windygirl
-
Posts
17 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by windygirl
-
-
question-are the two i have conflicting?
-
i do have antivirus programs, malwarebytes and super antispyware. i turned them off as per your instruction during the combofix stage of the malware removal but didn't turn them back on. i have rectified that.
-
ComboFix Log
ComboFix 13-12-16.01 - Nzinga 12/17/2013 5:08.8.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.1829 [GMT -5:00]
Running from: c:\documents and settings\Nzinga\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Nzinga\My Documents\$AP47.tmp
c:\documents and settings\Nzinga\My Documents\$AP4A.tmp
c:\documents and settings\Nzinga\My Documents\$AP4D.tmp
.
.
((((((((((((((((((((((((( Files Created from 2013-11-17 to 2013-12-17 )))))))))))))))))))))))))))))))
.
.
2013-12-17 10:02 . 2013-12-17 10:02 -------- d-----w- C:\TDSSKiller_Quarantine
2013-12-15 20:43 . 2013-12-15 20:43 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-11 15:42 . 2013-01-09 00:39 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 15:42 . 2013-01-09 00:39 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-13 02:59 . 2004-08-19 20:49 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38 . 2004-08-19 20:49 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03 . 2009-04-17 21:09 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26 . 2004-08-19 20:49 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-25 11:24 . 2004-08-19 20:49 841216 ----a-w- c:\windows\system32\wininet.dll
2013-10-25 11:24 . 2004-08-19 20:49 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-25 11:24 . 2004-08-19 20:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2013-10-25 11:24 . 2004-08-19 20:49 17408 ----a-w- c:\windows\system32\corpol.dll
2013-10-23 23:45 . 2004-08-19 20:49 172032 ----a-w- c:\windows\system32\scrrun.dll
2013-10-12 15:56 . 2004-08-19 20:49 278528 ----a-w- c:\windows\system32\oakley.dll
2013-10-09 13:12 . 2004-08-19 20:49 287744 ----a-w- c:\windows\system32\gdi32.dll
2013-10-07 10:59 . 2004-08-19 20:49 603136 ----a-w- c:\windows\system32\crypt32.dll
2013-09-22 23:53 . 2004-08-19 20:49 389120 ----a-w- c:\windows\system32\html.iec
2012-04-11 15:28 . 2012-04-11 15:28 799441 -c--a-w- c:\program files\RegpairSetup.exe
2012-02-19 16:37 . 2012-02-19 16:37 692480 -c--a-w- c:\program files\RealPlayer.exe
2011-09-22 13:14 . 2011-09-22 13:14 5335216 -c--a-w- c:\program files\minuswindows.exe
2011-09-04 13:41 . 2011-09-04 13:41 20278864 -c--a-w- c:\program files\companionlink.exe
2011-05-31 17:28 . 2011-05-31 17:27 56712856 -c--a-w- c:\program files\Avery Wizard 4.0.0.exe
2010-11-16 00:53 . 2010-11-15 22:34 13525424 -c--a-w- c:\program files\Dropbox 0.7.110.exe
2010-11-05 16:28 . 2010-11-05 16:27 8567280 -c--a-w- c:\program files\Firefox Setup 3.6.12.exe
2010-07-02 14:53 . 2010-07-02 14:53 9070816 -c--a-w- c:\program files\SUPERAntiSpyware.exe
2010-01-19 11:48 . 2010-01-19 11:48 10600847 -c--a-w- c:\program files\SeaMonkey Setup 2.0.2.exe
2010-01-04 15:52 . 2010-01-04 15:50 10601579 -c--a-w- c:\program files\SeaMonkey Setup 2.0.1.exe
2009-09-22 11:12 . 2009-09-22 11:11 13266944 -c--a-w- c:\program files\seamonkey-1.1.18.en-US.win32.installer.exe
2009-03-11 21:11 . 2009-03-11 21:10 1606063 -c--a-w- c:\program files\treodekstop213setup.exe
2009-01-31 15:43 . 2009-01-31 15:43 7518240 -c--a-w- c:\program files\Firefox Setup 3.0.5.exe
2009-01-17 17:41 . 2009-01-17 17:40 13029376 -c--a-w- c:\program files\seamonkey-1.1.14.en-US.win32.installer.exe
2008-11-09 17:41 . 2008-11-09 17:40 11464704 -c--a-w- c:\program files\sharecalendar_setup.exe
2008-10-01 00:27 . 2008-10-01 00:25 13025280 -c--a-w- c:\program files\seamonkey-1.1.12.exe
2008-06-26 03:00 . 2008-06-26 03:00 4898144 -c--a-w- c:\program files\LimeWireWin18.exe
2008-04-09 15:12 . 2008-04-09 15:11 13012992 -c--a-w- c:\program files\seamonkey-1.1.9.en-US.win32.installer.exe
2008-03-24 23:50 . 2008-03-24 23:50 13000704 -c--a-w- c:\program files\seamonkey-1.1.8.exe
2007-12-21 09:06 . 2007-12-21 09:06 13025280 -c--a-w- c:\program files\seamonkey-1.1.7.en-US.win32.installer.exe
2007-12-17 12:35 . 2007-12-17 12:30 51622242 -c--a-w- c:\program files\ACEMCP603PRO.exe
2007-12-17 11:55 . 2007-12-17 11:54 7045601 -c--a-w- c:\program files\XP_Codec_Pack_2.3.4.exe
2007-12-17 10:48 . 2006-09-26 17:36 25755448 -c--a-w- c:\program files\wmp11-windowsxp-x86-enu.exe
2007-11-01 16:07 . 2007-11-01 16:06 11160320 -c--a-w- c:\program files\pk zip.exe
2007-08-26 15:32 . 2007-08-26 15:31 13012992 -c--a-w- c:\program files\seamonkey-1.1.4.en-US.win32.installer.exe
2007-07-21 08:25 . 2007-07-21 08:25 3126056 -c--a-w- c:\program files\LimeWireWin.exe
2007-06-16 14:25 . 2007-06-16 14:25 315318 -c--a-w- c:\program files\soltvradio_setup.exe
2007-04-11 17:24 . 2007-04-11 17:21 10976768 -c--a-w- c:\program files\Sprint_PCS_CM_v034.msi
2007-04-11 17:23 . 2007-04-11 17:21 10740224 -c--a-w- c:\program files\SprintPCSConnectionMgr_V3.01.040.msi
2007-04-11 17:10 . 2007-04-11 17:09 10420865 -c--a-w- c:\program files\bitpim-0.9.14-setup.exe
2007-04-09 18:30 . 2007-04-09 18:29 19994184 -c--a-w- c:\program files\QuickTimeInstaller.exe
2007-04-04 12:01 . 2007-04-04 12:00 12992512 -c--a-w- c:\program files\seamonkey-1.1.1.en-US.win32.installer.exe
2007-04-03 21:37 . 2007-04-03 21:37 10059790 -c--a-w- c:\program files\bitpim-0.9.13-setup.exe
2007-02-24 00:34 . 2007-02-24 00:34 8643136 -c--a-w- c:\program files\ymsgr7_437_us.exe
2007-01-18 15:00 . 2007-01-18 14:59 6342512 -c--a-w- c:\program files\Thunderbird Setup 1.5.0.9.exe
2007-01-18 14:31 . 2007-01-18 14:31 5971432 -c--a-w- c:\program files\Firefox Setup 2.0.0.1.exe
2006-10-10 17:41 . 2006-10-10 17:41 16504464 -c--a-w- c:\program files\jre-1_5_0_08-windows-i586-p.exe
2006-10-10 17:37 . 2006-10-10 17:37 21290704 -c--a-w- c:\program files\AdbeRdr708 mozilla plugin.exe
2006-10-10 14:18 . 2006-10-10 14:18 3054417 -c--a-w- c:\program files\FSViewerSetup26.exe
2006-10-01 18:05 . 2006-10-01 18:05 6335024 -c--a-w- c:\program files\Thunderbird Setup 1.5.0.7.exe
2006-09-30 16:25 . 2006-09-30 16:25 2146871 -c--a-w- c:\program files\zipitfast.exe
2006-09-26 17:59 . 2006-09-26 17:58 47652464 -c--a-w- c:\program files\PlusDME_Full.exe
2006-09-26 17:59 . 2006-09-26 17:57 47652464 -c--a-w- c:\program files\Super Pack.exe
2006-07-27 14:20 . 2006-07-27 14:18 8701008 -c--a-w- c:\program files\jewelquest_at.exe
2006-07-13 01:33 . 2006-07-13 01:28 12038352 -c--a-w- c:\program files\mozilla-win32-1.7.13-installer.exe
2006-07-05 13:43 . 2006-07-05 13:41 4864452 -c--a-w- c:\program files\palm401upgrade2.exe
2006-06-30 02:26 . 2006-06-30 02:22 24070456 -c--a-w- c:\program files\windows media player11-windowsxp-x86-enu.exe
2006-06-07 13:54 . 2006-06-07 13:55 937001 -c--a-w- c:\program files\soulseek156c.exe
2006-06-05 19:19 . 2006-06-05 19:19 705536 -c--a-w- c:\program files\MoozikoPlayerSetup.msi
2006-04-22 15:20 . 2006-04-22 15:19 5432500 -c--a-w- c:\program files\ImageMixerV151.exe
2006-03-13 15:32 . 2006-03-13 15:31 9739116 -c--a-w- c:\program files\SimpleOcr.exe
2006-03-01 19:18 . 2006-03-01 19:16 12754672 -c--a-w- c:\program files\MP10Setup.exe
2006-03-01 16:20 . 2006-03-01 16:20 1419556 -c--a-w- c:\program files\klitecodec270b.exe
2006-02-24 21:10 . 2006-02-24 21:10 2002069 -c--a-w- c:\program files\yahoo_texttwist_tm1-1.exe
2006-01-30 19:48 . 2006-03-16 16:23 27160459 -c--a-w- c:\program files\Norton Antivirus download.EXE
2006-01-18 01:00 . 2006-01-18 00:54 12026576 -c--a-w- c:\program files\mozilla-win32-1.7.8-installer.exe
2006-01-17 22:11 . 2006-01-18 22:49 948936 -c--a-w- c:\program files\install_flash_player.exe
2005-12-18 17:58 . 2005-12-18 17:56 12899744 -c--a-w- c:\program files\RealPlayer10-5GOLD_bb.exe
2005-12-17 03:01 . 2005-12-17 02:51 54725800 -c--a-w- c:\program files\iPodSetup.exe
2005-12-16 15:26 . 2005-12-16 15:13 34412848 -c--a-w- c:\program files\iTunesSetup.exe
2005-12-14 19:09 . 2005-12-14 19:09 1619132 -c--a-w- c:\program files\freeripmp3.exe
2005-12-10 05:25 . 2005-12-10 05:25 2855080 -c--a-w- c:\program files\adawaresepersonal.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2012-10-10 12:06 . 5E1F3187E0E21163C48EE173746DAF9E . 917984 . . [16.0] . . c:\windows\erdnt\cache\firefox.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2005-05-15 332800]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-11-12 5717272]
"EPLTarget\P0000000000000000"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_TATIHVA.EXE" [2013-01-23 220800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-06 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 196608]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 339968]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2007-07-11 569344]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"FUFAXRCV"="c:\program files\Epson Software\FAX Utility\FUFAXRCV.exe" [2011-03-09 495616]
"FUFAXSTM"="c:\program files\Epson Software\FAX Utility\FUFAXSTM.exe" [2011-03-09 856064]
"LTCM Client"="c:\program files\LTCM Client\ltcmClient.exe" [2009-08-05 1596096]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-09-24 926896]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-09-01 282624]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2006-09-12 229952]
.
c:\documents and settings\Nzinga\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-11-21 110592]
Dropbox.lnk - c:\documents and settings\Nzinga\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-24 27776968]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe [2013-3-23 25214]
SecureZIP Attachments Status.lnk - c:\program files\PKWARE\PKZIPM\11.20.0008\PKTray.exe -tray [2007-11-1 197984]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-04 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 16:32 87352 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Image Transfer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Image Transfer.lnk
backup=c:\windows\pss\Image Transfer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microtek Scanner Finder.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microtek Scanner Finder.lnk
backup=c:\windows\pss\Microtek Scanner Finder.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PennConnect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\PennConnect.lnk
backup=c:\windows\pss\PennConnect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]
2011-09-27 03:45 646232 -c--a-w- c:\program files\Bamboo Dock\BambooCore.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2006-09-12 05:58 229952 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 -c--a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyVideoDaily2]
2005-11-30 15:09 401408 -c--a-w- c:\program files\MyVideoDaily2\MyVideoDaily2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-09-01 19:57 282624 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-07-13 18:18 17420464 -c--a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\mozilla.org\\Mozilla\\mozilla.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Nzinga\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/17/2010 1:25 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 1:41 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [6/29/2010 12:48 PM 116608]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [5/14/2009 4:07 PM 759048]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\EpsonCustomerParticipation\EPCP.exe [6/9/2011 12:01 PM 521600]
R2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [9/15/2012 6:04 PM 5553016]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [9/15/2012 6:05 PM 451960]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\SUPERAntiSpyware\SABKUTIL.sys --> c:\program files\SUPERAntiSpyware\SABKUTIL.sys [?]
S2 HPFECP15;HPFECP15;c:\windows\system32\drivers\HPFecp15.sys [9/4/1998 2:32 AM 52800]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [10/6/2012 10:07 AM 398184]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8/28/2011 10:38 AM 682344]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 1:14 PM 160944]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys --> c:\windows\system32\DRIVERS\motfilt.sys [?]
S3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [7/23/2012 9:04 PM 27424]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8/28/2011 10:37 AM 21104]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys --> c:\windows\system32\DRIVERS\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys --> c:\windows\system32\DRIVERS\motccgpfl.sys [?]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys --> c:\windows\system32\DRIVERS\Motousbnet.sys [?]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys --> c:\windows\system32\DRIVERS\motusbdevice.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 28644627
*NewlyCreated* - 95890862
*Deregistered* - 28644627
*Deregistered* - 95890862
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-12-05 04:18 1210320 ----a-w- c:\program files\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 15:42]
.
2013-12-11 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 19:42]
.
2013-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-13 15:32]
.
2013-12-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-13 15:32]
.
2013-12-17 c:\windows\Tasks\ReclaimerUpdateFiles_Nzinga.job
- c:\documents and settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 23:23]
.
2013-12-17 c:\windows\Tasks\ReclaimerUpdateXML_Nzinga.job
- c:\documents and settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 23:23]
.
2013-12-13 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Nzinga.job
- c:\documents and settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 23:23]
.
2013-12-17 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task a5d2a694-12bb-4850-87cb-f080803d1d2b.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-09-04 13:39]
.
2013-12-17 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task c260bc1d-0917-496a-a6b6-069a411912a8.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-09-04 13:39]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyServer = 0.0.0.0:80
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert to existing PDF - c:\program files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.11.1
FF - ProfilePath - c:\documents and settings\Nzinga\Application Data\Mozilla\Firefox\Profiles\msnjx4x8.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-DW7 - c:\program files\The Weather Channel\The Weather Channel App\TWCApp.exe
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-12-17 05:14
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(684)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
Completion time: 2013-12-17 05:16:38
ComboFix-quarantined-files.txt 2013-12-17 10:16
ComboFix2.txt 2012-10-17 13:32
.
Pre-Run: 22,769,352,704 bytes free
Post-Run: 23,078,776,832 bytes free
.
- - End Of File - - 8F941526695F609645A41D9715828785
B16A2359F4962B0C622D81A1C1F4B703
-
TDSS Killer Log
05:01:45.0553 0x16a8 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
05:01:50.0818 0x16a8 ============================================================
05:01:50.0818 0x16a8 Current date / time: 2013/12/17 05:01:50.0818
05:01:50.0818 0x16a8 SystemInfo:
05:01:50.0818 0x16a8
05:01:50.0818 0x16a8 OS Version: 5.1.2600 ServicePack: 3.0
05:01:50.0818 0x16a8 Product type: Workstation
05:01:50.0818 0x16a8 ComputerName: NZINGA1
05:01:50.0818 0x16a8 UserName: Nzinga
05:01:50.0818 0x16a8 Windows directory: C:\WINDOWS
05:01:50.0818 0x16a8 System windows directory: C:\WINDOWS
05:01:50.0818 0x16a8 Processor architecture: Intel x86
05:01:50.0818 0x16a8 Number of processors: 2
05:01:50.0818 0x16a8 Page size: 0x1000
05:01:50.0818 0x16a8 Boot type: Normal boot
05:01:50.0818 0x16a8 ============================================================
05:01:53.0803 0x16a8 KLMD registered as C:\WINDOWS\system32\drivers\66748770.sys
05:01:53.0990 0x16a8 System UUID: {05F101A5-8440-8944-2FB6-B4874DE430A2}
05:01:54.0943 0x16a8 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
05:01:54.0959 0x16a8 Drive \Device\Harddisk1\DR4 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
05:02:02.0037 0x16a8 ============================================================
05:02:02.0037 0x16a8 \Device\Harddisk0\DR0:
05:02:02.0037 0x16a8 MBR partitions:
05:02:02.0037 0x16a8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x8BA231A
05:02:02.0037 0x16a8 \Device\Harddisk1\DR4:
05:02:02.0037 0x16a8 MBR partitions:
05:02:02.0037 0x16a8 \Device\Harddisk1\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
05:02:02.0037 0x16a8 ============================================================
05:02:02.0099 0x16a8 C: <-> \Device\Harddisk0\DR0\Partition1
05:02:02.0178 0x16a8 F: <-> \Device\Harddisk1\DR4\Partition1
05:02:02.0178 0x16a8 ============================================================
05:02:02.0178 0x16a8 Initialize success
05:02:02.0178 0x16a8 ============================================================
05:02:03.0631 0x14cc ============================================================
05:02:03.0631 0x14cc Scan started
05:02:03.0631 0x14cc Mode: Manual;
05:02:03.0631 0x14cc ============================================================
05:02:03.0631 0x14cc KSN ping started
05:02:06.0412 0x14cc KSN ping finished: true
05:02:07.0131 0x14cc ================ Scan system memory ========================
05:02:07.0146 0x14cc System memory - ok
05:02:07.0146 0x14cc ================ Scan services =============================
05:02:07.0224 0x14cc [ 01E81C84AD1D0ACC61CF3CFD06632210, 1140756BA2F28CA8DFCFF8FD223654E6A78BA1B770A169CC557ECE0E01381B17 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
05:02:07.0224 0x14cc !SASCORE - ok
05:02:07.0537 0x14cc [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
05:02:07.0568 0x14cc ABBYY.Licensing.FineReader.Sprint.9.0 - ok
05:02:07.0693 0x14cc Abiosdsk - ok
05:02:07.0740 0x14cc [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
05:02:07.0740 0x14cc abp480n5 - ok
05:02:07.0787 0x14cc [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
05:02:07.0787 0x14cc ACPI - ok
05:02:07.0818 0x14cc [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
05:02:07.0818 0x14cc ACPIEC - ok
05:02:07.0849 0x14cc [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
05:02:07.0849 0x14cc Adobe LM Service - ok
05:02:07.0912 0x14cc [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
05:02:07.0912 0x14cc AdobeFlashPlayerUpdateSvc - ok
05:02:07.0943 0x14cc [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
05:02:07.0943 0x14cc adpu160m - ok
05:02:07.0990 0x14cc [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
05:02:07.0990 0x14cc aec - ok
05:02:08.0021 0x14cc [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
05:02:08.0037 0x14cc AFD - ok
05:02:08.0084 0x14cc [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
05:02:08.0084 0x14cc agp440 - ok
05:02:08.0099 0x14cc [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
05:02:08.0099 0x14cc agpCPQ - ok
05:02:08.0115 0x14cc [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
05:02:08.0115 0x14cc Aha154x - ok
05:02:08.0131 0x14cc [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
05:02:08.0131 0x14cc aic78u2 - ok
05:02:08.0146 0x14cc [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
05:02:08.0162 0x14cc aic78xx - ok
05:02:08.0193 0x14cc [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
05:02:08.0209 0x14cc Alerter - ok
05:02:08.0224 0x14cc [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
05:02:08.0224 0x14cc ALG - ok
05:02:08.0240 0x14cc [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
05:02:08.0240 0x14cc AliIde - ok
05:02:08.0271 0x14cc [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
05:02:08.0271 0x14cc alim1541 - ok
05:02:08.0287 0x14cc [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
05:02:08.0287 0x14cc amdagp - ok
05:02:08.0303 0x14cc [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
05:02:08.0303 0x14cc amsint - ok
05:02:08.0365 0x14cc [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
05:02:08.0365 0x14cc AppMgmt - ok
05:02:08.0396 0x14cc [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
05:02:08.0396 0x14cc asc - ok
05:02:08.0412 0x14cc [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
05:02:08.0412 0x14cc asc3350p - ok
05:02:08.0428 0x14cc [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
05:02:08.0428 0x14cc asc3550 - ok
05:02:08.0553 0x14cc [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
05:02:08.0553 0x14cc aspnet_state - ok
05:02:08.0599 0x14cc [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
05:02:08.0599 0x14cc AsyncMac - ok
05:02:08.0615 0x14cc [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
05:02:08.0631 0x14cc atapi - ok
05:02:08.0631 0x14cc Atdisk - ok
05:02:08.0646 0x14cc [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
05:02:08.0662 0x14cc Atmarpc - ok
05:02:08.0693 0x14cc [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
05:02:08.0709 0x14cc AudioSrv - ok
05:02:08.0724 0x14cc [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
05:02:08.0724 0x14cc audstub - ok
05:02:08.0756 0x14cc [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
05:02:08.0756 0x14cc Beep - ok
05:02:08.0803 0x14cc [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
05:02:08.0818 0x14cc BITS - ok
05:02:08.0849 0x14cc [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
05:02:08.0865 0x14cc Browser - ok
05:02:08.0865 0x14cc BTCFilterService - ok
05:02:08.0865 0x14cc bvrp_pci - ok
05:02:09.0131 0x14cc catchme - ok
05:02:09.0146 0x14cc [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
05:02:09.0146 0x14cc cbidf - ok
05:02:09.0146 0x14cc [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
05:02:09.0162 0x14cc cbidf2k - ok
05:02:09.0162 0x14cc [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
05:02:09.0162 0x14cc CCDECODE - ok
05:02:09.0193 0x14cc [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
05:02:09.0193 0x14cc cd20xrnt - ok
05:02:09.0209 0x14cc [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
05:02:09.0209 0x14cc Cdaudio - ok
05:02:09.0256 0x14cc [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
05:02:09.0256 0x14cc Cdfs - ok
05:02:09.0271 0x14cc [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
05:02:09.0287 0x14cc Cdrom - ok
05:02:09.0287 0x14cc Changer - ok
05:02:09.0334 0x14cc [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
05:02:09.0334 0x14cc CiSvc - ok
05:02:09.0349 0x14cc [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
05:02:09.0349 0x14cc ClipSrv - ok
05:02:09.0396 0x14cc [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:02:09.0396 0x14cc clr_optimization_v2.0.50727_32 - ok
05:02:09.0678 0x14cc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:02:09.0693 0x14cc clr_optimization_v4.0.30319_32 - ok
05:02:09.0709 0x14cc [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
05:02:09.0709 0x14cc CmdIde - ok
05:02:09.0724 0x14cc COMSysApp - ok
05:02:09.0740 0x14cc [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
05:02:09.0740 0x14cc Cpqarray - ok
05:02:09.0787 0x14cc [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
05:02:09.0787 0x14cc CryptSvc - ok
05:02:09.0818 0x14cc [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
05:02:09.0818 0x14cc dac2w2k - ok
05:02:09.0834 0x14cc [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
05:02:09.0834 0x14cc dac960nt - ok
05:02:09.0881 0x14cc [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
05:02:09.0896 0x14cc DcomLaunch - ok
05:02:09.0943 0x14cc [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
05:02:09.0943 0x14cc Dhcp - ok
05:02:09.0990 0x14cc [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
05:02:09.0990 0x14cc Disk - ok
05:02:10.0006 0x14cc dmadmin - ok
05:02:10.0037 0x14cc [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
05:02:10.0068 0x14cc dmboot - ok
05:02:10.0099 0x14cc [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
05:02:10.0099 0x14cc dmio - ok
05:02:10.0115 0x14cc [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
05:02:10.0115 0x14cc dmload - ok
05:02:10.0162 0x14cc [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
05:02:10.0162 0x14cc dmserver - ok
05:02:10.0178 0x14cc [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
05:02:10.0178 0x14cc DMusic - ok
05:02:10.0193 0x14cc [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
05:02:10.0193 0x14cc Dnscache - ok
05:02:10.0240 0x14cc [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
05:02:10.0256 0x14cc Dot3svc - ok
05:02:10.0271 0x14cc [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
05:02:10.0271 0x14cc dpti2o - ok
05:02:10.0303 0x14cc [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
05:02:10.0303 0x14cc drmkaud - ok
05:02:10.0334 0x14cc [ E814854E6B246CCF498874839AB64D77, D7BD17AD9709DA8305FF58710EE5EAA14BA5857F4B64C1CBDD21751625BFF2A3 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
05:02:10.0334 0x14cc drvmcdb - ok
05:02:10.0349 0x14cc [ EE83A4EBAE70BC93CF14879D062F548B, CCA423C19BC8A6807EE29DA7FA9F545FDF2D0AAA8D4556E13B864ED6F6683827 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
05:02:10.0349 0x14cc drvnddm - ok
05:02:10.0381 0x14cc [ 95974E66D3DE4951D29E28E8BC0B644C, 5737A2FB4D95AAB61A50E25CC570D78FC91C1A7B02754211B1B57DC4209A7D58 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
05:02:10.0381 0x14cc E100B - ok
05:02:10.0396 0x14cc [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
05:02:10.0396 0x14cc EapHost - ok
05:02:10.0459 0x14cc [ 5D1347AA5AE6E2F77D7F4F8372D95AC9, F3CA10753B7D76C87A71A0FEDB5EACE77E2E10E8DD44BEE7C66BCE17BD3EFD71 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
05:02:10.0474 0x14cc ehRecvr - ok
05:02:10.0506 0x14cc [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE26544F90B78689EEF9 ] ehSched C:\WINDOWS\eHome\ehSched.exe
05:02:10.0506 0x14cc ehSched - ok
05:02:10.0646 0x14cc [ B78436CA173FF723A1EACE5CD4900375, 6B80EAD3111FB0A48AFF35C07F0FF7BEDDF1E34200EFC599B8E92CEE4B372736 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
05:02:10.0662 0x14cc EpsonCustomerParticipation - ok
05:02:10.0724 0x14cc [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
05:02:10.0724 0x14cc ERSvc - ok
05:02:10.0756 0x14cc [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
05:02:10.0771 0x14cc Eventlog - ok
05:02:10.0818 0x14cc [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
05:02:10.0818 0x14cc EventSystem - ok
05:02:10.0865 0x14cc [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
05:02:10.0865 0x14cc Fastfat - ok
05:02:10.0896 0x14cc [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
05:02:10.0912 0x14cc FastUserSwitchingCompatibility - ok
05:02:10.0943 0x14cc [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax C:\WINDOWS\system32\fxssvc.exe
05:02:10.0943 0x14cc Fax - ok
05:02:10.0974 0x14cc [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
05:02:10.0974 0x14cc Fdc - ok
05:02:10.0990 0x14cc [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
05:02:11.0006 0x14cc Fips - ok
05:02:11.0006 0x14cc [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
05:02:11.0021 0x14cc Flpydisk - ok
05:02:11.0068 0x14cc [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
05:02:11.0068 0x14cc FltMgr - ok
05:02:11.0146 0x14cc [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
05:02:11.0146 0x14cc FontCache3.0.0.0 - ok
05:02:11.0178 0x14cc [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
05:02:11.0178 0x14cc Fs_Rec - ok
05:02:11.0209 0x14cc [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
05:02:11.0209 0x14cc Ftdisk - ok
05:02:11.0240 0x14cc [ 8C18F85EDD5D47F34068F3EFD5689FA9, 4453C9C180D016A4E961C897CD1C51319945E2046407785434EE763738B90D86 ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
05:02:11.0240 0x14cc GEARAspiWDM - ok
05:02:11.0303 0x14cc [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
05:02:11.0303 0x14cc Gpc - ok
05:02:11.0365 0x14cc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
05:02:11.0381 0x14cc gupdate - ok
05:02:11.0381 0x14cc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
05:02:11.0381 0x14cc gupdatem - ok
05:02:11.0428 0x14cc [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
05:02:11.0428 0x14cc gusvc - ok
05:02:11.0459 0x14cc [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
05:02:11.0459 0x14cc HDAudBus - ok
05:02:11.0537 0x14cc [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
05:02:11.0537 0x14cc helpsvc - ok
05:02:11.0584 0x14cc [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll
05:02:11.0584 0x14cc HidServ - ok
05:02:11.0615 0x14cc [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
05:02:11.0615 0x14cc HidUsb - ok
05:02:11.0646 0x14cc [ 47EECE68857817F39C8C6F33A7E5E76C, 240EF7ACBBC1E7DF78D5C029C5C73AAE02286EABA87A5E6FF7D2C5A25F3C93FD ] hitmanpro36 C:\WINDOWS\system32\drivers\hitmanpro36.sys
05:02:11.0646 0x14cc hitmanpro36 - ok
05:02:11.0693 0x14cc [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
05:02:11.0693 0x14cc hkmsvc - ok
05:02:11.0740 0x14cc [ 8B84068E337A7D9DC4365C8F14A2E20C, D8FE50E57AA92465CB7E51D1509EAE2FB4A02B28E023D4C4E120D106501852AD ] HPFECP15 C:\WINDOWS\System32\drivers\HPFECP15.SYS
05:02:11.0740 0x14cc HPFECP15 - ok
05:02:11.0756 0x14cc [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
05:02:11.0756 0x14cc hpn - ok
05:02:11.0803 0x14cc [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
05:02:11.0803 0x14cc HTTP - ok
05:02:11.0834 0x14cc [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
05:02:11.0834 0x14cc HTTPFilter - ok
05:02:11.0849 0x14cc [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
05:02:11.0849 0x14cc i2omgmt - ok
05:02:11.0896 0x14cc [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
05:02:11.0896 0x14cc i2omp - ok
05:02:11.0912 0x14cc [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
05:02:11.0912 0x14cc i8042prt - ok
05:02:11.0974 0x14cc [ 0294A30B302CA71A2C26E582DDA93486, FD7F3233F387A6CA0EF3719BEC354B679CF786112B05168E02AE0A0916010271 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
05:02:12.0006 0x14cc ialm - ok
05:02:12.0068 0x14cc [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
05:02:12.0068 0x14cc IDriverT - ok
05:02:12.0162 0x14cc [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:02:12.0209 0x14cc idsvc - ok
05:02:12.0240 0x14cc [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
05:02:12.0240 0x14cc Imapi - ok
05:02:12.0287 0x14cc [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
05:02:12.0287 0x14cc ImapiService - ok
05:02:12.0318 0x14cc [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
05:02:12.0318 0x14cc ini910u - ok
05:02:12.0396 0x14cc [ 7509C548400F4C9E0211E3F6E66ABBE6, 10884F759DE3EE38F93EF74202B0DBDA3CC5D5E7532E361DC33385D4CC18B659 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys
05:02:12.0459 0x14cc IntelC51 - ok
05:02:12.0506 0x14cc [ 9584FFDD41D37F2C239681D0DAC2513E, AB48DA5AA95C2D1F6C06EEF6635CC7DBCA64F90A5219E0A1501D46D5CD2944FA ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys
05:02:12.0521 0x14cc IntelC52 - ok
05:02:12.0553 0x14cc [ CF0B937710CEC6EF39416EDECD803CBB, 45929596C8E8D47809065F3B690E26E93B66206390447292801CF2985C05289D ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys
05:02:12.0553 0x14cc IntelC53 - ok
05:02:12.0568 0x14cc [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
05:02:12.0568 0x14cc IntelIde - ok
05:02:12.0631 0x14cc [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
05:02:12.0631 0x14cc intelppm - ok
05:02:12.0646 0x14cc [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
05:02:12.0646 0x14cc Ip6Fw - ok
05:02:12.0678 0x14cc [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05:02:12.0678 0x14cc IpFilterDriver - ok
05:02:12.0724 0x14cc [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
05:02:12.0724 0x14cc IpInIp - ok
05:02:12.0756 0x14cc [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
05:02:12.0756 0x14cc IpNat - ok
05:02:12.0865 0x14cc [ 929D6D4E7B1F8A6EEC96E620D121E1E5, F23757597B672AA47DB6B3C96C0F5CB32D154E5CC784615006BBB687B150EF94 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
05:02:12.0881 0x14cc iPod Service - ok
05:02:12.0912 0x14cc [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
05:02:12.0912 0x14cc IPSec - ok
05:02:12.0928 0x14cc [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
05:02:12.0928 0x14cc IRENUM - ok
05:02:12.0974 0x14cc [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
05:02:12.0990 0x14cc isapnp - ok
05:02:13.0006 0x14cc [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05:02:13.0006 0x14cc Kbdclass - ok
05:02:13.0021 0x14cc [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
05:02:13.0021 0x14cc kbdhid - ok
05:02:13.0037 0x14cc [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
05:02:13.0053 0x14cc kmixer - ok
05:02:13.0084 0x14cc [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
05:02:13.0099 0x14cc KSecDD - ok
05:02:13.0131 0x14cc [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
05:02:13.0131 0x14cc lanmanserver - ok
05:02:13.0178 0x14cc [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
05:02:13.0193 0x14cc lanmanworkstation - ok
05:02:13.0193 0x14cc lbrtfdc - ok
05:02:13.0256 0x14cc [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
05:02:13.0256 0x14cc LmHosts - ok
05:02:13.0256 0x14cc LMIInfo - ok
05:02:13.0303 0x14cc [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
05:02:13.0303 0x14cc lmimirr - ok
05:02:13.0318 0x14cc LMIRfsClientNP - ok
05:02:13.0334 0x14cc [ 622704763DA924C1565344E8C7D6CA4D, 7E14D139E5ABF392FF77A57373C7A163E171E5F79FE7BE204B3747197E5697BB ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
05:02:13.0334 0x14cc LMIRfsDriver - ok
05:02:13.0365 0x14cc [ A2AE666CEE860BABE7FA6F1662B71737, 149F52A9510A645A4B3C2981CAD0CB20C6CF82982BE5E7A1180E18C6AB647901 ] MASPINT C:\WINDOWS\system32\drivers\MASPINT.sys
05:02:13.0365 0x14cc MASPINT - ok
05:02:13.0396 0x14cc [ 629CABB0421668C9D3D402A3C3D77E14, 967DB88807D389A6993224B4B625D40F1EC17F5EE21E38DA6771D97E53E694EA ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
05:02:13.0396 0x14cc MBAMProtector - ok
05:02:13.0459 0x14cc [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF, 807934D61E9A6C8302C934DCC3901A80A7068C9BC8EB4FAE24A32D97CB1DF963 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
05:02:13.0459 0x14cc MBAMScheduler - ok
05:02:13.0506 0x14cc [ 916B8954AC3E06DC9E898AFFB41F3FB6, 8AD3D605F1681D743C7ACDB7CA4A1299F86B96959A7609A803A5823B30A21E82 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
05:02:13.0521 0x14cc MBAMService - ok
05:02:13.0584 0x14cc [ DF0A511F38F16016BF658FCA0090CB87, 6D2F6360A4E1D369607F2F394B4A8C6EE8EEE9FA46A67394769E9C0044529B6C ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
05:02:13.0584 0x14cc McrdSvc - ok
05:02:13.0631 0x14cc [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
05:02:13.0631 0x14cc Messenger - ok
05:02:13.0646 0x14cc [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN C:\WINDOWS\System32\mhn.dll
05:02:13.0646 0x14cc MHN - ok
05:02:13.0662 0x14cc [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
05:02:13.0662 0x14cc MHNDRV - ok
05:02:13.0693 0x14cc [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
05:02:13.0693 0x14cc mnmdd - ok
05:02:13.0740 0x14cc [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
05:02:13.0740 0x14cc mnmsrvc - ok
05:02:13.0787 0x14cc [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
05:02:13.0787 0x14cc Modem - ok
05:02:13.0803 0x14cc [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
05:02:13.0803 0x14cc MODEMCSA - ok
05:02:13.0834 0x14cc [ 59B8B11FF70728EEC60E72131C58B716, EB001E1FC17D57AE2A9D4CC7B6C45DC5C6869D3602C1B86F5D4940B11AAECA0A ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys
05:02:13.0834 0x14cc mohfilt - ok
05:02:13.0834 0x14cc motccgp - ok
05:02:13.0834 0x14cc motccgpfl - ok
05:02:13.0849 0x14cc motmodem - ok
05:02:13.0849 0x14cc MotoSwitchService - ok
05:02:13.0865 0x14cc Motousbnet - ok
05:02:13.0865 0x14cc motusbdevice - ok
05:02:13.0896 0x14cc [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
05:02:13.0896 0x14cc Mouclass - ok
05:02:13.0912 0x14cc [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
05:02:13.0912 0x14cc mouhid - ok
05:02:13.0928 0x14cc [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
05:02:13.0928 0x14cc MountMgr - ok
05:02:13.0990 0x14cc [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
05:02:13.0990 0x14cc MozillaMaintenance - ok
05:02:14.0021 0x14cc [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
05:02:14.0021 0x14cc mraid35x - ok
05:02:14.0037 0x14cc [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05:02:14.0053 0x14cc MRxDAV - ok
05:02:14.0084 0x14cc [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05:02:14.0099 0x14cc MRxSmb - ok
05:02:14.0162 0x14cc [ B490BD0678CB6A4890A86020ED106C75, 7EB16824974F197A7181DDFEC1BD86A220FB6D2AD0217E2D1D1A6101931CCB5C ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
05:02:14.0162 0x14cc MSCSPTISRV - ok
05:02:14.0209 0x14cc [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
05:02:14.0209 0x14cc MSDTC - ok
05:02:14.0224 0x14cc [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
05:02:14.0224 0x14cc Msfs - ok
05:02:14.0240 0x14cc MSIServer - ok
05:02:14.0256 0x14cc [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
05:02:14.0256 0x14cc MSKSSRV - ok
05:02:14.0271 0x14cc [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05:02:14.0271 0x14cc MSPCLOCK - ok
05:02:14.0318 0x14cc [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
05:02:14.0318 0x14cc MSPQM - ok
05:02:14.0365 0x14cc [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05:02:14.0365 0x14cc mssmbios - ok
05:02:14.0381 0x14cc [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
05:02:14.0381 0x14cc MSTEE - ok
05:02:14.0412 0x14cc [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
05:02:14.0412 0x14cc Mup - ok
05:02:14.0428 0x14cc [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
05:02:14.0428 0x14cc NABTSFEC - ok
05:02:14.0474 0x14cc [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
05:02:14.0490 0x14cc napagent - ok
05:02:14.0521 0x14cc [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
05:02:14.0521 0x14cc NDIS - ok
05:02:14.0553 0x14cc [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
05:02:14.0553 0x14cc NdisIP - ok
05:02:14.0584 0x14cc [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
05:02:14.0584 0x14cc NdisTapi - ok
05:02:14.0599 0x14cc [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
05:02:14.0599 0x14cc Ndisuio - ok
05:02:14.0615 0x14cc [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
05:02:14.0631 0x14cc NdisWan - ok
05:02:14.0646 0x14cc [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
05:02:14.0646 0x14cc NDProxy - ok
05:02:14.0678 0x14cc [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
05:02:14.0678 0x14cc NetBIOS - ok
05:02:14.0709 0x14cc [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
05:02:14.0709 0x14cc NetBT - ok
05:02:14.0756 0x14cc [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
05:02:14.0756 0x14cc NetDDE - ok
05:02:14.0771 0x14cc [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
05:02:14.0771 0x14cc NetDDEdsdm - ok
05:02:14.0818 0x14cc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
05:02:14.0818 0x14cc Netlogon - ok
05:02:14.0849 0x14cc [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
05:02:14.0849 0x14cc Netman - ok
05:02:14.0959 0x14cc [ 465EBAB4E0AD6F5A9CAC539648D974E9, 18626F11424DF9315ECC1A7B9A0983340BDEC9ABA9184F97E36C3947AB7F45AE ] NetMDSB C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
05:02:15.0006 0x14cc NetMDSB - ok
05:02:15.0084 0x14cc [ 9DA26B773BD04B867A8E9F427CD048FC, A8D8D92720EA31685864B834FC67CD6225D0B65DF40DCDD6A80E6D0DF677C855 ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
05:02:15.0099 0x14cc NetSvc - ok
05:02:15.0146 0x14cc [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:02:15.0146 0x14cc NetTcpPortSharing - ok
05:02:15.0193 0x14cc [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
05:02:15.0193 0x14cc Nla - ok
05:02:15.0240 0x14cc [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
05:02:15.0240 0x14cc Npfs - ok
05:02:15.0287 0x14cc [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
05:02:15.0303 0x14cc Ntfs - ok
05:02:15.0334 0x14cc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
05:02:15.0334 0x14cc NtLmSsp - ok
05:02:15.0396 0x14cc [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
05:02:15.0412 0x14cc NtmsSvc - ok
05:02:15.0428 0x14cc [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
05:02:15.0428 0x14cc Null - ok
05:02:15.0521 0x14cc [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
05:02:15.0631 0x14cc nv - ok
05:02:15.0662 0x14cc [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:02:15.0662 0x14cc NwlnkFlt - ok
05:02:15.0678 0x14cc [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:02:15.0678 0x14cc NwlnkFwd - ok
05:02:15.0818 0x14cc [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:02:15.0834 0x14cc odserv - ok
05:02:15.0912 0x14cc [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:02:15.0912 0x14cc ose - ok
05:02:15.0943 0x14cc [ DCACC2FC7DC0A3D7A60BEB81FA233822, 98866D1B93A5EAF2A7B008EACDB56A7CD3E06830F53A86330D5A0319AF8FF938 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
05:02:15.0959 0x14cc PACSPTISVR - ok
05:02:15.0990 0x14cc [ DC450992EBA6F914080C1F7FBEEED72C, A7B9CB59E10EB7C973E53BB70A8FE2CDD25FCC3CC499A0D311449F861223A447 ] PalmUSBD C:\WINDOWS\system32\drivers\PalmUSBD.sys
05:02:15.0990 0x14cc PalmUSBD - ok
05:02:16.0037 0x14cc [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
05:02:16.0037 0x14cc Parport - ok
05:02:16.0053 0x14cc [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
05:02:16.0053 0x14cc PartMgr - ok
05:02:16.0084 0x14cc [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
05:02:16.0084 0x14cc ParVdm - ok
05:02:16.0099 0x14cc [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
05:02:16.0099 0x14cc PCI - ok
05:02:16.0099 0x14cc PCIDump - ok
05:02:16.0131 0x14cc [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
05:02:16.0131 0x14cc PCIIde - ok
05:02:16.0146 0x14cc [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
05:02:16.0146 0x14cc Pcmcia - ok
05:02:16.0162 0x14cc PDCOMP - ok
05:02:16.0162 0x14cc PDFRAME - ok
05:02:16.0178 0x14cc PDRELI - ok
05:02:16.0178 0x14cc PDRFRAME - ok
05:02:16.0193 0x14cc [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
05:02:16.0193 0x14cc perc2 - ok
05:02:16.0224 0x14cc [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
05:02:16.0224 0x14cc perc2hib - ok
05:02:16.0256 0x14cc [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
05:02:16.0256 0x14cc PlugPlay - ok
05:02:16.0271 0x14cc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
05:02:16.0287 0x14cc PolicyAgent - ok
05:02:16.0303 0x14cc [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:02:16.0303 0x14cc PptpMiniport - ok
05:02:16.0303 0x14cc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05:02:16.0303 0x14cc ProtectedStorage - ok
05:02:16.0334 0x14cc [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
05:02:16.0334 0x14cc PSched - ok
05:02:16.0349 0x14cc [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:02:16.0349 0x14cc Ptilink - ok
05:02:16.0365 0x14cc [ 86724469CD077901706854974CD13C3E, 23C6B45928E43AC2893033DFC4265C2C87B3D185CB20553B9EAB818A46FB8C18 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
05:02:16.0365 0x14cc PxHelp20 - ok
05:02:16.0396 0x14cc [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
05:02:16.0396 0x14cc ql1080 - ok
05:02:16.0412 0x14cc [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
05:02:16.0412 0x14cc Ql10wnt - ok
05:02:16.0443 0x14cc [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
05:02:16.0443 0x14cc ql12160 - ok
05:02:16.0459 0x14cc [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
05:02:16.0459 0x14cc ql1240 - ok
05:02:16.0474 0x14cc [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
05:02:16.0474 0x14cc ql1280 - ok
05:02:16.0490 0x14cc [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:02:16.0506 0x14cc RasAcd - ok
05:02:16.0537 0x14cc [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
05:02:16.0553 0x14cc RasAuto - ok
05:02:16.0568 0x14cc [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:02:16.0568 0x14cc Rasl2tp - ok
05:02:16.0631 0x14cc [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
05:02:16.0631 0x14cc RasMan - ok
05:02:16.0646 0x14cc [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:02:16.0646 0x14cc RasPppoe - ok
05:02:16.0678 0x14cc [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
05:02:16.0678 0x14cc Raspti - ok
05:02:16.0693 0x14cc [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:02:16.0709 0x14cc Rdbss - ok
05:02:16.0724 0x14cc [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:02:16.0724 0x14cc RDPCDD - ok
05:02:16.0756 0x14cc [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
05:02:16.0756 0x14cc rdpdr - ok
05:02:16.0803 0x14cc [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
05:02:16.0803 0x14cc RDPWD - ok
05:02:16.0849 0x14cc [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
05:02:16.0865 0x14cc RDSessMgr - ok
05:02:16.0912 0x14cc [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
05:02:16.0912 0x14cc redbook - ok
05:02:16.0959 0x14cc [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
05:02:16.0959 0x14cc RemoteAccess - ok
05:02:16.0974 0x14cc [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
05:02:16.0990 0x14cc RemoteRegistry - ok
05:02:17.0006 0x14cc [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
05:02:17.0006 0x14cc RpcLocator - ok
05:02:17.0053 0x14cc [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
05:02:17.0053 0x14cc RpcSs - ok
05:02:17.0099 0x14cc [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
05:02:17.0099 0x14cc RSVP - ok
05:02:17.0131 0x14cc SABKUTIL - ok
05:02:17.0146 0x14cc [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
05:02:17.0146 0x14cc SamSs - ok
05:02:17.0162 0x14cc [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
05:02:17.0162 0x14cc SASDIFSV - ok
05:02:17.0193 0x14cc [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
05:02:17.0193 0x14cc SASKUTIL - ok
05:02:17.0209 0x14cc [ 2F0D9848B2EB1FA97D089BB3521D5377, EC10E8AEA102F1278510DF12BDF21DD730C1A0184155CCE07168D5EB442FFF26 ] SbcpHid C:\WINDOWS\system32\Drivers\SbcpHid.sys
05:02:17.0209 0x14cc SbcpHid - ok
05:02:17.0256 0x14cc [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
05:02:17.0271 0x14cc SCardSvr - ok
05:02:17.0318 0x14cc [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
05:02:17.0318 0x14cc Schedule - ok
05:02:17.0365 0x14cc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:02:17.0365 0x14cc Secdrv - ok
05:02:17.0381 0x14cc [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
05:02:17.0381 0x14cc seclogon - ok
05:02:17.0396 0x14cc [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
05:02:17.0412 0x14cc SENS - ok
05:02:17.0443 0x14cc [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
05:02:17.0443 0x14cc serenum - ok
05:02:17.0474 0x14cc [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
05:02:17.0474 0x14cc Serial - ok
05:02:17.0506 0x14cc [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
05:02:17.0506 0x14cc Sfloppy - ok
05:02:17.0568 0x14cc [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
05:02:17.0568 0x14cc SharedAccess - ok
05:02:17.0599 0x14cc [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
05:02:17.0615 0x14cc ShellHWDetection - ok
05:02:17.0615 0x14cc Simbad - ok
05:02:17.0662 0x14cc [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
05:02:17.0662 0x14cc sisagp - ok
05:02:17.0724 0x14cc [ A37740568718F245E818D0C5575B9AA9, 36E94C60CA4E082DD73018CCE73E12E081C8F1A8367152F5CD97652138A47534 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
05:02:17.0740 0x14cc SkypeUpdate - ok
05:02:17.0756 0x14cc [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
05:02:17.0756 0x14cc SLIP - ok
05:02:18.0068 0x14cc [ F8E7411B26530E34D1DDC82F8A6B741A, 2C9FC0B8607AB0E73EB78A4CC218C448BFFB2B8B23E4AC4EB4A8E82A2A33D469 ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
05:02:18.0365 0x14cc SNP2UVC - ok
05:02:18.0443 0x14cc [ 06527D4B5D04B6A856939169BEBF48BC, 6C2B8DEBA6113573081A16B4B2B2A0D907FC4C81EA57351835B481F206F9F763 ] snpstd C:\WINDOWS\system32\DRIVERS\snpstd.sys
05:02:18.0459 0x14cc snpstd - ok
05:02:18.0474 0x14cc [ DFADFC2C86662F40759BF02ADD27D569, 81BCBA6DE9CF540C66B4226BD5D46084295F41822BC1A7EB938277737F46CC76 ] sonypvs1 C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
05:02:18.0474 0x14cc sonypvs1 - ok
05:02:18.0506 0x14cc [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
05:02:18.0506 0x14cc Sparrow - ok
05:02:18.0537 0x14cc [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
05:02:18.0553 0x14cc splitter - ok
05:02:18.0584 0x14cc [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
05:02:18.0584 0x14cc Spooler - ok
05:02:18.0615 0x14cc [ 1B7447278005E38E464B34A7E841D628, CBEF504A8F499753E45FFC34DB25BB7AFCF3F5447A834289626BCFBB2AE4978F ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
05:02:18.0615 0x14cc SPTISRV - ok
05:02:18.0631 0x14cc [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
05:02:18.0631 0x14cc sr - ok
05:02:18.0678 0x14cc [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
05:02:18.0693 0x14cc srservice - ok
05:02:18.0724 0x14cc [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
05:02:18.0740 0x14cc Srv - ok
05:02:18.0771 0x14cc [ D7968049BE0ADBB6A57CEE3960320911, 6FB6D7BE384324211DAEDCCD80BA983E32183D08DF6C5B5B5453773DCC0F4D5B ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
05:02:18.0771 0x14cc sscdbhk5 - ok
05:02:18.0818 0x14cc [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
05:02:18.0818 0x14cc SSDPSRV - ok
05:02:18.0834 0x14cc [ C3FFD65ABFB6441E7606CF74F1155273, EFA481D5075A9C0490CEBA5F8223BE322EB3811465F41A1FB3386E30E8C81714 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
05:02:18.0834 0x14cc ssrtln - ok
05:02:18.0865 0x14cc [ F05B8D10BD6AD4CBB561E29D5BE2C674, 765F26FC5890A587B0B309A45867CA4F4BB2A2C4A36C33F033B532481E293B33 ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
05:02:18.0865 0x14cc SSScsiSV - ok
05:02:18.0943 0x14cc [ 2A2DC39623ADEF8AB3703AB9FAC4B440, A7D66F8364363085EA8BC54AB41E0C1E509A7A88753D6E6707FACF0265DF2A75 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
05:02:18.0959 0x14cc STHDA - ok
05:02:19.0006 0x14cc [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
05:02:19.0021 0x14cc stisvc - ok
05:02:19.0053 0x14cc [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
05:02:19.0053 0x14cc streamip - ok
05:02:19.0068 0x14cc [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
05:02:19.0068 0x14cc swenum - ok
05:02:19.0084 0x14cc [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
05:02:19.0084 0x14cc swmidi - ok
05:02:19.0099 0x14cc SwPrv - ok
05:02:19.0115 0x14cc [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
05:02:19.0115 0x14cc symc810 - ok
05:02:19.0131 0x14cc [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
05:02:19.0131 0x14cc symc8xx - ok
05:02:19.0146 0x14cc [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
05:02:19.0146 0x14cc sym_hi - ok
05:02:19.0162 0x14cc [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
05:02:19.0162 0x14cc sym_u3 - ok
05:02:19.0193 0x14cc [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
05:02:19.0193 0x14cc sysaudio - ok
05:02:19.0240 0x14cc [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
05:02:19.0240 0x14cc SysmonLog - ok
05:02:19.0584 0x14cc [ 34CDB0505B243CD616EBC4DE1E3FBFB6, 01839FED9F4963459B420C52B50AC527DA685FFB3273DB3655F07A3DC7F2A1D5 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
05:02:19.0849 0x14cc TabletServicePen - ok
05:02:19.0896 0x14cc [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
05:02:19.0896 0x14cc TapiSrv - ok
05:02:19.0959 0x14cc [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:02:19.0959 0x14cc Tcpip - ok
05:02:20.0006 0x14cc [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
05:02:20.0006 0x14cc TDPIPE - ok
05:02:20.0021 0x14cc [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
05:02:20.0021 0x14cc TDTCP - ok
05:02:20.0037 0x14cc [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
05:02:20.0053 0x14cc TermDD - ok
05:02:20.0084 0x14cc [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
05:02:20.0084 0x14cc TermService - ok
05:02:20.0146 0x14cc [ 30698355067D07DA5F9EB81132C9FDD6, 80457F8DBB089FFF23ED220924F5C872D896707F4B31E9C77DAB78421B9B2F6D ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
05:02:20.0146 0x14cc tfsnboio - ok
05:02:20.0162 0x14cc [ FB9D825BB4A2ABDF24600F7505050E2B, A7A11366525C4DEAD588822F4C57C7ED5D6F3578F2DB2124BF0441133B3169B9 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
05:02:20.0162 0x14cc tfsncofs - ok
05:02:20.0178 0x14cc [ CAFD8CCA11AA1E8B6D2EA1BA8F70EC33, AA5BDE527B67A14654D930252894FEDB8976EAE1F33C2BC0E7747D2B4EB93C4E ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
05:02:20.0178 0x14cc tfsndrct - ok
05:02:20.0193 0x14cc [ 8DB1E78FBF7C426D8EC3D8F1A33D6485, FF437EFD667EFE00729188B18C7E17E8C15D06A2C1F58A0F79E22DFADCECF969 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
05:02:20.0193 0x14cc tfsndres - ok
05:02:20.0224 0x14cc [ B92F67A71CC8176F331B8AA8D9F555AD, F59E8464E44E08C18C3C7D32408D7661923F30FDD35390082DC7F2C02DCC40A3 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
05:02:20.0224 0x14cc tfsnifs - ok
05:02:20.0256 0x14cc [ 85985FAA9A71E2358FCC2EDEFC2A3C5C, 9ADD1077C3B34E0EFA85EC4762822330D85F43EB4557C9ED015D8D1575E52885 ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
05:02:20.0256 0x14cc tfsnopio - ok
05:02:20.0256 0x14cc [ BBA22094F0F7C210567EFDAF11F64495, C55D3F3628C73FFA776C9B61BA735CB24DEE9F80F6E74A2F9BD70CFFB863BA57 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
05:02:20.0256 0x14cc tfsnpool - ok
05:02:20.0287 0x14cc [ 81340BEF80B9811E98CE64611E67E3FF, CD6679A4D1A7932CD64F1F6AACF09CEC2D8E7DD001F812CC49756D8F582D907A ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
05:02:20.0287 0x14cc tfsnudf - ok
05:02:20.0303 0x14cc [ C035FD116224CCC8325F384776B6A8BB, CB97AD56288F916DE2AF5B1EC9D04AF3A1C2A2FA0A738282DA3763036DD18F12 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
05:02:20.0318 0x14cc tfsnudfa - ok
05:02:20.0334 0x14cc [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
05:02:20.0334 0x14cc Themes - ok
05:02:20.0381 0x14cc [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
05:02:20.0396 0x14cc TlntSvr - ok
05:02:20.0412 0x14cc [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
05:02:20.0412 0x14cc TosIde - ok
05:02:20.0459 0x14cc [ 5D3785200A6FCE6EB5269F86070CD8EA, 28DB423696F2BFC6519C30B5FFD2CB0493F486F677E7813110CF14A50245E8CB ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
05:02:20.0474 0x14cc TouchServicePen - ok
05:02:20.0521 0x14cc [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
05:02:20.0521 0x14cc TrkWks - ok
05:02:20.0553 0x14cc [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
05:02:20.0553 0x14cc Udfs - ok
05:02:20.0568 0x14cc [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
05:02:20.0568 0x14cc ultra - ok
05:02:20.0599 0x14cc [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
05:02:20.0615 0x14cc Update - ok
05:02:20.0646 0x14cc [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
05:02:20.0662 0x14cc upnphost - ok
05:02:20.0678 0x14cc [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
05:02:20.0678 0x14cc UPS - ok
05:02:20.0724 0x14cc [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
05:02:20.0724 0x14cc usbaudio - ok
05:02:20.0756 0x14cc [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
05:02:20.0756 0x14cc usbccgp - ok
05:02:20.0771 0x14cc [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:02:20.0771 0x14cc usbehci - ok
05:02:20.0818 0x14cc [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:02:20.0818 0x14cc usbhub - ok
05:02:20.0865 0x14cc [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
05:02:20.0865 0x14cc usbprint - ok
05:02:20.0896 0x14cc [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
05:02:20.0912 0x14cc usbscan - ok
05:02:20.0912 0x14cc [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
05:02:20.0912 0x14cc USBSTOR - ok
05:02:20.0943 0x14cc [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:02:20.0943 0x14cc usbuhci - ok
05:02:20.0959 0x14cc [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
05:02:20.0974 0x14cc usbvideo - ok
05:02:20.0990 0x14cc [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
05:02:20.0990 0x14cc VgaSave - ok
05:02:21.0037 0x14cc [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
05:02:21.0037 0x14cc viaagp - ok
05:02:21.0053 0x14cc [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
05:02:21.0053 0x14cc ViaIde - ok
05:02:21.0068 0x14cc [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
05:02:21.0068 0x14cc VolSnap - ok
05:02:21.0115 0x14cc [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
05:02:21.0131 0x14cc VSS - ok
05:02:21.0178 0x14cc [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time C:\WINDOWS\system32\w32time.dll
05:02:21.0178 0x14cc w32time - ok
05:02:21.0224 0x14cc [ 427A8BC96F16C40DF81C2D2F4EDD32DD, C65B089140D4A7218FC5B6EEDCCE498DF1F71BBE375762C9092FAC02CAE1CEC7 ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
05:02:21.0224 0x14cc wacommousefilter - ok
05:02:21.0240 0x14cc [ 846B58EA44BF8C92E4B59F4E2252C4C0, C5803CB7F2D584D4C9E648E05355063C47197949F1B4085F38000733BB18BEA9 ] wacomvhid C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
05:02:21.0240 0x14cc wacomvhid - ok
05:02:21.0256 0x14cc [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:02:21.0256 0x14cc Wanarp - ok
05:02:21.0256 0x14cc wanatw - ok
05:02:21.0318 0x14cc [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
05:02:21.0334 0x14cc Wdf01000 - ok
05:02:21.0334 0x14cc WDICA - ok
05:02:21.0349 0x14cc [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
05:02:21.0365 0x14cc wdmaud - ok
05:02:21.0381 0x14cc [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
05:02:21.0381 0x14cc WebClient - ok
05:02:21.0459 0x14cc [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
05:02:21.0459 0x14cc winmgmt - ok
05:02:21.0506 0x14cc [ FD600B032E741EB6AAB509FC630F7C42, 2AF671D0648A5C2D2C4A7D0FDE803F07CC079CF1FA4E237DB912A8C77D9EC1F6 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
05:02:21.0506 0x14cc WinUSB - ok
05:02:21.0553 0x14cc [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
05:02:21.0553 0x14cc WmdmPmSN - ok
05:02:21.0599 0x14cc [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
05:02:21.0615 0x14cc Wmi - ok
05:02:21.0646 0x14cc [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
05:02:21.0646 0x14cc WmiApSrv - ok
05:02:21.0756 0x14cc [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
05:02:21.0787 0x14cc WMPNetworkSvc - ok
05:02:21.0818 0x14cc [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
05:02:21.0818 0x14cc WpdUsb - ok
05:02:22.0209 0x14cc [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
05:02:22.0240 0x14cc WPFFontCache_v0400 - ok
05:02:22.0271 0x14cc [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
05:02:22.0271 0x14cc WS2IFSL - ok
05:02:22.0318 0x14cc [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
05:02:22.0318 0x14cc wscsvc - ok
05:02:22.0365 0x14cc [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
05:02:22.0365 0x14cc WSTCODEC - ok
05:02:22.0381 0x14cc [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
05:02:22.0381 0x14cc wuauserv - ok
05:02:22.0428 0x14cc [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
05:02:22.0443 0x14cc WudfPf - ok
05:02:22.0459 0x14cc [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
05:02:22.0459 0x14cc WudfRd - ok
05:02:22.0474 0x14cc [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
05:02:22.0490 0x14cc WudfSvc - ok
05:02:22.0553 0x14cc [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
05:02:22.0568 0x14cc WZCSVC - ok
05:02:22.0599 0x14cc [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
05:02:22.0599 0x14cc xmlprov - ok
05:02:22.0615 0x14cc ================ Scan global ===============================
05:02:22.0662 0x14cc [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
05:02:22.0709 0x14cc [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
05:02:22.0724 0x14cc [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
05:02:22.0771 0x14cc [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
05:02:22.0771 0x14cc [ Global ] - ok
05:02:22.0771 0x14cc ================ Scan MBR ==================================
05:02:22.0787 0x14cc [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0
05:02:22.0959 0x14cc \Device\Harddisk0\DR0 - ok
05:02:22.0974 0x14cc [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR4
05:02:22.0974 0x14cc \Device\Harddisk1\DR4 - ok
05:02:22.0974 0x14cc ================ Scan VBR ==================================
05:02:22.0990 0x14cc [ 0EB46B6DC460B6F2AA7C3C6BD084BD7F ] \Device\Harddisk0\DR0\Partition1
05:02:22.0990 0x14cc \Device\Harddisk0\DR0\Partition1 - ok
05:02:22.0990 0x14cc [ 3E19884C7F8370CF8BD7A7B07C6C97D8 ] \Device\Harddisk1\DR4\Partition1
05:02:22.0990 0x14cc \Device\Harddisk1\DR4\Partition1 - ok
05:02:22.0990 0x14cc Waiting for KSN requests completion. In queue: 244
05:02:23.0990 0x14cc Waiting for KSN requests completion. In queue: 244
05:02:24.0990 0x14cc Waiting for KSN requests completion. In queue: 244
05:02:25.0990 0x14cc Waiting for KSN requests completion. In queue: 244
05:02:26.0990 0x14cc Have new async UDS detects: 1
05:02:26.0990 0x14cc SbcpHid - detected UDS:DangerousObject.Multi.Generic ( 0 )
05:02:27.0099 0x14cc SbcpHid ( UDS:DangerousObject.Multi.Generic ) - infected
05:02:27.0099 0x14cc Force sending object to P2P due to detect: C:\WINDOWS\system32\Drivers\SbcpHid.sys
05:02:29.0974 0x14cc Object send P2P result: true
05:02:32.0834 0x14cc Win FW state via NFM: enabled
05:02:35.0381 0x14cc ============================================================
05:02:35.0381 0x14cc Scan finished
05:02:35.0381 0x14cc ============================================================
05:02:35.0396 0x0864 Detected object count: 1
05:02:35.0396 0x0864 Actual detected object count: 1
05:02:52.0381 0x0864 C:\WINDOWS\system32\Drivers\SbcpHid.sys - copied to quarantine
05:02:52.0381 0x0864 SbcpHid ( UDS:DangerousObject.Multi.Generic ) - User select action: Quarantine
-
Thanks for all your help Marius! I will be sure to make a donation!
-
This is the TDSS Killer Log
16:03:00.0296 0x17d4 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
16:03:07.0702 0x17d4 ============================================================
16:03:07.0702 0x17d4 Current date / time: 2013/12/15 16:03:07.0702
16:03:07.0702 0x17d4 SystemInfo:
16:03:07.0702 0x17d4
16:03:07.0702 0x17d4 OS Version: 5.1.2600 ServicePack: 3.0
16:03:07.0702 0x17d4 Product type: Workstation
16:03:07.0702 0x17d4 ComputerName: NZINGA1
16:03:07.0702 0x17d4 UserName: Nzinga
16:03:07.0702 0x17d4 Windows directory: C:\WINDOWS
16:03:07.0702 0x17d4 System windows directory: C:\WINDOWS
16:03:07.0702 0x17d4 Processor architecture: Intel x86
16:03:07.0702 0x17d4 Number of processors: 2
16:03:07.0702 0x17d4 Page size: 0x1000
16:03:07.0702 0x17d4 Boot type: Normal boot
16:03:07.0702 0x17d4 ============================================================
16:03:10.0483 0x17d4 KLMD registered as C:\WINDOWS\system32\drivers\55463748.sys
16:03:10.0811 0x17d4 System UUID: {05F101A5-8440-8944-2FB6-B4874DE430A2}
16:03:11.0968 0x17d4 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:03:12.0061 0x17d4 Drive \Device\Harddisk1\DR4 - Size: 0x1D1C0F00000 (1863.01 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:03:12.0186 0x17d4 ============================================================
16:03:12.0186 0x17d4 \Device\Harddisk0\DR0:
16:03:12.0202 0x17d4 MBR partitions:
16:03:12.0202 0x17d4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x8BA231A
16:03:12.0202 0x17d4 \Device\Harddisk1\DR4:
16:03:12.0202 0x17d4 MBR partitions:
16:03:12.0202 0x17d4 \Device\Harddisk1\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
16:03:12.0202 0x17d4 ============================================================
16:03:12.0405 0x17d4 C: <-> \Device\Harddisk0\DR0\Partition1
16:03:12.0468 0x17d4 F: <-> \Device\Harddisk1\DR4\Partition1
16:03:12.0468 0x17d4 ============================================================
16:03:12.0468 0x17d4 Initialize success
16:03:12.0468 0x17d4 ============================================================
16:03:14.0686 0x0b60 ============================================================
16:03:14.0686 0x0b60 Scan started
16:03:14.0686 0x0b60 Mode: Manual;
16:03:14.0686 0x0b60 ============================================================
16:03:14.0686 0x0b60 KSN ping started
16:03:17.0686 0x0b60 KSN ping finished: true
16:03:18.0671 0x0b60 ================ Scan system memory ========================
16:03:18.0671 0x0b60 System memory - ok
16:03:18.0671 0x0b60 ================ Scan services =============================
16:03:18.0749 0x0b60 [ 01E81C84AD1D0ACC61CF3CFD06632210, 1140756BA2F28CA8DFCFF8FD223654E6A78BA1B770A169CC557ECE0E01381B17 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
16:03:18.0749 0x0b60 !SASCORE - ok
16:03:19.0061 0x0b60 [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
16:03:19.0140 0x0b60 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
16:03:19.0249 0x0b60 Abiosdsk - ok
16:03:19.0280 0x0b60 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:03:19.0296 0x0b60 abp480n5 - ok
16:03:19.0327 0x0b60 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:03:19.0343 0x0b60 ACPI - ok
16:03:19.0358 0x0b60 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:03:19.0358 0x0b60 ACPIEC - ok
16:03:19.0390 0x0b60 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
16:03:19.0390 0x0b60 Adobe LM Service - ok
16:03:19.0436 0x0b60 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:03:19.0452 0x0b60 AdobeFlashPlayerUpdateSvc - ok
16:03:19.0468 0x0b60 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:03:19.0468 0x0b60 adpu160m - ok
16:03:19.0515 0x0b60 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:03:19.0515 0x0b60 aec - ok
16:03:19.0546 0x0b60 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:03:19.0546 0x0b60 AFD - ok
16:03:19.0593 0x0b60 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
16:03:19.0593 0x0b60 agp440 - ok
16:03:19.0608 0x0b60 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:03:19.0608 0x0b60 agpCPQ - ok
16:03:19.0624 0x0b60 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:03:19.0624 0x0b60 Aha154x - ok
16:03:19.0640 0x0b60 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:03:19.0640 0x0b60 aic78u2 - ok
16:03:19.0655 0x0b60 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:03:19.0655 0x0b60 aic78xx - ok
16:03:19.0686 0x0b60 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:03:19.0686 0x0b60 Alerter - ok
16:03:19.0702 0x0b60 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
16:03:19.0702 0x0b60 ALG - ok
16:03:19.0733 0x0b60 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
16:03:19.0733 0x0b60 AliIde - ok
16:03:19.0749 0x0b60 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:03:19.0749 0x0b60 alim1541 - ok
16:03:19.0765 0x0b60 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:03:19.0765 0x0b60 amdagp - ok
16:03:19.0780 0x0b60 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
16:03:19.0780 0x0b60 amsint - ok
16:03:19.0827 0x0b60 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:03:19.0843 0x0b60 AppMgmt - ok
16:03:19.0858 0x0b60 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
16:03:19.0858 0x0b60 asc - ok
16:03:19.0874 0x0b60 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:03:19.0874 0x0b60 asc3350p - ok
16:03:19.0890 0x0b60 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:03:19.0890 0x0b60 asc3550 - ok
16:03:19.0999 0x0b60 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:03:20.0046 0x0b60 aspnet_state - ok
16:03:20.0093 0x0b60 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:03:20.0093 0x0b60 AsyncMac - ok
16:03:20.0108 0x0b60 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:03:20.0108 0x0b60 atapi - ok
16:03:20.0124 0x0b60 Atdisk - ok
16:03:20.0171 0x0b60 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:03:20.0171 0x0b60 Atmarpc - ok
16:03:20.0218 0x0b60 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:03:20.0218 0x0b60 AudioSrv - ok
16:03:20.0233 0x0b60 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:03:20.0233 0x0b60 audstub - ok
16:03:20.0249 0x0b60 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:03:20.0265 0x0b60 Beep - ok
16:03:20.0311 0x0b60 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
16:03:20.0327 0x0b60 BITS - ok
16:03:20.0374 0x0b60 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
16:03:20.0374 0x0b60 Browser - ok
16:03:20.0374 0x0b60 BTCFilterService - ok
16:03:20.0374 0x0b60 bvrp_pci - ok
16:03:20.0624 0x0b60 catchme - ok
16:03:20.0640 0x0b60 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:03:20.0640 0x0b60 cbidf - ok
16:03:20.0640 0x0b60 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:03:20.0640 0x0b60 cbidf2k - ok
16:03:20.0655 0x0b60 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:03:20.0655 0x0b60 CCDECODE - ok
16:03:20.0686 0x0b60 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:03:20.0686 0x0b60 cd20xrnt - ok
16:03:20.0702 0x0b60 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:03:20.0702 0x0b60 Cdaudio - ok
16:03:20.0749 0x0b60 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:03:20.0749 0x0b60 Cdfs - ok
16:03:20.0765 0x0b60 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:03:20.0765 0x0b60 Cdrom - ok
16:03:20.0765 0x0b60 Changer - ok
16:03:20.0811 0x0b60 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:03:20.0827 0x0b60 CiSvc - ok
16:03:20.0827 0x0b60 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:03:20.0843 0x0b60 ClipSrv - ok
16:03:20.0890 0x0b60 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:03:20.0936 0x0b60 clr_optimization_v2.0.50727_32 - ok
16:03:21.0233 0x0b60 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:03:21.0249 0x0b60 clr_optimization_v4.0.30319_32 - ok
16:03:21.0265 0x0b60 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:03:21.0265 0x0b60 CmdIde - ok
16:03:21.0280 0x0b60 COMSysApp - ok
16:03:21.0296 0x0b60 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:03:21.0296 0x0b60 Cpqarray - ok
16:03:21.0343 0x0b60 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:03:21.0343 0x0b60 CryptSvc - ok
16:03:21.0374 0x0b60 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:03:21.0374 0x0b60 dac2w2k - ok
16:03:21.0390 0x0b60 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:03:21.0390 0x0b60 dac960nt - ok
16:03:21.0436 0x0b60 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:03:21.0452 0x0b60 DcomLaunch - ok
16:03:21.0499 0x0b60 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:03:21.0515 0x0b60 Dhcp - ok
16:03:21.0561 0x0b60 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:03:21.0561 0x0b60 Disk - ok
16:03:21.0577 0x0b60 dmadmin - ok
16:03:21.0640 0x0b60 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:03:21.0671 0x0b60 dmboot - ok
16:03:21.0686 0x0b60 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:03:21.0702 0x0b60 dmio - ok
16:03:21.0733 0x0b60 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:03:21.0733 0x0b60 dmload - ok
16:03:21.0765 0x0b60 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
16:03:21.0765 0x0b60 dmserver - ok
16:03:21.0780 0x0b60 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:03:21.0780 0x0b60 DMusic - ok
16:03:21.0811 0x0b60 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:03:21.0811 0x0b60 Dnscache - ok
16:03:21.0858 0x0b60 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:03:21.0858 0x0b60 Dot3svc - ok
16:03:21.0890 0x0b60 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:03:21.0890 0x0b60 dpti2o - ok
16:03:21.0905 0x0b60 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:03:21.0905 0x0b60 drmkaud - ok
16:03:21.0952 0x0b60 [ E814854E6B246CCF498874839AB64D77, D7BD17AD9709DA8305FF58710EE5EAA14BA5857F4B64C1CBDD21751625BFF2A3 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
16:03:21.0952 0x0b60 drvmcdb - ok
16:03:21.0968 0x0b60 [ EE83A4EBAE70BC93CF14879D062F548B, CCA423C19BC8A6807EE29DA7FA9F545FDF2D0AAA8D4556E13B864ED6F6683827 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
16:03:21.0968 0x0b60 drvnddm - ok
16:03:21.0983 0x0b60 [ 95974E66D3DE4951D29E28E8BC0B644C, 5737A2FB4D95AAB61A50E25CC570D78FC91C1A7B02754211B1B57DC4209A7D58 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:03:21.0999 0x0b60 E100B - ok
16:03:22.0015 0x0b60 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:03:22.0015 0x0b60 EapHost - ok
16:03:22.0077 0x0b60 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9, F3CA10753B7D76C87A71A0FEDB5EACE77E2E10E8DD44BEE7C66BCE17BD3EFD71 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
16:03:22.0077 0x0b60 ehRecvr - ok
16:03:22.0108 0x0b60 [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE26544F90B78689EEF9 ] ehSched C:\WINDOWS\eHome\ehSched.exe
16:03:22.0108 0x0b60 ehSched - ok
16:03:22.0249 0x0b60 [ B78436CA173FF723A1EACE5CD4900375, 6B80EAD3111FB0A48AFF35C07F0FF7BEDDF1E34200EFC599B8E92CEE4B372736 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
16:03:22.0265 0x0b60 EpsonCustomerParticipation - ok
16:03:22.0311 0x0b60 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:03:22.0327 0x0b60 ERSvc - ok
16:03:22.0358 0x0b60 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
16:03:22.0374 0x0b60 Eventlog - ok
16:03:22.0421 0x0b60 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
16:03:22.0436 0x0b60 EventSystem - ok
16:03:22.0483 0x0b60 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:03:22.0499 0x0b60 Fastfat - ok
16:03:22.0530 0x0b60 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:03:22.0530 0x0b60 FastUserSwitchingCompatibility - ok
16:03:22.0593 0x0b60 [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax C:\WINDOWS\system32\fxssvc.exe
16:03:22.0593 0x0b60 Fax - ok
16:03:22.0624 0x0b60 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:03:22.0624 0x0b60 Fdc - ok
16:03:22.0640 0x0b60 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:03:22.0640 0x0b60 Fips - ok
16:03:22.0655 0x0b60 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:03:22.0655 0x0b60 Flpydisk - ok
16:03:22.0702 0x0b60 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:03:22.0718 0x0b60 FltMgr - ok
16:03:22.0811 0x0b60 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:03:22.0811 0x0b60 FontCache3.0.0.0 - ok
16:03:22.0827 0x0b60 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:03:22.0827 0x0b60 Fs_Rec - ok
16:03:22.0858 0x0b60 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:03:22.0858 0x0b60 Ftdisk - ok
16:03:22.0905 0x0b60 [ 8C18F85EDD5D47F34068F3EFD5689FA9, 4453C9C180D016A4E961C897CD1C51319945E2046407785434EE763738B90D86 ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
16:03:22.0905 0x0b60 GEARAspiWDM - ok
16:03:22.0952 0x0b60 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:03:22.0952 0x0b60 Gpc - ok
16:03:23.0030 0x0b60 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:03:23.0030 0x0b60 gupdate - ok
16:03:23.0030 0x0b60 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:03:23.0046 0x0b60 gupdatem - ok
16:03:23.0077 0x0b60 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:03:23.0093 0x0b60 gusvc - ok
16:03:23.0108 0x0b60 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:03:23.0124 0x0b60 HDAudBus - ok
16:03:23.0186 0x0b60 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:03:23.0186 0x0b60 helpsvc - ok
16:03:23.0233 0x0b60 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll
16:03:23.0233 0x0b60 HidServ - ok
16:03:23.0280 0x0b60 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:03:23.0280 0x0b60 HidUsb - ok
16:03:23.0296 0x0b60 [ 47EECE68857817F39C8C6F33A7E5E76C, 240EF7ACBBC1E7DF78D5C029C5C73AAE02286EABA87A5E6FF7D2C5A25F3C93FD ] hitmanpro36 C:\WINDOWS\system32\drivers\hitmanpro36.sys
16:03:23.0296 0x0b60 hitmanpro36 - ok
16:03:23.0390 0x0b60 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:03:23.0390 0x0b60 hkmsvc - ok
16:03:23.0436 0x0b60 [ 8B84068E337A7D9DC4365C8F14A2E20C, D8FE50E57AA92465CB7E51D1509EAE2FB4A02B28E023D4C4E120D106501852AD ] HPFECP15 C:\WINDOWS\System32\drivers\HPFECP15.SYS
16:03:23.0436 0x0b60 HPFECP15 - ok
16:03:23.0468 0x0b60 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
16:03:23.0468 0x0b60 hpn - ok
16:03:23.0515 0x0b60 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:03:23.0515 0x0b60 HTTP - ok
16:03:23.0546 0x0b60 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:03:23.0546 0x0b60 HTTPFilter - ok
16:03:23.0561 0x0b60 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
16:03:23.0561 0x0b60 i2omgmt - ok
16:03:23.0577 0x0b60 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:03:23.0593 0x0b60 i2omp - ok
16:03:23.0608 0x0b60 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:03:23.0608 0x0b60 i8042prt - ok
16:03:23.0655 0x0b60 [ 0294A30B302CA71A2C26E582DDA93486, FD7F3233F387A6CA0EF3719BEC354B679CF786112B05168E02AE0A0916010271 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
16:03:23.0686 0x0b60 ialm - ok
16:03:23.0765 0x0b60 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:03:23.0765 0x0b60 IDriverT - ok
16:03:23.0858 0x0b60 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:03:23.0905 0x0b60 idsvc - ok
16:03:23.0936 0x0b60 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:03:23.0936 0x0b60 Imapi - ok
16:03:23.0999 0x0b60 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
16:03:23.0999 0x0b60 ImapiService - ok
16:03:24.0015 0x0b60 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:03:24.0015 0x0b60 ini910u - ok
16:03:24.0108 0x0b60 [ 7509C548400F4C9E0211E3F6E66ABBE6, 10884F759DE3EE38F93EF74202B0DBDA3CC5D5E7532E361DC33385D4CC18B659 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys
16:03:24.0218 0x0b60 IntelC51 - ok
16:03:24.0296 0x0b60 [ 9584FFDD41D37F2C239681D0DAC2513E, AB48DA5AA95C2D1F6C06EEF6635CC7DBCA64F90A5219E0A1501D46D5CD2944FA ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys
16:03:24.0327 0x0b60 IntelC52 - ok
16:03:24.0358 0x0b60 [ CF0B937710CEC6EF39416EDECD803CBB, 45929596C8E8D47809065F3B690E26E93B66206390447292801CF2985C05289D ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys
16:03:24.0358 0x0b60 IntelC53 - ok
16:03:24.0390 0x0b60 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
16:03:24.0390 0x0b60 IntelIde - ok
16:03:24.0436 0x0b60 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:03:24.0436 0x0b60 intelppm - ok
16:03:24.0452 0x0b60 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
16:03:24.0452 0x0b60 Ip6Fw - ok
16:03:24.0499 0x0b60 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:03:24.0499 0x0b60 IpFilterDriver - ok
16:03:24.0546 0x0b60 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:03:24.0546 0x0b60 IpInIp - ok
16:03:24.0577 0x0b60 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:03:24.0577 0x0b60 IpNat - ok
16:03:24.0702 0x0b60 [ 929D6D4E7B1F8A6EEC96E620D121E1E5, F23757597B672AA47DB6B3C96C0F5CB32D154E5CC784615006BBB687B150EF94 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:03:24.0718 0x0b60 iPod Service - ok
16:03:24.0749 0x0b60 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:03:24.0749 0x0b60 IPSec - ok
16:03:24.0780 0x0b60 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:03:24.0780 0x0b60 IRENUM - ok
16:03:24.0827 0x0b60 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:03:24.0827 0x0b60 isapnp - ok
16:03:24.0843 0x0b60 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:03:24.0858 0x0b60 Kbdclass - ok
16:03:24.0858 0x0b60 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:03:24.0858 0x0b60 kbdhid - ok
16:03:24.0890 0x0b60 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:03:24.0905 0x0b60 kmixer - ok
16:03:24.0952 0x0b60 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:03:24.0952 0x0b60 KSecDD - ok
16:03:24.0999 0x0b60 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
16:03:24.0999 0x0b60 lanmanserver - ok
16:03:25.0061 0x0b60 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:03:25.0077 0x0b60 lanmanworkstation - ok
16:03:25.0077 0x0b60 lbrtfdc - ok
16:03:25.0155 0x0b60 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:03:25.0155 0x0b60 LmHosts - ok
16:03:25.0155 0x0b60 LMIInfo - ok
16:03:25.0218 0x0b60 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
16:03:25.0218 0x0b60 lmimirr - ok
16:03:25.0233 0x0b60 LMIRfsClientNP - ok
16:03:25.0249 0x0b60 [ 622704763DA924C1565344E8C7D6CA4D, 7E14D139E5ABF392FF77A57373C7A163E171E5F79FE7BE204B3747197E5697BB ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
16:03:25.0265 0x0b60 LMIRfsDriver - ok
16:03:25.0296 0x0b60 [ A2AE666CEE860BABE7FA6F1662B71737, 149F52A9510A645A4B3C2981CAD0CB20C6CF82982BE5E7A1180E18C6AB647901 ] MASPINT C:\WINDOWS\system32\drivers\MASPINT.sys
16:03:25.0296 0x0b60 MASPINT - ok
16:03:25.0343 0x0b60 [ 629CABB0421668C9D3D402A3C3D77E14, 967DB88807D389A6993224B4B625D40F1EC17F5EE21E38DA6771D97E53E694EA ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
16:03:25.0343 0x0b60 MBAMProtector - ok
16:03:25.0421 0x0b60 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF, 807934D61E9A6C8302C934DCC3901A80A7068C9BC8EB4FAE24A32D97CB1DF963 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:03:25.0436 0x0b60 MBAMScheduler - ok
16:03:25.0483 0x0b60 [ 916B8954AC3E06DC9E898AFFB41F3FB6, 8AD3D605F1681D743C7ACDB7CA4A1299F86B96959A7609A803A5823B30A21E82 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:03:25.0515 0x0b60 MBAMService - ok
16:03:25.0577 0x0b60 [ DF0A511F38F16016BF658FCA0090CB87, 6D2F6360A4E1D369607F2F394B4A8C6EE8EEE9FA46A67394769E9C0044529B6C ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
16:03:25.0577 0x0b60 McrdSvc - ok
16:03:25.0624 0x0b60 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:03:25.0624 0x0b60 Messenger - ok
16:03:25.0655 0x0b60 [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN C:\WINDOWS\System32\mhn.dll
16:03:25.0655 0x0b60 MHN - ok
16:03:25.0686 0x0b60 [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
16:03:25.0686 0x0b60 MHNDRV - ok
16:03:25.0702 0x0b60 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:03:25.0718 0x0b60 mnmdd - ok
16:03:25.0765 0x0b60 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:03:25.0765 0x0b60 mnmsrvc - ok
16:03:25.0811 0x0b60 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:03:25.0811 0x0b60 Modem - ok
16:03:25.0827 0x0b60 [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
16:03:25.0827 0x0b60 MODEMCSA - ok
16:03:25.0843 0x0b60 [ 59B8B11FF70728EEC60E72131C58B716, EB001E1FC17D57AE2A9D4CC7B6C45DC5C6869D3602C1B86F5D4940B11AAECA0A ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys
16:03:25.0858 0x0b60 mohfilt - ok
16:03:25.0858 0x0b60 motccgp - ok
16:03:25.0858 0x0b60 motccgpfl - ok
16:03:25.0874 0x0b60 motmodem - ok
16:03:25.0890 0x0b60 MotoSwitchService - ok
16:03:25.0890 0x0b60 Motousbnet - ok
16:03:25.0905 0x0b60 motusbdevice - ok
16:03:25.0936 0x0b60 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:03:25.0936 0x0b60 Mouclass - ok
16:03:25.0968 0x0b60 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:03:25.0968 0x0b60 mouhid - ok
16:03:25.0999 0x0b60 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:03:25.0999 0x0b60 MountMgr - ok
16:03:26.0046 0x0b60 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:03:26.0061 0x0b60 MozillaMaintenance - ok
16:03:26.0093 0x0b60 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:03:26.0093 0x0b60 mraid35x - ok
16:03:26.0124 0x0b60 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:03:26.0140 0x0b60 MRxDAV - ok
16:03:26.0202 0x0b60 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:03:26.0218 0x0b60 MRxSmb - ok
16:03:26.0265 0x0b60 [ B490BD0678CB6A4890A86020ED106C75, 7EB16824974F197A7181DDFEC1BD86A220FB6D2AD0217E2D1D1A6101931CCB5C ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
16:03:26.0265 0x0b60 MSCSPTISRV - ok
16:03:26.0311 0x0b60 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:03:26.0311 0x0b60 MSDTC - ok
16:03:26.0343 0x0b60 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:03:26.0343 0x0b60 Msfs - ok
16:03:26.0358 0x0b60 MSIServer - ok
16:03:26.0374 0x0b60 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:03:26.0374 0x0b60 MSKSSRV - ok
16:03:26.0390 0x0b60 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:03:26.0390 0x0b60 MSPCLOCK - ok
16:03:26.0436 0x0b60 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:03:26.0436 0x0b60 MSPQM - ok
16:03:26.0468 0x0b60 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:03:26.0483 0x0b60 mssmbios - ok
16:03:26.0499 0x0b60 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:03:26.0499 0x0b60 MSTEE - ok
16:03:26.0515 0x0b60 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:03:26.0530 0x0b60 Mup - ok
16:03:26.0546 0x0b60 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:03:26.0561 0x0b60 NABTSFEC - ok
16:03:26.0624 0x0b60 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
16:03:26.0624 0x0b60 napagent - ok
16:03:26.0671 0x0b60 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:03:26.0671 0x0b60 NDIS - ok
16:03:26.0702 0x0b60 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:03:26.0702 0x0b60 NdisIP - ok
16:03:26.0733 0x0b60 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:03:26.0733 0x0b60 NdisTapi - ok
16:03:26.0749 0x0b60 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:03:26.0749 0x0b60 Ndisuio - ok
16:03:26.0765 0x0b60 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:03:26.0780 0x0b60 NdisWan - ok
16:03:26.0796 0x0b60 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:03:26.0796 0x0b60 NDProxy - ok
16:03:26.0827 0x0b60 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:03:26.0827 0x0b60 NetBIOS - ok
16:03:26.0858 0x0b60 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:03:26.0874 0x0b60 NetBT - ok
16:03:26.0936 0x0b60 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
16:03:26.0952 0x0b60 NetDDE - ok
16:03:26.0968 0x0b60 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:03:26.0968 0x0b60 NetDDEdsdm - ok
16:03:27.0030 0x0b60 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:03:27.0030 0x0b60 Netlogon - ok
16:03:27.0061 0x0b60 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
16:03:27.0077 0x0b60 Netman - ok
16:03:27.0186 0x0b60 [ 465EBAB4E0AD6F5A9CAC539648D974E9, 18626F11424DF9315ECC1A7B9A0983340BDEC9ABA9184F97E36C3947AB7F45AE ] NetMDSB C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
16:03:27.0233 0x0b60 NetMDSB - ok
16:03:27.0327 0x0b60 [ 9DA26B773BD04B867A8E9F427CD048FC, A8D8D92720EA31685864B834FC67CD6225D0B65DF40DCDD6A80E6D0DF677C855 ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
16:03:27.0343 0x0b60 NetSvc - ok
16:03:27.0390 0x0b60 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:03:27.0405 0x0b60 NetTcpPortSharing - ok
16:03:27.0452 0x0b60 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
16:03:27.0468 0x0b60 Nla - ok
16:03:27.0515 0x0b60 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:03:27.0530 0x0b60 Npfs - ok
16:03:27.0577 0x0b60 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:03:27.0608 0x0b60 Ntfs - ok
16:03:27.0624 0x0b60 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:03:27.0624 0x0b60 NtLmSsp - ok
16:03:27.0702 0x0b60 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:03:27.0718 0x0b60 NtmsSvc - ok
16:03:27.0749 0x0b60 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
16:03:27.0749 0x0b60 Null - ok
16:03:27.0858 0x0b60 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:03:27.0952 0x0b60 nv - ok
16:03:27.0999 0x0b60 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:03:27.0999 0x0b60 NwlnkFlt - ok
16:03:28.0015 0x0b60 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:03:28.0015 0x0b60 NwlnkFwd - ok
16:03:28.0171 0x0b60 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:03:28.0186 0x0b60 odserv - ok
16:03:28.0265 0x0b60 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:03:28.0265 0x0b60 ose - ok
16:03:28.0296 0x0b60 [ DCACC2FC7DC0A3D7A60BEB81FA233822, 98866D1B93A5EAF2A7B008EACDB56A7CD3E06830F53A86330D5A0319AF8FF938 ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
16:03:28.0311 0x0b60 PACSPTISVR - ok
16:03:28.0327 0x0b60 [ DC450992EBA6F914080C1F7FBEEED72C, A7B9CB59E10EB7C973E53BB70A8FE2CDD25FCC3CC499A0D311449F861223A447 ] PalmUSBD C:\WINDOWS\system32\drivers\PalmUSBD.sys
16:03:28.0327 0x0b60 PalmUSBD - ok
16:03:28.0374 0x0b60 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:03:28.0374 0x0b60 Parport - ok
16:03:28.0405 0x0b60 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:03:28.0405 0x0b60 PartMgr - ok
16:03:28.0421 0x0b60 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:03:28.0421 0x0b60 ParVdm - ok
16:03:28.0436 0x0b60 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:03:28.0452 0x0b60 PCI - ok
16:03:28.0452 0x0b60 PCIDump - ok
16:03:28.0468 0x0b60 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:03:28.0468 0x0b60 PCIIde - ok
16:03:28.0499 0x0b60 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:03:28.0499 0x0b60 Pcmcia - ok
16:03:28.0515 0x0b60 PDCOMP - ok
16:03:28.0515 0x0b60 PDFRAME - ok
16:03:28.0515 0x0b60 PDRELI - ok
16:03:28.0530 0x0b60 PDRFRAME - ok
16:03:28.0546 0x0b60 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
16:03:28.0546 0x0b60 perc2 - ok
16:03:28.0561 0x0b60 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:03:28.0561 0x0b60 perc2hib - ok
16:03:28.0608 0x0b60 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
16:03:28.0608 0x0b60 PlugPlay - ok
16:03:28.0624 0x0b60 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:03:28.0624 0x0b60 PolicyAgent - ok
16:03:28.0640 0x0b60 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:03:28.0655 0x0b60 PptpMiniport - ok
16:03:28.0655 0x0b60 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:03:28.0655 0x0b60 ProtectedStorage - ok
16:03:28.0686 0x0b60 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:03:28.0686 0x0b60 PSched - ok
16:03:28.0702 0x0b60 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:03:28.0702 0x0b60 Ptilink - ok
16:03:28.0718 0x0b60 [ 86724469CD077901706854974CD13C3E, 23C6B45928E43AC2893033DFC4265C2C87B3D185CB20553B9EAB818A46FB8C18 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:03:28.0718 0x0b60 PxHelp20 - ok
16:03:28.0749 0x0b60 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:03:28.0749 0x0b60 ql1080 - ok
16:03:28.0765 0x0b60 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:03:28.0765 0x0b60 Ql10wnt - ok
16:03:28.0780 0x0b60 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:03:28.0796 0x0b60 ql12160 - ok
16:03:28.0811 0x0b60 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:03:28.0811 0x0b60 ql1240 - ok
16:03:28.0827 0x0b60 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:03:28.0827 0x0b60 ql1280 - ok
16:03:28.0843 0x0b60 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:03:28.0843 0x0b60 RasAcd - ok
16:03:28.0890 0x0b60 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:03:28.0890 0x0b60 RasAuto - ok
16:03:28.0921 0x0b60 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:03:28.0921 0x0b60 Rasl2tp - ok
16:03:28.0968 0x0b60 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:03:28.0983 0x0b60 RasMan - ok
16:03:28.0999 0x0b60 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:03:28.0999 0x0b60 RasPppoe - ok
16:03:29.0015 0x0b60 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:03:29.0015 0x0b60 Raspti - ok
16:03:29.0046 0x0b60 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:03:29.0046 0x0b60 Rdbss - ok
16:03:29.0077 0x0b60 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:03:29.0077 0x0b60 RDPCDD - ok
16:03:29.0108 0x0b60 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:03:29.0108 0x0b60 rdpdr - ok
16:03:29.0140 0x0b60 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:03:29.0155 0x0b60 RDPWD - ok
16:03:29.0202 0x0b60 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:03:29.0218 0x0b60 RDSessMgr - ok
16:03:29.0265 0x0b60 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:03:29.0280 0x0b60 redbook - ok
16:03:29.0311 0x0b60 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:03:29.0327 0x0b60 RemoteAccess - ok
16:03:29.0343 0x0b60 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:03:29.0343 0x0b60 RemoteRegistry - ok
16:03:29.0358 0x0b60 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
16:03:29.0358 0x0b60 RpcLocator - ok
16:03:29.0405 0x0b60 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
16:03:29.0421 0x0b60 RpcSs - ok
16:03:29.0452 0x0b60 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:03:29.0468 0x0b60 RSVP - ok
16:03:29.0499 0x0b60 SABKUTIL - ok
16:03:29.0515 0x0b60 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
16:03:29.0515 0x0b60 SamSs - ok
16:03:29.0530 0x0b60 [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:03:29.0546 0x0b60 SASDIFSV - ok
16:03:29.0561 0x0b60 [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:03:29.0561 0x0b60 SASKUTIL - ok
16:03:29.0593 0x0b60 [ 2F0D9848B2EB1FA97D089BB3521D5377, EC10E8AEA102F1278510DF12BDF21DD730C1A0184155CCE07168D5EB442FFF26 ] SbcpHid C:\WINDOWS\system32\Drivers\SbcpHid.sys
16:03:29.0593 0x0b60 SbcpHid - ok
16:03:29.0640 0x0b60 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:03:29.0640 0x0b60 SCardSvr - ok
16:03:29.0686 0x0b60 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:03:29.0702 0x0b60 Schedule - ok
16:03:29.0765 0x0b60 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:03:29.0765 0x0b60 Secdrv - ok
16:03:29.0780 0x0b60 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:03:29.0780 0x0b60 seclogon - ok
16:03:29.0796 0x0b60 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
16:03:29.0796 0x0b60 SENS - ok
16:03:29.0827 0x0b60 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:03:29.0827 0x0b60 serenum - ok
16:03:29.0858 0x0b60 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:03:29.0858 0x0b60 Serial - ok
16:03:29.0905 0x0b60 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:03:29.0905 0x0b60 Sfloppy - ok
16:03:29.0952 0x0b60 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:03:29.0952 0x0b60 SharedAccess - ok
16:03:29.0999 0x0b60 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:03:29.0999 0x0b60 ShellHWDetection - ok
16:03:29.0999 0x0b60 Simbad - ok
16:03:30.0061 0x0b60 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:03:30.0061 0x0b60 sisagp - ok
16:03:30.0124 0x0b60 [ A37740568718F245E818D0C5575B9AA9, 36E94C60CA4E082DD73018CCE73E12E081C8F1A8367152F5CD97652138A47534 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:03:30.0140 0x0b60 SkypeUpdate - ok
16:03:30.0155 0x0b60 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:03:30.0155 0x0b60 SLIP - ok
16:03:30.0483 0x0b60 [ F8E7411B26530E34D1DDC82F8A6B741A, 2C9FC0B8607AB0E73EB78A4CC218C448BFFB2B8B23E4AC4EB4A8E82A2A33D469 ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
16:03:30.0796 0x0b60 SNP2UVC - ok
16:03:30.0858 0x0b60 [ 06527D4B5D04B6A856939169BEBF48BC, 6C2B8DEBA6113573081A16B4B2B2A0D907FC4C81EA57351835B481F206F9F763 ] snpstd C:\WINDOWS\system32\DRIVERS\snpstd.sys
16:03:30.0874 0x0b60 snpstd - ok
16:03:30.0905 0x0b60 [ DFADFC2C86662F40759BF02ADD27D569, 81BCBA6DE9CF540C66B4226BD5D46084295F41822BC1A7EB938277737F46CC76 ] sonypvs1 C:\WINDOWS\system32\DRIVERS\sonypvs1.sys
16:03:30.0905 0x0b60 sonypvs1 - ok
16:03:30.0921 0x0b60 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:03:30.0921 0x0b60 Sparrow - ok
16:03:30.0968 0x0b60 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:03:30.0983 0x0b60 splitter - ok
16:03:31.0015 0x0b60 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:03:31.0015 0x0b60 Spooler - ok
16:03:31.0046 0x0b60 [ 1B7447278005E38E464B34A7E841D628, CBEF504A8F499753E45FFC34DB25BB7AFCF3F5447A834289626BCFBB2AE4978F ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
16:03:31.0046 0x0b60 SPTISRV - ok
16:03:31.0061 0x0b60 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:03:31.0061 0x0b60 sr - ok
16:03:31.0108 0x0b60 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
16:03:31.0124 0x0b60 srservice - ok
16:03:31.0155 0x0b60 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:03:31.0171 0x0b60 Srv - ok
16:03:31.0202 0x0b60 [ D7968049BE0ADBB6A57CEE3960320911, 6FB6D7BE384324211DAEDCCD80BA983E32183D08DF6C5B5B5453773DCC0F4D5B ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
16:03:31.0202 0x0b60 sscdbhk5 - ok
16:03:31.0233 0x0b60 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:03:31.0233 0x0b60 SSDPSRV - ok
16:03:31.0249 0x0b60 [ C3FFD65ABFB6441E7606CF74F1155273, EFA481D5075A9C0490CEBA5F8223BE322EB3811465F41A1FB3386E30E8C81714 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
16:03:31.0249 0x0b60 ssrtln - ok
16:03:31.0280 0x0b60 [ F05B8D10BD6AD4CBB561E29D5BE2C674, 765F26FC5890A587B0B309A45867CA4F4BB2A2C4A36C33F033B532481E293B33 ] SSScsiSV C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
16:03:31.0280 0x0b60 SSScsiSV - ok
16:03:31.0358 0x0b60 [ 2A2DC39623ADEF8AB3703AB9FAC4B440, A7D66F8364363085EA8BC54AB41E0C1E509A7A88753D6E6707FACF0265DF2A75 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
16:03:31.0374 0x0b60 STHDA - ok
16:03:31.0436 0x0b60 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:03:31.0452 0x0b60 stisvc - ok
16:03:31.0499 0x0b60 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:03:31.0499 0x0b60 streamip - ok
16:03:31.0515 0x0b60 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:03:31.0515 0x0b60 swenum - ok
16:03:31.0530 0x0b60 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:03:31.0530 0x0b60 swmidi - ok
16:03:31.0530 0x0b60 SwPrv - ok
16:03:31.0561 0x0b60 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
16:03:31.0561 0x0b60 symc810 - ok
16:03:31.0577 0x0b60 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:03:31.0577 0x0b60 symc8xx - ok
16:03:31.0593 0x0b60 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:03:31.0593 0x0b60 sym_hi - ok
16:03:31.0608 0x0b60 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:03:31.0608 0x0b60 sym_u3 - ok
16:03:31.0608 0x0b60 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:03:31.0608 0x0b60 sysaudio - ok
16:03:31.0655 0x0b60 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:03:31.0671 0x0b60 SysmonLog - ok
16:03:32.0015 0x0b60 [ 34CDB0505B243CD616EBC4DE1E3FBFB6, 01839FED9F4963459B420C52B50AC527DA685FFB3273DB3655F07A3DC7F2A1D5 ] TabletServicePen C:\Program Files\Tablet\Pen\Pen_Tablet.exe
16:03:32.0280 0x0b60 TabletServicePen - ok
16:03:32.0343 0x0b60 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:03:32.0358 0x0b60 TapiSrv - ok
16:03:32.0405 0x0b60 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:03:32.0421 0x0b60 Tcpip - ok
16:03:32.0468 0x0b60 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:03:32.0468 0x0b60 TDPIPE - ok
16:03:32.0483 0x0b60 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:03:32.0483 0x0b60 TDTCP - ok
16:03:32.0499 0x0b60 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:03:32.0499 0x0b60 TermDD - ok
16:03:32.0530 0x0b60 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
16:03:32.0546 0x0b60 TermService - ok
16:03:32.0608 0x0b60 [ 30698355067D07DA5F9EB81132C9FDD6, 80457F8DBB089FFF23ED220924F5C872D896707F4B31E9C77DAB78421B9B2F6D ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
16:03:32.0608 0x0b60 tfsnboio - ok
16:03:32.0624 0x0b60 [ FB9D825BB4A2ABDF24600F7505050E2B, A7A11366525C4DEAD588822F4C57C7ED5D6F3578F2DB2124BF0441133B3169B9 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
16:03:32.0624 0x0b60 tfsncofs - ok
16:03:32.0640 0x0b60 [ CAFD8CCA11AA1E8B6D2EA1BA8F70EC33, AA5BDE527B67A14654D930252894FEDB8976EAE1F33C2BC0E7747D2B4EB93C4E ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
16:03:32.0640 0x0b60 tfsndrct - ok
16:03:32.0655 0x0b60 [ 8DB1E78FBF7C426D8EC3D8F1A33D6485, FF437EFD667EFE00729188B18C7E17E8C15D06A2C1F58A0F79E22DFADCECF969 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
16:03:32.0655 0x0b60 tfsndres - ok
16:03:32.0686 0x0b60 [ B92F67A71CC8176F331B8AA8D9F555AD, F59E8464E44E08C18C3C7D32408D7661923F30FDD35390082DC7F2C02DCC40A3 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
16:03:32.0686 0x0b60 tfsnifs - ok
16:03:32.0702 0x0b60 [ 85985FAA9A71E2358FCC2EDEFC2A3C5C, 9ADD1077C3B34E0EFA85EC4762822330D85F43EB4557C9ED015D8D1575E52885 ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
16:03:32.0702 0x0b60 tfsnopio - ok
16:03:32.0718 0x0b60 [ BBA22094F0F7C210567EFDAF11F64495, C55D3F3628C73FFA776C9B61BA735CB24DEE9F80F6E74A2F9BD70CFFB863BA57 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
16:03:32.0718 0x0b60 tfsnpool - ok
16:03:32.0749 0x0b60 [ 81340BEF80B9811E98CE64611E67E3FF, CD6679A4D1A7932CD64F1F6AACF09CEC2D8E7DD001F812CC49756D8F582D907A ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
16:03:32.0749 0x0b60 tfsnudf - ok
16:03:32.0765 0x0b60 [ C035FD116224CCC8325F384776B6A8BB, CB97AD56288F916DE2AF5B1EC9D04AF3A1C2A2FA0A738282DA3763036DD18F12 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
16:03:32.0765 0x0b60 tfsnudfa - ok
16:03:32.0796 0x0b60 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
16:03:32.0796 0x0b60 Themes - ok
16:03:32.0843 0x0b60 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:03:32.0843 0x0b60 TlntSvr - ok
16:03:32.0858 0x0b60 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
16:03:32.0858 0x0b60 TosIde - ok
16:03:32.0905 0x0b60 [ 5D3785200A6FCE6EB5269F86070CD8EA, 28DB423696F2BFC6519C30B5FFD2CB0493F486F677E7813110CF14A50245E8CB ] TouchServicePen C:\Program Files\Tablet\Pen\Pen_TouchService.exe
16:03:32.0921 0x0b60 TouchServicePen - ok
16:03:32.0968 0x0b60 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:03:32.0983 0x0b60 TrkWks - ok
16:03:32.0999 0x0b60 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:03:32.0999 0x0b60 Udfs - ok
16:03:33.0030 0x0b60 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
16:03:33.0030 0x0b60 ultra - ok
16:03:33.0077 0x0b60 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:03:33.0093 0x0b60 Update - ok
16:03:33.0140 0x0b60 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
16:03:33.0140 0x0b60 upnphost - ok
16:03:33.0155 0x0b60 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
16:03:33.0171 0x0b60 UPS - ok
16:03:33.0202 0x0b60 [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
16:03:33.0202 0x0b60 usbaudio - ok
16:03:33.0233 0x0b60 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:03:33.0233 0x0b60 usbccgp - ok
16:03:33.0249 0x0b60 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:03:33.0249 0x0b60 usbehci - ok
16:03:33.0296 0x0b60 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:03:33.0296 0x0b60 usbhub - ok
16:03:33.0343 0x0b60 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:03:33.0343 0x0b60 usbprint - ok
16:03:33.0390 0x0b60 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:03:33.0390 0x0b60 usbscan - ok
16:03:33.0390 0x0b60 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:03:33.0390 0x0b60 USBSTOR - ok
16:03:33.0421 0x0b60 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:03:33.0421 0x0b60 usbuhci - ok
16:03:33.0452 0x0b60 [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
16:03:33.0452 0x0b60 usbvideo - ok
16:03:33.0468 0x0b60 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:03:33.0468 0x0b60 VgaSave - ok
16:03:33.0515 0x0b60 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:03:33.0515 0x0b60 viaagp - ok
16:03:33.0530 0x0b60 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
16:03:33.0530 0x0b60 ViaIde - ok
16:03:33.0546 0x0b60 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:03:33.0546 0x0b60 VolSnap - ok
16:03:33.0593 0x0b60 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
16:03:33.0608 0x0b60 VSS - ok
16:03:33.0640 0x0b60 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time C:\WINDOWS\system32\w32time.dll
16:03:33.0640 0x0b60 w32time - ok
16:03:33.0671 0x0b60 [ 427A8BC96F16C40DF81C2D2F4EDD32DD, C65B089140D4A7218FC5B6EEDCCE498DF1F71BBE375762C9092FAC02CAE1CEC7 ] wacommousefilter C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys
16:03:33.0671 0x0b60 wacommousefilter - ok
16:03:33.0686 0x0b60 [ 846B58EA44BF8C92E4B59F4E2252C4C0, C5803CB7F2D584D4C9E648E05355063C47197949F1B4085F38000733BB18BEA9 ] wacomvhid C:\WINDOWS\system32\DRIVERS\wacomvhid.sys
16:03:33.0686 0x0b60 wacomvhid - ok
16:03:33.0718 0x0b60 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:03:33.0718 0x0b60 Wanarp - ok
16:03:33.0718 0x0b60 wanatw - ok
16:03:33.0780 0x0b60 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
16:03:33.0780 0x0b60 Wdf01000 - ok
16:03:33.0796 0x0b60 WDICA - ok
16:03:33.0827 0x0b60 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:03:33.0827 0x0b60 wdmaud - ok
16:03:33.0843 0x0b60 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
16:03:33.0843 0x0b60 WebClient - ok
16:03:33.0936 0x0b60 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:03:33.0952 0x0b60 winmgmt - ok
16:03:33.0999 0x0b60 [ FD600B032E741EB6AAB509FC630F7C42, 2AF671D0648A5C2D2C4A7D0FDE803F07CC079CF1FA4E237DB912A8C77D9EC1F6 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
16:03:33.0999 0x0b60 WinUSB - ok
16:03:34.0061 0x0b60 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:03:34.0061 0x0b60 WmdmPmSN - ok
16:03:34.0124 0x0b60 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:03:34.0155 0x0b60 Wmi - ok
16:03:34.0202 0x0b60 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:03:34.0202 0x0b60 WmiApSrv - ok
16:03:34.0327 0x0b60 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:03:34.0405 0x0b60 WMPNetworkSvc - ok
16:03:34.0436 0x0b60 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
16:03:34.0436 0x0b60 WpdUsb - ok
16:03:34.0843 0x0b60 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:03:34.0874 0x0b60 WPFFontCache_v0400 - ok
16:03:34.0905 0x0b60 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:03:34.0905 0x0b60 WS2IFSL - ok
16:03:34.0952 0x0b60 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:03:34.0952 0x0b60 wscsvc - ok
16:03:35.0015 0x0b60 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:03:35.0015 0x0b60 WSTCODEC - ok
16:03:35.0030 0x0b60 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:03:35.0030 0x0b60 wuauserv - ok
16:03:35.0093 0x0b60 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:03:35.0093 0x0b60 WudfPf - ok
16:03:35.0124 0x0b60 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:03:35.0124 0x0b60 WudfRd - ok
16:03:35.0155 0x0b60 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:03:35.0155 0x0b60 WudfSvc - ok
16:03:35.0233 0x0b60 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:03:35.0265 0x0b60 WZCSVC - ok
16:03:35.0296 0x0b60 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:03:35.0311 0x0b60 xmlprov - ok
16:03:35.0311 0x0b60 ================ Scan global ===============================
16:03:35.0358 0x0b60 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
16:03:35.0421 0x0b60 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
16:03:35.0452 0x0b60 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
16:03:35.0499 0x0b60 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
16:03:35.0499 0x0b60 [ Global ] - ok
16:03:35.0499 0x0b60 ================ Scan MBR ==================================
16:03:35.0530 0x0b60 [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0
16:03:35.0702 0x0b60 \Device\Harddisk0\DR0 - ok
16:03:35.0718 0x0b60 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR4
16:03:35.0733 0x0b60 \Device\Harddisk1\DR4 - ok
16:03:35.0733 0x0b60 ================ Scan VBR ==================================
16:03:35.0733 0x0b60 [ 0EB46B6DC460B6F2AA7C3C6BD084BD7F ] \Device\Harddisk0\DR0\Partition1
16:03:35.0733 0x0b60 \Device\Harddisk0\DR0\Partition1 - ok
16:03:35.0733 0x0b60 [ 3E19884C7F8370CF8BD7A7B07C6C97D8 ] \Device\Harddisk1\DR4\Partition1
16:03:35.0749 0x0b60 \Device\Harddisk1\DR4\Partition1 - ok
16:03:35.0749 0x0b60 Waiting for KSN requests completion. In queue: 274
16:03:36.0749 0x0b60 Waiting for KSN requests completion. In queue: 274
16:03:37.0749 0x0b60 Waiting for KSN requests completion. In queue: 274
16:03:38.0749 0x0b60 Have new async UDS detects: 1
16:03:38.0749 0x0b60 SbcpHid - detected UDS:DangerousObject.Multi.Generic ( 0 )
16:03:38.0858 0x0b60 SbcpHid ( UDS:DangerousObject.Multi.Generic ) - infected
16:03:38.0858 0x0b60 Force sending object to P2P due to detect: C:\WINDOWS\system32\Drivers\SbcpHid.sys
16:03:58.0858 0x0b60 Object send P2P result: false
16:04:01.0499 0x0b60 Win FW state via NFM: enabled
16:04:04.0124 0x0b60 ============================================================
16:04:04.0124 0x0b60 Scan finished
16:04:04.0124 0x0b60 ============================================================
16:04:04.0140 0x03dc Detected object count: 1
16:04:04.0140 0x03dc Actual detected object count: 1
16:05:13.0686 0x03dc SbcpHid ( UDS:DangerousObject.Multi.Generic ) - skipped by user
16:05:13.0686 0x03dc SbcpHid ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip -
This is the FRST Addition log
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-12-2013
Ran by Nzinga at 2013-12-15 15:45:30
Running from C:\Documents and Settings\Nzinga\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
==================== Installed Programs ======================
7-Zip 4.65
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (Version: 7.1.0)
Adobe Acrobat 7.1.0 Professional - English, Français, Deutsch (Version: 7.1.0)
Adobe AIR (Version: 2.6.0.19140)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Illustrator CS2 (Version: 12.000.000)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader XI (Version: 11.0.00)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Adobe SVG Viewer 3.0 (Version: 3.0)
AOLIcon (Version: 1.00.0000)
Apple Software Update (Version: 1.1.0.3)
Audacity 1.2.6
Avery Wizard 4.0 (Version: 4.0.4)
Bamboo (Version: 5.2.5-3)
Bamboo Dock (Version: 4.0)
Bamboo Dock (Version: 4.0.0)
BitPim 0.9.14 (Version: 0.9.14)
CCleaner (Version: 3.06)
CompanionLink (Version: 4.00.4020)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell Picture Studio v3.0 (Version: 3.0.0)
Dell Support 3.1 (Version: 5.1.760)
Dell System Restore (Version: 2.00.0000)
Digital Content Portal (Version: 1.00.0000)
Documents To Go (Version: 8.002.173)
Dropbox (HKCU Version: 2.0.22)
EducateU (Version: 1.00.0000)
EndNote 8.0.1 (Version: 8.0.0.754)
Epson Connect
Epson Customer Participation (Version: 1.0.0.0)
Epson Download Navigator (Version: 1.0.1)
Epson Event Manager (Version: 2.50.0001)
Epson FAX Utility (Version: 1.20.00)
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 645 Series Printer Uninstall
ESET Online Scanner v3
FaxTalk Communicator 4.5
FileMaker Pro 5.0
FreeRIP v3.2 (Version: 3.2)
GemMaster Mystic
Get High Speed Internet! (Version: 1.00.0000)
Google Chrome (Version: 31.0.1650.63)
Google Update Helper (Version: 1.3.22.3)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HP DeskJet 895C Series (Remove only)
Image Transfer
ImageMixer for Sony
ImageMixer VCD2 for FinePix
Intel® 537EP V9x DF PCI Modem
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4299)
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections (Version: 9.20.0000)
Internet Explorer Default Page (Version: 1.00.03)
iPod for Windows 2005-10-12 (Version: 4.3.0)
ISI ResearchSoft - Export Helper
iTunes (Version: 7.0.0.70)
K-Lite Codec Pack 2.70 Basic (Version: 2.70)
Learn2 Player (Uninstall Only)
LTCM Client
Macromedia Flash Player (Version: 7.0.19.0)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MD Simple Burner 2.0.04
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft IntelliType Pro 5.3 (Version: 5.30.606.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Plus! Digital Media Edition (Version: 1.1.0.2423)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft WinUsb 1.0
MicroStaff WINASPI
Modem Event Monitor
Modem Helper (Version: 2.40)
Modem On Hold (Version: 1.12)
MotoHelper MergeModules (Version: 1.2.0)
Mozilla (1.7.8)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
Mozilla Thunderbird (1.5) (Version: 1.5 (en-US))
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyVideoDaily 2 (Version: 0.003)
MyWay Search Assistant (Version: 1.0.1)
OpenMG Limited Patch 4.4-06-13-19-01
OpenMG Secure Module 4.4.00 (Version: 4.4.00.11241)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
Otto
Palm HotSync® Mail 4.0
Picasa 3 (Version: 3.9)
QuickTime (Version: 7.1.3.100)
RAW FILE CONVERTER LE
ScanToWeb
SeaMonkey (1.1.17)
SecureZIP for Windows 11.20.0008 (Version: 11.20.0008)
SigmaTel Audio (Version: 5.10.4600.0)
Skype Click to Call (Version: 5.8.8855)
Skype™ 5.10 (Version: 5.10.116)
Sonic DLA (Version: 4.95)
Sonic Encoders (Version: 1.00)
Sonic MyDVD LE (Version: 6.1.1)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0)
Sonic RecordNow Data (Version: 2.0.0)
Sonic Update Manager (Version: 3.0.0)
SonicStage 3.4 (Version: 3.4)
Sony USB Driver
Sound Forge 4.5c Build-281
SUPERAntiSpyware (Version: 4.40.1002)
Treodesktop 2.13
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
USB PC Camera (SN9C102) (Version: 4.10.0.0)
USB Video Device (Version: 5.8.29000.202)
VLC media player 2.0.8 (Version: 2.0.8)
WebFldrs XP (Version: 9.50.7523)
WebTablet FB Plugin (Version: 2.0.0.1)
WebTablet IE Plugin (Version: 1.1.0.12)
WebTablet Netscape Plugin (Version: 1.1.0.10)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.5.0540.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
WinZip (Version: 9.0 SR-1 (6224))
WordPerfect Office 12 (Version: 12.01)
Yahoo! Messenger
YTD Toolbar v6.2 (Version: 6.2)
YTD Video Downloader 4.7.1 (Version: 4.7.1)
==================== Restore Points =========================
25-10-2013 13:52:18 System Checkpoint
27-10-2013 17:22:48 System Checkpoint
29-10-2013 00:20:39 System Checkpoint
01-11-2013 02:28:25 Installed Microsoft Office Enterprise 2007
04-11-2013 04:30:17 System Checkpoint
06-11-2013 04:12:09 System Checkpoint
06-11-2013 08:01:06 Software Distribution Service 3.0
07-11-2013 08:01:37 Software Distribution Service 3.0
08-11-2013 08:00:47 Software Distribution Service 3.0
09-11-2013 08:00:48 Software Distribution Service 3.0
10-11-2013 08:00:44 Software Distribution Service 3.0
11-11-2013 08:00:46 Software Distribution Service 3.0
12-11-2013 08:00:48 Software Distribution Service 3.0
13-11-2013 08:00:47 Software Distribution Service 3.0
14-11-2013 08:01:33 Software Distribution Service 3.0
15-11-2013 08:00:45 Software Distribution Service 3.0
16-11-2013 08:00:38 Software Distribution Service 3.0
17-11-2013 14:40:33 Software Distribution Service 3.0
18-11-2013 08:00:43 Software Distribution Service 3.0
19-11-2013 08:00:46 Software Distribution Service 3.0
20-11-2013 13:48:55 Software Distribution Service 3.0
21-11-2013 08:00:44 Software Distribution Service 3.0
22-11-2013 08:00:41 Software Distribution Service 3.0
23-11-2013 08:00:19 Software Distribution Service 3.0
24-11-2013 08:00:19 Software Distribution Service 3.0
25-11-2013 08:00:49 Software Distribution Service 3.0
26-11-2013 08:00:48 Software Distribution Service 3.0
27-11-2013 08:00:47 Software Distribution Service 3.0
28-11-2013 08:00:19 Software Distribution Service 3.0
29-11-2013 08:00:19 Software Distribution Service 3.0
30-11-2013 08:00:19 Software Distribution Service 3.0
01-12-2013 08:00:19 Software Distribution Service 3.0
02-12-2013 08:00:19 Software Distribution Service 3.0
03-12-2013 08:00:17 Software Distribution Service 3.0
04-12-2013 08:00:18 Software Distribution Service 3.0
05-12-2013 08:00:43 Software Distribution Service 3.0
06-12-2013 08:00:39 Software Distribution Service 3.0
07-12-2013 08:00:38 Software Distribution Service 3.0
08-12-2013 08:00:35 Software Distribution Service 3.0
09-12-2013 08:00:45 Software Distribution Service 3.0
10-12-2013 08:00:47 Software Distribution Service 3.0
11-12-2013 08:01:43 Software Distribution Service 3.0
12-12-2013 08:00:49 Software Distribution Service 3.0
12-12-2013 10:57:49 Software Distribution Service 3.0
12-12-2013 11:02:45 Software Distribution Service 3.0
13-12-2013 05:20:11 Software Distribution Service 3.0
14-12-2013 08:00:47 Software Distribution Service 3.0
15-12-2013 08:00:42 Software Distribution Service 3.0
==================== Hosts content: ==========================
2004-08-19 15:49 - 2012-10-06 09:52 - 00000027 ___AC C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Nzinga.job => C:\Documents and Settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe
Task: C:\WINDOWS\Tasks\ReclaimerUpdateXML_Nzinga.job => C:\Documents and Settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe
Task: C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_Nzinga.job => C:\Documents and Settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task a5d2a694-12bb-4850-87cb-f080803d1d2b.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c260bc1d-0917-496a-a6b6-069a411912a8.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Loaded Modules (whitelisted) =============
2012-09-15 18:04 - 2011-07-05 17:01 - 00962936 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
1998-09-04 02:34 - 1998-09-04 02:34 - 00048292 _____ () C:\WINDOWS\system32\HPFlpm15.dll
1998-09-04 02:33 - 1998-09-04 02:33 - 00072368 _____ () C:\WINDOWS\system32\HPFCOM15.DLL
1998-09-04 02:34 - 1998-09-04 02:34 - 00033384 _____ () C:\WINDOWS\system32\HPFIOP15.DLL
1998-09-04 02:34 - 1998-09-04 02:34 - 00138428 _____ () C:\WINDOWS\system32\HPFMLC15.dll
1998-09-04 02:34 - 1998-09-04 02:34 - 00057240 _____ () C:\WINDOWS\system32\HPFMEM15.dll
2006-06-20 10:40 - 2002-07-04 08:38 - 00053248 _____ () C:\Program Files\ArcSoft\Software Suite\PhotoImpression 5\share\pihook.dll
2013-06-13 09:09 - 2006-01-12 20:20 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.DEU
2013-06-13 09:09 - 2006-01-12 20:13 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.FRA
2013-03-13 15:48 - 2013-03-13 15:48 - 24978944 _____ () C:\Documents and Settings\Nzinga\Application Data\Dropbox\bin\libcef.dll
2004-08-19 15:49 - 2011-02-04 16:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2004-08-19 15:49 - 2013-01-02 01:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2004-08-19 15:49 - 2008-04-13 19:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2004-08-19 15:49 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2008-10-22 14:05 - 2009-05-26 20:06 - 00913408 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll
2013-11-15 21:09 - 2013-11-15 21:09 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-12-11 10:42 - 2013-12-11 10:42 - 16242056 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Program Files\PlusDME_Full.exe:SummaryInformation
AlternateDataStreams: C:\Program Files\PlusDME_Full.exe:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/15/2013 03:01:50 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.
Error: (12/15/2013 03:01:48 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
Error: (12/14/2013 03:01:53 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.
Error: (12/14/2013 03:01:51 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
Error: (12/13/2013 00:21:01 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.
Error: (12/13/2013 00:20:59 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
Error: (12/12/2013 06:03:14 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.
Error: (12/12/2013 06:03:12 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
Error: (12/12/2013 05:58:55 AM) (Source: MsiInstaller) (User: NZINGA1)
Description: Product: Microsoft .NET Framework 1.1 - Update '{C0F0DCDC-99EA-4405-BDAE-CACABD3D2DF0}' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Nzinga\LOCALS~1\Temp\NDP1.1sp1-KB2833941-X86\NDP1.1sp1-KB2833941-X86-msi.0.log.
Error: (12/12/2013 05:58:52 AM) (Source: MsiInstaller) (User: NZINGA1)
Description: Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
System errors:
=============
Error: (12/15/2013 03:04:28 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).
Error: (12/14/2013 03:03:43 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).
Error: (12/13/2013 09:46:11 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.
Error: (12/13/2013 09:44:20 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3
Error: (12/13/2013 00:21:01 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).
Error: (12/12/2013 11:55:42 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3
Error: (12/12/2013 10:27:25 AM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Kernel Information Provider service failed to start due to the following error:
%%3
Error: (12/12/2013 06:03:14 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).
Error: (12/12/2013 06:00:17 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).
Error: (12/12/2013 03:03:33 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2833941).
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 55%
Total physical RAM: 3318.07 MB
Available physical RAM: 1461.24 MB
Total Pagefile: 3912.22 MB
Available Pagefile: 2343.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1951.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:69.82 GB) (Free:22.79 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (MS_OFFICE_2007) (CDROM) (Total:0.55 GB) (Free:0 GB) CDFS
Drive f: (Elements) (Fixed) (Total:1863.01 GB) (Free:1402.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 75 GB) (Disk ID: EB275B50)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=70 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=5 GB) - (Type=DB)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0017BE67)
Partition 1: (Not Active) - (Size=-198627557376) - (Type=07 NTFS)
==================== End Of Log ============================ -
This is the FRST.TXT file
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-12-2013
Ran by Nzinga (administrator) on NZINGA1 on 15-12-2013 15:44:06
Running from C:\Documents and Settings\Nzinga\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
(Sonic Solutions) C:\WINDOWS\system32\dla\tfswctrl.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
() C:\Program Files\Sony\SonicStage\SSAAD.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\type32.exe
(SigmaTel, Inc.) C:\WINDOWS\stsystra.exe
() C:\WINDOWS\vsnpstd.exe
(Sonix) C:\WINDOWS\vsnp2uvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Apple Computer, Inc.) C:\Program Files\QuickTime\qttask.exe
(Apple Computer, Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(SEIKO EPSON CORPORATION) C:\WINDOWS\system32\spool\drivers\w32x86\3\E_TATIHVA.EXE
(PKWARE, Inc.) C:\Program Files\PKWARE\PKZIPM\11.20.0008\PKTray.exe
(Dropbox, Inc.) C:\Documents and Settings\Nzinga\Application Data\Dropbox\bin\Dropbox.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Apple Computer, Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\EXCEL.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [ehTray] - C:\WINDOWS\ehome\ehtray.exe [64512 2005-08-05] (Microsoft Corporation)
HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [intelMeM] - C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe [221184 2003-09-03] (Intel Corporation)
HKLM\...\Run: [dla] - C:\WINDOWS\system32\dla\tfswctrl.exe [127035 2004-12-06] (Sonic Solutions)
HKLM\...\Run: [iSUSPM Startup] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [iSUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-07-27] (InstallShield Software Corporation)
HKLM\...\Run: [ssAAD.exe] - C:\Program Files\Sony\SonicStage\SSAAD.exe [81920 2006-01-07] ()
HKLM\...\Run: [type32] - C:\Program Files\Microsoft IntelliType Pro\type32.exe [196608 2005-03-15] (Microsoft Corporation)
HKLM\...\Run: [sigmatelSysTrayApp] - C:\WINDOWS\stsystra.exe [339968 2005-03-22] (SigmaTel, Inc.)
HKLM\...\Run: [snpstd] - C:\WINDOWS\vsnpstd.exe [286720 2004-06-10] ()
HKLM\...\Run: [snp2uvc] - C:\WINDOWS\vsnp2uvc.exe [569344 2007-07-11] (Sonix)
HKLM\...\Run: [EEventManager] - C:\Program Files\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXRCV] - C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-08] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] - C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-08] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [LTCM Client] - C:\Program Files\LTCM Client\ltcmClient.exe [1596096 2009-08-05] (Leader Technologies Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 7.0] - C:\Program Files\Adobe\Acrobat 7.0\Distillr\acrotray.exe [483328 2008-04-23] (Adobe Systems Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [282624 2006-09-01] (Apple Computer, Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [229952 2006-09-12] (Apple Computer, Inc.)
Winlogon\Notify\LMIinit: C:\Windows\system32\LMIinit.dll (LogMeIn, Inc.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Run: [DellSupport] - C:\Program Files\Dell Support\DSAgnt.exe [332800 2005-05-15] (Gteko Ltd.)
HKCU\...\Run: [Messenger (Yahoo!)] - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [4351216 2009-05-26] (Yahoo! Inc.)
HKCU\...\Run: [sUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [5717272 2013-11-12] (SUPERAntiSpyware)
HKCU\...\Run: [EPLTarget\P0000000000000000] - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_TATIHVA.EXE [220800 2013-01-23] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [DW7] - "C:\Program Files\The Weather Channel\The Weather Channel App\TWCApp.exe"
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\Administrator\...\Run: [DellSupport] - C:\Program Files\Dell Support\DSAgnt.exe [ 2005-05-15] (Gteko Ltd.)
HKU\Default User\...\Run: [DellSupport] - C:\Program Files\Dell Support\DSAgnt.exe [ 2005-05-15] (Gteko Ltd.)
HKU\LogMeInRemoteUser\...\Run: [DellSupport] - C:\Program Files\Dell Support\DSAgnt.exe [ 2005-05-15] (Gteko Ltd.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SecureZIP Attachments Status.lnk
ShortcutTarget: SecureZIP Attachments Status.lnk -> C:\Program Files\PKWARE\PKZIPM\11.20.0008\PKTray.exe (PKWARE, Inc.)
Startup: C:\Documents and Settings\Nzinga\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Documents and Settings\Nzinga\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Documents and Settings\Nzinga\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
ProxyServer: 0.0.0.0:80
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {c591090f-599d-4169-a768-1ee6160e7dca} URL = http://search.freecause.com/search?ourmark=4&fr=freecause&ei=utf-8&type=63263&p={searchTerms}
SearchScopes: HKCU - {5FAC4B23-7BFE-4D62-BF50-324909DA3C79} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: No Name - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKCU - No Name - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-09-04] (SuperAdBlocker.com)
Tcpip\Parameters: [DhcpNameServer] 192.168.11.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Nzinga\Application Data\Mozilla\Firefox\Profiles\msnjx4x8.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.1 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Bitdefender QuickScan - C:\Documents and Settings\Nzinga\Application Data\Mozilla\Firefox\Profiles\msnjx4x8.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF Extension: Evernote Web Clipper - C:\Documents and Settings\Nzinga\Application Data\Mozilla\Firefox\Profiles\msnjx4x8.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
Chrome:
=======
CHR DefaultSearchKeyword: google.com
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.57\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (PalmSource Package Installer) - C:\Palm\PACKAG~1\NPInstal.dll No File
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (WacomTabletPlugin) - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CHR Plugin: ( Wacom Dynamic Link Library) - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Presentation Foundation) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Documents and Settings\Nzinga\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Documents and Settings\Nzinga\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Documents and Settings\Nzinga\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Documents and Settings\Nzinga\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Documents and Settings\Nzinga\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR Extension: (Gmail) - C:\Documents and Settings\Nzinga\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
========================== Services (Whitelisted) =================
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-09-13] (SUPERAntiSpyware.com)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [521600 2011-06-09] (SEIKO EPSON CORPORATION)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184 2012-12-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [682344 2012-12-14] (Malwarebytes Corporation)
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 NetMDSB; C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe [782336 2004-06-08] (Sony Corporation)
S3 NetSvc; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [147456 2004-11-19] (Intel® Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69718 2005-11-24] (Sony Corporation)
S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe [69632 2006-01-06] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
S4 abp480n5; C:\Windows\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 drvnddm; C:\Windows\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions)
S3 hitmanpro36; C:\WINDOWS\system32\drivers\hitmanpro36.sys [27424 2012-07-23] ()
S2 HPFECP15; C:\Windows\System32\drivers\HPFECP15.SYS [52800 1998-09-04] ()
R3 IntelC51; C:\Windows\System32\DRIVERS\IntelC51.sys [1233525 2004-03-06] (Intel Corporation)
R3 IntelC52; C:\Windows\System32\DRIVERS\IntelC52.sys [647929 2004-03-06] (Intel Corporation)
R3 IntelC53; C:\Windows\System32\DRIVERS\IntelC53.sys [61157 2004-06-16] (Intel Corporation)
R2 MASPINT; C:\Windows\System32\Drivers\MASPINT.sys [8096 2000-03-29] (MicroStaff Co.,Ltd.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [21104 2012-12-14] (Malwarebytes Corporation)
R3 mohfilt; C:\Windows\System32\DRIVERS\mohfilt.sys [37048 2004-03-06] (Intel Corporation)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 PalmUSBD; C:\Windows\System32\drivers\PalmUSBD.sys [16640 2007-12-04] (PalmSource, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-09-04] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-09-04] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SbcpHid; C:\WINDOWS\system32\Drivers\SbcpHid.sys [22400 2001-08-23] ()
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [9611520 2007-08-22] ()
S3 snpstd; C:\Windows\System32\DRIVERS\snpstd.sys [345728 2004-10-15] ()
S3 sonypvs1; C:\Windows\System32\DRIVERS\sonypvs1.sys [102220 2002-10-15] (Sony Corporation)
R1 sscdbhk5; C:\Windows\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions)
R1 ssrtln; C:\Windows\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions)
R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R2 tfsnboio; C:\Windows\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions)
R2 tfsncofs; C:\Windows\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions)
R2 tfsndrct; C:\Windows\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions)
R2 tfsndres; C:\Windows\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions)
R2 tfsnifs; C:\Windows\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions)
R2 tfsnopio; C:\Windows\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions)
R2 tfsnpool; C:\Windows\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions)
R2 tfsnudf; C:\Windows\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions)
R2 tfsnudfa; C:\Windows\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x]
S3 bvrp_pci; No ImagePath
S3 catchme; \??\C:\DOCUME~1\Nzinga\LOCALS~1\Temp\catchme.sys [x]
S2 LMIInfo; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys [x]
S4 LMIRfsClientNP; No ImagePath
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 motmodem; system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x]
S1 SABKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SABKUTIL.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 wanatw; system32\DRIVERS\wanatw4.sys [x]
==================== NetSvcs (Whitelisted) ===================
NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)
==================== One Month Created Files and Folders ========
2013-12-15 15:44 - 2013-12-15 15:44 - 00022197 _____ C:\Documents and Settings\Nzinga\Desktop\FRST.txt
2013-12-15 15:43 - 2013-12-15 15:43 - 01060903 _____ (Farbar) C:\Documents and Settings\Nzinga\Desktop\FRST.exe
2013-12-15 15:43 - 2013-12-15 15:43 - 00000000 ____D C:\FRST
2013-12-11 03:18 - 2013-12-11 03:18 - 00016987 _____ C:\WINDOWS\KB2904266.log
2013-12-11 03:18 - 2013-12-11 03:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-11 03:18 - 2013-12-11 03:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-11 03:07 - 2013-12-11 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-11 03:07 - 2013-12-11 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-11 03:07 - 2013-12-11 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-10 16:45 - 2013-12-11 03:18 - 00027337 _____ C:\WINDOWS\KB2898715.log
2013-12-10 16:44 - 2013-12-11 03:08 - 00026148 _____ C:\WINDOWS\KB2893294.log
2013-12-10 16:44 - 2013-12-11 03:07 - 00026561 _____ C:\WINDOWS\KB2893984.log
2013-12-10 16:44 - 2013-12-11 03:07 - 00025268 _____ C:\WINDOWS\KB2892075.log
2013-12-10 16:43 - 2013-12-11 03:05 - 00116436 _____ C:\WINDOWS\KB2898785-IE7.log
2013-12-05 06:05 - 2013-12-05 06:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\YTD Video Downloader
2013-11-15 21:09 - 2013-11-17 09:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-15 08:07 - 2013-11-18 13:11 - 00013646 _____ C:\Documents and Settings\Nzinga\Desktop\Room and Furniture Dimensions.xlsx
==================== One Month Modified Files and Folders =======
2013-12-15 15:44 - 2013-12-15 15:44 - 00022197 _____ C:\Documents and Settings\Nzinga\Desktop\FRST.txt
2013-12-15 15:43 - 2013-12-15 15:43 - 01060903 _____ (Farbar) C:\Documents and Settings\Nzinga\Desktop\FRST.exe
2013-12-15 15:43 - 2013-12-15 15:43 - 00000000 ____D C:\FRST
2013-12-15 15:42 - 2013-01-08 19:39 - 00000830 ____C C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-15 15:23 - 2013-02-13 10:32 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-15 15:10 - 2012-10-09 06:11 - 00000512 ____C C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c260bc1d-0917-496a-a6b6-069a411912a8.job
2013-12-15 09:57 - 2010-09-11 03:36 - 00000000 ____D C:\Documents and Settings\Nzinga\Application Data\Dropbox
2013-12-15 03:04 - 2004-08-19 16:05 - 01290735 ____C C:\WINDOWS\WindowsUpdate.log
2013-12-15 02:13 - 2010-09-11 03:38 - 00000000 ___RD C:\Documents and Settings\Nzinga\My Documents\My Dropbox
2013-12-15 01:59 - 2012-10-09 06:10 - 00000512 ____C C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task a5d2a694-12bb-4850-87cb-f080803d1d2b.job
2013-12-15 00:23 - 2013-02-13 10:32 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-14 22:26 - 2012-09-24 21:24 - 00000406 ____C C:\WINDOWS\Tasks\ReclaimerUpdateXML_Nzinga.job
2013-12-14 20:26 - 2012-09-24 21:24 - 00000410 ____C C:\WINDOWS\Tasks\ReclaimerUpdateFiles_Nzinga.job
2013-12-14 18:45 - 2004-08-19 16:02 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2013-12-14 18:22 - 2012-01-20 17:49 - 00000000 ____D C:\Documents and Settings\Nzinga\Application Data\Skype
2013-12-14 15:11 - 2004-08-19 16:13 - 00032614 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-13 10:25 - 2004-08-19 16:00 - 00002103 ____C C:\WINDOWS\wiadebug.log
2013-12-13 09:46 - 2004-08-19 16:02 - 00000000 ____D C:\WINDOWS\Registration
2013-12-13 09:44 - 2012-09-24 21:24 - 00000416 ____C C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_Nzinga.job
2013-12-13 09:44 - 2004-08-19 16:13 - 00000006 ___HC C:\WINDOWS\Tasks\SA.DAT
2013-12-13 09:44 - 2004-08-19 16:00 - 00000050 ____C C:\WINDOWS\wiaservc.log
2013-12-13 09:44 - 2004-08-19 15:50 - 00002206 ____C C:\WINDOWS\system32\wpa.dbl
2013-12-13 00:19 - 2005-11-21 20:25 - 00000278 __SHC C:\Documents and Settings\Nzinga\ntuser.ini
2013-12-12 11:54 - 2005-11-26 03:02 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB898458$
2013-12-11 15:40 - 2007-04-09 14:24 - 00000284 ____C C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-12-11 10:42 - 2013-01-08 19:39 - 00692616 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2013-12-11 10:42 - 2013-01-08 19:39 - 00071048 ____C (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2013-12-11 03:38 - 2004-08-19 15:57 - 00719304 ____C C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-11 03:19 - 2013-10-31 21:30 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2013-12-11 03:18 - 2013-12-11 03:18 - 00016987 _____ C:\WINDOWS\KB2904266.log
2013-12-11 03:18 - 2013-12-11 03:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2904266$
2013-12-11 03:18 - 2013-12-11 03:18 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2898715$
2013-12-11 03:18 - 2013-12-10 16:45 - 00027337 _____ C:\WINDOWS\KB2898715.log
2013-12-11 03:18 - 2011-09-22 08:18 - 00117473 ____C C:\WINDOWS\netfxocm.log
2013-12-11 03:18 - 2011-09-22 08:18 - 00075274 ____C C:\WINDOWS\plusoc.log
2013-12-11 03:18 - 2011-09-22 08:18 - 00073800 ____C C:\WINDOWS\updspapi.log
2013-12-11 03:18 - 2011-09-22 08:18 - 00057861 ____C C:\WINDOWS\MedCtrOC.log
2013-12-11 03:18 - 2011-09-22 08:18 - 00037063 ____C C:\WINDOWS\ocmsn.log
2013-12-11 03:18 - 2011-09-22 08:18 - 00036679 ____C C:\WINDOWS\ehOCGen.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00718753 ____C C:\WINDOWS\iis6.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00666681 ____C C:\WINDOWS\FaxSetup.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00322108 ____C C:\WINDOWS\ocgen.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00306444 ____C C:\WINDOWS\tsoc.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00222718 ____C C:\WINDOWS\comsetup.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00203000 ____C C:\WINDOWS\msmqinst.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00135246 ____C C:\WINDOWS\ntdtcsetup.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00033588 ____C C:\WINDOWS\tabletoc.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00033542 ____C C:\WINDOWS\msgsocm.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00001393 _____ C:\WINDOWS\imsins.log
2013-12-11 03:18 - 2011-09-22 08:17 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-12-11 03:18 - 2007-02-17 03:02 - 01016422 ____C C:\WINDOWS\system32\TZLog.log
2013-12-11 03:15 - 2013-11-06 03:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-11 03:08 - 2013-12-10 16:44 - 00026148 _____ C:\WINDOWS\KB2893294.log
2013-12-11 03:08 - 2005-11-26 03:30 - 88123800 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-12-11 03:07 - 2013-12-11 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893984$
2013-12-11 03:07 - 2013-12-11 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2893294$
2013-12-11 03:07 - 2013-12-11 03:07 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2892075$
2013-12-11 03:07 - 2013-12-10 16:44 - 00026561 _____ C:\WINDOWS\KB2893984.log
2013-12-11 03:07 - 2013-12-10 16:44 - 00025268 _____ C:\WINDOWS\KB2892075.log
2013-12-11 03:05 - 2013-12-10 16:43 - 00116436 _____ C:\WINDOWS\KB2898785-IE7.log
2013-12-11 03:04 - 2007-02-17 03:01 - 00000000 ____D C:\WINDOWS\ie7updates
2013-12-05 06:07 - 2012-09-21 17:44 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\YTD Video Downloader
2013-12-05 06:05 - 2013-12-05 06:05 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\YTD Video Downloader
2013-12-05 06:05 - 2013-11-06 23:36 - 00000721 _____ C:\Documents and Settings\All Users\Desktop\YTD Video Downloader.lnk
2013-12-04 23:22 - 2013-02-13 10:35 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2013-11-26 00:54 - 2012-01-20 17:48 - 00002265 ____C C:\Documents and Settings\All Users\Desktop\Skype.lnk
2013-11-20 08:45 - 2012-10-10 06:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-18 13:11 - 2013-11-15 08:07 - 00013646 _____ C:\Documents and Settings\Nzinga\Desktop\Room and Furniture Dimensions.xlsx
2013-11-17 11:09 - 2005-11-21 21:47 - 00000000 ____D C:\Documents and Settings\Nzinga\Local Settings\Application Data\Adobe
2013-11-17 09:43 - 2013-11-15 21:09 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-16 12:39 - 2012-07-09 07:58 - 00000000 ____D C:\Documents and Settings\Nzinga\Application Data\vlc
2013-11-16 09:17 - 2005-11-21 20:25 - 00000000 ____D C:\Documents and Settings\Nzinga
Files to move or delete:
====================
C:\Documents and Settings\Nzinga\GCK.exe
C:\Documents and Settings\Nzinga\IMInstaller.exe
C:\Documents and Settings\Nzinga\NDKF.exe
C:\Documents and Settings\Nzinga\WFInstaller.exe
Some content of TEMP:
====================
C:\Documents and Settings\Nzinga\Local Settings\temp\ose00000.exe
C:\Documents and Settings\Nzinga\Local Settings\temp\The_Weather_Channel_Application.exe
C:\Documents and Settings\Nzinga\Local Settings\temp\USBDeview.exe
C:\Documents and Settings\Nzinga\Local Settings\temp\vlc-2.0.8-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================ -
doing scans now
-
Hi Marius, I ran Malwarebytes scanner and the notifications stopped...should I still go ahead with your instructions?
-
Hi, I am having an issue with Malwarebytes that I'm hoping someone can help me with: I am running WIndows XP Mediacenter Edition version 5.1 service pack 3. I have Malwarebytes version 1.70.0.1100. What is happening is that I have the Malwarebytes pop-up window in a perpetual loop stating "Malwarebyte Anti-Malware has blocked and quarantined a threat: c:\\WINDOWS\tsnp2uvc.exe Trojan.Backdoor" over and over again. It won't stop. I cleared the quarantine only to have it fill up with the exact same message hundreds of times. I am currently running the Malwarebytes scan to see if it will remove it but it hasn't worked as of yet. Any help anyone can provide will be appreciated. Thank you!
-
Hi, I went ahead and restarted the computer before running combofix since i thought rkill may have suspended the malware before running combofix therefor giving combofix nothing (running) to find. i disabled my mbam and superantispyware before running combofix. i also re-ran the dds tool as you instructed. the logs for all three the log are below.
COMBOFIX LOG 10.14.2012
((((((((((((((((((((((((( Files Created from 2012-09-14 to 2012-10-14 )))))))))))))))))))))))))))))))
.
.
2012-10-10 11:47 . 2012-10-10 11:47 -------- d-----w- c:\windows\system32\wbem\Repository
2012-10-10 11:47 . 2012-10-10 11:47 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\BVRP Software
2012-10-09 11:06 . 2012-10-09 11:07 -------- d-----w- c:\windows\system32\NtmsData
2012-10-09 09:53 . 2012-10-09 09:55 -------- d-----w- c:\documents and settings\Nzinga\Application Data\QuickScan
2012-10-09 09:44 . 2012-10-10 11:46 -------- d-----w- c:\program files\SpywareBlaster
2012-10-09 00:45 . 2012-10-10 11:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2012-10-09 00:45 . 2012-10-10 11:47 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-10-09 00:41 . 2012-10-09 00:41 -------- d-----w- c:\documents and settings\Nzinga\Application Data\Leader Technologies
2012-10-08 23:59 . 2012-10-10 11:47 -------- d-----w- c:\program files\LTCM Client
2012-10-08 23:51 . 2012-10-10 11:47 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint
2012-10-08 23:51 . 2012-10-09 04:08 -------- d-----w- c:\documents and settings\All Users\Application Data\ABBYY
2012-10-08 23:51 . 2012-10-08 23:51 -------- d-----w- c:\program files\Common Files\ABBYY
2012-10-08 23:39 . 2012-10-08 23:38 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-08 23:39 . 2012-10-08 23:38 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-08 23:39 . 2012-10-08 23:38 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-08 23:38 . 2012-10-08 23:38 -------- d-----w- c:\documents and settings\All Users\Application Data\McAfee
2012-10-08 23:34 . 2012-10-08 23:34 -------- d-----w- c:\documents and settings\LocalService\Application Data\Epson
2012-10-08 23:32 . 2012-10-08 23:32 -------- d-----w- c:\program files\Common Files\EPSON
2012-10-08 23:28 . 2012-10-08 23:28 -------- d-----w- c:\program files\Epson America Inc
2012-10-08 23:27 . 2012-10-08 23:29 -------- d-----w- c:\program files\Epson Software
2012-10-08 23:26 . 2010-09-28 14:01 93696 ----a-w- c:\windows\system32\E_TLBHVA.DLL
2012-10-08 23:26 . 2010-08-09 14:02 81408 ----a-w- c:\windows\system32\E_TD4BHVA.DLL
2012-10-08 23:25 . 2012-10-08 23:26 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2012-10-08 23:25 . 2009-10-16 04:00 132560 ----a-w- c:\windows\system32\esdevapp.exe
2012-10-08 23:25 . 2009-10-16 04:00 12800 ----a-w- c:\windows\system32\escdev.dll
2012-10-08 23:25 . 2009-09-17 04:00 342016 ----a-w- c:\windows\system32\eswiaud.dll
2012-09-21 22:44 . 2012-10-09 11:04 -------- d-----w- c:\documents and settings\All Users\Application Data\YTD Video Downloader
2012-09-19 12:27 . 2001-10-26 21:16 16384 ----a-w- c:\windows\system32\FileOps.exe
2012-09-15 23:08 . 2012-09-15 23:08 -------- d-----w- c:\documents and settings\Nzinga\Application Data\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2012-09-15 23:07 . 2012-09-15 23:07 -------- d-----w- c:\documents and settings\Nzinga\Application Data\Wacom
2012-09-15 23:07 . 2012-09-15 23:08 -------- d-----w- c:\documents and settings\All Users\Application Data\Wacom
2012-09-15 23:07 . 2012-09-15 23:07 -------- d-----w- c:\program files\Common Files\Adobe AIR
2012-09-15 23:07 . 2012-09-15 23:07 -------- d-----w- c:\program files\Bamboo Dock
2012-09-15 23:05 . 2012-09-15 23:05 -------- d-----w- c:\documents and settings\Nzinga\Application Data\WTablet
2012-09-15 23:05 . 2011-07-05 22:01 1107832 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll
2012-09-15 23:04 . 2011-05-16 21:15 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2012-09-15 23:04 . 2011-05-16 21:15 14120 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2012-09-15 23:04 . 2011-07-05 22:01 1156472 ----a-w- c:\windows\system32\Wintab32.dll
2012-09-15 23:04 . 2011-07-05 22:01 1152888 ----a-w- c:\windows\system32\WacomMT.dll
2012-09-15 23:04 . 2011-07-05 22:01 1369464 ----a-w- c:\windows\system32\Pen_Tablet.dll
2012-09-15 23:04 . 2012-09-15 23:05 -------- d-----w- c:\program files\Tablet
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-08 23:38 . 2010-11-25 06:05 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-07 21:04 . 2011-08-28 15:37 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-27 19:12 . 2004-08-19 20:49 832512 ----a-w- c:\windows\system32\wininet.dll
2012-08-27 19:12 . 2006-10-17 16:57 268288 ----a-w- c:\windows\system32\iertutil(2).dll
2012-08-27 19:12 . 2004-08-19 20:49 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-27 19:12 . 2004-08-19 20:49 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-08-27 19:12 . 2004-08-19 20:49 17408 ----a-w- c:\windows\system32\corpol.dll
2012-08-02 14:09 . 2012-08-02 14:09 1409 ----a-w- c:\windows\QTFont.for
2012-07-24 02:04 . 2012-07-24 02:04 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-04-11 15:28 . 2012-04-11 15:28 799441 ----a-w- c:\program files\RegpairSetup.exe
2012-02-19 16:37 . 2012-02-19 16:37 692480 ----a-w- c:\program files\RealPlayer.exe
2011-09-22 13:14 . 2011-09-22 13:14 5335216 ----a-w- c:\program files\minuswindows.exe
2011-09-04 13:41 . 2011-09-04 13:41 20278864 ----a-w- c:\program files\companionlink.exe
2011-05-31 17:28 . 2011-05-31 17:27 56712856 ----a-w- c:\program files\Avery Wizard 4.0.0.exe
2010-11-16 00:53 . 2010-11-15 22:34 13525424 ----a-w- c:\program files\Dropbox 0.7.110.exe
2010-11-05 16:28 . 2010-11-05 16:27 8567280 ----a-w- c:\program files\Firefox Setup 3.6.12.exe
2010-07-02 14:53 . 2010-07-02 14:53 9070816 ----a-w- c:\program files\SUPERAntiSpyware.exe
2010-01-19 11:48 . 2010-01-19 11:48 10600847 ----a-w- c:\program files\SeaMonkey Setup 2.0.2.exe
2010-01-04 15:52 . 2010-01-04 15:50 10601579 ----a-w- c:\program files\SeaMonkey Setup 2.0.1.exe
2009-09-22 11:12 . 2009-09-22 11:11 13266944 ----a-w- c:\program files\seamonkey-1.1.18.en-US.win32.installer.exe
2009-03-11 21:11 . 2009-03-11 21:10 1606063 ----a-w- c:\program files\treodekstop213setup.exe
2009-01-31 15:43 . 2009-01-31 15:43 7518240 ----a-w- c:\program files\Firefox Setup 3.0.5.exe
2009-01-17 17:41 . 2009-01-17 17:40 13029376 ----a-w- c:\program files\seamonkey-1.1.14.en-US.win32.installer.exe
2008-11-09 17:41 . 2008-11-09 17:40 11464704 ----a-w- c:\program files\sharecalendar_setup.exe
2008-10-01 00:27 . 2008-10-01 00:25 13025280 ----a-w- c:\program files\seamonkey-1.1.12.exe
2008-06-26 03:00 . 2008-06-26 03:00 4898144 ----a-w- c:\program files\LimeWireWin18.exe
2008-04-09 15:12 . 2008-04-09 15:11 13012992 ----a-w- c:\program files\seamonkey-1.1.9.en-US.win32.installer.exe
2008-03-24 23:50 . 2008-03-24 23:50 13000704 ----a-w- c:\program files\seamonkey-1.1.8.exe
2007-12-21 09:06 . 2007-12-21 09:06 13025280 ----a-w- c:\program files\seamonkey-1.1.7.en-US.win32.installer.exe
2007-12-17 12:35 . 2007-12-17 12:30 51622242 ----a-w- c:\program files\ACEMCP603PRO.exe
2007-12-17 11:55 . 2007-12-17 11:54 7045601 ----a-w- c:\program files\XP_Codec_Pack_2.3.4.exe
2007-12-17 10:48 . 2006-09-26 17:36 25755448 ----a-w- c:\program files\wmp11-windowsxp-x86-enu.exe
2007-11-01 16:07 . 2007-11-01 16:06 11160320 ----a-w- c:\program files\pk zip.exe
2007-08-26 15:32 . 2007-08-26 15:31 13012992 ----a-w- c:\program files\seamonkey-1.1.4.en-US.win32.installer.exe
2007-07-21 08:25 . 2007-07-21 08:25 3126056 ----a-w- c:\program files\LimeWireWin.exe
2007-06-16 14:25 . 2007-06-16 14:25 315318 ----a-w- c:\program files\soltvradio_setup.exe
2007-04-11 17:24 . 2007-04-11 17:21 10976768 ----a-w- c:\program files\Sprint_PCS_CM_v034.msi
2007-04-11 17:23 . 2007-04-11 17:21 10740224 ----a-w- c:\program files\SprintPCSConnectionMgr_V3.01.040.msi
2007-04-11 17:10 . 2007-04-11 17:09 10420865 ----a-w- c:\program files\bitpim-0.9.14-setup.exe
2007-04-09 18:30 . 2007-04-09 18:29 19994184 ----a-w- c:\program files\QuickTimeInstaller.exe
2007-04-04 12:01 . 2007-04-04 12:00 12992512 ----a-w- c:\program files\seamonkey-1.1.1.en-US.win32.installer.exe
2007-04-03 21:37 . 2007-04-03 21:37 10059790 ----a-w- c:\program files\bitpim-0.9.13-setup.exe
2007-02-24 00:34 . 2007-02-24 00:34 8643136 ----a-w- c:\program files\ymsgr7_437_us.exe
2007-01-18 15:00 . 2007-01-18 14:59 6342512 ----a-w- c:\program files\Thunderbird Setup 1.5.0.9.exe
2007-01-18 14:31 . 2007-01-18 14:31 5971432 ----a-w- c:\program files\Firefox Setup 2.0.0.1.exe
2006-10-10 17:41 . 2006-10-10 17:41 16504464 ----a-w- c:\program files\jre-1_5_0_08-windows-i586-p.exe
2006-10-10 17:37 . 2006-10-10 17:37 21290704 ----a-w- c:\program files\AdbeRdr708 mozilla plugin.exe
2006-10-10 14:18 . 2006-10-10 14:18 3054417 ----a-w- c:\program files\FSViewerSetup26.exe
2006-10-01 18:05 . 2006-10-01 18:05 6335024 ----a-w- c:\program files\Thunderbird Setup 1.5.0.7.exe
2006-09-30 16:32 . 2006-09-30 16:32 1805498 ----a-w- c:\program files\ultimate zip.exe
2006-09-30 16:25 . 2006-09-30 16:25 2146871 ----a-w- c:\program files\zipitfast.exe
2006-09-26 17:59 . 2006-09-26 17:58 47652464 ----a-w- c:\program files\PlusDME_Full.exe
2006-09-26 17:59 . 2006-09-26 17:57 47652464 ----a-w- c:\program files\Super Pack.exe
2006-07-27 14:20 . 2006-07-27 14:18 8701008 ----a-w- c:\program files\jewelquest_at.exe
2006-07-13 01:33 . 2006-07-13 01:28 12038352 ----a-w- c:\program files\mozilla-win32-1.7.13-installer.exe
2006-07-05 13:43 . 2006-07-05 13:41 4864452 ----a-w- c:\program files\palm401upgrade2.exe
2006-06-30 02:26 . 2006-06-30 02:22 24070456 ----a-w- c:\program files\windows media player11-windowsxp-x86-enu.exe
2006-06-07 13:54 . 2006-06-07 13:55 937001 ----a-w- c:\program files\soulseek156c.exe
2006-06-05 19:19 . 2006-06-05 19:19 705536 ----a-w- c:\program files\MoozikoPlayerSetup.msi
2006-04-22 15:20 . 2006-04-22 15:19 5432500 ----a-w- c:\program files\ImageMixerV151.exe
2006-03-13 15:32 . 2006-03-13 15:31 9739116 ----a-w- c:\program files\SimpleOcr.exe
2006-03-01 19:18 . 2006-03-01 19:16 12754672 ----a-w- c:\program files\MP10Setup.exe
2006-03-01 16:20 . 2006-03-01 16:20 1419556 ----a-w- c:\program files\klitecodec270b.exe
2006-02-24 21:10 . 2006-02-24 21:10 2002069 ----a-w- c:\program files\yahoo_texttwist_tm1-1.exe
2006-01-30 19:48 . 2006-03-16 16:23 27160459 ----a-w- c:\program files\Norton Antivirus download.EXE
2006-01-18 01:00 . 2006-01-18 00:54 12026576 ----a-w- c:\program files\mozilla-win32-1.7.8-installer.exe
2006-01-17 22:11 . 2006-01-18 22:49 948936 ----a-w- c:\program files\install_flash_player.exe
2005-12-18 17:58 . 2005-12-18 17:56 12899744 ----a-w- c:\program files\RealPlayer10-5GOLD_bb.exe
2005-12-17 03:01 . 2005-12-17 02:51 54725800 ----a-w- c:\program files\iPodSetup.exe
2005-12-16 15:26 . 2005-12-16 15:13 34412848 ----a-w- c:\program files\iTunesSetup.exe
2005-12-14 19:09 . 2005-12-14 19:09 1619132 ----a-w- c:\program files\freeripmp3.exe
2005-12-10 05:25 . 2005-12-10 05:25 2855080 ----a-w- c:\program files\adawaresepersonal.exe
2012-09-13 15:18 . 2012-09-13 15:18 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="c:\program files\Dell Support\DSAgnt.exe" [2005-05-15 332800]
"Messenger (Yahoo!)"="c:\program files\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-09-28 4780928]
"chk"="c:\docume~1\Nzinga\LOCALS~1\TempCkt\chk.exe" [2010-07-22 339968]
"EPLTarget\P0000000000000000"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_TATIHVA.EXE" [2011-04-24 219008]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-06 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
"IntelMeM"="c:\program files\Intel\Modem Event Monitor\IntelMEM.exe" [2003-09-04 221184]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
"type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2005-03-15 196608]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 339968]
"Acrobat Assistant 7.0"="c:\program files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"snpstd"="c:\windows\vsnpstd.exe" [2004-06-10 286720]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-02-16 282624]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2007-07-11 569344]
"tsnp2uvc"="c:\windows\tsnp2uvc.exe" [2007-07-11 237568]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2012-03-15 198160]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"FUFAXRCV"="c:\program files\Epson Software\FAX Utility\FUFAXRCV.exe" [2011-03-09 495616]
"FUFAXSTM"="c:\program files\Epson Software\FAX Utility\FUFAXSTM.exe" [2011-03-09 856064]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"LTCM Client"="c:\program files\LTCM Client\ltcmClient.exe" [2009-08-05 1596096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"SpybotDeletingA9489"="command.com" [2004-08-10 50620]
.
c:\documents and settings\Nzinga\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Nzinga\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
Epson all-in-one Registration.lnk - c:\documents and settings\Nzinga\Application Data\Leadertech\PowerRegister\Epson all-in-one Registration.exe [2012-10-8 2561024]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - c:\windows\Installer\{AC76BA86-1033-0000-BA7E-000000000002}\SC_Acrobat.exe [2007-1-23 25214]
Adobe Gamma Loader.LNK - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-11-21 110592]
SecureZIP Attachments Status.lnk - c:\program files\PKWARE\PKZIPM\11.20.0008\PKTray.exe [2007-11-1 197984]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-04 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 16:32 87352 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk
backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HotSync Manager.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HotSync Manager.lnk
backup=c:\windows\pss\HotSync Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Image Transfer.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Image Transfer.lnk
backup=c:\windows\pss\Image Transfer.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microtek Scanner Finder.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microtek Scanner Finder.lnk
backup=c:\windows\pss\Microtek Scanner Finder.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^PennConnect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\PennConnect.lnk
backup=c:\windows\pss\PennConnect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]
2011-09-27 03:45 646232 ----a-w- c:\program files\Bamboo Dock\BambooCore.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2005-10-06 22:03 278528 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyVideoDaily2]
2005-11-30 15:09 401408 ----a-w- c:\program files\MyVideoDaily2\MyVideoDaily2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2007-02-16 14:54 282624 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2011-10-13 16:45 19550344 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-03-15 03:56 198160 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\mozilla.org\\Mozilla\\mozilla.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Nzinga\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2/17/2010 2:25 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [5/10/2010 2:41 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [6/29/2010 1:48 PM 116608]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [5/14/2009 5:07 PM 759048]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\EpsonCustomerParticipation\EPCP.exe [6/9/2011 1:01 PM 521600]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [10/6/2012 11:07 AM 399432]
R2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [9/15/2012 7:04 PM 5553016]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [9/15/2012 7:05 PM 451960]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\SUPERAntiSpyware\SABKUTIL.sys --> c:\program files\SUPERAntiSpyware\SABKUTIL.sys [?]
S2 HPFECP15;HPFECP15;c:\windows\system32\drivers\HPFecp15.sys [9/4/1998 3:32 AM 52800]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\LogMeIn\x86\RaInfo.sys --> c:\program files\LogMeIn\x86\RaInfo.sys [?]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [8/28/2011 11:38 AM 676936]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys --> c:\windows\system32\DRIVERS\motfilt.sys [?]
S3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [7/23/2012 10:04 PM 27424]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [8/28/2011 11:37 AM 22856]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys --> c:\windows\system32\DRIVERS\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys --> c:\windows\system32\DRIVERS\motccgpfl.sys [?]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys --> c:\windows\system32\DRIVERS\Motousbnet.sys [?]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys --> c:\windows\system32\DRIVERS\motusbdevice.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/27/2012 2:14 PM 114144]
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-01-10 19:42]
.
2012-10-14 c:\windows\Tasks\ReclaimerUpdateFiles_Nzinga.job
- c:\documents and settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 23:23]
.
2012-10-14 c:\windows\Tasks\ReclaimerUpdateXML_Nzinga.job
- c:\documents and settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 23:23]
.
2012-10-14 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_Nzinga.job
- c:\documents and settings\Nzinga\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.20\agent\rnupgagent.exe [2012-09-24 23:23]
.
2012-10-14 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task a5d2a694-12bb-4850-87cb-f080803d1d2b.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-09-04 13:39]
.
2012-10-14 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task c260bc1d-0917-496a-a6b6-069a411912a8.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2011-09-04 13:39]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = about:blank
uInternet Settings,ProxyServer = 0.0.0.0:80
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
TCP: DhcpNameServer = 192.168.11.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Nzinga\Application Data\Mozilla\Firefox\Profiles\msnjx4x8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-09 05:53; {e001c731-5e37-4538-a5cb-8168736a2360}; c:\documents and settings\Nzinga\Application Data\Mozilla\Firefox\Profiles\msnjx4x8.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
FF - user.js: yahoo.homepage.dontask - true
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SearchSettings - c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-14 10:03
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(688)
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'explorer.exe'(3116)
c:\windows\system32\WININET.dll
c:\documents and settings\Nzinga\Application Data\Dropbox\bin\DropboxExt.14.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-10-14 10:04:42
ComboFix-quarantined-files.txt 2012-10-14 14:04
ComboFix2.txt 2012-10-10 03:12
ComboFix3.txt 2012-10-09 09:29
ComboFix4.txt 2012-10-08 20:21
ComboFix5.txt 2012-10-14 13:54
.
Pre-Run: 8,577,556,480 bytes free
Post-Run: 8,588,455,936 bytes free
.
- - End Of File - - E8A463786272B0A7BCCDDC006002A560
DDS.TXT LOG 10.14.2012
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\tsnp2uvc.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHVA.EXE
C:\Program Files\PKWARE\PKZIPM\11.20.0008\PKTray.exe
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = about:blank
uInternet Settings,ProxyServer = 0.0.0.0:80
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [chk] c:\docume~1\nzinga\locals~1\tempckt\chk.exe
uRun: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_tatihva.exe /ept "epltarget\P0000000000000000" /M "WorkForce 645"
uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ssAAD.exe] c:\progra~1\sony\sonics~1\SsAAD.exe
mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe"
mRun: [sigmatelSysTrayApp] stsystra.exe
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [snpstd] c:\windows\vsnpstd.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [snp2uvc] c:\windows\vsnp2uvc.exe
mRun: [tsnp2uvc] c:\windows\tsnp2uvc.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [FUFAXRCV] "c:\program files\epson software\fax utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup
mRunOnce: [spybotDeletingA9489] command.com /c del "c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll_old"
StartupFolder: c:\docume~1\nzinga\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\nzinga\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\nzinga\startm~1\programs\startup\epsona~1.lnk - c:\documents and settings\nzinga\application data\leadertech\powerregister\Epson all-in-one Registration.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-ba7e-000000000002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secure~1.lnk - c:\program files\pkware\pkzipm\11.20.0008\PKTray.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
TCP: DhcpNameServer = 192.168.11.1
TCP: Interfaces\{B5501C3F-86D7-408B-88F3-C3B4DA3FE157} : DhcpNameServer = 192.168.11.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\nzinga\application data\mozilla\firefox\profiles\msnjx4x8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\palm\packag~1\NPInstal.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\tabletplugins\npwacom.dll
FF - plugin: c:\program files\tabletplugins\npWacomTabletPlugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-9-9 45848]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-6 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-28 676936]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 TabletServicePen;TabletServicePen;c:\program files\tablet\pen\Pen_Tablet.exe [2012-9-15 5553016]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\tablet\pen\Pen_TouchService.exe [2012-9-15 451960]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-28 22856]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\superantispyware\sabkutil.sys --> c:\program files\superantispyware\SABKUTIL.sys [?]
S2 HPFECP15;HPFECP15;c:\windows\system32\drivers\HPFecp15.sys [1998-9-4 52800]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys --> c:\windows\system32\drivers\motfilt.sys [?]
S3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [2012-7-23 27424]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys --> c:\windows\system32\drivers\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys --> c:\windows\system32\drivers\motccgpfl.sys [?]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\motousbnet.sys --> c:\windows\system32\drivers\Motousbnet.sys [?]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys --> c:\windows\system32\drivers\motusbdevice.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-27 115168]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2012-10-10 11:47:46 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-10-10 11:47:46 -------- d-----w- c:\windows\system32\wbem\Repository
2012-10-10 11:46:38 -------- d-----w- c:\program files\EarthLink Setup
2012-10-10 11:46:34 -------- d-----w- c:\program files\MyVideoDaily2
2012-10-10 11:46:33 -------- d-----w- c:\program files\YTD Toolbar
2012-10-10 11:46:32 -------- d-----w- c:\documents and settings\nzinga\application data\YTD
2012-10-10 11:46:14 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-10-10 11:45:56 -------- d-----w- c:\program files\common files\Spigot
2012-10-09 21:27:08 -------- d-----w- c:\program files\common files\Comodo
2012-10-09 21:23:22 -------- d-----w- c:\documents and settings\all users\application data\CPA_VA
2012-10-09 21:16:38 -------- d-----w- c:\documents and settings\all users\application data\Comodo
2012-10-09 20:57:02 -------- d-----w- c:\documents and settings\nzinga\local settings\application data\COMODO
2012-10-09 20:56:43 -------- d-----w- c:\program files\Comodo
2012-10-09 11:06:09 -------- d-----w- c:\windows\system32\NtmsData
2012-10-09 09:53:17 -------- d-----w- c:\documents and settings\nzinga\application data\QuickScan
2012-10-09 09:44:11 -------- d-----w- c:\program files\SpywareBlaster
2012-10-09 00:45:50 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-10-09 00:45:50 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2012-10-09 00:41:26 -------- d-----w- c:\documents and settings\nzinga\application data\Leader Technologies
2012-10-08 23:59:44 -------- d-----w- c:\program files\LTCM Client
2012-10-08 23:51:06 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint
2012-10-08 23:51:05 -------- d-----w- c:\program files\common files\ABBYY
2012-10-08 23:51:05 -------- d-----w- c:\documents and settings\all users\application data\ABBYY
2012-10-08 23:39:30 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-08 23:39:29 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-08 23:39:13 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-08 23:32:50 -------- d-----w- c:\program files\common files\EPSON
2012-10-08 23:28:23 -------- d-----w- c:\program files\Epson America Inc
2012-10-08 23:27:08 -------- d-----w- c:\program files\Epson Software
2012-10-08 23:26:16 93696 ----a-w- c:\windows\system32\E_TLBHVA.DLL
2012-10-08 23:26:16 81408 ----a-w- c:\windows\system32\E_TD4BHVA.DLL
2012-10-08 23:25:49 -------- d-----w- c:\documents and settings\all users\application data\EPSON
2012-10-08 23:25:39 342016 ----a-w- c:\windows\system32\eswiaud.dll
2012-10-08 23:25:39 132560 ----a-w- c:\windows\system32\esdevapp.exe
2012-10-08 23:25:39 12800 ----a-w- c:\windows\system32\escdev.dll
2012-09-21 22:44:50 -------- d-----w- c:\documents and settings\all users\application data\YTD Video Downloader
2012-09-19 12:27:09 16384 ----a-w- c:\windows\system32\FileOps.exe
2012-09-15 23:08:26 -------- d-----w- c:\documents and settings\nzinga\application data\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2012-09-15 23:07:53 -------- d-----w- c:\documents and settings\nzinga\application data\Wacom
2012-09-15 23:07:47 -------- d-----w- c:\documents and settings\all users\application data\Wacom
2012-09-15 23:07:08 -------- d-----w- c:\program files\Bamboo Dock
2012-09-15 23:05:18 -------- d-----w- c:\documents and settings\nzinga\application data\WTablet
2012-09-15 23:05:17 1107832 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll
2012-09-15 23:05:10 -------- d-----w- c:\program files\TabletPlugins
2012-09-15 23:04:55 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2012-09-15 23:04:48 14120 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2012-09-15 23:04:45 1369464 ----a-w- c:\windows\system32\Pen_Tablet.dll
2012-09-15 23:04:45 1156472 ----a-w- c:\windows\system32\Wintab32.dll
2012-09-15 23:04:45 1152888 ----a-w- c:\windows\system32\WacomMT.dll
2012-09-15 23:04:42 -------- d-----w- c:\program files\Tablet
.
==================== Find3M ====================
.
2012-10-08 23:38:46 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-07 21:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-27 19:12:39 832512 ----a-w- c:\windows\system32\wininet.dll
2012-08-27 19:12:36 268288 ----a-w- c:\windows\system32\iertutil(2).dll
2012-08-27 19:12:36 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-27 19:12:35 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-08-27 19:12:34 17408 ----a-w- c:\windows\system32\corpol.dll
2012-08-02 14:09:42 1409 ----a-w- c:\windows\QTFont.for
2012-07-24 02:04:47 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-04-11 15:28:36 799441 ----a-w- c:\program files\RegpairSetup.exe
2012-02-19 16:37:57 692480 ----a-w- c:\program files\RealPlayer.exe
2011-09-22 13:14:48 5335216 ----a-w- c:\program files\minuswindows.exe
2011-09-04 13:41:05 20278864 ----a-w- c:\program files\companionlink.exe
2011-05-31 17:28:01 56712856 ----a-w- c:\program files\Avery Wizard 4.0.0.exe
2010-11-16 00:53:56 13525424 ----a-w- c:\program files\Dropbox 0.7.110.exe
2010-11-05 16:28:15 8567280 ----a-w- c:\program files\Firefox Setup 3.6.12.exe
2010-07-02 14:53:01 9070816 ----a-w- c:\program files\SUPERAntiSpyware.exe
2010-01-19 11:48:23 10600847 ----a-w- c:\program files\SeaMonkey Setup 2.0.2.exe
2010-01-04 15:52:04 10601579 ----a-w- c:\program files\SeaMonkey Setup 2.0.1.exe
2009-09-22 11:12:12 13266944 ----a-w- c:\program files\seamonkey-1.1.18.en-US.win32.installer.exe
2009-03-11 21:11:17 1606063 ----a-w- c:\program files\treodekstop213setup.exe
2009-01-31 15:43:45 7518240 ----a-w- c:\program files\Firefox Setup 3.0.5.exe
2009-01-17 17:41:07 13029376 ----a-w- c:\program files\seamonkey-1.1.14.en-US.win32.installer.exe
2008-11-09 17:41:52 11464704 ----a-w- c:\program files\sharecalendar_setup.exe
2008-10-01 00:27:11 13025280 ----a-w- c:\program files\seamonkey-1.1.12.exe
2008-06-26 03:00:29 4898144 ----a-w- c:\program files\LimeWireWin18.exe
2008-04-09 15:12:43 13012992 ----a-w- c:\program files\seamonkey-1.1.9.en-US.win32.installer.exe
2008-03-24 23:50:25 13000704 ----a-w- c:\program files\seamonkey-1.1.8.exe
2007-12-21 09:06:18 13025280 ----a-w- c:\program files\seamonkey-1.1.7.en-US.win32.installer.exe
2007-12-17 12:35:03 51622242 ----a-w- c:\program files\ACEMCP603PRO.exe
2007-12-17 11:55:01 7045601 ----a-w- c:\program files\XP_Codec_Pack_2.3.4.exe
2007-12-17 10:48:36 25755448 ----a-w- c:\program files\wmp11-windowsxp-x86-enu.exe
2007-11-01 16:07:08 11160320 ----a-w- c:\program files\pk zip.exe
2007-08-26 15:32:29 13012992 ----a-w- c:\program files\seamonkey-1.1.4.en-US.win32.installer.exe
2007-07-21 08:25:01 3126056 ----a-w- c:\program files\LimeWireWin.exe
2007-06-16 14:25:27 315318 ----a-w- c:\program files\soltvradio_setup.exe
2007-04-11 17:24:09 10976768 ----a-w- c:\program files\Sprint_PCS_CM_v034.msi
2007-04-11 17:23:50 10740224 ----a-w- c:\program files\SprintPCSConnectionMgr_V3.01.040.msi
2007-04-11 17:10:36 10420865 ----a-w- c:\program files\bitpim-0.9.14-setup.exe
2007-04-09 18:30:47 19994184 ----a-w- c:\program files\QuickTimeInstaller.exe
2007-04-04 12:01:44 12992512 ----a-w- c:\program files\seamonkey-1.1.1.en-US.win32.installer.exe
2007-04-03 21:37:26 10059790 ----a-w- c:\program files\bitpim-0.9.13-setup.exe
2007-02-24 00:34:32 8643136 ----a-w- c:\program files\ymsgr7_437_us.exe
2007-01-18 15:00:19 6342512 ----a-w- c:\program files\Thunderbird Setup 1.5.0.9.exe
2007-01-18 14:31:12 5971432 ----a-w- c:\program files\Firefox Setup 2.0.0.1.exe
2006-10-10 17:41:44 16504464 ----a-w- c:\program files\jre-1_5_0_08-windows-i586-p.exe
2006-10-10 17:37:33 21290704 ----a-w- c:\program files\AdbeRdr708 mozilla plugin.exe
2006-10-10 14:18:33 3054417 ----a-w- c:\program files\FSViewerSetup26.exe
2006-10-01 18:05:57 6335024 ----a-w- c:\program files\Thunderbird Setup 1.5.0.7.exe
2006-09-30 16:32:31 1805498 ----a-w- c:\program files\ultimate zip.exe
2006-09-30 16:25:04 2146871 ----a-w- c:\program files\zipitfast.exe
2006-09-26 17:59:46 47652464 ----a-w- c:\program files\PlusDME_Full.exe
2006-09-26 17:59:00 47652464 ----a-w- c:\program files\Super Pack.exe
2006-07-27 14:20:15 8701008 ----a-w- c:\program files\jewelquest_at.exe
2006-07-13 01:33:19 12038352 ----a-w- c:\program files\mozilla-win32-1.7.13-installer.exe
2006-07-05 13:43:08 4864452 ----a-w- c:\program files\palm401upgrade2.exe
2006-06-30 02:26:50 24070456 ----a-w- c:\program files\windows media player11-windowsxp-x86-enu.exe
2006-06-07 13:54:49 937001 ----a-w- c:\program files\soulseek156c.exe
2006-06-05 19:19:37 705536 ----a-w- c:\program files\MoozikoPlayerSetup.msi
2006-04-22 15:20:38 5432500 ----a-w- c:\program files\ImageMixerV151.exe
2006-03-13 15:32:46 9739116 ----a-w- c:\program files\SimpleOcr.exe
2006-03-01 19:18:58 12754672 ----a-w- c:\program files\MP10Setup.exe
2006-03-01 16:20:40 1419556 ----a-w- c:\program files\klitecodec270b.exe
2006-02-24 21:10:28 2002069 ----a-w- c:\program files\yahoo_texttwist_tm1-1.exe
2006-01-30 19:48:54 27160459 ----a-w- c:\program files\Norton Antivirus download.EXE
2006-01-18 01:00:20 12026576 ----a-w- c:\program files\mozilla-win32-1.7.8-installer.exe
2006-01-17 22:11:32 948936 ----a-w- c:\program files\install_flash_player.exe
2005-12-18 17:58:27 12899744 ----a-w- c:\program files\RealPlayer10-5GOLD_bb.exe
2005-12-17 03:01:46 54725800 ----a-w- c:\program files\iPodSetup.exe
2005-12-16 15:26:23 34412848 ----a-w- c:\program files\iTunesSetup.exe
2005-12-14 19:09:01 1619132 ----a-w- c:\program files\freeripmp3.exe
2005-12-10 05:25:12 2855080 ----a-w- c:\program files\adawaresepersonal.exe
.
============= FINISH: 10:23:59.50 ===============
ATTACH.TXT LOG 10.14.2012
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 11/21/2005 8:25:00 PM
System Uptime: 10/14/2012 9:49:24 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0RD203
Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 70 GiB total, 8.049 GiB free.
D: is CDROM ()
E: is CDROM ()
F: is Removable
G: is FIXED (NTFS) - 1863 GiB total, 1613.626 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1514: 10/8/2012 2:31:46 PM - Software Distribution Service 3.0
RP1515: 10/8/2012 7:19:05 PM - Removed Applet_Web
RP1516: 10/8/2012 7:19:26 PM - Removed Applet_App
RP1517: 10/8/2012 7:19:46 PM - Removed Applet_Ocr
RP1518: 10/8/2012 7:20:07 PM - Removed Applet_Email
RP1519: 10/8/2012 7:20:19 PM - Removed Applet_File
RP1520: 10/8/2012 7:20:32 PM - Removed Applet_CopyToFax
RP1521: 10/8/2012 7:20:44 PM - Removed Applet_VC
RP1522: 10/8/2012 7:20:58 PM - Removed Applet_Copy
RP1523: 10/8/2012 7:21:09 PM - Removed Smart Panel
RP1524: 10/8/2012 7:21:57 PM - Removed EPSON PhotoStarter3.2
RP1525: 10/8/2012 7:23:00 PM - Removed EPSON CardMonitor
RP1526: 10/8/2012 7:26:59 PM - Installed Epson Event Manager
RP1527: 10/8/2012 7:28:22 PM - Installed Epson Connect
RP1528: 10/8/2012 7:29:33 PM - Installed FAX Utility
RP1529: 10/8/2012 7:36:27 PM - Removed Java 6 Update 11
RP1530: 10/8/2012 7:38:38 PM - Installed Java 7 Update 7
RP1531: 10/8/2012 7:50:41 PM - Installed ABBYY FineReader 9.0 Sprint
RP1532: 10/9/2012 12:07:37 AM - Restore Operation
RP1533: 10/9/2012 12:34:09 AM - Relatively Stable 10.9.2012 1233am
RP1534: 10/9/2012 6:57:56 AM - YTD Gone-No Popups
RP1535: 10/9/2012 6:59:40 AM - Removed Ad-Aware
RP1536: 10/9/2012 7:00:22 AM - Removed EarthLink setup files
RP1537: 10/9/2012 7:01:47 AM - Removed RAW FILE CONVERTER LE
RP1538: 10/9/2012 7:02:58 AM - Removed YTD Toolbar v6.2.
RP1539: 10/10/2012 7:36:19 AM - Removed COMODO Internet Security
RP1540: 10/10/2012 7:44:28 AM - Restore Operation
RP1541: 10/12/2012 4:15:46 PM - System Checkpoint
RP1542: 10/14/2012 7:06:06 AM - System Checkpoint
.
==== Installed Programs ======================
.
7-Zip 4.65
ABBYY FineReader 9.0 Sprint
Ad-Aware
Adobe Acrobat 7.0 Standard
Adobe Acrobat 7.1.0 Standard
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX
Adobe Illustrator 10
Adobe Photoshop 6.0
Adobe Photoshop 7.0
Adobe SVG Viewer 3.0
AOLIcon
Apple Software Update
ArcSoft Software Suite
Audacity 1.2.6
Avery Wizard 4.0
Bamboo
Bamboo Dock
BitPim 0.9.14
CCleaner
CompanionLink
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool
Dell Picture Studio v3.0
Dell Support 3.1
Dell System Restore
DellConnect
Digital Content Portal
Documents To Go
Dropbox
EarthLink setup files
EducateU
EndNote 8.0.1
Epson Connect
Epson Customer Participation
Epson Download Navigator
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 645 Series Printer Uninstall
FaxTalk Communicator 4.5
FileMaker Pro 5.0
FreeRIP v2.945
FreeRIP v3.2
GemMaster Mystic
Get High Speed Internet!
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP DeskJet 895C Series (Remove only)
Image Transfer
ImageMixer for Sony
ImageMixer VCD2 for FinePix
Intel® 537EP V9x DF PCI Modem
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections
Internet Explorer Default Page
iPod for Windows 2005-10-12
ISI ResearchSoft - Export Helper
iTunes
Java 7 Update 7
Java Auto Updater
K-Lite Codec Pack 2.70 Basic
Learn2 Player (Uninstall Only)
LTCM Client
Macromedia Flash Player
Malwarebytes Anti-Malware version 1.65.0.1400
MD Simple Burner 2.0.04
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliType Pro 5.3
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Plus! Digital Media Edition
Microsoft Plus! Digital Media Edition Installer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
MicroStaff WINASPI
Modem Event Monitor
Modem Helper
Modem On Hold
MotoHelper MergeModules
Mozilla (1.7.8)
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird (1.5)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyVideoDaily 2
MyWay Search Assistant
OpenMG Limited Patch 4.4-06-13-19-01
OpenMG Secure Module 4.4.00
OpenOffice.org Installer 1.0
Otto
Palm Desktop by ACCESS
Palm HotSync® Mail 4.0
Picasa 3
Player
QuickTime
RAW FILE CONVERTER LE
RealPlayer
ScanToWeb
SeaMonkey (1.1.17)
SecureZIP for Windows 11.20.0008
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB2722913)
Security Update for Windows Internet Explorer 7 (KB2744842)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Serials 2000 v6.0
SigmaTel Audio
Skype Click to Call
Skype™ 5.5
Sonic DLA
Sonic Encoders
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
SonicStage 3.4
Sony USB Driver
Sound Forge 4.5c Build-281
Spybot - Search & Destroy
SUPERAntiSpyware
Treodesktop 2.13
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
USB PC Camera (SN9C102)
USB Video Device
Viewpoint Media Player
VLC media player 2.0.2
WebFldrs XP
WebTablet FB Plugin
WebTablet IE Plugin
WebTablet Netscape Plugin
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinZip
Wise Registry Cleaner 7.15
WordPerfect Office 12
Yahoo! Messenger
YTD Toolbar v6.2
YTD Video Downloader 3.9.2
.
==== Event Viewer Messages From Past Week ========
.
10/9/2012 12:11:20 AM, error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.
10/9/2012 12:00:21 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/9/2012 11:46:55 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
10/9/2012 11:46:45 AM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom1.
10/8/2012 9:24:38 PM, error: Service Control Manager [7034] - The Application Updater service terminated unexpectedly. It has done this 1 time(s).
10/8/2012 8:38:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
10/8/2012 2:31:32 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000034' while processing the file '~efe2.tmp' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
10/8/2012 11:59:27 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip WS2IFSL
10/8/2012 11:59:27 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
10/8/2012 11:59:27 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/8/2012 11:59:27 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/8/2012 11:59:27 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
10/8/2012 11:58:45 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
10/8/2012 11:46:46 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/8/2012 11:46:15 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
10/10/2012 3:40:00 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.
10/10/2012 3:40:00 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.
10/10/2012 3:40:00 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .
10/10/2012 3:40:00 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .
10/10/2012 3:40:00 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2.
10/10/2012 3:40:00 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2.
.
==== End Of File ===========================
-
hi, and thanks so much for the welcome and the much needed help! i did as you requested and ran the quick scan. however, i have not restarted my computer since i last ran rkill which, as i explained above, stopped/stops the popups. should i restart my computer and fun the mbam quick scan again? i have posted the mbam quick scan results below but as you can see, it found nothing. also, should i restart before i follow the combofix instructions?
Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org
Database version: v2012.10.12.06
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.11
Nzinga :: NZINGA1 [administrator]
Protection: Enabled
10/12/2012 3:38:52 PM
mbam-log-2012-10-12 (15-38-52).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 238315
Time elapsed: 6 minute(s), 4 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
-
thanks, i did as you suggested with the forums this morning...anxiously awaiting a fix
-
hi, about a week or two ago my computer was auto updated. i think that as a result, my internet settings were changed ( i was unable to download from firefox-downloads were being canceled immediately). i searched the internet and found that i had to change some settings in ie to fix the problem. so, i opened ie (something i rarely if ever do because i HATE ie), changed the settings and that is when the problem started. from that point on, i now get internet explorer script error popups and advertisment popups intermittently while using firefox. i followed some directions that had me change some settings in my internet options, use atf cleaner followed by combofix once and that worked for a few days but then it started happening again. i have subsequently run superantispyware and mbam (purchased) several times but neither of them finds anything. i am running xp (don't laugh, lol!) 32 bit and i have firefox 15. also, i found rkill and have run it. it does stop the problem but of course, it starts again when the computer is rebooted. this morning, videos were playing in the background with no browser window open at all-once i ran rkill the background video play and the scripts stopped immediately...i will include the rkill log as well. i have no idea what version of ie is on my computer because i don't open it. can someone please help me out? do i need to wipe my whole computer?
RKILL LOG
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html
Program started at: 10/10/2012 07:57:48 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* C:\WINDOWS\system32\dla\tfswctrl.exe (PID: 3352) [WD-HEUR]
* C:\WINDOWS\stsystra.exe (PID: 3488) [WD-HEUR]
* C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (PID: 3528) [FI]
* C:\WINDOWS\vsnp2uvc.exe (PID: 3644) [WD-HEUR]
* C:\WINDOWS\tsnp2uvc.exe (PID: 3672) [WD-HEUR]
* C:\DOCUME~1\Nzinga\LOCALS~1\TempCkt\chk.exe (PID: 4020) [sUP-HEUR]
* C:\DOCUME~1\Nzinga\LOCALS~1\TempCkt\chk.exe (PID: 4020) [T-HEUR]
7 proccesses terminated!
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [incorrect ImagePath]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 localhost
Program finished at: 10/10/2012 07:58:38 AM
Execution time: 0 hours(s), 0 minute(s), and 49 seconds(s)
DDS TXT LOG
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 10.7.2
Run by Nzinga at 8:01:37 on 2012-10-10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3318.2202 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe
C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_TATIHVA.EXE
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\PKWARE\PKZIPM\11.20.0008\PKTray.exe
C:\Documents and Settings\Nzinga\Application Data\Dropbox\bin\Dropbox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\Notepad.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uStart Page = about:blank
uInternet Settings,ProxyServer = 0.0.0.0:80
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 7.0\acrobat\AcroIEFavClient.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [Messenger (Yahoo!)] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [chk] c:\docume~1\nzinga\locals~1\tempckt\chk.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_tatihva.exe /ept "epltarget\P0000000000000000" /M "WorkForce 645"
uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRunOnce: [spybotDeletingB6501] command.com /c del "c:\program files\common files\spigot\search settings\baidu_ie.xml"
uRunOnce: [spybotDeletingD608] cmd.exe /c del "c:\program files\common files\spigot\search settings\baidu_ie.xml"
uRunOnce: [spybotDeletingB6869] command.com /c del "c:\program files\common files\spigot\search settings\config.ini"
uRunOnce: [spybotDeletingD7959] cmd.exe /c del "c:\program files\common files\spigot\search settings\config.ini"
uRunOnce: [spybotDeletingB9242] command.com /c del "c:\program files\common files\spigot\search settings\yandex_ff.xml"
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [intelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [ssAAD.exe] c:\progra~1\sony\sonics~1\SsAAD.exe
mRun: [type32] "c:\program files\microsoft intellitype pro\type32.exe"
mRun: [sigmatelSysTrayApp] stsystra.exe
mRun: [Acrobat Assistant 7.0] "c:\program files\adobe\acrobat 7.0\distillr\Acrotray.exe"
mRun: [snpstd] c:\windows\vsnpstd.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [snp2uvc] c:\windows\vsnp2uvc.exe
mRun: [tsnp2uvc] c:\windows\tsnp2uvc.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [searchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [FUFAXRCV] "c:\program files\epson software\fax utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup
mRunOnce: [spybotDeletingA9489] command.com /c del "c:\program files\common files\spigot\wtxpcom\components\WidgiToolbarFF.dll_old"
StartupFolder: c:\docume~1\nzinga\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\nzinga\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\nzinga\startm~1\programs\startup\epsona~1.lnk - c:\documents and settings\nzinga\application data\leadertech\powerregister\Epson all-in-one Registration.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-0000-ba7e-000000000002}\SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secure~1.lnk - c:\program files\pkware\pkzipm\11.20.0008\PKTray.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://a1540.g.akamai.net/7/1540/52/20061205/qtinstall.info.apple.com/qtactivex/qtplugin.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
TCP: DhcpNameServer = 192.168.11.1
TCP: Interfaces\{B5501C3F-86D7-408B-88F3-C3B4DA3FE157} : DhcpNameServer = 192.168.11.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\nzinga\application data\mozilla\firefox\profiles\msnjx4x8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\palm\packag~1\NPInstal.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\tabletplugins\npwacom.dll
FF - plugin: c:\program files\tabletplugins\npWacomTabletPlugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608]
R2 aawservice;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\aawservice.exe [2008-9-10 611664]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-9-9 45848]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-10-6 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-8-28 676936]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 TabletServicePen;TabletServicePen;c:\program files\tablet\pen\Pen_Tablet.exe [2012-9-15 5553016]
R2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\tablet\pen\Pen_TouchService.exe [2012-9-15 451960]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-8-28 22856]
S1 SABKUTIL;SABKUTIL;\??\c:\program files\superantispyware\sabkutil.sys --> c:\program files\superantispyware\SABKUTIL.sys [?]
S2 HPFECP15;HPFECP15;c:\windows\system32\drivers\HPFecp15.sys [1998-9-4 52800]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\c:\program files\logmein\x86\rainfo.sys --> c:\program files\logmein\x86\RaInfo.sys [?]
S3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\drivers\motfilt.sys --> c:\windows\system32\drivers\motfilt.sys [?]
S3 hitmanpro36;Hitman Pro 3.5 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [2012-7-23 27424]
S3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\drivers\motccgp.sys --> c:\windows\system32\drivers\motccgp.sys [?]
S3 motccgpfl;MotCcgpFlService;c:\windows\system32\drivers\motccgpfl.sys --> c:\windows\system32\drivers\motccgpfl.sys [?]
S3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\drivers\motousbnet.sys --> c:\windows\system32\drivers\Motousbnet.sys [?]
S3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\drivers\motusbdevice.sys --> c:\windows\system32\drivers\motusbdevice.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-27 114144]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
.
=============== Created Last 30 ================
.
2012-10-10 11:47:46 -------- d-----w- c:\windows\system32\wbem\repository\FS
2012-10-10 11:47:46 -------- d-----w- c:\windows\system32\wbem\Repository
2012-10-10 11:46:38 -------- d-----w- c:\program files\EarthLink Setup
2012-10-10 11:46:34 -------- d-----w- c:\program files\MyVideoDaily2
2012-10-10 11:46:33 -------- d-----w- c:\program files\YTD Toolbar
2012-10-10 11:46:32 -------- d-----w- c:\documents and settings\nzinga\application data\YTD
2012-10-10 11:46:14 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-10-10 11:45:56 -------- d-----w- c:\program files\common files\Spigot
2012-10-09 21:27:08 -------- d-----w- c:\program files\common files\Comodo
2012-10-09 21:23:22 -------- d-----w- c:\documents and settings\all users\application data\CPA_VA
2012-10-09 21:16:38 -------- d-----w- c:\documents and settings\all users\application data\Comodo
2012-10-09 20:57:02 -------- d-----w- c:\documents and settings\nzinga\local settings\application data\COMODO
2012-10-09 20:56:43 -------- d-----w- c:\program files\Comodo
2012-10-09 11:06:09 -------- d-----w- c:\windows\system32\NtmsData
2012-10-09 09:53:17 -------- d-----w- c:\documents and settings\nzinga\application data\QuickScan
2012-10-09 09:44:11 -------- d-----w- c:\program files\SpywareBlaster
2012-10-09 00:45:50 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-10-09 00:45:50 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2012-10-09 00:41:26 -------- d-----w- c:\documents and settings\nzinga\application data\Leader Technologies
2012-10-08 23:59:44 -------- d-----w- c:\program files\LTCM Client
2012-10-08 23:51:06 -------- d-----w- c:\program files\ABBYY FineReader 9.0 Sprint
2012-10-08 23:51:05 -------- d-----w- c:\program files\common files\ABBYY
2012-10-08 23:51:05 -------- d-----w- c:\documents and settings\all users\application data\ABBYY
2012-10-08 23:39:30 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-10-08 23:39:29 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-08 23:39:13 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-08 23:32:50 -------- d-----w- c:\program files\common files\EPSON
2012-10-08 23:28:23 -------- d-----w- c:\program files\Epson America Inc
2012-10-08 23:27:08 -------- d-----w- c:\program files\Epson Software
2012-10-08 23:26:16 93696 ----a-w- c:\windows\system32\E_TLBHVA.DLL
2012-10-08 23:26:16 81408 ----a-w- c:\windows\system32\E_TD4BHVA.DLL
2012-10-08 23:25:49 -------- d-----w- c:\documents and settings\all users\application data\EPSON
2012-10-08 23:25:39 342016 ----a-w- c:\windows\system32\eswiaud.dll
2012-10-08 23:25:39 132560 ----a-w- c:\windows\system32\esdevapp.exe
2012-10-08 23:25:39 12800 ----a-w- c:\windows\system32\escdev.dll
2012-09-21 22:44:50 -------- d-----w- c:\documents and settings\all users\application data\YTD Video Downloader
2012-09-19 12:27:09 16384 ----a-w- c:\windows\system32\FileOps.exe
2012-09-15 23:08:26 -------- d-----w- c:\documents and settings\nzinga\application data\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
2012-09-15 23:07:53 -------- d-----w- c:\documents and settings\nzinga\application data\Wacom
2012-09-15 23:07:47 -------- d-----w- c:\documents and settings\all users\application data\Wacom
2012-09-15 23:07:08 -------- d-----w- c:\program files\Bamboo Dock
2012-09-15 23:05:18 -------- d-----w- c:\documents and settings\nzinga\application data\WTablet
2012-09-15 23:05:17 1107832 ----a-w- c:\windows\system32\Pen_Touch_Tablet.dll
2012-09-15 23:05:10 -------- d-----w- c:\program files\TabletPlugins
2012-09-15 23:04:55 11312 ----a-w- c:\windows\system32\drivers\wacommousefilter.sys
2012-09-15 23:04:48 14120 ----a-w- c:\windows\system32\drivers\wacomvhid.sys
2012-09-15 23:04:45 1369464 ----a-w- c:\windows\system32\Pen_Tablet.dll
2012-09-15 23:04:45 1156472 ----a-w- c:\windows\system32\Wintab32.dll
2012-09-15 23:04:45 1152888 ----a-w- c:\windows\system32\WacomMT.dll
2012-09-15 23:04:42 -------- d-----w- c:\program files\Tablet
.
==================== Find3M ====================
.
2012-10-08 23:38:46 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-07 21:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-27 19:12:39 832512 ----a-w- c:\windows\system32\wininet.dll
2012-08-27 19:12:36 268288 ----a-w- c:\windows\system32\iertutil(2).dll
2012-08-27 19:12:36 1830912 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-27 19:12:35 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-08-27 19:12:34 17408 ----a-w- c:\windows\system32\corpol.dll
2012-08-02 14:09:42 1409 ----a-w- c:\windows\QTFont.for
2012-07-24 02:04:47 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-04-11 15:28:36 799441 ----a-w- c:\program files\RegpairSetup.exe
2012-02-19 16:37:57 692480 ----a-w- c:\program files\RealPlayer.exe
2011-09-22 13:14:48 5335216 ----a-w- c:\program files\minuswindows.exe
2011-09-04 13:41:05 20278864 ----a-w- c:\program files\companionlink.exe
2011-05-31 17:28:01 56712856 ----a-w- c:\program files\Avery Wizard 4.0.0.exe
2010-11-16 00:53:56 13525424 ----a-w- c:\program files\Dropbox 0.7.110.exe
2010-11-05 16:28:15 8567280 ----a-w- c:\program files\Firefox Setup 3.6.12.exe
2010-07-02 14:53:01 9070816 ----a-w- c:\program files\SUPERAntiSpyware.exe
2010-01-19 11:48:23 10600847 ----a-w- c:\program files\SeaMonkey Setup 2.0.2.exe
2010-01-04 15:52:04 10601579 ----a-w- c:\program files\SeaMonkey Setup 2.0.1.exe
2009-09-22 11:12:12 13266944 ----a-w- c:\program files\seamonkey-1.1.18.en-US.win32.installer.exe
2009-03-11 21:11:17 1606063 ----a-w- c:\program files\treodekstop213setup.exe
2009-01-31 15:43:45 7518240 ----a-w- c:\program files\Firefox Setup 3.0.5.exe
2009-01-17 17:41:07 13029376 ----a-w- c:\program files\seamonkey-1.1.14.en-US.win32.installer.exe
2008-11-09 17:41:52 11464704 ----a-w- c:\program files\sharecalendar_setup.exe
2008-10-01 00:27:11 13025280 ----a-w- c:\program files\seamonkey-1.1.12.exe
2008-06-26 03:00:29 4898144 ----a-w- c:\program files\LimeWireWin18.exe
2008-04-09 15:12:43 13012992 ----a-w- c:\program files\seamonkey-1.1.9.en-US.win32.installer.exe
2008-03-24 23:50:25 13000704 ----a-w- c:\program files\seamonkey-1.1.8.exe
2007-12-21 09:06:18 13025280 ----a-w- c:\program files\seamonkey-1.1.7.en-US.win32.installer.exe
2007-12-17 12:35:03 51622242 ----a-w- c:\program files\ACEMCP603PRO.exe
2007-12-17 11:55:01 7045601 ----a-w- c:\program files\XP_Codec_Pack_2.3.4.exe
2007-12-17 10:48:36 25755448 ----a-w- c:\program files\wmp11-windowsxp-x86-enu.exe
2007-11-01 16:07:08 11160320 ----a-w- c:\program files\pk zip.exe
2007-08-26 15:32:29 13012992 ----a-w- c:\program files\seamonkey-1.1.4.en-US.win32.installer.exe
2007-07-21 08:25:01 3126056 ----a-w- c:\program files\LimeWireWin.exe
2007-06-16 14:25:27 315318 ----a-w- c:\program files\soltvradio_setup.exe
2007-04-11 17:24:09 10976768 ----a-w- c:\program files\Sprint_PCS_CM_v034.msi
2007-04-11 17:23:50 10740224 ----a-w- c:\program files\SprintPCSConnectionMgr_V3.01.040.msi
2007-04-11 17:10:36 10420865 ----a-w- c:\program files\bitpim-0.9.14-setup.exe
2007-04-09 18:30:47 19994184 ----a-w- c:\program files\QuickTimeInstaller.exe
2007-04-04 12:01:44 12992512 ----a-w- c:\program files\seamonkey-1.1.1.en-US.win32.installer.exe
2007-04-03 21:37:26 10059790 ----a-w- c:\program files\bitpim-0.9.13-setup.exe
2007-02-24 00:34:32 8643136 ----a-w- c:\program files\ymsgr7_437_us.exe
2007-01-18 15:00:19 6342512 ----a-w- c:\program files\Thunderbird Setup 1.5.0.9.exe
2007-01-18 14:31:12 5971432 ----a-w- c:\program files\Firefox Setup 2.0.0.1.exe
2006-10-10 17:41:44 16504464 ----a-w- c:\program files\jre-1_5_0_08-windows-i586-p.exe
2006-10-10 17:37:33 21290704 ----a-w- c:\program files\AdbeRdr708 mozilla plugin.exe
2006-10-10 14:18:33 3054417 ----a-w- c:\program files\FSViewerSetup26.exe
2006-10-01 18:05:57 6335024 ----a-w- c:\program files\Thunderbird Setup 1.5.0.7.exe
2006-09-30 16:32:31 1805498 ----a-w- c:\program files\ultimate zip.exe
2006-09-30 16:25:04 2146871 ----a-w- c:\program files\zipitfast.exe
2006-09-26 17:59:46 47652464 ----a-w- c:\program files\PlusDME_Full.exe
2006-09-26 17:59:00 47652464 ----a-w- c:\program files\Super Pack.exe
2006-07-27 14:20:15 8701008 ----a-w- c:\program files\jewelquest_at.exe
2006-07-13 01:33:19 12038352 ----a-w- c:\program files\mozilla-win32-1.7.13-installer.exe
2006-07-05 13:43:08 4864452 ----a-w- c:\program files\palm401upgrade2.exe
2006-06-30 02:26:50 24070456 ----a-w- c:\program files\windows media player11-windowsxp-x86-enu.exe
2006-06-07 13:54:49 937001 ----a-w- c:\program files\soulseek156c.exe
2006-06-05 19:19:37 705536 ----a-w- c:\program files\MoozikoPlayerSetup.msi
2006-04-22 15:20:38 5432500 ----a-w- c:\program files\ImageMixerV151.exe
2006-03-13 15:32:46 9739116 ----a-w- c:\program files\SimpleOcr.exe
2006-03-01 19:18:58 12754672 ----a-w- c:\program files\MP10Setup.exe
2006-03-01 16:20:40 1419556 ----a-w- c:\program files\klitecodec270b.exe
2006-02-24 21:10:28 2002069 ----a-w- c:\program files\yahoo_texttwist_tm1-1.exe
2006-01-30 19:48:54 27160459 ----a-w- c:\program files\Norton Antivirus download.EXE
2006-01-18 01:00:20 12026576 ----a-w- c:\program files\mozilla-win32-1.7.8-installer.exe
2006-01-17 22:11:32 948936 ----a-w- c:\program files\install_flash_player.exe
2005-12-18 17:58:27 12899744 ----a-w- c:\program files\RealPlayer10-5GOLD_bb.exe
2005-12-17 03:01:46 54725800 ----a-w- c:\program files\iPodSetup.exe
2005-12-16 15:26:23 34412848 ----a-w- c:\program files\iTunesSetup.exe
2005-12-14 19:09:01 1619132 ----a-w- c:\program files\freeripmp3.exe
2005-12-10 05:25:12 2855080 ----a-w- c:\program files\adawaresepersonal.exe
.
============= FINISH: 8:02:47.22 ===============
ATTACH TXT LOG
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 11/21/2005 8:25:00 PM
System Uptime: 10/10/2012 7:48:27 AM (1 hours ago)
.
Motherboard: Dell Inc. | | 0RD203
Processor: Intel® Pentium® 4 CPU 3.00GHz | Microprocessor | 2992/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 70 GiB total, 7.932 GiB free.
D: is CDROM ()
E: is CDROM ()
G: is FIXED (NTFS) - 1863 GiB total, 1613.626 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1514: 10/8/2012 2:31:46 PM - Software Distribution Service 3.0
RP1515: 10/8/2012 7:19:05 PM - Removed Applet_Web
RP1516: 10/8/2012 7:19:26 PM - Removed Applet_App
RP1517: 10/8/2012 7:19:46 PM - Removed Applet_Ocr
RP1518: 10/8/2012 7:20:07 PM - Removed Applet_Email
RP1519: 10/8/2012 7:20:19 PM - Removed Applet_File
RP1520: 10/8/2012 7:20:32 PM - Removed Applet_CopyToFax
RP1521: 10/8/2012 7:20:44 PM - Removed Applet_VC
RP1522: 10/8/2012 7:20:58 PM - Removed Applet_Copy
RP1523: 10/8/2012 7:21:09 PM - Removed Smart Panel
RP1524: 10/8/2012 7:21:57 PM - Removed EPSON PhotoStarter3.2
RP1525: 10/8/2012 7:23:00 PM - Removed EPSON CardMonitor
RP1526: 10/8/2012 7:26:59 PM - Installed Epson Event Manager
RP1527: 10/8/2012 7:28:22 PM - Installed Epson Connect
RP1528: 10/8/2012 7:29:33 PM - Installed FAX Utility
RP1529: 10/8/2012 7:36:27 PM - Removed Java™ 6 Update 11
RP1530: 10/8/2012 7:38:38 PM - Installed Java 7 Update 7
RP1531: 10/8/2012 7:50:41 PM - Installed ABBYY FineReader 9.0 Sprint
RP1532: 10/9/2012 12:07:37 AM - Restore Operation
RP1533: 10/9/2012 12:34:09 AM - Relatively Stable 10.9.2012 1233am
RP1534: 10/9/2012 6:57:56 AM - YTD Gone-No Popups
RP1535: 10/9/2012 6:59:40 AM - Removed Ad-Aware
RP1536: 10/9/2012 7:00:22 AM - Removed EarthLink setup files
RP1537: 10/9/2012 7:01:47 AM - Removed RAW FILE CONVERTER LE
RP1538: 10/9/2012 7:02:58 AM - Removed YTD Toolbar v6.2.
RP1539: 10/10/2012 7:36:19 AM - Removed COMODO Internet Security
RP1540: 10/10/2012 7:44:28 AM - Restore Operation
.
==== Installed Programs ======================
.
7-Zip 4.65
ABBYY FineReader 9.0 Sprint
Ad-Aware
Adobe Acrobat 7.0 Standard
Adobe Acrobat 7.1.0 Standard
Adobe AIR
Adobe Flash Player 11 Plugin
Adobe Flash Player ActiveX
Adobe Illustrator 10
Adobe Photoshop 6.0
Adobe Photoshop 7.0
Adobe SVG Viewer 3.0
AOLIcon
Apple Software Update
ArcSoft Software Suite
Audacity 1.2.6
Avery Wizard 4.0
Bamboo
Bamboo Dock
BitPim 0.9.14
CCleaner
CompanionLink
Compatibility Pack for the 2007 Office system
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Reset Tool
Dell Picture Studio v3.0
Dell Support 3.1
Dell System Restore
DellConnect
Digital Content Portal
Documents To Go
Dropbox
EarthLink setup files
EducateU
EndNote 8.0.1
Epson Connect
Epson Customer Participation
Epson Download Navigator
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 645 Series Printer Uninstall
FaxTalk Communicator 4.5
FileMaker Pro 5.0
FreeRIP v2.945
FreeRIP v3.2
GemMaster Mystic
Get High Speed Internet!
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP DeskJet 895C Series (Remove only)
Image Transfer
ImageMixer for Sony
ImageMixer VCD2 for FinePix
Intel® 537EP V9x DF PCI Modem
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections
Internet Explorer Default Page
iPod for Windows 2005-10-12
ISI ResearchSoft - Export Helper
iTunes
Java 7 Update 7
Java Auto Updater
K-Lite Codec Pack 2.70 Basic
Learn2 Player (Uninstall Only)
LTCM Client
Macromedia Flash Player
Malwarebytes Anti-Malware version 1.65.0.1400
MD Simple Burner 2.0.04
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliType Pro 5.3
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003
Microsoft Plus! Digital Media Edition
Microsoft Plus! Digital Media Edition Installer
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
MicroStaff WINASPI
Modem Event Monitor
Modem Helper
Modem On Hold
MotoHelper MergeModules
Mozilla (1.7.8)
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird (1.5)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyVideoDaily 2
MyWay Search Assistant
OpenMG Limited Patch 4.4-06-13-19-01
OpenMG Secure Module 4.4.00
OpenOffice.org Installer 1.0
Otto
Palm Desktop by ACCESS
Palm HotSync® Mail 4.0
Picasa 3
Player
QuickTime
RAW FILE CONVERTER LE
RealPlayer
ScanToWeb
SeaMonkey (1.1.17)
SecureZIP for Windows 11.20.0008
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2530548)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Internet Explorer 7 (KB2722913)
Security Update for Windows Internet Explorer 7 (KB2744842)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Serials 2000 v6.0
SigmaTel Audio
Skype Click to Call
Skype™ 5.5
Sonic DLA
Sonic Encoders
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
SonicStage 3.4
Sony USB Driver
Sound Forge 4.5c Build-281
Spybot - Search & Destroy
SUPERAntiSpyware
Treodesktop 2.13
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
USB PC Camera (SN9C102)
USB Video Device
Viewpoint Media Player
VLC media player 2.0.2
WebFldrs XP
WebTablet FB Plugin
WebTablet IE Plugin
WebTablet Netscape Plugin
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB895198
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinZip
Wise Registry Cleaner 7.15
WordPerfect Office 12
Yahoo! Messenger
YTD Toolbar v6.2
YTD Video Downloader 3.9.2
.
==== Event Viewer Messages From Past Week ========
.
10/9/2012 11:46:55 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
10/9/2012 11:46:45 AM, error: Cdrom [11] - The driver detected a controller error on \Device\CdRom1.
10/8/2012 9:24:38 PM, error: Service Control Manager [7034] - The Application Updater service terminated unexpectedly. It has done this 1 time(s).
10/8/2012 8:38:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
10/8/2012 8:38:15 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip WS2IFSL
10/8/2012 8:38:15 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
10/8/2012 8:38:15 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/8/2012 8:38:15 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
10/8/2012 8:38:15 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
10/8/2012 8:37:34 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
10/8/2012 8:37:29 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/8/2012 2:31:32 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000034' while processing the file '~efe2.tmp' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
10/8/2012 11:46:46 PM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/8/2012 11:46:15 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
10/5/2012 12:33:55 PM, error: Service Control Manager [7000] - The LogMeIn Kernel Information Provider service failed to start due to the following error: The system cannot find the path specified.
10/3/2012 3:40:00 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.
10/3/2012 3:40:00 PM, error: SideBySide [61] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2. The required attribute version is missing from element assemblyIdentity.
10/3/2012 3:40:00 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .
10/3/2012 3:40:00 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest. Reference error message: The operation completed successfully. .
10/3/2012 3:40:00 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\MSIInstallPlugin.dll.Manifest" on line 2.
10/3/2012 3:40:00 PM, error: SideBySide [58] - Syntax error in manifest or policy file "C:\Program Files\Apple Software Update\Plugins\EXEInstallPlugin.dll.Manifest" on line 2.
.
==== End Of File ===========================
-
hi, about a week or two my computer was auto updated. i think that as a result, my internet settings were changed ( i was unable to download from firefox-downloads were being canceled immediately). i searched the internet and found that i had to change some settings in ie to fix the problem. so, i opened ie (something i rarely if ever do because i HATE ie), changed the settings and that is when the problem started. I now get script error popups and advertisment popups intermittently while using firefox. i followed some directions that had me use atf cleaner followed by combofix once and that worked for a few days but then it started happening again. i have subsequently run superantispyware and mbam (purchased) several times but neither of them finds anything. i am running xp (don't laugh, lol!) 32 bit and i have firefox 15. i have no idea what version of ie is on my because i don't open it. can someone please help me out? do i need to wipe my whole computer
c:\\WINDOWS\tsnp2uvc.exe Trojan.Backdoor
in Resolved Malware Removal Logs
Posted
ahhhh! thank you for the clarification. i will get an antivirus program.