
13:46:29.0426 2320 persfw - ok
13:46:29.0439 2320 pfc - ok
13:46:29.0454 2320 PGPdisk - ok
13:46:29.0466 2320 PGPsdkDriver - ok
13:46:29.0479 2320 picturetaker - ok
13:46:29.0576 2320 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
13:46:29.0590 2320 pla - ok
13:46:29.0717 2320 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
13:46:29.0722 2320 PlugPlay - ok
13:46:29.0733 2320 pml - ok
13:46:29.0829 2320 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:46:29.0836 2320 PNRPAutoReg - ok
13:46:29.0853 2320 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
13:46:29.0861 2320 PNRPsvc - ok
13:46:29.0913 2320 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
13:46:29.0920 2320 PolicyAgent - ok
13:46:30.0013 2320 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:46:30.0038 2320 PptpMiniport - ok
13:46:30.0049 2320 prism_a02 - ok
13:46:30.0094 2320 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
13:46:30.0140 2320 Processor - ok
13:46:30.0151 2320 procexp90 - ok
13:46:30.0189 2320 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
13:46:30.0195 2320 ProfSvc - ok
13:46:30.0248 2320 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:46:30.0250 2320 ProtectedStorage - ok
13:46:30.0261 2320 protexislicensing - ok
13:46:30.0276 2320 proxyhostservice - ok
13:46:30.0312 2320 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:46:30.0336 2320 PSched - ok
13:46:30.0347 2320 PTDCBus - ok
13:46:30.0359 2320 PTDCVsp - ok
13:46:30.0371 2320 qbfcservice - ok
13:46:30.0385 2320 qkbfiltr - ok
13:46:30.0399 2320 ql1280 - ok
13:46:30.0460 2320 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
13:46:30.0506 2320 ql2300 - ok
13:46:30.0543 2320 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:46:30.0564 2320 ql40xx - ok
13:46:30.0574 2320 qmofiltr - ok
13:46:30.0587 2320 queuemgr - ok
13:46:30.0633 2320 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
13:46:30.0637 2320 QWAVE - ok
13:46:30.0669 2320 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:46:30.0690 2320 QWAVEdrv - ok
13:46:30.0700 2320 ramaint - ok
13:46:30.0731 2320 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:46:30.0752 2320 RasAcd - ok
13:46:30.0877 2320 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
13:46:30.0880 2320 RasAuto - ok
13:46:30.0925 2320 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:46:30.0968 2320 Rasl2tp - ok
13:46:31.0012 2320 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
13:46:31.0018 2320 RasMan - ok
13:46:31.0057 2320 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:46:31.0081 2320 RasPppoe - ok
13:46:31.0118 2320 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:46:31.0143 2320 RasSstp - ok
13:46:31.0153 2320 rca - ok
13:46:31.0171 2320 rchost - ok
13:46:31.0211 2320 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:46:31.0215 2320 rdbss - ok
13:46:31.0226 2320 RDID1027 - ok
13:46:31.0277 2320 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:46:31.0297 2320 RDPCDD - ok
13:46:31.0369 2320 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
13:46:31.0409 2320 rdpdr - ok
13:46:31.0470 2320 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:46:31.0490 2320 RDPENCDD - ok
13:46:31.0548 2320 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
13:46:31.0570 2320 RDPWD - ok
13:46:31.0581 2320 regspy - ok
13:46:31.0644 2320 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
13:46:31.0647 2320 RemoteAccess - ok
13:46:31.0700 2320 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
13:46:31.0706 2320 RemoteRegistry - ok
13:46:31.0716 2320 RESMGR - ok
13:46:31.0730 2320 retroexplauncher - ok
13:46:31.0744 2320 rfcomm - ok
13:46:31.0783 2320 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
13:46:31.0803 2320 rimmptsk - ok
13:46:31.0902 2320 rimsptsk (d7e09bc852684a7b1fc0f74fe090d45a) C:\Windows\system32\DRIVERS\rimsptsk.sys
13:46:31.0923 2320 rimsptsk - ok
13:46:31.0935 2320 rimusb - ok
13:46:31.0949 2320 rimvserport - ok
13:46:31.0984 2320 rismxdp (b0a7494a9ba7909efac64e05d3f160db) C:\Windows\system32\DRIVERS\rixdptsk.sys
13:46:32.0004 2320 rismxdp - ok
13:46:32.0015 2320 RMCAST - ok
13:46:32.0028 2320 rnadiagnosticsservice - ok
13:46:32.0042 2320 ROB_A - ok
13:46:32.0055 2320 roxupnpserver - ok
13:46:32.0103 2320 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
13:46:32.0106 2320 RpcLocator - ok
13:46:32.0159 2320 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
13:46:32.0165 2320 RpcSs - ok
13:46:32.0176 2320 rppkt - ok
13:46:32.0189 2320 RSAFAL - ok
13:46:32.0233 2320 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:46:32.0254 2320 rspndr - ok
13:46:32.0264 2320 rtl8139 - ok
13:46:32.0277 2320 s116mdm - ok
13:46:32.0292 2320 s125obex - ok
13:46:32.0310 2320 s217mdm - ok
13:46:32.0329 2320 s217nd5 - ok
13:46:32.0344 2320 S3GIGP - ok
13:46:32.0360 2320 s3ssavage - ok
13:46:32.0376 2320 s616unic - ok
13:46:32.0391 2320 s716nd5 - ok
13:46:32.0404 2320 s7oppitx - ok
13:46:32.0417 2320 s7otranx - ok
13:46:32.0431 2320 SABSVC - ok
13:46:32.0446 2320 SaiNtSub - ok
13:46:32.0460 2320 SaiU040B - ok
13:46:32.0491 2320 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
13:46:32.0493 2320 SamSs - ok
13:46:32.0506 2320 sandboxu - ok
13:46:32.0542 2320 sbhooksvc - ok
13:46:32.0581 2320 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:46:32.0602 2320 sbp2port - ok
13:46:32.0639 2320 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
13:46:32.0643 2320 SCardSvr - ok
13:46:32.0657 2320 ScFBPNT3 - ok
13:46:32.0713 2320 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
13:46:32.0719 2320 Schedule - ok
13:46:32.0757 2320 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
13:46:32.0758 2320 SCPolicySvc - ok
13:46:32.0772 2320 screadspool - ok
13:46:32.0791 2320 scsk4 - ok
13:46:32.0832 2320 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
13:46:32.0857 2320 sdbus - ok
13:46:32.0870 2320 sdcoreservice - ok
13:46:32.0886 2320 SDdriver - ok
13:46:32.0946 2320 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
13:46:32.0951 2320 SDRSVC - ok
13:46:32.0965 2320 SE26mgmt - ok
13:46:32.0982 2320 se26unic - ok
13:46:32.0998 2320 SE2Bmdfl - ok
13:46:33.0013 2320 se2Bnd5 - ok
13:46:33.0029 2320 se2Bunic - ok
13:46:33.0045 2320 SE2Dbus - ok
13:46:33.0059 2320 SE2Eobex - ok
13:46:33.0072 2320 se44bus - ok
13:46:33.0086 2320 se44nd5 - ok
13:46:33.0127 2320 se45mgmt - ok
13:46:33.0144 2320 se45nd5 - ok
13:46:33.0161 2320 se58unic - ok
13:46:33.0174 2320 se59nd5 - ok
13:46:33.0209 2320 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:46:33.0229 2320 secdrv - ok
13:46:33.0250 2320 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
13:46:33.0254 2320 seclogon - ok
13:46:33.0266 2320 SED133x - ok
13:46:33.0295 2320 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll
13:46:33.0297 2320 SENS - ok
13:46:33.0308 2320 sentinel - ok
13:46:33.0322 2320 ser2pl - ok
13:46:33.0352 2320 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:46:33.0372 2320 Serenum - ok
13:46:33.0412 2320 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:46:33.0433 2320 Serial - ok
13:46:33.0469 2320 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:46:33.0490 2320 sermouse - ok
13:46:33.0506 2320 server - ok
13:46:33.0581 2320 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
13:46:33.0586 2320 SessionEnv - ok
13:46:33.0598 2320 SetupSys - ok
13:46:33.0646 2320 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
13:46:33.0666 2320 sffdisk - ok
13:46:33.0697 2320 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
13:46:33.0719 2320 sffp_mmc - ok
13:46:33.0748 2320 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:46:33.0769 2320 sffp_sd - ok
13:46:33.0787 2320 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:46:33.0809 2320 sfloppy - ok
13:46:33.0820 2320 sglogplayer - ok
13:46:33.0904 2320 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
13:46:33.0909 2320 SharedAccess - ok
13:46:33.0977 2320 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
13:46:33.0983 2320 ShellHWDetection - ok
13:46:33.0994 2320 sifilter - ok
13:46:34.0009 2320 SimpTcp - ok
13:46:34.0023 2320 sis315 - ok
13:46:34.0062 2320 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
13:46:34.0101 2320 sisagp - ok
13:46:34.0112 2320 sisnic - ok
13:46:34.0164 2320 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
13:46:34.0202 2320 SiSRaid2 - ok
13:46:34.0236 2320 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
13:46:34.0257 2320 SiSRaid4 - ok
13:46:34.0269 2320 slabbus - ok
13:46:34.0283 2320 slabser - ok
13:46:34.0297 2320 slee_503_service - ok
13:46:34.0311 2320 Slntamr - ok
13:46:34.0326 2320 Slpsvdr - ok
13:46:34.0507 2320 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
13:46:34.0533 2320 slsvc - ok
13:46:34.0649 2320 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
13:46:34.0654 2320 SLUINotify - ok
13:46:34.0666 2320 smartwiservice - ok
13:46:34.0737 2320 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:46:34.0761 2320 Smb - ok
13:46:34.0776 2320 SMCB000 - ok
13:46:34.0807 2320 smsmdd - ok
13:46:34.0878 2320 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
13:46:34.0882 2320 SNMPTRAP - ok
13:46:34.0898 2320 snmptrapdservice - ok
13:46:34.0909 2320 SNP2STD - ok
13:46:34.0942 2320 sonytvc - ok
13:46:34.0956 2320 spbbcsvc - ok
13:46:34.0972 2320 spcsutilityservice - ok
13:46:34.0989 2320 SPFDRV - ok
13:46:35.0031 2320 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:46:35.0051 2320 spldr - ok
13:46:35.0063 2320 splitter - ok
13:46:35.0077 2320 spmd - ok
13:46:35.0116 2320 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
13:46:35.0122 2320 Spooler - ok
13:46:35.0134 2320 sprtsvc_smartagent - ok
13:46:35.0148 2320 SQLWriter - ok
13:46:35.0163 2320 srescan - ok
13:46:35.0179 2320 SRS_SSCFilter - ok
13:46:35.0195 2320 SRTSP - ok
13:46:35.0247 2320 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
13:46:35.0287 2320 srv - ok
13:46:35.0323 2320 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
13:46:35.0344 2320 srv2 - ok
13:46:35.0356 2320 srvdpi - ok
13:46:35.0393 2320 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
13:46:35.0414 2320 srvnet - ok
13:46:35.0460 2320 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
13:46:35.0466 2320 SSDPSRV - ok
13:46:35.0481 2320 ssfs0509 - ok
13:46:35.0496 2320 sshrmd - ok
13:46:35.0510 2320 ssm_bus - ok
13:46:35.0526 2320 ssm_mdm - ok
13:46:35.0556 2320 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
13:46:35.0560 2320 SstpSvc - ok
13:46:35.0573 2320 ss_mdfl - ok
13:46:35.0588 2320 stacsv - ok
13:46:35.0650 2320 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
13:46:35.0657 2320 stisvc - ok
13:46:35.0669 2320 STV680 - ok
13:46:35.0685 2320 STV680m - ok
13:46:35.0701 2320 Subsonic - ok
13:46:35.0721 2320 SunkFilt - ok
13:46:35.0735 2320 SunkFilt39 - ok
13:46:35.0751 2320 svv - ok
13:46:35.0786 2320 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:46:35.0789 2320 swenum - ok
13:46:35.0804 2320 SWMX00 - ok
13:46:35.0822 2320 SWNC5E00 - ok
13:46:35.0879 2320 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
13:46:35.0884 2320 swprv - ok
13:46:35.0897 2320 SWUMX51 - ok
13:46:35.0947 2320 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:46:35.0973 2320 Symc8xx - ok
13:46:36.0001 2320 symids - ok
13:46:36.0017 2320 symmpi - ok
13:46:36.0066 2320 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:46:36.0086 2320 Sym_hi - ok
13:46:36.0112 2320 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:46:36.0132 2320 Sym_u3 - ok
13:46:36.0145 2320 syntp - ok
13:46:36.0199 2320 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
13:46:36.0207 2320 SysMain - ok
13:46:36.0259 2320 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
13:46:36.0263 2320 TabletInputService - ok
13:46:36.0276 2320 tandpl - ok
13:46:36.0290 2320 tapeware - ok
13:46:36.0343 2320 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
13:46:36.0349 2320 TapiSrv - ok
13:46:36.0363 2320 tavsvc - ok
13:46:36.0381 2320 tbhsd - ok
13:46:36.0439 2320 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
13:46:36.0443 2320 TBS - ok
13:46:36.0527 2320 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
13:46:36.0537 2320 Tcpip - ok
13:46:36.0579 2320 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
13:46:36.0586 2320 Tcpip6 - ok
13:46:36.0633 2320 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
13:46:36.0670 2320 tcpipreg - ok
13:46:36.0693 2320 tcsd_win32.exe - ok
13:46:36.0709 2320 tdimsys - ok
13:46:36.0753 2320 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:46:36.0773 2320 TDPIPE - ok
13:46:36.0810 2320 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:46:36.0848 2320 TDTCP - ok
13:46:36.0887 2320 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:46:36.0907 2320 tdx - ok
13:46:36.0977 2320 TeamViewer4 (392e619012f752d071910917e9307cc9) C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
13:46:36.0982 2320 TeamViewer4 - ok
13:46:36.0998 2320 telnet - ok
13:46:37.0046 2320 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:46:37.0071 2320 TermDD - ok
13:46:37.0137 2320 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
13:46:37.0145 2320 TermService - ok
13:46:37.0161 2320 tfsnudf - ok
13:46:37.0178 2320 tgsrvc_smartagent - ok
13:46:37.0230 2320 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
13:46:37.0235 2320 Themes - ok
13:46:37.0310 2320 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
13:46:37.0312 2320 THREADORDER - ok
13:46:37.0327 2320 timounter - ok
13:46:37.0342 2320 TMKEmu - ok
13:46:37.0358 2320 tmmbd - ok
13:46:37.0374 2320 tmtdi - ok
13:46:37.0389 2320 TNaviSrv - ok
13:46:37.0405 2320 tng-dts - ok
13:46:37.0421 2320 TOSHIBASoftModem - ok
13:46:37.0436 2320 tosrfnds - ok
13:46:37.0452 2320 tosrfsnd - ok
13:46:37.0468 2320 trackcam4 - ok
13:46:37.0484 2320 transarcafsdaemon - ok
13:46:37.0500 2320 trioservice - ok
13:46:37.0548 2320 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
13:46:37.0552 2320 TrkWks - ok
13:46:37.0621 2320 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
13:46:37.0624 2320 TrustedInstaller - ok
13:46:37.0652 2320 tsdhd - ok
13:46:37.0678 2320 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:46:37.0698 2320 tssecsrv - ok
13:46:37.0711 2320 TuneUp.Defrag - ok
13:46:37.0746 2320 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:46:37.0766 2320 tunmp - ok
13:46:37.0799 2320 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:46:37.0837 2320 tunnel - ok
13:46:37.0849 2320 TVALG - ok
13:46:37.0865 2320 tvs - ok
13:46:37.0892 2320 U81xobex - ok
13:46:37.0932 2320 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
13:46:37.0972 2320 uagp35 - ok
13:46:37.0985 2320 uclauncherservice - ok
13:46:38.0036 2320 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:46:38.0057 2320 udfs - ok
13:46:38.0117 2320 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
13:46:38.0122 2320 UI0Detect - ok
13:46:38.0135 2320 uleadburninghelper - ok
13:46:38.0174 2320 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
13:46:38.0195 2320 uliagpkx - ok
13:46:38.0227 2320 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
13:46:38.0249 2320 uliahci - ok
13:46:38.0282 2320 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:46:38.0320 2320 UlSata - ok
13:46:38.0354 2320 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:46:38.0375 2320 ulsata2 - ok
13:46:38.0412 2320 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:46:38.0414 2320 umbus - ok
13:46:38.0428 2320 UMPass - ok
13:46:38.0444 2320 UNDPX2A - ok
13:46:38.0460 2320 UpdateCenterService - ok
13:46:38.0477 2320 uploadmgr - ok
13:46:38.0538 2320 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
13:46:38.0544 2320 upnphost - ok
13:46:38.0557 2320 upsmonservice - ok
13:46:38.0573 2320 us30service - ok
13:46:38.0600 2320 USB11LDR - ok
13:46:38.0616 2320 usb20l - ok
13:46:38.0659 2320 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:46:38.0681 2320 usbccgp - ok
13:46:38.0726 2320 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:46:38.0747 2320 usbcir - ok
13:46:38.0786 2320 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:46:38.0808 2320 usbehci - ok
13:46:38.0853 2320 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:46:38.0875 2320 usbhub - ok
13:46:38.0915 2320 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:46:38.0935 2320 usbohci - ok
13:46:38.0976 2320 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:46:38.0997 2320 usbprint - ok
13:46:39.0041 2320 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:46:39.0061 2320 usbscan - ok
13:46:39.0101 2320 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:46:39.0122 2320 USBSTOR - ok
13:46:39.0164 2320 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:46:39.0188 2320 usbuhci - ok
13:46:39.0204 2320 USB_RNDIS - ok
13:46:39.0223 2320 USB_RNDIS_XP - ok
13:46:39.0244 2320 useraccess7 - ok
13:46:39.0261 2320 UVCFTR - ok
13:46:39.0280 2320 UWProSys - ok
13:46:39.0328 2320 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
13:46:39.0332 2320 UxSms - ok
13:46:39.0347 2320 UxTuneUp - ok
13:46:39.0367 2320 VAIOMediaPlatform-MusicServer-HTTP - ok
13:46:39.0387 2320 vc5secs - ok
13:46:39.0406 2320 vcommmgr - ok
13:46:39.0462 2320 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
13:46:39.0469 2320 vds - ok
13:46:39.0482 2320 vetmsgnt - ok
13:46:39.0523 2320 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
13:46:39.0542 2320 vga - ok
13:46:39.0590 2320 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:46:39.0627 2320 VgaSave - ok
13:46:39.0641 2320 Via4in1 - ok
13:46:39.0668 2320 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
13:46:39.0688 2320 viaagp - ok
13:46:39.0702 2320 viaagp1 - ok
13:46:39.0741 2320 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
13:46:39.0762 2320 ViaC7 - ok
13:46:39.0781 2320 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
13:46:39.0802 2320 viaide - ok
13:46:39.0817 2320 VICESYS - ok
13:46:39.0833 2320 vncdrv - ok
13:46:39.0849 2320 VNUSB - ok
13:46:39.0897 2320 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:46:39.0918 2320 volmgr - ok
13:46:39.0959 2320 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:46:39.0981 2320 volmgrx - ok
13:46:40.0023 2320 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:46:40.0044 2320 volsnap - ok
13:46:40.0058 2320 vsapint - ok
13:46:40.0073 2320 vsdatant - ok
13:46:40.0107 2320 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
13:46:40.0128 2320 vsmraid - ok
13:46:40.0204 2320 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
13:46:40.0215 2320 VSS - ok
13:46:40.0231 2320 vvoice - ok
13:46:40.0249 2320 VX3000 - ok
13:46:40.0266 2320 vzcdbsvc - ok
13:46:40.0283 2320 w200bus - ok
13:46:40.0330 2320 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
13:46:40.0336 2320 W32Time - ok
13:46:40.0361 2320 W55U01 - ok
13:46:40.0378 2320 w800mdfl - ok
13:46:40.0413 2320 w800mdm - ok
13:46:40.0482 2320 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:46:40.0502 2320 WacomPen - ok
13:46:40.0517 2320 wampmysqld - ok
13:46:40.0561 2320 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:46:40.0599 2320 Wanarp - ok
13:46:40.0612 2320 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:46:40.0613 2320 Wanarpv6 - ok
13:46:40.0628 2320 WaveFDE - ok
13:46:40.0645 2320 WBHWDOCT - ok
13:46:40.0692 2320 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
13:46:40.0699 2320 wcncsvc - ok
13:46:40.0737 2320 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
13:46:40.0742 2320 WcsPlugInService - ok
13:46:40.0775 2320 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
13:46:40.0795 2320 Wd - ok
13:46:40.0857 2320 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
13:46:40.0898 2320 Wdf01000 - ok
13:46:40.0913 2320 wdica - ok
13:46:40.0944 2320 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:46:40.0949 2320 WdiServiceHost - ok
13:46:40.0963 2320 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
13:46:40.0967 2320 WdiSystemHost - ok
13:46:40.0981 2320 WD_FireWire_HID - ok
13:46:41.0036 2320 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
13:46:41.0041 2320 WebClient - ok
13:46:41.0056 2320 webdriveservice - ok
13:46:41.0073 2320 webrootenterpriseclientservice - ok
13:46:41.0128 2320 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
13:46:41.0132 2320 Wecsvc - ok
13:46:41.0175 2320 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
13:46:41.0179 2320 wercplsupport - ok
13:46:41.0223 2320 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
13:46:41.0227 2320 WerSvc - ok
13:46:41.0242 2320 wg111nd5 - ok
13:46:41.0262 2320 win32sl - ok
13:46:41.0334 2320 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
13:46:41.0365 2320 winachsf - ok
13:46:41.0454 2320 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
13:46:41.0458 2320 WinDefend - ok
13:46:41.0490 2320 WinHttpAutoProxySvc - ok
13:46:41.0597 2320 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
13:46:41.0602 2320 Winmgmt - ok
13:46:41.0623 2320 winpower - ok
13:46:41.0647 2320 winpowerrmi - ok
13:46:41.0671 2320 winpppoverethernet - ok
13:46:41.0769 2320 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
13:46:41.0785 2320 WinRM - ok
13:46:41.0845 2320 wintab32 - ok
13:46:41.0863 2320 WinVd32 - ok
13:46:41.0922 2320 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
13:46:41.0929 2320 Wlansvc - ok
13:46:41.0947 2320 wlluc48 - ok
13:46:41.0961 2320 wlluc48b - ok
13:46:41.0979 2320 wltrysvc - ok
13:46:41.0996 2320 wm - ok
13:46:42.0014 2320 wmdmpmsp - ok
13:46:42.0031 2320 wmi - ok
13:46:42.0103 2320 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:46:42.0123 2320 WmiAcpi - ok
13:46:42.0207 2320 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
13:46:42.0212 2320 wmiApSrv - ok
13:46:42.0338 2320 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
13:46:42.0349 2320 WMPNetworkSvc - ok
13:46:42.0401 2320 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
13:46:42.0406 2320 WPCSvc - ok
13:46:42.0453 2320 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
13:46:42.0458 2320 WPDBusEnum - ok
13:46:42.0523 2320 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
13:46:42.0551 2320 WpdUsb - ok
13:46:42.0705 2320 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:46:42.0716 2320 WPFFontCache_v0400 - ok
13:46:42.0759 2320 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:46:42.0789 2320 ws2ifsl - ok
13:46:42.0850 2320 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll
13:46:42.0858 2320 wscsvc - ok
13:46:42.0879 2320 WSearch - ok
13:46:43.0024 2320 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
13:46:43.0042 2320 wuauserv - ok
13:46:43.0180 2320 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:46:43.0183 2320 WUDFRd - ok
13:46:43.0207 2320 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
13:46:43.0212 2320 wudfsvc - ok
13:46:43.0228 2320 wuolservice - ok
13:46:43.0245 2320 WUSB54GPV4SRV - ok
13:46:43.0276 2320 z800mgmt - ok
13:46:43.0294 2320 z800obex - ok
13:46:43.0314 2320 zebrbus - ok
13:46:43.0331 2320 zpsc - ok
13:46:43.0362 2320 {95808DC4-FA4A-4c74-92FE-5B863F82066B} - ok
13:46:43.0380 2320 {a7447300-8075-4b0d-83f1-3d75c8ebc623} - ok
13:46:43.0461 2320 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
13:46:43.0647 2320 \Device\Harddisk0\DR0 - ok
13:46:43.0651 2320 Boot (0x1200) (3f21510acf7eac540a7a1c69083c2ce0) \Device\Harddisk0\DR0\Partition0
13:46:43.0652 2320 \Device\Harddisk0\DR0\Partition0 - ok
13:46:43.0680 2320 Boot (0x1200) (9f3edab57323961243649d12d8a28921) \Device\Harddisk0\DR0\Partition1
13:46:43.0682 2320 \Device\Harddisk0\DR0\Partition1 - ok
13:46:43.0682 2320 ============================================================
13:46:43.0682 2320 Scan finished
13:46:43.0682 2320 ============================================================
13:46:43.0696 5912 Detected object count: 0
13:46:43.0696 5912 Actual detected object count: 0

Broni · May 16, 2012

OK. Re-run Combofix one more time.

billyd · May 17, 2012

ComboFix 12-05-17.02 - William 05/17/2012 4:13.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3061.2102 [GMT -4:00]
Running from: c:\users\William\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Resident AV is active
.
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\$NtUninstallKB37865$
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\usbcm.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_regspy
.
.
((((((((((((((((((((((((( Files Created from 2012-04-17 to 2012-05-17 )))))))))))))))))))))))))))))))
.
.
2012-05-17 08:27 . 2012-05-17 08:30 -------- d-----w- c:\users\William\AppData\Local\temp
2012-05-17 08:27 . 2012-05-17 08:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-05-16 08:11 . 2012-05-16 08:11 -------- d-----w- C:\found.001
2012-05-16 08:07 . 2012-05-16 08:07 -------- d-----w- C:\TDSSKiller_Quarantine
2012-05-15 09:54 . 2012-04-18 07:06 6734704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DE8DEF1D-B252-40EE-A322-05E15EFDA7C7}\mpengine.dll
2012-05-13 23:46 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-05-13 23:46 . 2012-05-13 23:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-05-13 17:41 . 2012-05-13 17:41 -------- d-----w- c:\users\William\AppData\Local\ESET
2012-05-13 17:30 . 2012-05-13 17:30 -------- d-----w- c:\program files\Windows Resource Kits
2012-05-12 23:11 . 2012-05-12 23:11 -------- d-----w- c:\program files\ESET
2012-05-11 01:11 . 2012-04-03 08:16 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-11 01:11 . 2012-04-03 08:16 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 22:42 . 2012-05-05 22:43 -------- d-----w- c:\program files\Sherlock Holmes and the Hound of the Baskervilles
2012-04-22 23:44 . 2012-04-22 23:44 -------- d-----w- C:\found.000
2012-04-22 19:14 . 2012-04-22 19:14 -------- d-----w- c:\programdata\Kaspersky Lab
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-16 08:08 . 2011-12-23 05:19 185856 ----a-w- c:\windows\system32\drivers\netbt.sys
2012-05-05 16:58 . 2012-04-04 17:05 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-05 16:58 . 2011-12-23 00:38 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-03 18:42 . 2012-04-03 18:42 652296 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2012-04-03 18:42 . 2012-04-03 18:42 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-04-03 18:42 . 2012-04-03 18:42 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
2012-04-02 13:36 . 2012-05-11 01:11 2044928 ----a-w- c:\windows\system32\win32k.sys
2012-03-28 16:09 . 2012-03-20 23:22 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-29 15:11 . 2012-04-12 07:13 5120 ----a-w- c:\windows\system32\wmi.dll
2012-02-29 15:11 . 2012-04-12 07:13 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 15:09 . 2012-04-12 07:13 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-29 13:32 . 2012-04-12 07:13 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-02-28 01:18 . 2012-04-12 07:14 1799168 ----a-w- c:\windows\system32\jscript9.dll
2012-02-28 01:11 . 2012-04-12 07:14 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2012-02-28 01:11 . 2012-04-12 07:14 1127424 ----a-w- c:\windows\system32\wininet.dll
2012-02-28 01:03 . 2012-04-12 07:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-02-25 19:19 . 2012-02-25 19:19 121208 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2012-02-23 14:18 . 2011-12-16 16:56 237072 ------w- c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2007-12-08 3444736]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-01-12 2219184]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Turbo Tourney 2012 Scheduler.lnk]
backup=c:\windows\pss\Turbo Tourney 2012 Scheduler.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2008-02-12 01:13 141848 ----a-w- c:\windows\System32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2008-02-12 01:13 133656 ----a-w- c:\windows\System32\igfxpers.exe
.
R0 70080763;70080763;c:\windows\system32\drivers\98925466.sys [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
se2Bunic
ofcpfwsvc
upsmonservice
nmservice
atkkeyboardservice
SE2Bmdfl
SE2Dbus
omsad
tmtdi
wscsvc
wm
UNDPX2A
sdcoreservice
EIO_XP
ErrDev
qfcoresvc
mcdetect.exe
pelusblf
DS1410D
CTMFLT
EMATCORE
CVirtA
mssqlserverolapservice
pgpsdkservice
PTDCVsp
dsNcAdpt
sisnic
btnetfilter
nimcdfxk
MTC0001_ESB
SprintRcAppSvc
pcx1unic
RDID1027
pwkntmon
axsaki
mwagent
oracle_load_balancer_60_server-forms6ip9
rslinxng
mysql
teefer
atixsaudio
adminserver
mvserver
spmd
bc_filter
atiavaiw
UimBus
sisperf
imapiservice
s716mdm
rt2500usb
ppped
tfsnboio
dlartl_n
vstor2-ws60
iPassPeriodicUpdateService
speakerphone
ZDPNDIS5
ISAMSvc
plsremotesvc
smartwiservice
mcdbus
se45mgmt
ccflic0
webdriveservice
wlluc48b
webrootenterpriseclientservice
imagesrv
flashcom
ssm_bus
olapserver
wintab32
a016mgmt
MRV6X32P
EACSvrMngr
sglogplayer
AcronisOSSReinstallSvc
atdisk
bantext
nwlnkspx
PBADRV
oraclewebassistant
sonytvc
intelroam
papyjoy
tfsnudf
U3sHlpDr
npapimon
comhost
SetupSys
pdlnatcm
iPassP
perc2
statusagent
ATWPKT2
AdobeActiveFileMonitor6.0
WD_FireWire_HID
{a7447300-8075-4b0d-83f1-3d75c8ebc623}
hclinetd
i81x
SWUMX51
MQAC
UsbserFilt
dlbu_device
szkg
incdsrv
acrotray
rootmodem
nwlnknb
avgems
datasvr
NETw4v32
cfgwzsvc
tvtfilter
USB_NDIS_51
s125mdfl
tng-dtmg
vproeventmonitor
wmconnectcds
redbook
DivisCTS
NWSAP
macformatservice
sit_flt
EL2000
ssfs0509
procexp90
iksyssec
starwindservice
mnsframework
bwcsrv
aolservice
crauto
nvax
mctskshd.exe
ICAM5USB
LC7981
razerusb
EagleNT
elockservice
xfilt
ageremodemaudio
MA8032U
fshttps
slabbus
useraccess7
ctljystk
acermemusagecheckservice
NVR0Dev
rnadirectory
netmdsb
nm
bc_pat_f
MREMP50
W700mdm
oraclemtsrecoveryservice
pduip6000dmemcrdmgr
roxwatch
svv
SMCB000
vncdrv
tapeware
Angel2
qkbfiltr
persfw
cpucoolserver
elnkservice
btwusb
STV680m
msftpsvc
mxnic
ikhfile
opcenum
trioservice
cebdaldr
winpppoverethernet
lpx
TOSHIBASoftModem
mssql$sqlexpress
Hotkey
NITaggerService
dlcj_device
slabser
openldap-slapd
diskeeper
WinVd32
rchost
w800mdm
NTIDrvr
dlcc_device
server
SE26mgmt
z800mgmt
emitray
aspi32
S3GIGP
tgsrvc_smartagent
beatjamupnpmusicserver
iaimfp1
Slntamr
defwatch
sis315
queuemgr
penrendezvous
lktimesync
bthpan
ATMsg
ino_flpy
cvslock
dtsrvc
noipducservice
WaveFDE
ntcharge
se45nd5
rfcomm
tavsvc
SABSVC
screadspool
GTSCSER
mysqlinventime
modemcsa
timounter
NETw3v32
ma_cmidi_installerservice
getPlusHelper
nimxdfk
tdimsys
bdselfpr
PD0620VID
PGPdisk
SimpTcp
mfeavfk
AVerTV
SPFDRV
btwhid
pcradminserver
audstub
mlkkbdntdriver
WBHWDOCT
lvprcsrv
uleadburninghelper
mwstick
vsdatant
hibernation
lmab_device
rppkt
mcsysmon
UWProSys
s217nd5
CX88AUD
pdlnshay
monfilt
lxcj_device
ntpr_nic_service2
a016mdm
iAimTV5
zpsc
haspnt
Jukebox
VAIOMediaPlatform-MusicServer-HTTP
FETNDIS
scsk4
outpostfirewall
backupexecalertserver
nmwcdc
pavdrv
sandboxu
slee_503_service
HIDSwvd
ssm_mdm
LVRS
sifilter
viaagp1
ood2000
STV680
CnxTrLan
win32sl
s116mdm
cwcwdm
Pctspk
jaguar
ROB_A
Appn
hwpsgt
AVCSTRM
spcsutilityservice
nvstor32
mfesmfk
roxupnpserver
avg7rsw
SWNC5E00
DNE
ovsecurityserver
p2k
ADIDTSFiltService
wuolservice
ggsemc
winpowerrmi
GoToAssist
DgiVecp
cccredmgr
srvdpi
db2das00
spbbcsvc
vcommmgr
SNP2STD
NIPALK
hpqddsvc
harmony
sshrmd
GT890x
winpower
Slpsvdr
oracle_load_balancer_60_client-forms6ip9
APLMp50
TMKEmu
HPFECP20
pcidump
ftsata2
UVCFTR
nbservice
license
oracleorahomehttpserver
DirectUpdate
PGPsdkDriver
retroexplauncher
nfmservice
tng-dts
SE2Eobex
wampmysqld
s217mdm
dlcf_device
rimvserport
TNaviSrv
el90xbc
RESMGR
SDdriver
pdlnsx25
gameenum
wdica
AR5523
picturetaker
Evian
btwavdt
rnadiagnosticsservice
cusrvc
Via4in1
freepops
nimcrpcsu
dmio
TuneUp.Defrag
iPassPeriodicUpdateApp
prism_a02
IFPUSB
bt3cser
transarcafsdaemon
k750mdfl
USB_RNDIS
SRTSP
ifxtcs
VICESYS
PTDCBus
tcsd_win32.exe
pml
ScFBPNT3
UxTuneUp
vc5secs
tbhsd
stacsv
licensemanagersocket
avgarcln
tosrfnds
ql1280
s3ssavage
hmonitor
wlluc48
tmmbd
cbidf
zebrbus
dvd_2K
vsapint
w200bus
awhost32
filechecker
NsTrcNT
hsf_dp
trackcam4
arcltsrv
dladresm
WUSB54GPV4SRV
us30service
vvoice
inotask
inorpc
VNUSB
lxrjd31d
Ncrc710
rca
s125obex
NxSysMon
VX3000
srescan
{95808DC4-FA4A-4c74-92FE-5B863F82066B}
isapisearch
lockmgr
nvcap
ss_mdfl
SRS_SSCFilter
klif
DCamUSBSQTECH
se26unic
mks_scan
s7otranx
SED133x
ibmcicstransactiongateway
s7oppitx
LKbdFlt2
3comtftp
UMPass
U81xobex
U2SP
co_mon
atierecord
qbfcservice
tosrfsnd
openvpnservice
AmdLLD
freebsd
atkdisplf
se58unic
RMCAST
mcnasvc
cdr4_2k
avg7updsvc
cvsnt
k750mdm
s616unic
artourservice
symmpi
iastor
aclient
BTSLBCSP
askernel
acprfmgrsvc
https-admserv61
splitter
SaiU040B
proxyhostservice
USB_RNDIS_XP
nmsaccess
mfehidk
snmptrapdservice
digictrl
emupia
rimusb
array_utility_service4,0,1,3
gearaspiwdm
eskerlicensecontrol
lxbs_device
nimdbgk
CTMSHD
ihcservice
pavreport
ATKFUSService
iomdisk
se59mdfl
pnkbstrb
lp6nds35
syntp
SWMX00
se2Bnd5
e1express
w800mdfl
entech
T6963C
hnmsvc
VCAM
purgeieservice
XFX_program
smcservice
ldlcserv
PQNTDrv
iviaspi
enxpsvc
DniVad
acedrv07
Subsonic
iwebmsg
qmofiltr
agrsrvce
SunkFilt39
TcUsb
MA_CMIDI
trcboot
smsmdd
iam
a016mdfl
db2ntsecserver
ec2007service
sqlagent$sony_mediamgr
soma
tvs
ipsraidn
kservice
Bcim
amon
axinstsv
btwrchid
bdfsdrv
SE2Dmdfl
MTsensor
maya70docserver
ctdvda2k
wg111nd5
nchssvad
SaiNtSub
cpqarray
gv3
UpdateCenterService
MobilePreInstallerService
SQLWriter
iap
usb20l
s716nd5
FireTDI
pdframe
HSFHWICH
yukonwxp
lvpopflt
vzcdbsvc
NVTCP
SE27mdm
atalk
SunkFilt
NVENET
ctmmfilt
cicssfs.scmmc223
ifxspmgtsrv
se44nd5
agentsrv
ATMsrvc
nsengine
s117obex
aswrdr
z800obex
mwspollserver
lxbu_device
rtl8139
se44bus
USB11LDR
ramaint
pfc
athr
se59nd5
sentinel
ser2pl
websenselogserver
ltck000c
ZuneWlanCfgSvc
k750mgmt
Nsynas32
uclauncherservice
ossrv
sprtsvc_smartagent
autocomplete
sbhooksvc
USBCamera
TestHandler
adiloader
elotouchscreen
cwafrmiregistry
W55U01
tvicport
aec
ino_fltr
CTEDSPFX.DLL
U81xmdm
HFACSVC
imaservice
tmactmon
MpFilter
bthusb
symids
ASMMAP
atchksrv
AKSIFDH
GV600_4
nvmpu401
ASNDIS5
omniusbl
papycpu2
cpuz132
HECI
tsdhd
protexislicensing
slapd-data52
tandpl
dxdebug
scanwscs
ntrtscan
mod7700
TVALG
oracle_load_balancer_60_client-forms6ip14
telnet
mapserver6.3
incdfs
eamon
GTPTSER
atmeltpm
vetmsgnt
nvsmu
RSAFAL
alertmanager
sysmonlog
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 16:58]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-20 21:41]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-01-20 21:41]
.
2012-05-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
- c:\users\William\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-23 04:45]
.
2012-05-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
- c:\users\William\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-23 04:45]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-70080763.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-17 04:30
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\netbt]
"ImagePath"="system32\drivers\tsk9AF1.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,38,12,df,c1,0b,
27,57,07,ba,54,e4,0e,43,d0,22,fb,89,5b
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,38,12,e3,75,7d,
36,b0,0f,93,03,e3,00,57,09,a1,c9,d1,e0
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{AA58ED58-01DD-4D91-8333-CF10577473F7}"=hex:51,66,7a,6c,4c,1d,38,12,36,ee,4b,
ae,ef,4f,ff,08,fc,25,8c,50,52,2a,37,e3
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:81,97,c7,74,c6,e0,cc,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,44,3b,da,52,c0,a4,82,4f,a1,90,3e,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\dlbacoms.exe
c:\program files\ESET\ESET Smart Security\ekrn.exe
c:\program files\TeamViewer\Version4\TeamViewer_Service.exe
c:\program files\TeamViewer\Version4\TeamViewer.exe
c:\windows\system32\igfxsrvc.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
.
**************************************************************************
.
Completion time: 2012-05-17 04:39:27 - machine was rebooted
ComboFix-quarantined-files.txt 2012-05-17 08:39
ComboFix2.txt 2012-05-15 08:45
.
Pre-Run: 47,050,002,432 bytes free
Post-Run: 47,093,510,144 bytes free
.
- - End Of File - - 465FBB92983D187887138508D60CA266

Broni · May 17, 2012

Looks good

How is computer doing?

Download OTL to your Desktop.

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Click the Scan All Users checkbox.
Under the Custom Scan box paste this in:

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\tasks\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /I " " /c
dir /b "%systemroot%\*.exe" | find /I " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop

Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

billyd · May 18, 2012

OTL logfile created on: 5/18/2012 3:51:28 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\William\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 64.12% Memory free
6.21 Gb Paging File | 4.99 Gb Available in Paging File | 80.44% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.85 Gb Total Space | 41.77 Gb Free Space | 29.65% Space Free | Partition Type: NTFS
Drive D: | 8.20 Gb Total Space | 1.75 Gb Free Space | 21.39% Space Free | Partition Type: NTFS

Computer Name: WILLIAM-PC | User Name: William | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/17 15:12:34 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
PRC - [2011/01/12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
PRC - [2009/10/07 09:04:44 | 003,872,552 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer.exe
PRC - [2009/10/07 08:50:26 | 000,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/03/05 20:57:30 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbacoms.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/11 05:03:18 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 05:03:13 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ef684a2ee2f7276eec3973a0654d2bd4\System.Web.ni.dll
MOD - [2012/05/11 04:52:33 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/11 04:52:12 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2007/12/08 15:34:10 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxrsii1s.dll -- (zpsc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w200mgmt.dll -- (zebrbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DSI_SiUSBXp_3_1.dll -- (z800obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssscsisv.dll -- (z800mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\db2ntsecserver.dll -- (WUSB54GPV4SRV)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SMPLSCSI.dll -- (wuolservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavsrv.dll -- (wmi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UWProSys.dll -- (wmdmpmsp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fingrd32.dll -- (wm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdralw2k.dll -- (wlluc48b)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iaantmon.dll -- (wlluc48)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iap.dll -- (WinVd32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omniserv.dll -- (wintab32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sptisrv.dll -- (winpppoverethernet)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\k750mdfl.dll -- (winpowerrmi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tifm21.dll -- (winpower)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8139.dll -- (win32sl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\trayman.dll -- (wg111nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se58mgmt.dll -- (webrootenterpriseclientservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tos_sps32.dll -- (webdriveservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elagopro.dll -- (wdica)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ssm_bus.dll -- (WD_FireWire_HID)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\swwd.dll -- (WBHWDOCT)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kraidsvc.dll -- (WaveFDE)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tvtfilter.dll -- (wampmysqld)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\starwindservice.dll -- (w800mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdfl.dll -- (w800mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvstor64.dll -- (W55U01)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbsermptxp.dll -- (w200bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032U.dll -- (vzcdbsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\irbus.dll -- (VX3000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s217unic.dll -- (vvoice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sympxsvc.dll -- (vsdatant)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\termdd.dll -- (vsapint)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xusb21.dll -- (VNUSB)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\niorbk.dll -- (vncdrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\arkbcfltr.dll -- (VICESYS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\v2imount.dll -- (viaagp1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aalogger.dll -- (Via4in1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\navap.dll -- (vetmsgnt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NTIDrvr.dll -- (vcommmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\U3sHlpDr.dll -- (vc5secs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DMUSBUSBDCam.dll -- (VAIOMediaPlatform-MusicServer-HTTP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdrbsvsd.dll -- (UxTuneUp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\prodrv06.dll -- (UWProSys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\openvpnservice.dll -- (UVCFTR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oraclexeclragent.dll -- (useraccess7)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cercsr6.dll -- (usb20l)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avgascln.dll -- (USB11LDR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MREMP50.dll -- (USB_RNDIS_XP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hprfdev.dll -- (USB_RNDIS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atapi.dll -- (us30service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Cinemsup.dll -- (upsmonservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hsf_dpv.dll -- (uploadmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome92tnslistener.dll -- (UpdateCenterService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hidgame.dll -- (UNDPX2A)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\omniserv.dll -- (UMPass)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AdobeActiveFileMonitor6.0.dll -- (uleadburninghelper)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btwusb.dll -- (uclauncherservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032C.dll -- (U81xobex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\delldmi.dll -- (tvs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iaimtv2.dll -- (TVALG)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Si3132.dll -- (TuneUp.Defrag)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndisip.dll -- (tsdhd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atkkeyboardservice.dll -- (trioservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Dmgmt.dll -- (transarcafsdaemon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\stllssvr.dll -- (trackcam4)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tosporte.dll -- (tosrfsnd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\regservice.dll -- (tosrfnds)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dmio.dll -- (TOSHIBASoftModem)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\steamdvr.dll -- (tng-dts)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpnodecollector.dll -- (TNaviSrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\es1371.dll -- (tmtdi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\quickhealfirewall.dll -- (tmmbd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slee_81_service.dll -- (TMKEmu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mscsptisrv.dll -- (timounter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PciBus.dll -- (tgsrvc_smartagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FTDIBUS.dll -- (tfsnudf)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MA8032C.dll -- (telnet)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\alcaudsl.dll -- (tdimsys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hidusb.dll -- (tcsd_win32.exe)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rwbackupsrv.dll -- (tbhsd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lbrtfdc.dll -- (tavsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DcLps.dll -- (tapeware)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smservauth.dll -- (tandpl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQTECH905C.dll -- (syntp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlacdbhm.dll -- (symmpi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pca.dll -- (symids)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwafnotesservice.dll -- (SWUMX51)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CT20XUT.DLL.dll -- (SWNC5E00)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxdmCATSCustConnectService.dll -- (SWMX00)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdrframe.dll -- (svv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TClass2k.dll -- (SunkFilt39)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kerbkey.dll -- (SunkFilt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HECI.dll -- (Subsonic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ccpwdsvc.dll -- (STV680m)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avidsdmservice.dll -- (STV680)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ntgrip.dll -- (stacsv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dot4print.dll -- (ssm_mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MailService.dll -- (ssm_bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxcgcustomerconnect.dll -- (sshrmd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SMCB000.dll -- (ssfs0509)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NetMsmqActivator.dll -- (ss_mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ISAMSvc.dll -- (srvdpi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NSNDIS5.dll -- (SRTSP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cm102u32.dll -- (SRS_SSCFilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WUSB54Gv4SVC.dll -- (srescan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w29n51.dll -- (SQLWriter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdfsdrv.dll -- (sprtsvc_smartagent)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsunidrv.dll -- (spmd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backupexecagentaccelerator.dll -- (splitter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SiSGbeXP.dll -- (SPFDRV)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tdtcp.dll -- (spcsutilityservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdfl.dll -- (spbbcsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NPPTNT.dll -- (sonytvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mbr.dll -- (SNP2STD)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SerTVOutCtlr.dll -- (snmptrapdservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VRFIL.dll -- (smsmdd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HECI.dll -- (SMCB000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NICSer_WPC300N.dll -- (smartwiservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ipfilterdriver.dll -- (Slpsvdr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Invoker.dll -- (Slntamr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pcidrv.dll -- (slee_503_service)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CoachUsb.dll -- (slabser)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\l8042pr2.dll -- (slabbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\snmptrapdservice.dll -- (sisnic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wuauserv.dll -- (sis315)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ngdbserv.dll -- (SimpTcp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PCISys.dll -- (sifilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\roxupnpserver.dll -- (sglogplayer)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\c-dillasrv.dll -- (SetupSys)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NPDriver.dll -- (server)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DCamUSBGrandTek.dll -- (ser2pl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdss.dll -- (sentinel)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\psasrv.dll -- (SED133x)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\amfilter.dll -- (se59nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\OEM02Vfx.dll -- (se58unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bgsvcgen.dll -- (se45nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pavprsrv.dll -- (se45mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQTECH905C.dll -- (se44nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bthmodem.dll -- (se44bus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asapiw2k.dll -- (SE2Eobex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hdaudbus.dll -- (SE2Dbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PciBus.dll -- (se2Bunic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\scramby.dll -- (se2Bnd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\afs2k.dll -- (SE2Bmdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GTSCSER.dll -- (se26unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirectory.dll -- (SE26mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dlacdbhm.dll -- (SDdriver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\konfig.dll -- (sdcoreservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ICM10USB.dll -- (scsk4)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ufdsvc.dll -- (screadspool)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadirmultiplexor.dll -- (ScFBPNT3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DKbFltr.dll -- (sbhooksvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\odysseyIM4.dll -- (sandboxu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndis.dll -- (SaiU040B)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SNMP.dll -- (SaiNtSub)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BoiHwsetup.dll -- (SABSVC)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lvuvc.dll -- (s7otranx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w800mdm.dll -- (s7oppitx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\spooler.dll -- (s716nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcbus.dll -- (s616unic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sis162u.dll -- (s3ssavage)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BUFADPT.dll -- (S3GIGP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\scarddrv.dll -- (s217nd5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tfsndrct.dll -- (s217mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\svv.dll -- (s125obex)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\epoxusdm.dll -- (s116mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZDPNDIS5.dll -- (rtl8139)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ErrDev.dll -- (RSAFAL)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ohci1394.dll -- (rppkt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rspndr.dll -- (roxupnpserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\portmapper.dll -- (ROB_A)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mksupdateint.dll -- (rnadiagnosticsservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tlntsvr.dll -- (RMCAST)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cwcspud.dll -- (rimvserport)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\websensecpmcommunicationagent.dll -- (rimusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smtpd32.dll -- (rfcomm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ccdecode.dll -- (retroexplauncher)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\shellhwdetection.dll -- (RESMGR)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\itchfltr.dll -- (RDID1027)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symc8xx.dll -- (rchost)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acdpowerservice.dll -- (rca)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahome90agent.dll -- (ramaint)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\httpfilter.dll -- (queuemgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\navap.dll -- (qmofiltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RVIEG01.dll -- (ql1280)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usprserv.dll -- (qkbfiltr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SRTSPL.dll -- (qbfcservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SecureStorageService.dll -- (PTDCVsp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Ncrc710.dll -- (PTDCBus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netddedsdm.dll -- (proxyhostservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avsinc.dll -- (protexislicensing)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CE3.dll -- (procexp90)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bdpredir.dll -- (prism_a02)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wdica.dll -- (pml)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aolservice.dll -- (picturetaker)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\btwhid.dll -- (PGPsdkDriver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\toscosrv.dll -- (PGPdisk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlndtdl.dll -- (pfc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hnmsvc.dll -- (persfw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HWSCtrl.dll -- (perc2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\venturi2.dll -- (penrendezvous)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slabser.dll -- (pduip6000dmemcrdmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\LMIRfsDriver.dll -- (pdlnsx25)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\thpsrv.dll -- (pdlnatcm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WNCPKT.dll -- (pdframe)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oraclesnmppeerencapsulator.dll -- (PD0620VID)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mnmsrvc.dll -- (Pctspk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w29n51.dll -- (pcradminserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nic1394.dll -- (pcidump)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\quickhealfirewall.dll -- (papyjoy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmHidLo.dll -- (papycpu2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dntus26.dll -- (p2k)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\jaguar.dll -- (ovsecurityserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\atixsaudio.dll -- (outpostfirewall)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Video3D.dll -- (oraclewebassistant)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NSSvcMgr.dll -- (oracleorahomehttpserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\FVXSCSI.dll -- (oracle_load_balancer_60_client-forms6ip9)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SED133x.dll -- (oracle_load_balancer_60_client-forms6ip14)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TIEHDUSB.dll -- (openvpnservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vstor2.dll -- (openldap-slapd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\avg7updsvc.dll -- (ood2000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WUSB54Gv4SVC.dll -- (omsad)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\knobserv.dll -- (omniusbl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mlkkbdntdriver.dll -- (olapserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\GameConsoleService.dll -- (NxSysMon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcusb.dll -- (nwlnkspx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\anydvd.dll -- (NVTCP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\6to4.dll -- (nvstor32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\npkcsvc.dll -- (nvsmu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elagopro.dll -- (NVR0Dev)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mpe.dll -- (nvmpu401)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mfetdik.dll -- (NVENET)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NetwareWorkstation.dll -- (nvcap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\beatjamupnpmusicserver.dll -- (ntpr_nic_service2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elaunidr.dll -- (ntmssvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\lxcccustomerconnect.dll -- (NTIDrvr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rp32service.dll -- (ntcharge)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\asp.net.dll -- (NsTrcNT)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cisvc.dll -- (noipducservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ZTEusbser6k.dll -- (nmwcdc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\portio.dll -- (nmservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mssql$microsoftbcm.dll -- (nmsaccess)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\shdserv.dll -- (NITaggerService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CTEXFIFX.DLL.dll -- (NIPALK)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\aliadwdm.dll -- (nimcrpcsu)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bocdrive.dll -- (nimcdfxk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQLBrowser.dll -- (nfmservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tmtdi.dll -- (NETw3v32)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\symantecantibotshim.dll -- (netmdsb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AtiPcie.dll -- (Ncrc710)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8023.dll -- (nbservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PcdrNt.dll -- (mysqlinventime)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rupsd.dll -- (mxnic)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bcm43xx.dll -- (mwstick)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sfdrv01.dll -- (mwspollserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\networkx.dll -- (mssqlserverolapservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cdudf_xp.dll -- (mssql$sqlexpress)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MKEMUSB.dll -- (msftpsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\server.dll -- (monfilt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sermouse.dll -- (modemcsa)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116mgmt.dll -- (MobilePreInstallerService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sermouse.dll -- (mlkkbdntdriver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se26unic.dll -- (mks_scan)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vpcusb.dll -- (mfesmfk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\slip.dll -- (mfehidk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\YahooAUService.dll -- (mfeavfk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msmpsvc.dll -- (mctskshd.exe)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tdcmdpst.dll -- (mcsysmon)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ltxred.dll -- (mcnasvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Cam5603C.dll -- (mcdbus)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HWIONT.dll -- (mapserver6.3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mferkdk.dll -- (MA8032U)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\CiscoVpnInstallService.dll -- (ma_cmidi_installerservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mldserv.dll -- (lxrjd31d)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvsmu.dll -- (lxcj_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\zpsc.dll -- (lxbu_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sonicatheaterinstallerservice.dll -- (lxbs_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tcpip.dll -- (LVRS)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\crystalinputfileserver.dll -- (lvprcsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dptrackerd.dll -- (lpx)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nmservice.dll -- (lp6nds35)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\BrScnUsb.dll -- (lockmgr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vds.dll -- (lmab_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qhwscsvc.dll -- (lktimesync)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cpqalert.dll -- (LKbdFlt2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sweepsrv.sys.dll -- (licensemanagersocket)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DellAMBrokerService.dll -- (license)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WmaCVideo32.dll -- (klif)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nvstor64.dll -- (k750mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cis1284.dll -- (k750mdfl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\actser.dll -- (Jukebox)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\swmidi.dll -- (jaguar)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nsm1serd.dll -- (iwebmsg)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116bus.dll -- (iviaspi)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\z525mdm.dll -- (isapisearch)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SQLWriter.dll -- (ISAMSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MS1000.dll -- (iPassPeriodicUpdateService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\hSONYPVh.dll -- (iPassPeriodicUpdateApp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rnadiagnosticsservice.dll -- (iPassP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usbvideo.dll -- (inotask)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\bridge.dll -- (inorpc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\W8335XP.dll -- (ino_flpy)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rootmodem.dll -- (incdfs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\qbcfmonitorservice.dll -- (imagesrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\AcronisOSSReinstallSvc.dll -- (iksyssec)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\oracleorahomehttpserver.dll -- (ikhfile)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s616mgmt.dll -- (ifxtcs)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\eeyeevnt.dll -- (ifxspmgtsrv)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\agpcpq.dll -- (IFPUSB)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mrobeservice.dll -- (ibmcicstransactiongateway)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\inetaccs.dll -- (iastor)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\twdns.dll -- (iap)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnemap.dll -- (iAimTV5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\procexp90.dll -- (iaimfp1)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kerbkey.dll -- (i81x)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\i8042prt.dll -- (hwpsgt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dptrackerd.dll -- (https-admserv61)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tappsrv.dll -- (HSFHWICH)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\msgsrvservice.dll -- (hsf_dp)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\redbook.dll -- (hpqddsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vsmon.dll -- (HPFECP20)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mxserver.dll -- (Hotkey)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\buslogic.dll -- (hmonitor)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\HIDSwvd.dll -- (HIDSwvd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\elockservice.dll -- (hibernation)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\xusb21.dll -- (hclinetd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\DcCam.dll -- (haspnt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ADIDTSFiltService.dll -- (harmony)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\jobserver_report.dll -- (GV600_4)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\thkeys.dll -- (gv3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\MRESP50.dll -- (GTSCSER)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pnmsrv.dll -- (GTPTSER)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\usb_rndisx.dll -- (gearaspiwdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iPassPeriodicUpdateApp.dll -- (fshttps)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\se2Eunic.dll -- (freepops)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\samss.dll -- (freebsd)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mfehidk.dll -- (flashcom)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\kpfwsvc.dll -- (eskerlicensecontrol)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\srv.dll -- (emupia)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sbpci.dll -- (el90xbc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\vet-filt.dll -- (EL2000)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\s116mdfl.dll -- (EACSvrMngr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\L1e.dll -- (e1express)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdlnemsg.dll -- (DNE)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\smapint.dll -- (dmio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SrvcEPIOMngr.dll -- (dlcf_device)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\issuser.dll -- (DirectUpdate)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pimsgss.dll -- (digictrl)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ndasscsi.dll -- (defwatch)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tones.dll -- (ctljystk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ps2.dll -- (cpucoolserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sit_bus.dll -- (cicssfs.scmmc223)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\captureservice.dll -- (cebdaldr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\netdde.dll -- (ccflic0)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\W8100PCI.dll -- (btwusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\merakcontrol.dll -- (BTSLBCSP)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\nfsds.dll -- (btnetfilter)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rtl8029.dll -- (bthusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\akshhl.dll -- (bantext)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\fsaa.dll -- (backupexecalertserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ati.dll -- (axsaki)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\rpsupdaterr.dll -- (avg7rsw)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\apphostsvc.dll -- (ATWPKT2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cyberpowerups.dll -- (ATMsrvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\tmesbs32.dll -- (atkkeyboardservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\PCDCODEC.dll -- (atixsaudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w550mdm.dll -- (athr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\cicssfs.scmmc223.dll -- (atalk)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RTHDMIAzAudService.dll -- (aswrdr)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\wmp54gv4svc.dll -- (ASNDIS5)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pdagent.dll -- (askernel)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ShockMgr.dll -- (artourservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NTSIM.dll -- (array_utility_service4,0,1,3)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ultra66.dll -- (Appn)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ccispwdsvc.dll -- (Angel2)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\SE2Eobex.dll -- (AKSIFDH)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acpi.dll -- (agrsrvce)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\idsvc.dll -- (ageremodemaudio)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\WinHttpAutoProxySvc.dll -- (AdobeActiveFileMonitor6.0)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\TPM.dll -- (AcronisOSSReinstallSvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RIOXDRV.dll -- (acprfmgrsvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\Dell1100_FUService.dll -- (aclient)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\VAIOMediaPlatform-MusicServer-HTTP.dll -- (acermemusagecheckservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\acrotray.dll -- (a016mgmt)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\ibmsmbus.dll -- ({a7447300-8075-4b0d-83f1-3d75c8ebc623})
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\iAimFP7.dll -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
SRV - [2012/05/05 12:58:23 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/01/12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
SRV - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
SRV - [2009/10/07 08:50:26 | 000,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2008/01/19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/05 20:57:30 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbacoms.exe -- (dlba_device)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\tsk9AF1.tmp -- (netbt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV - File not found [File_System | Boot | Stopped] -- system32\drivers\98925466.sys -- (70080763)
DRV - [2012/04/04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/25 15:19:08 | 000,121,208 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/12/21 15:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010/12/21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010/12/21 13:47:38 | 000,134,000 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfw.sys -- (epfw)
DRV - [2010/12/21 13:47:38 | 000,041,336 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\epfwwfp.sys -- (epfwwfp)
DRV - [2010/12/21 13:47:38 | 000,033,120 | ---- | M] (ESET) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\epfwndis.sys -- (Epfwndis)
DRV - [2009/06/25 16:58:10 | 000,048,128 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/10/11 15:56:00 | 000,045,056 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2008/07/29 15:41:36 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes,DefaultScope = {14333CD8-819C-402F-9905-1CF972A81140}
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{14333CD8-819C-402F-9905-1CF972A81140}: "URL" = http://search.yahoo.com/?ourmark=4&p={searchTerms}
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&sourceid=ie7&rlz=1I7ADRA_enUS469
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\SearchScopes\{C36B4AC8-F9D8-49D2-B38D-B809B2153AFC}: "URL" = http://websearch.ask.com/redirect?c...pn_sauid=8924FAAA-C73B-46DA-8F63-61EB8B029E1C
IE - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\William\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\William\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/12/23 17:26:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012/05/13 13:40:04 | 000,000,000 | ---D | M]

[2012/03/24 20:23:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\William\AppData\Roaming\Mozilla\Firefox\Profiles\kxy542ye.default\extensions
[2011/11/23 02:45:23 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old

billyd · May 18, 2012

========== Chrome ==========

CHR - default_search_provider: Bing (Enabled)
CHR - default_search_provider: search_url = http://www.bing.com/search?setmkt=en-US&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.bing.com/osjson.aspx?query={searchTerms}&language={language},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\William\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\William\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\William\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\William\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Chrome Toolbox Plugin (Enabled) = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.32_0\plugin/convenience.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Chrome Toolbox (by Google) = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjccknnhdnkbanjilpjddjhmkghmachn\1.0.32_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/05/17 04:29:41 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoComputersNearMe = 0
O7 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O15 - HKU\S-1-5-21-1815498000-2833343681-1250068786-1000\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{431E6B66-43D9-4C45-9390-7F4CABDE6BF8}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - %systemroot%\system32\elaunidr.dll File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: se2Bunic - %systemroot%\system32\PciBus.dll File not found
NetSvcs: ofcpfwsvc - File not found
NetSvcs: upsmonservice - %systemroot%\system32\Cinemsup.dll File not found
NetSvcs: nmservice - %systemroot%\system32\portio.dll File not found
NetSvcs: atkkeyboardservice - %systemroot%\system32\tmesbs32.dll File not found
NetSvcs: SE2Bmdfl - %systemroot%\system32\afs2k.dll File not found
NetSvcs: SE2Dbus - %systemroot%\system32\hdaudbus.dll File not found
NetSvcs: omsad - %systemroot%\system32\WUSB54Gv4SVC.dll File not found
NetSvcs: tmtdi - %systemroot%\system32\es1371.dll File not found
NetSvcs: wm - %systemroot%\system32\fingrd32.dll File not found
NetSvcs: UNDPX2A - %systemroot%\system32\hidgame.dll File not found
NetSvcs: sdcoreservice - %systemroot%\system32\konfig.dll File not found
NetSvcs: EIO_XP - File not found
NetSvcs: ErrDev - File not found
NetSvcs: qfcoresvc - File not found
NetSvcs: mcdetect.exe - File not found
NetSvcs: pelusblf - File not found
NetSvcs: DS1410D - File not found
NetSvcs: CTMFLT - File not found
NetSvcs: EMATCORE - File not found
NetSvcs: CVirtA - File not found
NetSvcs: mssqlserverolapservice - %systemroot%\system32\networkx.dll File not found
NetSvcs: pgpsdkservice - File not found
NetSvcs: PTDCVsp - %systemroot%\system32\SecureStorageService.dll File not found
NetSvcs: dsNcAdpt - File not found
NetSvcs: sisnic - %systemroot%\system32\snmptrapdservice.dll File not found
NetSvcs: btnetfilter - %systemroot%\system32\nfsds.dll File not found
NetSvcs: nimcdfxk - %systemroot%\system32\bocdrive.dll File not found
NetSvcs: MTC0001_ESB - File not found
NetSvcs: SprintRcAppSvc - File not found
NetSvcs: pcx1unic - File not found
NetSvcs: RDID1027 - %systemroot%\system32\itchfltr.dll File not found
NetSvcs: pwkntmon - File not found
NetSvcs: axsaki - %systemroot%\system32\ati.dll File not found
NetSvcs: mwagent - File not found
NetSvcs: oracle_load_balancer_60_server-forms6ip9 - File not found
NetSvcs: rslinxng - File not found
NetSvcs: mysql - File not found
NetSvcs: teefer - File not found
NetSvcs: atixsaudio - %systemroot%\system32\PCDCODEC.dll File not found
NetSvcs: mvserver - File not found
NetSvcs: spmd - %systemroot%\system32\dsunidrv.dll File not found
NetSvcs: bc_filter - File not found
NetSvcs: atiavaiw - File not found
NetSvcs: UimBus - File not found
NetSvcs: sisperf - File not found
NetSvcs: imapiservice - File not found
NetSvcs: s716mdm - File not found
NetSvcs: rt2500usb - File not found
NetSvcs: ppped - File not found
NetSvcs: tfsnboio - File not found
NetSvcs: dlartl_n - File not found
NetSvcs: vstor2-ws60 - File not found
NetSvcs: iPassPeriodicUpdateService - %systemroot%\system32\MS1000.dll File not found
NetSvcs: speakerphone - File not found
NetSvcs: ZDPNDIS5 - File not found
NetSvcs: ISAMSvc - %systemroot%\system32\SQLWriter.dll File not found
NetSvcs: plsremotesvc - File not found
NetSvcs: smartwiservice - %systemroot%\system32\NICSer_WPC300N.dll File not found
NetSvcs: mcdbus - %systemroot%\system32\Cam5603C.dll File not found
NetSvcs: se45mgmt - %systemroot%\system32\pavprsrv.dll File not found
NetSvcs: ccflic0 - %systemroot%\system32\netdde.dll File not found
NetSvcs: webdriveservice - %systemroot%\system32\tos_sps32.dll File not found
NetSvcs: wlluc48b - %systemroot%\system32\cdralw2k.dll File not found
NetSvcs: webrootenterpriseclientservice - %systemroot%\system32\se58mgmt.dll File not found
NetSvcs: imagesrv - %systemroot%\system32\qbcfmonitorservice.dll File not found
NetSvcs: flashcom - %systemroot%\system32\mfehidk.dll File not found
NetSvcs: ssm_bus - %systemroot%\system32\MailService.dll File not found
NetSvcs: olapserver - %systemroot%\system32\mlkkbdntdriver.dll File not found
NetSvcs: wintab32 - %systemroot%\system32\omniserv.dll File not found
NetSvcs: a016mgmt - %systemroot%\system32\acrotray.dll File not found
NetSvcs: MRV6X32P - File not found
NetSvcs: EACSvrMngr - %systemroot%\system32\s116mdfl.dll File not found
NetSvcs: sglogplayer - %systemroot%\system32\roxupnpserver.dll File not found
NetSvcs: AcronisOSSReinstallSvc - %systemroot%\system32\TPM.dll File not found
NetSvcs: atdisk - File not found
NetSvcs: bantext - %systemroot%\system32\akshhl.dll File not found
NetSvcs: nwlnkspx - %systemroot%\system32\vpcusb.dll File not found
NetSvcs: PBADRV - File not found
NetSvcs: oraclewebassistant - %systemroot%\system32\Video3D.dll File not found
NetSvcs: sonytvc - %systemroot%\system32\NPPTNT.dll File not found
NetSvcs: intelroam - File not found
NetSvcs: papyjoy - %systemroot%\system32\quickhealfirewall.dll File not found
NetSvcs: tfsnudf - %systemroot%\system32\FTDIBUS.dll File not found
NetSvcs: U3sHlpDr - File not found
NetSvcs: npapimon - File not found
NetSvcs: comhost - File not found
NetSvcs: SetupSys - %systemroot%\system32\c-dillasrv.dll File not found
NetSvcs: pdlnatcm - %systemroot%\system32\thpsrv.dll File not found
NetSvcs: iPassP - %systemroot%\system32\rnadiagnosticsservice.dll File not found
NetSvcs: perc2 - %systemroot%\system32\HWSCtrl.dll File not found
NetSvcs: statusagent - File not found
NetSvcs: ATWPKT2 - %systemroot%\system32\apphostsvc.dll File not found
NetSvcs: AdobeActiveFileMonitor6.0 - %systemroot%\system32\WinHttpAutoProxySvc.dll File not found
NetSvcs: WD_FireWire_HID - %systemroot%\system32\ssm_bus.dll File not found
NetSvcs: {a7447300-8075-4b0d-83f1-3d75c8ebc623} - %systemroot%\system32\ibmsmbus.dll File not found
NetSvcs: hclinetd - %systemroot%\system32\xusb21.dll File not found
NetSvcs: i81x - %systemroot%\system32\kerbkey.dll File not found
NetSvcs: SWUMX51 - %systemroot%\system32\cwafnotesservice.dll File not found
NetSvcs: MQAC - File not found
NetSvcs: UsbserFilt - File not found
NetSvcs: dlbu_device - File not found
NetSvcs: szkg - File not found
NetSvcs: incdsrv - File not found
NetSvcs: acrotray - File not found
NetSvcs: rootmodem - File not found
NetSvcs: nwlnknb - File not found
NetSvcs: avgems - File not found
NetSvcs: datasvr - File not found
NetSvcs: NETw4v32 - File not found
NetSvcs: cfgwzsvc - File not found
NetSvcs: tvtfilter - File not found
NetSvcs: USB_NDIS_51 - File not found
NetSvcs: s125mdfl - File not found
NetSvcs: tng-dtmg - File not found
NetSvcs: vproeventmonitor - File not found
NetSvcs: wmconnectcds - File not found
NetSvcs: redbook - File not found
NetSvcs: DivisCTS - File not found
NetSvcs: NWSAP - File not found
NetSvcs: macformatservice - File not found
NetSvcs: sit_flt - File not found
NetSvcs: EL2000 - %systemroot%\system32\vet-filt.dll File not found
NetSvcs: ssfs0509 - %systemroot%\system32\SMCB000.dll File not found
NetSvcs: procexp90 - %systemroot%\system32\CE3.dll File not found
NetSvcs: iksyssec - %systemroot%\system32\AcronisOSSReinstallSvc.dll File not found
NetSvcs: starwindservice - File not found
NetSvcs: mnsframework - File not found
NetSvcs: aolservice - File not found
NetSvcs: crauto - File not found
NetSvcs: nvax - File not found
NetSvcs: mctskshd.exe - %systemroot%\system32\msmpsvc.dll File not found
NetSvcs: ICAM5USB - File not found
NetSvcs: LC7981 - File not found
NetSvcs: razerusb - File not found
NetSvcs: EagleNT - File not found
NetSvcs: xfilt - File not found
NetSvcs: ageremodemaudio - %systemroot%\system32\idsvc.dll File not found
NetSvcs: MA8032U - %systemroot%\system32\mferkdk.dll File not found
NetSvcs: fshttps - %systemroot%\system32\iPassPeriodicUpdateApp.dll File not found
NetSvcs: slabbus - %systemroot%\system32\l8042pr2.dll File not found
NetSvcs: useraccess7 - %systemroot%\system32\oraclexeclragent.dll File not found
NetSvcs: ctljystk - %systemroot%\system32\tones.dll File not found
NetSvcs: acermemusagecheckservice - %systemroot%\system32\VAIOMediaPlatform-MusicServer-HTTP.dll File not found
NetSvcs: NVR0Dev - %systemroot%\system32\elagopro.dll File not found
NetSvcs: rnadirectory - File not found
NetSvcs: netmdsb - %systemroot%\system32\symantecantibotshim.dll File not found
NetSvcs: nm - File not found
NetSvcs: bc_pat_f - File not found
NetSvcs: MREMP50 - File not found
NetSvcs: W700mdm - File not found
NetSvcs: oraclemtsrecoveryservice - File not found
NetSvcs: pduip6000dmemcrdmgr - %systemroot%\system32\slabser.dll File not found
NetSvcs: roxwatch - File not found
NetSvcs: svv - %systemroot%\system32\pdrframe.dll File not found
NetSvcs: SMCB000 - %systemroot%\system32\HECI.dll File not found
NetSvcs: vncdrv - %systemroot%\system32\niorbk.dll File not found
NetSvcs: tapeware - %systemroot%\system32\DcLps.dll File not found
NetSvcs: Angel2 - %systemroot%\system32\ccispwdsvc.dll File not found
NetSvcs: qkbfiltr - %systemroot%\system32\usprserv.dll File not found
NetSvcs: persfw - %systemroot%\system32\hnmsvc.dll File not found
NetSvcs: cpucoolserver - %systemroot%\system32\ps2.dll File not found
NetSvcs: btwusb - %systemroot%\system32\W8100PCI.dll File not found
NetSvcs: STV680m - %systemroot%\system32\ccpwdsvc.dll File not found
NetSvcs: msftpsvc - %systemroot%\system32\MKEMUSB.dll File not found
NetSvcs: mxnic - %systemroot%\system32\rupsd.dll File not found
NetSvcs: ikhfile - %systemroot%\system32\oracleorahomehttpserver.dll File not found
NetSvcs: opcenum - File not found
NetSvcs: trioservice - %systemroot%\system32\atkkeyboardservice.dll File not found
NetSvcs: cebdaldr - %systemroot%\system32\captureservice.dll File not found
NetSvcs: winpppoverethernet - %systemroot%\system32\sptisrv.dll File not found
NetSvcs: lpx - %systemroot%\system32\dptrackerd.dll File not found
NetSvcs: TOSHIBASoftModem - %systemroot%\system32\dmio.dll File not found
NetSvcs: mssql$sqlexpress - %systemroot%\system32\cdudf_xp.dll File not found
NetSvcs: Hotkey - %systemroot%\system32\mxserver.dll File not found
NetSvcs: NITaggerService - %systemroot%\system32\shdserv.dll File not found
NetSvcs: slabser - %systemroot%\system32\CoachUsb.dll File not found
NetSvcs: openldap-slapd - %systemroot%\system32\vstor2.dll File not found
NetSvcs: WinVd32 - %systemroot%\system32\iap.dll File not found
NetSvcs: rchost - %systemroot%\system32\symc8xx.dll File not found
NetSvcs: w800mdm - %systemroot%\system32\starwindservice.dll File not found
NetSvcs: NTIDrvr - %systemroot%\system32\lxcccustomerconnect.dll File not found
NetSvcs: server - %systemroot%\system32\NPDriver.dll File not found
NetSvcs: SE26mgmt - %systemroot%\system32\rnadirectory.dll File not found
NetSvcs: z800mgmt - %systemroot%\system32\ssscsisv.dll File not found
NetSvcs: S3GIGP - %systemroot%\system32\BUFADPT.dll File not found
NetSvcs: tgsrvc_smartagent - %systemroot%\system32\PciBus.dll File not found
NetSvcs: iaimfp1 - %systemroot%\system32\procexp90.dll File not found
NetSvcs: Slntamr - %systemroot%\system32\Invoker.dll File not found
NetSvcs: defwatch - %systemroot%\system32\ndasscsi.dll File not found
NetSvcs: sis315 - %systemroot%\system32\wuauserv.dll File not found
NetSvcs: queuemgr - %systemroot%\system32\httpfilter.dll File not found
NetSvcs: penrendezvous - %systemroot%\system32\venturi2.dll File not found
NetSvcs: lktimesync - %systemroot%\system32\qhwscsvc.dll File not found
NetSvcs: ino_flpy - %systemroot%\system32\W8335XP.dll File not found
NetSvcs: noipducservice - %systemroot%\system32\cisvc.dll File not found
NetSvcs: WaveFDE - %systemroot%\system32\kraidsvc.dll File not found
NetSvcs: ntcharge - %systemroot%\system32\rp32service.dll File not found
NetSvcs: se45nd5 - %systemroot%\system32\bgsvcgen.dll File not found
NetSvcs: rfcomm - %systemroot%\system32\smtpd32.dll File not found
NetSvcs: tavsvc - %systemroot%\system32\lbrtfdc.dll File not found
NetSvcs: SABSVC - %systemroot%\system32\BoiHwsetup.dll File not found
NetSvcs: screadspool - %systemroot%\system32\ufdsvc.dll File not found
NetSvcs: GTSCSER - %systemroot%\system32\MRESP50.dll File not found
NetSvcs: mysqlinventime - %systemroot%\system32\PcdrNt.dll File not found
NetSvcs: modemcsa - %systemroot%\system32\sermouse.dll File not found
NetSvcs: timounter - %systemroot%\system32\mscsptisrv.dll File not found
NetSvcs: NETw3v32 - %systemroot%\system32\tmtdi.dll File not found
NetSvcs: ma_cmidi_installerservice - %systemroot%\system32\CiscoVpnInstallService.dll File not found
NetSvcs: nimxdfk - File not found
NetSvcs: tdimsys - %systemroot%\system32\alcaudsl.dll File not found
NetSvcs: PD0620VID - %systemroot%\system32\oraclesnmppeerencapsulator.dll File not found
NetSvcs: PGPdisk - %systemroot%\system32\toscosrv.dll File not found
NetSvcs: SimpTcp - %systemroot%\system32\ngdbserv.dll File not found
NetSvcs: mfeavfk - %systemroot%\system32\YahooAUService.dll File not found
NetSvcs: SPFDRV - %systemroot%\system32\SiSGbeXP.dll File not found
NetSvcs: pcradminserver - %systemroot%\system32\w29n51.dll File not found
NetSvcs: mlkkbdntdriver - %systemroot%\system32\sermouse.dll File not found
NetSvcs: WBHWDOCT - %systemroot%\system32\swwd.dll File not found
NetSvcs: lvprcsrv - %systemroot%\system32\crystalinputfileserver.dll File not found
NetSvcs: uleadburninghelper - %systemroot%\system32\AdobeActiveFileMonitor6.0.dll File not found
NetSvcs: mwstick - %systemroot%\system32\bcm43xx.dll File not found
NetSvcs: vsdatant - %systemroot%\system32\sympxsvc.dll File not found
NetSvcs: hibernation - %systemroot%\system32\elockservice.dll File not found
NetSvcs: lmab_device - %systemroot%\system32\vds.dll File not found
NetSvcs: rppkt - %systemroot%\system32\ohci1394.dll File not found
NetSvcs: mcsysmon - %systemroot%\system32\tdcmdpst.dll File not found
NetSvcs: UWProSys - %systemroot%\system32\prodrv06.dll File not found
NetSvcs: s217nd5 - %systemroot%\system32\scarddrv.dll File not found
NetSvcs: monfilt - %systemroot%\system32\server.dll File not found
NetSvcs: lxcj_device - %systemroot%\system32\nvsmu.dll File not found
NetSvcs: ntpr_nic_service2 - %systemroot%\system32\beatjamupnpmusicserver.dll File not found
NetSvcs: iAimTV5 - %systemroot%\system32\pdlnemap.dll File not found
NetSvcs: zpsc - %systemroot%\system32\lxrsii1s.dll File not found
NetSvcs: haspnt - %systemroot%\system32\DcCam.dll File not found
NetSvcs: Jukebox - %systemroot%\system32\actser.dll File not found
NetSvcs: VAIOMediaPlatform-MusicServer-HTTP - %systemroot%\system32\DMUSBUSBDCam.dll File not found
NetSvcs: scsk4 - %systemroot%\system32\ICM10USB.dll File not found
NetSvcs: outpostfirewall - %systemroot%\system32\atixsaudio.dll File not found
NetSvcs: backupexecalertserver - %systemroot%\system32\fsaa.dll File not found
NetSvcs: nmwcdc - %systemroot%\system32\ZTEusbser6k.dll File not found
NetSvcs: pavdrv - File not found
NetSvcs: sandboxu - %systemroot%\system32\odysseyIM4.dll File not found
NetSvcs: slee_503_service - %systemroot%\system32\pcidrv.dll File not found
NetSvcs: wmi - %systemroot%\system32\pavsrv.dll File not found
NetSvcs: HIDSwvd - %systemroot%\system32\HIDSwvd.dll File not found
NetSvcs: ssm_mdm - %systemroot%\system32\dot4print.dll File not found
NetSvcs: LVRS - %systemroot%\system32\tcpip.dll File not found
NetSvcs: sifilter - %systemroot%\system32\PCISys.dll File not found
NetSvcs: viaagp1 - %systemroot%\system32\v2imount.dll File not found
NetSvcs: ood2000 - %systemroot%\system32\avg7updsvc.dll File not found
NetSvcs: STV680 - %systemroot%\system32\avidsdmservice.dll File not found
NetSvcs: win32sl - %systemroot%\system32\rtl8139.dll File not found
NetSvcs: s116mdm - %systemroot%\system32\epoxusdm.dll File not found
NetSvcs: Pctspk - %systemroot%\system32\mnmsrvc.dll File not found
NetSvcs: jaguar - %systemroot%\system32\swmidi.dll File not found
NetSvcs: ROB_A - %systemroot%\system32\portmapper.dll File not found
NetSvcs: Appn - %systemroot%\system32\ultra66.dll File not found
NetSvcs: hwpsgt - %systemroot%\system32\i8042prt.dll File not found
NetSvcs: spcsutilityservice - %systemroot%\system32\tdtcp.dll File not found
NetSvcs: nvstor32 - %systemroot%\system32\6to4.dll File not found
NetSvcs: mfesmfk - %systemroot%\system32\vpcusb.dll File not found
NetSvcs: roxupnpserver - %systemroot%\system32\rspndr.dll File not found
NetSvcs: avg7rsw - %systemroot%\system32\rpsupdaterr.dll File not found
NetSvcs: SWNC5E00 - %systemroot%\system32\CT20XUT.DLL.dll File not found
NetSvcs: DNE - %systemroot%\system32\pdlnemsg.dll File not found
NetSvcs: ovsecurityserver - %systemroot%\system32\jaguar.dll File not found
NetSvcs: p2k - %systemroot%\system32\dntus26.dll File not found
NetSvcs: wuolservice - %systemroot%\system32\SMPLSCSI.dll File not found
NetSvcs: winpowerrmi - %systemroot%\system32\k750mdfl.dll File not found
NetSvcs: srvdpi - %systemroot%\system32\ISAMSvc.dll File not found
NetSvcs: spbbcsvc - %systemroot%\system32\z525mdfl.dll File not found
NetSvcs: vcommmgr - %systemroot%\system32\NTIDrvr.dll File not found
NetSvcs: SNP2STD - %systemroot%\system32\mbr.dll File not found
NetSvcs: NIPALK - %systemroot%\system32\CTEXFIFX.DLL.dll File not found
NetSvcs: hpqddsvc - %systemroot%\system32\redbook.dll File not found
NetSvcs: harmony - %systemroot%\system32\ADIDTSFiltService.dll File not found
NetSvcs: sshrmd - %systemroot%\system32\lxcgcustomerconnect.dll File not found
NetSvcs: winpower - %systemroot%\system32\tifm21.dll File not found
NetSvcs: Slpsvdr - %systemroot%\system32\ipfilterdriver.dll File not found
NetSvcs: oracle_load_balancer_60_client-forms6ip9 - %systemroot%\system32\FVXSCSI.dll File not found
NetSvcs: TMKEmu - %systemroot%\system32\slee_81_service.dll File not found
NetSvcs: HPFECP20 - %systemroot%\system32\vsmon.dll File not found
NetSvcs: pcidump - %systemroot%\system32\nic1394.dll File not found
NetSvcs: UVCFTR - %systemroot%\system32\openvpnservice.dll File not found
NetSvcs: nbservice - %systemroot%\system32\rtl8023.dll File not found
NetSvcs: license - %systemroot%\system32\DellAMBrokerService.dll File not found
NetSvcs: oracleorahomehttpserver - %systemroot%\system32\NSSvcMgr.dll File not found
NetSvcs: DirectUpdate - %systemroot%\system32\issuser.dll File not found
NetSvcs: PGPsdkDriver - %systemroot%\system32\btwhid.dll File not found
NetSvcs: retroexplauncher - %systemroot%\system32\ccdecode.dll File not found
NetSvcs: nfmservice - %systemroot%\system32\SQLBrowser.dll File not found
NetSvcs: tng-dts - %systemroot%\system32\steamdvr.dll File not found
NetSvcs: SE2Eobex - %systemroot%\system32\asapiw2k.dll File not found
NetSvcs: wampmysqld - %systemroot%\system32\tvtfilter.dll File not found
NetSvcs: s217mdm - %systemroot%\system32\tfsndrct.dll File not found
NetSvcs: dlcf_device - %systemroot%\system32\SrvcEPIOMngr.dll File not found
NetSvcs: rimvserport - %systemroot%\system32\cwcspud.dll File not found
NetSvcs: TNaviSrv - %systemroot%\system32\zpnodecollector.dll File not found
NetSvcs: el90xbc - %systemroot%\system32\sbpci.dll File not found
NetSvcs: RESMGR - %systemroot%\system32\shellhwdetection.dll File not found
NetSvcs: SDdriver - %systemroot%\system32\dlacdbhm.dll File not found
NetSvcs: pdlnsx25 - %systemroot%\system32\LMIRfsDriver.dll File not found
NetSvcs: wdica - %systemroot%\system32\elagopro.dll File not found
NetSvcs: wmdmpmsp - %systemroot%\system32\UWProSys.dll File not found
NetSvcs: picturetaker - %systemroot%\system32\aolservice.dll File not found
NetSvcs: rnadiagnosticsservice - %systemroot%\system32\mksupdateint.dll File not found
NetSvcs: Via4in1 - %systemroot%\system32\aalogger.dll File not found
NetSvcs: freepops - %systemroot%\system32\se2Eunic.dll File not found
NetSvcs: nimcrpcsu - %systemroot%\system32\aliadwdm.dll File not found
NetSvcs: dmio - %systemroot%\system32\smapint.dll File not found
NetSvcs: TuneUp.Defrag - %systemroot%\system32\Si3132.dll File not found
NetSvcs: iPassPeriodicUpdateApp - %systemroot%\system32\hSONYPVh.dll File not found
NetSvcs: prism_a02 - %systemroot%\system32\bdpredir.dll File not found
NetSvcs: IFPUSB - %systemroot%\system32\agpcpq.dll File not found
NetSvcs: transarcafsdaemon - %systemroot%\system32\SE2Dmgmt.dll File not found
NetSvcs: k750mdfl - %systemroot%\system32\cis1284.dll File not found
NetSvcs: USB_RNDIS - %systemroot%\system32\hprfdev.dll File not found
NetSvcs: SRTSP - %systemroot%\system32\NSNDIS5.dll File not found
NetSvcs: ifxtcs - %systemroot%\system32\s616mgmt.dll File not found
NetSvcs: VICESYS - %systemroot%\system32\arkbcfltr.dll File not found
NetSvcs: PTDCBus - %systemroot%\system32\Ncrc710.dll File not found
NetSvcs: tcsd_win32.exe - %systemroot%\system32\hidusb.dll File not found
NetSvcs: pml - %systemroot%\system32\wdica.dll File not found
NetSvcs: ScFBPNT3 - %systemroot%\system32\rnadirmultiplexor.dll File not found
NetSvcs: UxTuneUp - %systemroot%\system32\cdrbsvsd.dll File not found
NetSvcs: vc5secs - %systemroot%\system32\U3sHlpDr.dll File not found
NetSvcs: tbhsd - %systemroot%\system32\rwbackupsrv.dll File not found
NetSvcs: stacsv - %systemroot%\system32\ntgrip.dll File not found
NetSvcs: licensemanagersocket - %systemroot%\system32\sweepsrv.sys.dll File not found
NetSvcs: tosrfnds - %systemroot%\system32\regservice.dll File not found
NetSvcs: ql1280 - %systemroot%\system32\RVIEG01.dll File not found
NetSvcs: s3ssavage - %systemroot%\system32\sis162u.dll File not found
NetSvcs: hmonitor - %systemroot%\system32\buslogic.dll File not found
NetSvcs: wlluc48 - %systemroot%\system32\iaantmon.dll File not found
NetSvcs: tmmbd - %systemroot%\system32\quickhealfirewall.dll File not found
NetSvcs: zebrbus - %systemroot%\system32\w200mgmt.dll File not found
NetSvcs: vsapint - %systemroot%\system32\termdd.dll File not found
NetSvcs: w200bus - %systemroot%\system32\usbsermptxp.dll File not found
NetSvcs: NsTrcNT - %systemroot%\system32\asp.net.dll File not found
NetSvcs: hsf_dp - %systemroot%\system32\msgsrvservice.dll File not found
NetSvcs: trackcam4 - %systemroot%\system32\stllssvr.dll File not found
NetSvcs: WUSB54GPV4SRV - %systemroot%\system32\db2ntsecserver.dll File not found
NetSvcs: us30service - %systemroot%\system32\atapi.dll File not found
NetSvcs: vvoice - %systemroot%\system32\s217unic.dll File not found
NetSvcs: inotask - %systemroot%\system32\usbvideo.dll File not found
NetSvcs: inorpc - %systemroot%\system32\bridge.dll File not found
NetSvcs: VNUSB - %systemroot%\system32\xusb21.dll File not found
NetSvcs: lxrjd31d - %systemroot%\system32\mldserv.dll File not found
NetSvcs: Ncrc710 - %systemroot%\system32\AtiPcie.dll File not found
NetSvcs: rca - %systemroot%\system32\acdpowerservice.dll File not found
NetSvcs: s125obex - %systemroot%\system32\svv.dll File not found
NetSvcs: NxSysMon - %systemroot%\system32\GameConsoleService.dll File not found
NetSvcs: VX3000 - %systemroot%\system32\irbus.dll File not found
NetSvcs: srescan - %systemroot%\system32\WUSB54Gv4SVC.dll File not found
NetSvcs: {95808DC4-FA4A-4c74-92FE-5B863F82066B} - %systemroot%\system32\iAimFP7.dll File not found
NetSvcs: isapisearch - %systemroot%\system32\z525mdm.dll File not found
NetSvcs: lockmgr - %systemroot%\system32\BrScnUsb.dll File not found
NetSvcs: nvcap - %systemroot%\system32\NetwareWorkstation.dll File not found
NetSvcs: ss_mdfl - %systemroot%\system32\NetMsmqActivator.dll File not found
NetSvcs: SRS_SSCFilter - %systemroot%\system32\cm102u32.dll File not found
NetSvcs: klif - %systemroot%\system32\WmaCVideo32.dll File not found
NetSvcs: se26unic - %systemroot%\system32\GTSCSER.dll File not found
NetSvcs: mks_scan - %systemroot%\system32\se26unic.dll File not found
NetSvcs: s7otranx - %systemroot%\system32\lvuvc.dll File not found
NetSvcs: SED133x - %systemroot%\system32\psasrv.dll File not found
NetSvcs: ibmcicstransactiongateway - %systemroot%\system32\mrobeservice.dll File not found
NetSvcs: s7oppitx - %systemroot%\system32\w800mdm.dll File not found
NetSvcs: LKbdFlt2 - %systemroot%\system32\cpqalert.dll File not found
NetSvcs: UMPass - %systemroot%\system32\omniserv.dll File not found
NetSvcs: U81xobex - %systemroot%\system32\MA8032C.dll File not found
NetSvcs: qbfcservice - %systemroot%\system32\SRTSPL.dll File not found
NetSvcs: tosrfsnd - %systemroot%\system32\tosporte.dll File not found
NetSvcs: openvpnservice - %systemroot%\system32\TIEHDUSB.dll File not found
NetSvcs: freebsd - %systemroot%\system32\samss.dll File not found
NetSvcs: se58unic - %systemroot%\system32\OEM02Vfx.dll File not found
NetSvcs: RMCAST - %systemroot%\system32\tlntsvr.dll File not found
NetSvcs: mcnasvc - %systemroot%\system32\ltxred.dll File not found
NetSvcs: k750mdm - %systemroot%\system32\nvstor64.dll File not found
NetSvcs: s616unic - %systemroot%\system32\vpcbus.dll File not found
NetSvcs: artourservice - %systemroot%\system32\ShockMgr.dll File not found
NetSvcs: symmpi - %systemroot%\system32\dlacdbhm.dll File not found

billyd · May 18, 2012

NetSvcs: iastor - %systemroot%\system32\inetaccs.dll File not found
NetSvcs: aclient - %systemroot%\system32\Dell1100_FUService.dll File not found
NetSvcs: BTSLBCSP - %systemroot%\system32\merakcontrol.dll File not found
NetSvcs: askernel - %systemroot%\system32\pdagent.dll File not found
NetSvcs: acprfmgrsvc - %systemroot%\system32\RIOXDRV.dll File not found
NetSvcs: https-admserv61 - %systemroot%\system32\dptrackerd.dll File not found
NetSvcs: splitter - %systemroot%\system32\backupexecagentaccelerator.dll File not found
NetSvcs: SaiU040B - %systemroot%\system32\ndis.dll File not found
NetSvcs: proxyhostservice - %systemroot%\system32\netddedsdm.dll File not found
NetSvcs: USB_RNDIS_XP - %systemroot%\system32\MREMP50.dll File not found
NetSvcs: nmsaccess - %systemroot%\system32\mssql$microsoftbcm.dll File not found
NetSvcs: mfehidk - %systemroot%\system32\slip.dll File not found
NetSvcs: snmptrapdservice - %systemroot%\system32\SerTVOutCtlr.dll File not found
NetSvcs: digictrl - %systemroot%\system32\pimsgss.dll File not found
NetSvcs: emupia - %systemroot%\system32\srv.dll File not found
NetSvcs: rimusb - %systemroot%\system32\websensecpmcommunicationagent.dll File not found
NetSvcs: array_utility_service4 - File not found
NetSvcs: 0 - File not found
NetSvcs: 1 - File not found
NetSvcs: 3 - File not found
NetSvcs: gearaspiwdm - %systemroot%\system32\usb_rndisx.dll File not found
NetSvcs: eskerlicensecontrol - %systemroot%\system32\kpfwsvc.dll File not found
NetSvcs: lxbs_device - %systemroot%\system32\sonicatheaterinstallerservice.dll File not found
NetSvcs: nimdbgk - File not found
NetSvcs: CTMSHD - File not found
NetSvcs: ihcservice - File not found
NetSvcs: pavreport - File not found
NetSvcs: ATKFUSService - File not found
NetSvcs: iomdisk - File not found
NetSvcs: se59mdfl - File not found
NetSvcs: pnkbstrb - File not found
NetSvcs: lp6nds35 - %systemroot%\system32\nmservice.dll File not found
NetSvcs: syntp - %systemroot%\system32\SQTECH905C.dll File not found
NetSvcs: SWMX00 - %systemroot%\system32\lxdmCATSCustConnectService.dll File not found
NetSvcs: se2Bnd5 - %systemroot%\system32\scramby.dll File not found
NetSvcs: e1express - %systemroot%\system32\L1e.dll File not found
NetSvcs: w800mdfl - %systemroot%\system32\z525mdfl.dll File not found
NetSvcs: entech - File not found
NetSvcs: hnmsvc - File not found
NetSvcs: VCAM - File not found
NetSvcs: purgeieservice - File not found
NetSvcs: XFX_program - File not found
NetSvcs: smcservice - File not found
NetSvcs: ldlcserv - File not found
NetSvcs: PQNTDrv - File not found
NetSvcs: iviaspi - %systemroot%\system32\s116bus.dll File not found
NetSvcs: enxpsvc - File not found
NetSvcs: DniVad - File not found
NetSvcs: acedrv07 - File not found
NetSvcs: Subsonic - %systemroot%\system32\HECI.dll File not found
NetSvcs: iwebmsg - %systemroot%\system32\nsm1serd.dll File not found
NetSvcs: qmofiltr - %systemroot%\system32\navap.dll File not found
NetSvcs: agrsrvce - %systemroot%\system32\acpi.dll File not found
NetSvcs: SunkFilt39 - %systemroot%\system32\TClass2k.dll File not found
NetSvcs: TcUsb - File not found
NetSvcs: MA_CMIDI - File not found
NetSvcs: trcboot - File not found
NetSvcs: smsmdd - %systemroot%\system32\VRFIL.dll File not found
NetSvcs: iam - File not found
NetSvcs: a016mdfl - File not found
NetSvcs: db2ntsecserver - File not found
NetSvcs: ec2007service - File not found
NetSvcs: sqlagent$sony_mediamgr - File not found
NetSvcs: soma - File not found
NetSvcs: tvs - %systemroot%\system32\delldmi.dll File not found
NetSvcs: ipsraidn - File not found
NetSvcs: kservice - File not found
NetSvcs: Bcim - File not found
NetSvcs: amon - File not found
NetSvcs: axinstsv - File not found
NetSvcs: btwrchid - File not found
NetSvcs: bdfsdrv - File not found
NetSvcs: SE2Dmdfl - File not found
NetSvcs: MTsensor - File not found
NetSvcs: maya70docserver - File not found
NetSvcs: ctdvda2k - File not found
NetSvcs: wg111nd5 - %systemroot%\system32\trayman.dll File not found
NetSvcs: nchssvad - File not found
NetSvcs: SaiNtSub - %systemroot%\system32\SNMP.dll File not found
NetSvcs: gv3 - %systemroot%\system32\thkeys.dll File not found
NetSvcs: UpdateCenterService - %systemroot%\system32\oracleorahome92tnslistener.dll File not found
NetSvcs: MobilePreInstallerService - %systemroot%\system32\s116mgmt.dll File not found
NetSvcs: SQLWriter - %systemroot%\system32\w29n51.dll File not found
NetSvcs: iap - %systemroot%\system32\twdns.dll File not found
NetSvcs: usb20l - %systemroot%\system32\cercsr6.dll File not found
NetSvcs: s716nd5 - %systemroot%\system32\spooler.dll File not found
NetSvcs: FireTDI - File not found
NetSvcs: pdframe - %systemroot%\system32\WNCPKT.dll File not found
NetSvcs: HSFHWICH - %systemroot%\system32\tappsrv.dll File not found
NetSvcs: yukonwxp - File not found
NetSvcs: lvpopflt - File not found
NetSvcs: vzcdbsvc - %systemroot%\system32\MA8032U.dll File not found
NetSvcs: NVTCP - %systemroot%\system32\anydvd.dll File not found
NetSvcs: SE27mdm - File not found
NetSvcs: atalk - %systemroot%\system32\cicssfs.scmmc223.dll File not found
NetSvcs: SunkFilt - %systemroot%\system32\kerbkey.dll File not found
NetSvcs: NVENET - %systemroot%\system32\mfetdik.dll File not found
NetSvcs: ctmmfilt - File not found
NetSvcs: cicssfs.scmmc223 - %systemroot%\system32\sit_bus.dll File not found
NetSvcs: ifxspmgtsrv - %systemroot%\system32\eeyeevnt.dll File not found
NetSvcs: se44nd5 - %systemroot%\system32\SQTECH905C.dll File not found
NetSvcs: agentsrv - File not found
NetSvcs: ATMsrvc - %systemroot%\system32\cyberpowerups.dll File not found
NetSvcs: nsengine - File not found
NetSvcs: s117obex - File not found
NetSvcs: aswrdr - %systemroot%\system32\RTHDMIAzAudService.dll File not found
NetSvcs: z800obex - %systemroot%\system32\DSI_SiUSBXp_3_1.dll File not found
NetSvcs: mwspollserver - %systemroot%\system32\sfdrv01.dll File not found
NetSvcs: lxbu_device - %systemroot%\system32\zpsc.dll File not found
NetSvcs: rtl8139 - %systemroot%\system32\ZDPNDIS5.dll File not found
NetSvcs: se44bus - %systemroot%\system32\bthmodem.dll File not found
NetSvcs: USB11LDR - %systemroot%\system32\avgascln.dll File not found
NetSvcs: ramaint - %systemroot%\system32\oracleorahome90agent.dll File not found
NetSvcs: pfc - %systemroot%\system32\pdlndtdl.dll File not found
NetSvcs: athr - %systemroot%\system32\w550mdm.dll File not found
NetSvcs: se59nd5 - %systemroot%\system32\amfilter.dll File not found
NetSvcs: sentinel - %systemroot%\system32\bdss.dll File not found
NetSvcs: ser2pl - %systemroot%\system32\DCamUSBGrandTek.dll File not found
NetSvcs: websenselogserver - File not found
NetSvcs: ltck000c - File not found
NetSvcs: ZuneWlanCfgSvc - File not found
NetSvcs: k750mgmt - File not found
NetSvcs: Nsynas32 - File not found
NetSvcs: uclauncherservice - %systemroot%\system32\btwusb.dll File not found
NetSvcs: ossrv - File not found
NetSvcs: sprtsvc_smartagent - %systemroot%\system32\bdfsdrv.dll File not found
NetSvcs: autocomplete - File not found
NetSvcs: sbhooksvc - %systemroot%\system32\DKbFltr.dll File not found
NetSvcs: USBCamera - File not found
NetSvcs: TestHandler - File not found
NetSvcs: adiloader - File not found
NetSvcs: cwafrmiregistry - File not found
NetSvcs: W55U01 - %systemroot%\system32\nvstor64.dll File not found
NetSvcs: tvicport - File not found
NetSvcs: aec - File not found
NetSvcs: ino_fltr - File not found
NetSvcs: CTEDSPFX.DLL - File not found
NetSvcs: U81xmdm - File not found
NetSvcs: HFACSVC - File not found
NetSvcs: imaservice - File not found
NetSvcs: tmactmon - File not found
NetSvcs: MpFilter - File not found
NetSvcs: ntmssvc - %systemroot%\system32\elaunidr.dll File not found
NetSvcs: bthusb - %systemroot%\system32\rtl8029.dll File not found
NetSvcs: symids - %systemroot%\system32\pca.dll File not found
NetSvcs: ASMMAP - File not found
NetSvcs: atchksrv - File not found
NetSvcs: AKSIFDH - %systemroot%\system32\SE2Eobex.dll File not found
NetSvcs: GV600_4 - %systemroot%\system32\jobserver_report.dll File not found
NetSvcs: nvmpu401 - %systemroot%\system32\mpe.dll File not found
NetSvcs: ASNDIS5 - %systemroot%\system32\wmp54gv4svc.dll File not found
NetSvcs: omniusbl - %systemroot%\system32\knobserv.dll File not found
NetSvcs: papycpu2 - %systemroot%\system32\WmHidLo.dll File not found
NetSvcs: cpuz132 - File not found
NetSvcs: HECI - File not found
NetSvcs: tsdhd - %systemroot%\system32\ndisip.dll File not found
NetSvcs: protexislicensing - %systemroot%\system32\avsinc.dll File not found
NetSvcs: slapd-data52 - File not found
NetSvcs: tandpl - %systemroot%\system32\smservauth.dll File not found
NetSvcs: dxdebug - File not found
NetSvcs: scanwscs - File not found
NetSvcs: ntrtscan - File not found
NetSvcs: mod7700 - File not found
NetSvcs: TVALG - %systemroot%\system32\iaimtv2.dll File not found
NetSvcs: oracle_load_balancer_60_client-forms6ip14 - %systemroot%\system32\SED133x.dll File not found
NetSvcs: telnet - %systemroot%\system32\MA8032C.dll File not found
NetSvcs: mapserver6.3 - %systemroot%\system32\HWIONT.dll File not found
NetSvcs: incdfs - %systemroot%\system32\rootmodem.dll File not found
NetSvcs: eamon - File not found
NetSvcs: GTPTSER - %systemroot%\system32\pnmsrv.dll File not found
NetSvcs: atmeltpm - File not found
NetSvcs: vetmsgnt - %systemroot%\system32\navap.dll File not found
NetSvcs: nvsmu - %systemroot%\system32\npkcsvc.dll File not found
NetSvcs: RSAFAL - %systemroot%\system32\ErrDev.dll File not found
NetSvcs: alertmanager - File not found
NetSvcs: sysmonlog - File not found
NetSvcs: Wmi - %systemroot%\system32\pavsrv.dll File not found
NetSvcs: WmdmPmSp - %systemroot%\system32\UWProSys.dll File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - %systemroot%\system32\hsf_dpv.dll File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/05/17 17:54:36 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/05/17 14:26:51 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
[2012/05/17 05:04:39 | 000,000,000 | ---D | C] -- C:\Users\William\Desktop\War Horse 2011 XviD iNT FL4X
[2012/05/17 04:40:19 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Local\temp
[2012/05/17 04:30:08 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/05/17 04:05:15 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/05/16 06:46:41 | 002,126,424 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\William\Desktop\TDSSKiller.exe
[2012/05/16 04:11:03 | 000,000,000 | ---D | C] -- C:\found.001
[2012/05/16 04:07:43 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/05/15 03:48:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/05/15 03:48:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/05/15 03:48:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/05/15 03:48:13 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/05/15 03:39:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/15 02:49:56 | 004,495,594 | R--- | C] (Swearware) -- C:\Users\William\Desktop\ComboFix.exe
[2012/05/14 00:03:48 | 000,083,968 | ---- | C] (Esage Lab) -- C:\Users\William\Desktop\boot_cleaner.exe
[2012/05/13 23:33:04 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\William\Desktop\aswMBR.exe
[2012/05/13 19:46:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/13 19:46:03 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/05/13 19:46:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/05/13 13:41:45 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Roaming\ESET
[2012/05/13 13:41:45 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Local\ESET
[2012/05/13 13:40:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
[2012/05/13 13:32:22 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support Logs
[2012/05/13 13:30:42 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Resource Kits
[2012/05/12 19:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2012/05/12 19:11:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/05/09 03:20:24 | 000,000,000 | ---D | C] -- C:\Users\William\Desktop\TV
[2012/05/05 18:42:10 | 000,000,000 | ---D | C] -- C:\Users\William\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes and the Hound of the Baskervilles
[2012/05/05 18:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sherlock Holmes and the Hound of the Baskervilles
[2012/05/05 18:42:10 | 000,000,000 | ---D | C] -- C:\Program Files\Sherlock Holmes and the Hound of the Baskervilles
[2012/04/24 21:51:46 | 000,000,000 | ---D | C] -- C:\Users\William\Desktop\lola
[2012/04/22 19:44:40 | 000,000,000 | ---D | C] -- C:\found.000
[2012/04/22 15:14:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab

========== Files - Modified Within 30 Days ==========

[2012/05/18 03:54:48 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/18 03:54:48 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/18 03:02:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/18 03:00:57 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
[2012/05/18 02:58:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/17 22:01:19 | 000,001,057 | ---- | M] () -- C:\Users\William\AppData\Roaming\vso_ts_preview.xml
[2012/05/17 21:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/17 17:56:36 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2012/05/17 17:54:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/17 17:54:35 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/17 17:54:34 | 263,780,575 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/05/17 17:02:10 | 000,027,136 | ---- | M] () -- C:\Users\William\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/17 15:12:34 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
[2012/05/17 15:00:03 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
[2012/05/17 14:41:00 | 158,097,764 | ---- | M] () -- C:\Users\William\Desktop\Person.of.Interest.S01E22[TEH-SONG].mkv
[2012/05/17 04:29:41 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/05/17 04:03:55 | 004,495,594 | R--- | M] (Swearware) -- C:\Users\William\Desktop\ComboFix.exe
[2012/05/16 07:40:44 | 002,126,424 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\William\Desktop\TDSSKiller.exe
[2012/05/14 21:06:50 | 000,606,556 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/05/14 21:06:50 | 000,105,022 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/05/14 00:00:46 | 000,000,512 | ---- | M] () -- C:\Users\William\Desktop\MBR.dat
[2012/05/13 23:33:38 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\William\Desktop\aswMBR.exe
[2012/05/13 19:58:28 | 000,302,592 | ---- | M] () -- C:\Users\William\Desktop\oibfjxod.exe
[2012/05/13 19:46:04 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/11 07:58:02 | 000,008,627 | ---- | M] () -- C:\Windows\System32\PAV_FOG.OPC
[2012/05/11 04:47:51 | 000,236,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/05/05 18:43:08 | 000,002,113 | ---- | M] () -- C:\Users\Public\Desktop\Play Sherlock Holmes and the Hound of the Baskervilles.lnk
[2012/05/05 18:43:08 | 000,001,264 | ---- | M] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/04/29 20:22:03 | 000,000,166 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012/04/27 20:15:21 | 000,000,260 | ---- | M] () -- C:\Windows\dellstat.ini
[2012/04/22 20:02:08 | 000,001,905 | ---- | M] () -- C:\Windows\diagwrn.xml
[2012/04/22 20:02:08 | 000,001,905 | ---- | M] () -- C:\Windows\diagerr.xml
[2012/04/20 16:53:22 | 000,049,772 | ---- | M] () -- C:\Users\William\Desktop\captain_dylan_hunt.jpg

========== Files Created - No Company Name ==========

[2012/05/17 14:22:24 | 158,097,764 | ---- | C] () -- C:\Users\William\Desktop\Person.of.Interest.S01E22[TEH-SONG].mkv
[2012/05/17 04:53:28 | 000,001,057 | ---- | C] () -- C:\Users\William\AppData\Roaming\vso_ts_preview.xml
[2012/05/15 03:48:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/05/15 03:48:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/05/15 03:48:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/05/15 03:48:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/05/15 03:48:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/05/14 00:00:46 | 000,000,512 | ---- | C] () -- C:\Users\William\Desktop\MBR.dat
[2012/05/13 19:58:28 | 000,302,592 | ---- | C] () -- C:\Users\William\Desktop\oibfjxod.exe
[2012/05/13 19:46:04 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/05 18:43:08 | 000,002,113 | ---- | C] () -- C:\Users\Public\Desktop\Play Sherlock Holmes and the Hound of the Baskervilles.lnk
[2012/05/05 18:43:08 | 000,001,264 | ---- | C] () -- C:\Users\Public\Desktop\More Great Games.lnk
[2012/04/22 19:22:48 | 3210,784,768 | -HS- | C] () -- C:\hiberfil.sys
[2012/04/22 19:15:21 | 000,001,905 | ---- | C] () -- C:\Windows\diagwrn.xml
[2012/04/22 19:15:21 | 000,001,905 | ---- | C] () -- C:\Windows\diagerr.xml
[2012/04/20 16:53:28 | 000,049,772 | ---- | C] () -- C:\Users\William\Desktop\captain_dylan_hunt.jpg
[2012/03/20 11:38:01 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/03/17 01:40:34 | 000,000,260 | ---- | C] () -- C:\Windows\dellstat.ini
[2012/01/13 19:11:06 | 000,000,451 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/23 01:20:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011/12/23 01:20:16 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011/12/22 23:36:02 | 000,027,136 | ---- | C] () -- C:\Users\William\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/22 21:18:07 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/12/22 21:11:40 | 000,000,166 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/12/22 20:49:07 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011/12/22 19:54:56 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2011/12/22 19:54:55 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2011/12/16 11:12:10 | 000,000,680 | ---- | C] () -- C:\Users\William\AppData\Local\d3d9caps.dat

========== LOP Check ==========

[2012/04/12 19:38:18 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Boomzap
[2012/03/29 14:36:18 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Canneverbe Limited
[2012/01/22 05:00:53 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\DVDFab
[2012/01/13 22:22:15 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\ERS Game Studios
[2012/05/13 13:41:45 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\ESET
[2012/02/03 14:32:17 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Foxit Software
[2011/12/23 00:54:56 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\ImgBurn
[2011/12/24 01:33:23 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\quickclick
[2011/12/27 12:50:31 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\SumatraPDF
[2011/12/22 22:54:32 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\TeamViewer
[2012/03/14 13:47:41 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\theSideline.com
[2012/03/10 01:08:44 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Vast Studios
[2012/05/17 22:01:20 | 000,000,000 | ---D | M] -- C:\Users\William\AppData\Roaming\Vso
[2012/05/17 04:28:33 | 000,032,644 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2006/09/18 17:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2011/12/14 15:05:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2012/05/17 04:39:36 | 000,017,259 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 17:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/12/22 19:51:58 | 056,396,264 | ---- | M] () -- C:\Dell_multi-device_A17_R174292.exe
[2012/05/17 17:54:35 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/22 19:54:44 | 000,022,729 | ---- | M] () -- C:\newfile.enc
[2011/12/22 19:54:44 | 000,022,729 | ---- | M] () -- C:\newkey
[2012/05/17 17:54:34 | 3524,587,520 | -HS- | M] () -- C:\pagefile.sys
[2012/05/16 04:06:40 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_04.06.34_log.txt
[2012/05/16 04:07:57 | 000,137,436 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_04.06.55_log.txt
[2012/05/16 06:41:39 | 000,003,692 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_06.37.52_log.txt
[2012/05/16 06:46:21 | 000,000,348 | ---- | M] () -- C:\TDSSKiller.2.7.34.0_16.05.2012_06.46.13_log.txt
[2012/05/16 06:47:58 | 000,136,264 | ---- | M] () -- C:\TDSSKiller.2.7.35.0_16.05.2012_06.47.16_log.txt
[2012/05/16 14:04:24 | 000,136,264 | ---- | M] () -- C:\TDSSKiller.2.7.35.0_16.05.2012_13.46.09_log.txt
[2011/03/11 05:49:22 | 455,611,504 | ---- | M] (Microsoft Corporation) -- C:\Vista SP1.exe
[2011/02/26 13:27:44 | 365,230,920 | ---- | M] (Microsoft Corporation) -- C:\Vista SP2.exe

< %systemroot%\Fonts\*.com >
[2006/11/02 08:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 08:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 08:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2011/12/23 01:56:25 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 17:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/02/20 12:27:50 | 000,102,400 | ---- | M] () -- C:\Windows\system32\spool\prtprocs\w32x86\dlbapp5c.dll
[2006/11/02 08:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2011/12/16 15:36:11 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 06:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 06:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 06:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 06:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/12/24 05:43:03 | 000,000,286 | -HS- | M] () -- C:\Users\William\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2012/05/13 23:33:38 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\William\Desktop\aswMBR.exe
[2011/09/20 03:02:40 | 000,083,968 | ---- | M] (Esage Lab) -- C:\Users\William\Desktop\boot_cleaner.exe
[2012/05/17 04:03:55 | 004,495,594 | R--- | M] (Swearware) -- C:\Users\William\Desktop\ComboFix.exe
[2012/05/13 19:58:28 | 000,302,592 | ---- | M] () -- C:\Users\William\Desktop\oibfjxod.exe
[2012/05/17 15:12:34 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\William\Desktop\OTL.exe
[2012/05/16 07:40:44 | 002,126,424 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\William\Desktop\TDSSKiller.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\tasks\*.* >
[2012/05/18 03:58:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/17 21:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/18 03:02:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/17 15:00:03 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000Core.job
[2012/05/18 03:00:57 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1815498000-2833343681-1250068786-1000UA.job
[2012/05/17 17:54:50 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012/05/17 04:28:33 | 000,032,644 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2011/12/23 02:11:59 | 000,008,192 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.chk
[2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.log
[2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00001.jrs
[2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00002.jrs
[2011/12/23 02:11:28 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbtmp.log

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/12/16 11:12:49 | 000,000,402 | -HS- | M] () -- C:\Users\William\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2012/04/29 20:22:03 | 000,000,166 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012/01/20 16:56:19 | 000,000,451 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /I " " /c >

< dir /b "%systemroot%\*.exe" | find /I " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2012-05-15 09:54:44

< >

========== Alternate Data Streams ==========

@Alternate Data Stream - 921 bytes -> C:\Users\William\Desktop\Panda Security #PS# - Case number_ 03349629.eml:OECustomProperty
@Alternate Data Stream - 921 bytes -> C:\Users\William\Desktop\#1Panda Security #PS# - Case number_ 03349629.eml:OECustomProperty
@Alternate Data Stream - 230 bytes -> C:\ProgramData\TEMP:025DF3DE
@Alternate Data Stream - 224 bytes -> C:\ProgramData\TEMP:E6C6EB3B
@Alternate Data Stream - 219 bytes -> C:\ProgramData\TEMP:3B454A5C
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:206470A5
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:AFC732F7
< End of report >

Solved Malware problem maybe more?

Posts: 78 +0

Posts: 78 +0

Posts: 78 +0

Posts: 78 +0

Posts: 78 +0

Posts: 78 +0

Posts: 56,041 +516

Posts: 78 +0

Posts: 78 +0

Posts: 56,041 +516

Posts: 78 +0

Posts: 56,041 +516

Posts: 78 +0

Posts: 56,041 +516

Posts: 78 +0

Posts: 78 +0

Posts: 56,041 +516

Posts: 78 +0

Posts: 78 +0

Posts: 56,041 +516

Posts: 78 +0

Posts: 56,041 +516

Posts: 78 +0

Posts: 78 +0

Posts: 78 +0

Similar threads