waves

December 8, 2012

The computer is really slow when loading Firefox or new webpages but I haven't noticed any Google redirects. That being said, I'm still worried, even if the scan came back clean.. how can I be sure that the computer is 100% clean?

Also, while the scan was loading, One-Click Maintenance (I'm not familar with this; our computer repairman installed and used this a few years back) popped up and said there were something like 96 registry errors.

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.12.07.11

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 7.0.5730.13

Laurel :: RUSTY [administrator]

12/7/2012 4:45:10 PM

mbam-log-2012-12-07 (16-45-10).txt

Scan type: Full scan (C:\|)

Scan options disabled: P2P

Objects scanned: 403341

Time elapsed: 2 hour(s), 16 minute(s), 37 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

December 4, 2012

When I was on the Adobe website, a small blue bar popped up at the bottom of the screen. I didn't catch what it said because I closed it accidentially, but it had some text in an arrow shaped box (if that makes sense) with more text in another box, and so on. What was it?

Anyway, here's the TDSSKiller log:

16:07:05.0468 0860 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

16:07:06.0078 0860 ============================================================

16:07:06.0078 0860 Current date / time: 2012/12/04 16:07:06.0078

16:07:06.0078 0860 SystemInfo:

16:07:06.0078 0860

16:07:06.0078 0860 OS Version: 5.1.2600 ServicePack: 3.0

16:07:06.0078 0860 Product type: Workstation

16:07:06.0078 0860 ComputerName: RUSTY

16:07:06.0078 0860 UserName: Laurel

16:07:06.0078 0860 Windows directory: C:\WINDOWS

16:07:06.0078 0860 System windows directory: C:\WINDOWS

16:07:06.0078 0860 Processor architecture: Intel x86

16:07:06.0078 0860 Number of processors: 1

16:07:06.0078 0860 Page size: 0x1000

16:07:06.0078 0860 Boot type: Normal boot

16:07:06.0078 0860 ============================================================

16:07:09.0140 0860 Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

16:07:09.0140 0860 ============================================================

16:07:09.0140 0860 \Device\Harddisk0\DR0:

16:07:09.0140 0860 MBR partitions:

16:07:09.0140 0860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x445C7EE

16:07:09.0140 0860 ============================================================

16:07:09.0218 0860 C: <-> \Device\Harddisk0\DR0\Partition1

16:07:09.0218 0860 ============================================================

16:07:09.0218 0860 Initialize success

16:07:09.0218 0860 ============================================================

16:08:08.0796 2684 ============================================================

16:08:08.0796 2684 Scan started

16:08:08.0796 2684 Mode: Manual;

16:08:08.0796 2684 ============================================================

16:08:09.0906 2684 ================ Scan system memory ========================

16:08:09.0906 2684 System memory - ok

16:08:09.0921 2684 ================ Scan services =============================

16:08:10.0062 2684 Abiosdsk - ok

16:08:10.0125 2684 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

16:08:10.0125 2684 abp480n5 - ok

16:08:10.0187 2684 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

16:08:10.0187 2684 ACPI - ok

16:08:10.0250 2684 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

16:08:10.0250 2684 ACPIEC - ok

16:08:10.0390 2684 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

16:08:10.0390 2684 AdobeFlashPlayerUpdateSvc - ok

16:08:10.0437 2684 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys

16:08:10.0437 2684 adpu160m - ok

16:08:10.0484 2684 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

16:08:10.0484 2684 aec - ok

16:08:10.0531 2684 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

16:08:10.0531 2684 AFD - ok

16:08:10.0578 2684 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys

16:08:10.0578 2684 agp440 - ok

16:08:10.0593 2684 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

16:08:10.0593 2684 agpCPQ - ok

16:08:10.0656 2684 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys

16:08:10.0656 2684 Aha154x - ok

16:08:10.0687 2684 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys

16:08:10.0687 2684 aic78u2 - ok

16:08:10.0703 2684 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys

16:08:10.0703 2684 aic78xx - ok

16:08:10.0750 2684 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

16:08:10.0750 2684 Alerter - ok

16:08:10.0765 2684 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

16:08:10.0765 2684 ALG - ok

16:08:10.0812 2684 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys

16:08:10.0812 2684 AliIde - ok

16:08:10.0843 2684 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys

16:08:10.0843 2684 alim1541 - ok

16:08:10.0875 2684 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys

16:08:10.0875 2684 amdagp - ok

16:08:10.0890 2684 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys

16:08:10.0890 2684 amsint - ok

16:08:10.0906 2684 AppMgmt - ok

16:08:10.0937 2684 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys

16:08:10.0953 2684 asc - ok

16:08:10.0968 2684 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys

16:08:10.0968 2684 asc3350p - ok

16:08:10.0984 2684 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys

16:08:10.0984 2684 asc3550 - ok

16:08:11.0031 2684 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys

16:08:11.0093 2684 ASCTRM - ok

16:08:11.0250 2684 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

16:08:11.0250 2684 aspnet_state - ok

16:08:11.0312 2684 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

16:08:11.0312 2684 AsyncMac - ok

16:08:11.0343 2684 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

16:08:11.0359 2684 atapi - ok

16:08:11.0375 2684 Atdisk - ok

16:08:11.0421 2684 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

16:08:11.0437 2684 Atmarpc - ok

16:08:11.0484 2684 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

16:08:11.0484 2684 AudioSrv - ok

16:08:11.0546 2684 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

16:08:11.0546 2684 audstub - ok

16:08:11.0578 2684 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

16:08:11.0578 2684 Beep - ok

16:08:11.0625 2684 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

16:08:11.0640 2684 BITS - ok

16:08:11.0765 2684 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

16:08:11.0781 2684 Bonjour Service - ok

16:08:11.0843 2684 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

16:08:11.0859 2684 Browser - ok

16:08:11.0875 2684 bvrp_pci - ok

16:08:11.0921 2684 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

16:08:11.0937 2684 cbidf - ok

16:08:11.0953 2684 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

16:08:11.0953 2684 cbidf2k - ok

16:08:12.0015 2684 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

16:08:12.0015 2684 cd20xrnt - ok

16:08:12.0031 2684 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

16:08:12.0031 2684 Cdaudio - ok

16:08:12.0078 2684 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

16:08:12.0078 2684 Cdfs - ok

16:08:12.0125 2684 [ BF79E659C506674C0497CC9C61F1A165 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys

16:08:12.0125 2684 Cdr4_xp - ok

16:08:12.0156 2684 [ 2C41CD49D82D5FD85C72D57B6CA25471 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys

16:08:12.0156 2684 Cdralw2k - ok

16:08:12.0187 2684 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

16:08:12.0187 2684 Cdrom - ok

16:08:12.0265 2684 [ 8C7746ACDE6225A46B58ED7AE09EC166 ] cdudf_xp C:\WINDOWS\system32\drivers\cdudf_xp.sys

16:08:12.0359 2684 cdudf_xp - ok

16:08:12.0390 2684 Changer - ok

16:08:12.0437 2684 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

16:08:12.0437 2684 CiSvc - ok

16:08:12.0468 2684 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

16:08:12.0484 2684 ClipSrv - ok

16:08:12.0531 2684 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:08:12.0531 2684 clr_optimization_v2.0.50727_32 - ok

16:08:12.0593 2684 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys

16:08:12.0593 2684 CmdIde - ok

16:08:12.0609 2684 COMSysApp - ok

16:08:12.0656 2684 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys

16:08:12.0656 2684 Cpqarray - ok

16:08:12.0703 2684 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

16:08:12.0703 2684 CryptSvc - ok

16:08:12.0765 2684 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

16:08:12.0765 2684 dac2w2k - ok

16:08:12.0796 2684 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys

16:08:12.0812 2684 dac960nt - ok

16:08:12.0875 2684 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

16:08:12.0890 2684 DcomLaunch - ok

16:08:12.0937 2684 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

16:08:12.0937 2684 Dhcp - ok

16:08:12.0968 2684 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

16:08:12.0968 2684 Disk - ok

16:08:12.0984 2684 dmadmin - ok

16:08:13.0031 2684 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

16:08:13.0062 2684 dmboot - ok

16:08:13.0109 2684 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

16:08:13.0109 2684 dmio - ok

16:08:13.0171 2684 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

16:08:13.0171 2684 dmload - ok

16:08:13.0250 2684 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

16:08:13.0250 2684 dmserver - ok

16:08:13.0312 2684 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

16:08:13.0312 2684 DMusic - ok

16:08:13.0375 2684 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

16:08:13.0375 2684 Dnscache - ok

16:08:13.0500 2684 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

16:08:13.0546 2684 Dot3svc - ok

16:08:13.0578 2684 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys

16:08:13.0578 2684 dpti2o - ok

16:08:13.0593 2684 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

16:08:13.0609 2684 drmkaud - ok

16:08:13.0656 2684 [ 800DE2DFA19DB3FD87AA95308BA0C17B ] dvd_2K C:\WINDOWS\system32\drivers\dvd_2K.sys

16:08:13.0687 2684 dvd_2K - ok

16:08:13.0750 2684 [ 7D91DC6342248369F94D6EBA0CF42E99 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys

16:08:13.0750 2684 E100B - ok

16:08:13.0796 2684 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

16:08:13.0812 2684 EapHost - ok

16:08:13.0843 2684 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

16:08:13.0843 2684 ERSvc - ok

16:08:13.0890 2684 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

16:08:13.0890 2684 Eventlog - ok

16:08:13.0953 2684 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

16:08:13.0953 2684 EventSystem - ok

16:08:14.0078 2684 [ E081184B8A58DC49BFE2200D56C297B2 ] F-Secure BlackLight Sensor C:\WINDOWS\TEMP\F-Secure\Anti-Virus\fsblsrv.exe

16:08:14.0078 2684 F-Secure BlackLight Sensor - ok

16:08:14.0125 2684 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

16:08:14.0125 2684 Fastfat - ok

16:08:14.0203 2684 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

16:08:14.0203 2684 FastUserSwitchingCompatibility - ok

16:08:14.0265 2684 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe

16:08:14.0281 2684 Fax - ok

16:08:14.0296 2684 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

16:08:14.0296 2684 Fdc - ok

16:08:14.0343 2684 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

16:08:14.0343 2684 Fips - ok

16:08:14.0390 2684 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

16:08:14.0390 2684 Flpydisk - ok

16:08:14.0437 2684 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

16:08:14.0453 2684 FltMgr - ok

16:08:14.0515 2684 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

16:08:14.0531 2684 FontCache3.0.0.0 - ok

16:08:14.0578 2684 fsbl - ok

16:08:14.0609 2684 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

16:08:14.0609 2684 Fs_Rec - ok

16:08:14.0640 2684 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

16:08:14.0640 2684 Ftdisk - ok

16:08:14.0687 2684 [ 72FE2BEA6863D4EB93442A1C4FB5CA48 ] GcKernel C:\WINDOWS\system32\DRIVERS\GcKernel.sys

16:08:14.0687 2684 GcKernel - ok

16:08:14.0734 2684 [ 5DC17164F66380CBFEFD895C18467773 ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

16:08:14.0734 2684 GEARAspiWDM - ok

16:08:14.0765 2684 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

16:08:14.0781 2684 Gpc - ok

16:08:14.0859 2684 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

16:08:14.0859 2684 helpsvc - ok

16:08:14.0906 2684 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

16:08:14.0906 2684 HidServ - ok

16:08:14.0968 2684 [ BD205320308FB41C88A4049A2D1764B4 ] HIDSwvd C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys

16:08:14.0968 2684 HIDSwvd - ok

16:08:15.0000 2684 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

16:08:15.0000 2684 HidUsb - ok

16:08:15.0046 2684 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

16:08:15.0046 2684 hkmsvc - ok

16:08:15.0078 2684 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys

16:08:15.0078 2684 hpn - ok

16:08:15.0140 2684 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

16:08:15.0140 2684 HTTP - ok

16:08:15.0187 2684 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

16:08:15.0187 2684 HTTPFilter - ok

16:08:15.0250 2684 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys

16:08:15.0250 2684 i2omgmt - ok

16:08:15.0281 2684 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys

16:08:15.0281 2684 i2omp - ok

16:08:15.0328 2684 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

16:08:15.0328 2684 i8042prt - ok

16:08:15.0421 2684 [ 9A883C3C4D91292C0D09DE7C728E781C ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

16:08:15.0484 2684 ialm - ok

16:08:15.0656 2684 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

16:08:15.0656 2684 IDriverT - ok

16:08:15.0750 2684 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

16:08:15.0828 2684 idsvc - ok

16:08:15.0875 2684 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\drivers\Imapi.sys

16:08:15.0890 2684 Imapi - ok

16:08:15.0937 2684 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\Imapi.exe

16:08:15.0937 2684 ImapiService - ok

16:08:15.0968 2684 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys

16:08:15.0968 2684 ini910u - ok

16:08:16.0078 2684 [ 7509C548400F4C9E0211E3F6E66ABBE6 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys

16:08:16.0109 2684 IntelC51 - ok

16:08:16.0171 2684 [ 9584FFDD41D37F2C239681D0DAC2513E ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys

16:08:16.0218 2684 IntelC52 - ok

16:08:16.0250 2684 [ CF0B937710CEC6EF39416EDECD803CBB ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys

16:08:16.0265 2684 IntelC53 - ok

16:08:16.0359 2684 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys

16:08:16.0359 2684 IntelIde - ok

16:08:16.0406 2684 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

16:08:16.0406 2684 intelppm - ok

16:08:16.0437 2684 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

16:08:16.0453 2684 Ip6Fw - ok

16:08:16.0500 2684 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

16:08:16.0500 2684 IpFilterDriver - ok

16:08:16.0546 2684 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

16:08:16.0546 2684 IpInIp - ok

16:08:16.0625 2684 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

16:08:16.0625 2684 IpNat - ok

16:08:16.0687 2684 [ 1CB96E83FD76EB5580451CEF29E24303 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

16:08:16.0718 2684 iPod Service - ok

16:08:16.0750 2684 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

16:08:16.0750 2684 IPSec - ok

16:08:16.0796 2684 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

16:08:16.0796 2684 IRENUM - ok

16:08:16.0843 2684 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

16:08:16.0859 2684 isapnp - ok

16:08:16.0875 2684 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

16:08:16.0875 2684 Kbdclass - ok

16:08:16.0906 2684 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

16:08:16.0906 2684 kbdhid - ok

16:08:16.0953 2684 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

16:08:16.0953 2684 kmixer - ok

16:08:17.0000 2684 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

16:08:17.0000 2684 KSecDD - ok

16:08:17.0062 2684 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

16:08:17.0062 2684 lanmanserver - ok

16:08:17.0125 2684 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

16:08:17.0140 2684 lanmanworkstation - ok

16:08:17.0156 2684 lbrtfdc - ok

16:08:17.0218 2684 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

16:08:17.0218 2684 LmHosts - ok

16:08:17.0234 2684 lxcc_device - ok

16:08:17.0296 2684 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

16:08:17.0296 2684 Messenger - ok

16:08:17.0359 2684 [ 0A35AD036DE912858A1C5E9637840724 ] mmc_2K C:\WINDOWS\system32\drivers\mmc_2K.sys

16:08:17.0406 2684 mmc_2K - ok

16:08:17.0437 2684 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

16:08:17.0437 2684 mnmdd - ok

16:08:17.0500 2684 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

16:08:17.0500 2684 mnmsrvc - ok

16:08:17.0562 2684 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

16:08:17.0562 2684 Modem - ok

16:08:17.0609 2684 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys

16:08:17.0609 2684 MODEMCSA - ok

16:08:17.0625 2684 [ 59B8B11FF70728EEC60E72131C58B716 ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys

16:08:17.0625 2684 mohfilt - ok

16:08:17.0671 2684 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

16:08:17.0671 2684 Mouclass - ok

16:08:17.0718 2684 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

16:08:17.0718 2684 mouhid - ok

16:08:17.0750 2684 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

16:08:17.0750 2684 MountMgr - ok

16:08:17.0828 2684 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

16:08:17.0828 2684 MozillaMaintenance - ok

16:08:17.0890 2684 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

16:08:17.0906 2684 MpFilter - ok

16:08:17.0953 2684 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys

16:08:17.0953 2684 mraid35x - ok

16:08:17.0984 2684 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

16:08:18.0000 2684 MRxDAV - ok

16:08:18.0062 2684 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

16:08:18.0078 2684 MRxSmb - ok

16:08:18.0109 2684 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

16:08:18.0125 2684 MSDTC - ok

16:08:18.0187 2684 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

16:08:18.0187 2684 Msfs - ok

16:08:18.0203 2684 MSIServer - ok

16:08:18.0250 2684 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

16:08:18.0250 2684 MSKSSRV - ok

16:08:18.0328 2684 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

16:08:18.0343 2684 MsMpSvc - ok

16:08:18.0390 2684 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

16:08:18.0390 2684 MSPCLOCK - ok

16:08:18.0421 2684 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

16:08:18.0421 2684 MSPQM - ok

16:08:18.0468 2684 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

16:08:18.0468 2684 mssmbios - ok

16:08:18.0515 2684 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

16:08:18.0515 2684 Mup - ok

16:08:18.0609 2684 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

16:08:18.0656 2684 napagent - ok

16:08:18.0734 2684 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

16:08:18.0734 2684 NDIS - ok

16:08:18.0796 2684 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

16:08:18.0796 2684 NdisTapi - ok

16:08:18.0843 2684 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

16:08:18.0843 2684 Ndisuio - ok

16:08:18.0875 2684 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

16:08:18.0875 2684 NdisWan - ok

16:08:18.0937 2684 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

16:08:18.0937 2684 NDProxy - ok

16:08:18.0953 2684 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

16:08:18.0968 2684 NetBIOS - ok

16:08:19.0000 2684 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

16:08:19.0015 2684 NetBT - ok

16:08:19.0046 2684 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

16:08:19.0062 2684 NetDDE - ok

16:08:19.0078 2684 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

16:08:19.0078 2684 NetDDEdsdm - ok

16:08:19.0125 2684 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

16:08:19.0125 2684 Netlogon - ok

16:08:19.0171 2684 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

16:08:19.0171 2684 Netman - ok

16:08:19.0312 2684 [ 02D0798F376FCBD0210EDA58476D0B1B ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

16:08:19.0453 2684 NetSvc - ok

16:08:19.0515 2684 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:08:19.0515 2684 NetTcpPortSharing - ok

16:08:19.0562 2684 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

16:08:19.0562 2684 Nla - ok

16:08:19.0640 2684 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

16:08:19.0640 2684 Npfs - ok

16:08:19.0687 2684 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

16:08:19.0718 2684 Ntfs - ok

16:08:19.0734 2684 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

16:08:19.0734 2684 NtLmSsp - ok

16:08:19.0796 2684 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

16:08:19.0828 2684 NtmsSvc - ok

16:08:19.0843 2684 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

16:08:19.0843 2684 Null - ok

16:08:19.0937 2684 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

16:08:20.0015 2684 nv - ok

16:08:20.0062 2684 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

16:08:20.0062 2684 NwlnkFlt - ok

16:08:20.0093 2684 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

16:08:20.0093 2684 NwlnkFwd - ok

16:08:20.0156 2684 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

16:08:20.0156 2684 Parport - ok

16:08:20.0187 2684 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

16:08:20.0203 2684 PartMgr - ok

16:08:20.0250 2684 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

16:08:20.0250 2684 ParVdm - ok

16:08:20.0281 2684 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

16:08:20.0296 2684 PCI - ok

16:08:20.0312 2684 PCIDump - ok

16:08:20.0343 2684 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

16:08:20.0359 2684 PCIIde - ok

16:08:20.0406 2684 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

16:08:20.0406 2684 Pcmcia - ok

16:08:20.0421 2684 PDCOMP - ok

16:08:20.0437 2684 PDFRAME - ok

16:08:20.0468 2684 PDRELI - ok

16:08:20.0484 2684 PDRFRAME - ok

16:08:20.0515 2684 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys

16:08:20.0515 2684 perc2 - ok

16:08:20.0546 2684 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys

16:08:20.0546 2684 perc2hib - ok

16:08:20.0609 2684 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

16:08:20.0609 2684 PlugPlay - ok

16:08:20.0640 2684 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

16:08:20.0640 2684 PolicyAgent - ok

16:08:20.0687 2684 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

16:08:20.0687 2684 PptpMiniport - ok

16:08:20.0703 2684 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

16:08:20.0703 2684 ProtectedStorage - ok

16:08:20.0734 2684 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

16:08:20.0734 2684 PSched - ok

16:08:20.0796 2684 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

16:08:20.0796 2684 Ptilink - ok

16:08:20.0828 2684 [ 1840112F3F3B7ECE84DBBD93A70C4135 ] pwd_2K C:\WINDOWS\system32\drivers\pwd_2K.sys

16:08:20.0890 2684 pwd_2K - ok

16:08:20.0953 2684 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

16:08:20.0953 2684 PxHelp20 - ok

16:08:21.0015 2684 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys

16:08:21.0015 2684 ql1080 - ok

16:08:21.0046 2684 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

16:08:21.0046 2684 Ql10wnt - ok

16:08:21.0078 2684 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys

16:08:21.0078 2684 ql12160 - ok

16:08:21.0093 2684 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys

16:08:21.0109 2684 ql1240 - ok

16:08:21.0125 2684 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys

16:08:21.0125 2684 ql1280 - ok

16:08:21.0156 2684 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

16:08:21.0171 2684 RasAcd - ok

16:08:21.0234 2684 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

16:08:21.0234 2684 RasAuto - ok

16:08:21.0281 2684 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

16:08:21.0296 2684 Rasl2tp - ok

16:08:21.0328 2684 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

16:08:21.0343 2684 RasMan - ok

16:08:21.0375 2684 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

16:08:21.0375 2684 RasPppoe - ok

16:08:21.0406 2684 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

16:08:21.0406 2684 Raspti - ok

16:08:21.0453 2684 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

16:08:21.0468 2684 Rdbss - ok

16:08:21.0500 2684 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

16:08:21.0500 2684 RDPCDD - ok

16:08:21.0562 2684 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

16:08:21.0562 2684 rdpdr - ok

16:08:21.0640 2684 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

16:08:21.0640 2684 RDPWD - ok

16:08:21.0687 2684 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

16:08:21.0687 2684 RDSessMgr - ok

16:08:21.0718 2684 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

16:08:21.0718 2684 redbook - ok

16:08:21.0750 2684 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

16:08:21.0750 2684 RemoteAccess - ok

16:08:21.0796 2684 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

16:08:21.0796 2684 RpcLocator - ok

16:08:21.0843 2684 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll

16:08:21.0843 2684 RpcSs - ok

16:08:21.0890 2684 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

16:08:21.0906 2684 RSVP - ok

16:08:21.0937 2684 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

16:08:21.0937 2684 SamSs - ok

16:08:22.0000 2684 [ 30D94039A729571146EB9D736EC1AADD ] SbcpHid C:\WINDOWS\system32\Drivers\SbcpHid.sys

16:08:22.0078 2684 SbcpHid - ok

16:08:22.0109 2684 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

16:08:22.0109 2684 SCardSvr - ok

16:08:22.0171 2684 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

16:08:22.0187 2684 Schedule - ok

16:08:22.0250 2684 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

16:08:22.0250 2684 Secdrv - ok

16:08:22.0296 2684 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

16:08:22.0296 2684 seclogon - ok

16:08:22.0390 2684 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys

16:08:22.0421 2684 senfilt - ok

16:08:22.0500 2684 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

16:08:22.0500 2684 SENS - ok

16:08:22.0562 2684 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

16:08:22.0562 2684 serenum - ok

16:08:22.0609 2684 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

16:08:22.0609 2684 Serial - ok

16:08:22.0656 2684 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

16:08:22.0656 2684 Sfloppy - ok

16:08:22.0703 2684 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

16:08:22.0718 2684 SharedAccess - ok

16:08:22.0765 2684 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

16:08:22.0765 2684 ShellHWDetection - ok

16:08:22.0781 2684 Simbad - ok

16:08:22.0812 2684 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys

16:08:22.0828 2684 sisagp - ok

16:08:22.0890 2684 [ C6D9959E493682F872A639B6EC1B4A08 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys

16:08:22.0906 2684 smwdm - ok

16:08:22.0968 2684 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS

16:08:22.0968 2684 SONYPVU1 - ok

16:08:23.0000 2684 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys

16:08:23.0000 2684 Sparrow - ok

16:08:23.0015 2684 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

16:08:23.0031 2684 splitter - ok

16:08:23.0062 2684 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

16:08:23.0078 2684 Spooler - ok

16:08:23.0156 2684 [ 7F1B7C4D446CD3F926AF45B8C48BD593 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys

16:08:23.0156 2684 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 7F1B7C4D446CD3F926AF45B8C48BD593

16:08:23.0156 2684 sptd ( LockedFile.Multi.Generic ) - warning

16:08:23.0156 2684 sptd - detected LockedFile.Multi.Generic (1)

16:08:23.0203 2684 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

16:08:23.0218 2684 sr - ok

16:08:23.0265 2684 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

16:08:23.0265 2684 srservice - ok

16:08:23.0343 2684 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

16:08:23.0359 2684 Srv - ok

16:08:23.0390 2684 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

16:08:23.0406 2684 SSDPSRV - ok

16:08:23.0468 2684 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

16:08:23.0515 2684 stisvc - ok

16:08:23.0562 2684 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

16:08:23.0562 2684 swenum - ok

16:08:23.0593 2684 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

16:08:23.0593 2684 swmidi - ok

16:08:23.0609 2684 SwPrv - ok

16:08:23.0656 2684 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys

16:08:23.0656 2684 symc810 - ok

16:08:23.0671 2684 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys

16:08:23.0671 2684 symc8xx - ok

16:08:23.0687 2684 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys

16:08:23.0687 2684 sym_hi - ok

16:08:23.0718 2684 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys

16:08:23.0718 2684 sym_u3 - ok

16:08:23.0765 2684 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

16:08:23.0765 2684 sysaudio - ok

16:08:23.0796 2684 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

16:08:23.0812 2684 SysmonLog - ok

16:08:23.0843 2684 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

16:08:23.0843 2684 TapiSrv - ok

16:08:23.0906 2684 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

16:08:23.0921 2684 Tcpip - ok

16:08:23.0968 2684 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

16:08:23.0968 2684 TDPIPE - ok

16:08:24.0015 2684 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

16:08:24.0015 2684 TDTCP - ok

16:08:24.0078 2684 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

16:08:24.0078 2684 TermDD - ok

16:08:24.0140 2684 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

16:08:24.0187 2684 TermService - ok

16:08:24.0234 2684 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

16:08:24.0234 2684 Themes - ok

16:08:24.0312 2684 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys

16:08:24.0312 2684 TosIde - ok

16:08:24.0359 2684 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

16:08:24.0359 2684 TrkWks - ok

16:08:24.0421 2684 [ E1B5BFBA7F1CDE1FC28934639E83B3CF ] UdfReadr_xp C:\WINDOWS\system32\drivers\UdfReadr_xp.sys

16:08:24.0484 2684 UdfReadr_xp - ok

16:08:24.0531 2684 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

16:08:24.0531 2684 Udfs - ok

16:08:24.0562 2684 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys

16:08:24.0562 2684 ultra - ok

16:08:24.0625 2684 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

16:08:24.0640 2684 Update - ok

16:08:24.0687 2684 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

16:08:24.0687 2684 upnphost - ok

16:08:24.0718 2684 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

16:08:24.0718 2684 UPS - ok

16:08:24.0734 2684 USBAAPL - ok

16:08:24.0765 2684 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys

16:08:24.0781 2684 usbaudio - ok

16:08:24.0812 2684 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

16:08:24.0828 2684 usbccgp - ok

16:08:24.0843 2684 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

16:08:24.0843 2684 usbehci - ok

16:08:24.0875 2684 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

16:08:24.0890 2684 usbhub - ok

16:08:24.0906 2684 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

16:08:24.0906 2684 usbprint - ok

16:08:24.0937 2684 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

16:08:24.0953 2684 usbscan - ok

16:08:24.0984 2684 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

16:08:24.0984 2684 USBSTOR - ok

16:08:25.0015 2684 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

16:08:25.0015 2684 usbuhci - ok

16:08:25.0062 2684 [ D3986793DEDC6BB93DB4DA5A793E42CE ] UxTuneUp C:\WINDOWS\System32\uxtuneup.dll

16:08:25.0062 2684 UxTuneUp - ok

16:08:25.0125 2684 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

16:08:25.0125 2684 VgaSave - ok

16:08:25.0171 2684 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys

16:08:25.0171 2684 viaagp - ok

16:08:25.0203 2684 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys

16:08:25.0203 2684 ViaIde - ok

16:08:25.0281 2684 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

16:08:25.0281 2684 VolSnap - ok

16:08:25.0343 2684 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

16:08:25.0359 2684 VSS - ok

16:08:25.0390 2684 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll

16:08:25.0406 2684 w32time - ok

16:08:25.0468 2684 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

16:08:25.0468 2684 Wanarp - ok

16:08:25.0484 2684 wanatw - ok

16:08:25.0500 2684 WDICA - ok

16:08:25.0546 2684 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

16:08:25.0546 2684 wdmaud - ok

16:08:25.0593 2684 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

16:08:25.0593 2684 WebClient - ok

16:08:25.0703 2684 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

16:08:25.0703 2684 winmgmt - ok

16:08:25.0765 2684 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

16:08:25.0765 2684 WmdmPmSN - ok

16:08:25.0812 2684 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

16:08:25.0828 2684 WmiApSrv - ok

16:08:25.0953 2684 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

16:08:26.0015 2684 WMPNetworkSvc - ok

16:08:26.0031 2684 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

16:08:26.0046 2684 WS2IFSL - ok

16:08:26.0078 2684 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

16:08:26.0093 2684 wscsvc - ok

16:08:26.0140 2684 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

16:08:26.0140 2684 wuauserv - ok

16:08:26.0218 2684 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

16:08:26.0218 2684 WudfPf - ok

16:08:26.0281 2684 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

16:08:26.0281 2684 WudfRd - ok

16:08:26.0328 2684 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

16:08:26.0328 2684 WudfSvc - ok

16:08:26.0406 2684 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

16:08:26.0437 2684 WZCSVC - ok

16:08:26.0468 2684 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

16:08:26.0484 2684 xmlprov - ok

16:08:26.0500 2684 ================ Scan global ===============================

16:08:26.0546 2684 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

16:08:26.0625 2684 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

16:08:26.0718 2684 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

16:08:26.0750 2684 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

16:08:26.0750 2684 [Global] - ok

16:08:26.0750 2684 ================ Scan MBR ==================================

16:08:26.0781 2684 [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0

16:08:26.0968 2684 \Device\Harddisk0\DR0 - ok

16:08:26.0984 2684 ================ Scan VBR ==================================

16:08:26.0984 2684 [ F1E789B7E2561AAEE3E8BEFAE321566F ] \Device\Harddisk0\DR0\Partition1

16:08:26.0984 2684 \Device\Harddisk0\DR0\Partition1 - ok

16:08:27.0000 2684 ============================================================

16:08:27.0000 2684 Scan finished

16:08:27.0000 2684 ============================================================

16:08:27.0031 3936 Detected object count: 1

16:08:27.0031 3936 Actual detected object count: 1

16:13:35.0812 3936 sptd ( LockedFile.Multi.Generic ) - skipped by user

16:13:35.0812 3936 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

16:07:05.0468 0860 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

16:07:06.0078 0860 ============================================================

16:07:06.0078 0860 Current date / time: 2012/12/04 16:07:06.0078

16:07:06.0078 0860 SystemInfo:

16:07:06.0078 0860

16:07:06.0078 0860 OS Version: 5.1.2600 ServicePack: 3.0

16:07:06.0078 0860 Product type: Workstation

16:07:06.0078 0860 ComputerName: RUSTY

16:07:06.0078 0860 UserName: Laurel

16:07:06.0078 0860 Windows directory: C:\WINDOWS

16:07:06.0078 0860 System windows directory: C:\WINDOWS

16:07:06.0078 0860 Processor architecture: Intel x86

16:07:06.0078 0860 Number of processors: 1

16:07:06.0078 0860 Page size: 0x1000

16:07:06.0078 0860 Boot type: Normal boot

16:07:06.0078 0860 ============================================================

16:07:09.0140 0860 Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

16:07:09.0140 0860 ============================================================

16:07:09.0140 0860 \Device\Harddisk0\DR0:

16:07:09.0140 0860 MBR partitions:

16:07:09.0140 0860 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x445C7EE

16:07:09.0140 0860 ============================================================

16:07:09.0218 0860 C: <-> \Device\Harddisk0\DR0\Partition1

16:07:09.0218 0860 ============================================================

16:07:09.0218 0860 Initialize success

16:07:09.0218 0860 ============================================================

16:08:08.0796 2684 ============================================================

16:08:08.0796 2684 Scan started

16:08:08.0796 2684 Mode: Manual;

16:08:08.0796 2684 ============================================================

16:08:09.0906 2684 ================ Scan system memory ========================

16:08:09.0906 2684 System memory - ok

16:08:09.0921 2684 ================ Scan services =============================

16:08:10.0062 2684 Abiosdsk - ok

16:08:10.0125 2684 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

16:08:10.0125 2684 abp480n5 - ok

16:08:10.0187 2684 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

16:08:10.0187 2684 ACPI - ok

16:08:10.0250 2684 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

16:08:10.0250 2684 ACPIEC - ok

16:08:10.0390 2684 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

16:08:10.0390 2684 AdobeFlashPlayerUpdateSvc - ok

16:08:10.0437 2684 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys

16:08:10.0437 2684 adpu160m - ok

16:08:10.0484 2684 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

16:08:10.0484 2684 aec - ok

16:08:10.0531 2684 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

16:08:10.0531 2684 AFD - ok

16:08:10.0578 2684 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys

16:08:10.0578 2684 agp440 - ok

16:08:10.0593 2684 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

16:08:10.0593 2684 agpCPQ - ok

16:08:10.0656 2684 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys

16:08:10.0656 2684 Aha154x - ok

16:08:10.0687 2684 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys

16:08:10.0687 2684 aic78u2 - ok

16:08:10.0703 2684 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys

16:08:10.0703 2684 aic78xx - ok

16:08:10.0750 2684 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

16:08:10.0750 2684 Alerter - ok

16:08:10.0765 2684 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

16:08:10.0765 2684 ALG - ok

16:08:10.0812 2684 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys

16:08:10.0812 2684 AliIde - ok

16:08:10.0843 2684 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys

16:08:10.0843 2684 alim1541 - ok

16:08:10.0875 2684 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys

16:08:10.0875 2684 amdagp - ok

16:08:10.0890 2684 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys

16:08:10.0890 2684 amsint - ok

16:08:10.0906 2684 AppMgmt - ok

16:08:10.0937 2684 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys

16:08:10.0953 2684 asc - ok

16:08:10.0968 2684 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys

16:08:10.0968 2684 asc3350p - ok

16:08:10.0984 2684 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys

16:08:10.0984 2684 asc3550 - ok

16:08:11.0031 2684 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys

16:08:11.0093 2684 ASCTRM - ok

16:08:11.0250 2684 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

16:08:11.0250 2684 aspnet_state - ok

16:08:11.0312 2684 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

16:08:11.0312 2684 AsyncMac - ok

16:08:11.0343 2684 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

16:08:11.0359 2684 atapi - ok

16:08:11.0375 2684 Atdisk - ok

16:08:11.0421 2684 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

16:08:11.0437 2684 Atmarpc - ok

16:08:11.0484 2684 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

16:08:11.0484 2684 AudioSrv - ok

16:08:11.0546 2684 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

16:08:11.0546 2684 audstub - ok

16:08:11.0578 2684 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

16:08:11.0578 2684 Beep - ok

16:08:11.0625 2684 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

16:08:11.0640 2684 BITS - ok

16:08:11.0765 2684 [ 5AB58C337AC65837FE404462AD6265AB ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

16:08:11.0781 2684 Bonjour Service - ok

16:08:11.0843 2684 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

16:08:11.0859 2684 Browser - ok

16:08:11.0875 2684 bvrp_pci - ok

16:08:11.0921 2684 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

16:08:11.0937 2684 cbidf - ok

16:08:11.0953 2684 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

16:08:11.0953 2684 cbidf2k - ok

16:08:12.0015 2684 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

16:08:12.0015 2684 cd20xrnt - ok

16:08:12.0031 2684 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

16:08:12.0031 2684 Cdaudio - ok

16:08:12.0078 2684 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

16:08:12.0078 2684 Cdfs - ok

16:08:12.0125 2684 [ BF79E659C506674C0497CC9C61F1A165 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys

16:08:12.0125 2684 Cdr4_xp - ok

16:08:12.0156 2684 [ 2C41CD49D82D5FD85C72D57B6CA25471 ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys

16:08:12.0156 2684 Cdralw2k - ok

16:08:12.0187 2684 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

16:08:12.0187 2684 Cdrom - ok

16:08:12.0265 2684 [ 8C7746ACDE6225A46B58ED7AE09EC166 ] cdudf_xp C:\WINDOWS\system32\drivers\cdudf_xp.sys

16:08:12.0359 2684 cdudf_xp - ok

16:08:12.0390 2684 Changer - ok

16:08:12.0437 2684 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

16:08:12.0437 2684 CiSvc - ok

16:08:12.0468 2684 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

16:08:12.0484 2684 ClipSrv - ok

16:08:12.0531 2684 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:08:12.0531 2684 clr_optimization_v2.0.50727_32 - ok

16:08:12.0593 2684 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys

16:08:12.0593 2684 CmdIde - ok

16:08:12.0609 2684 COMSysApp - ok

16:08:12.0656 2684 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys

16:08:12.0656 2684 Cpqarray - ok

16:08:12.0703 2684 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

16:08:12.0703 2684 CryptSvc - ok

16:08:12.0765 2684 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

16:08:12.0765 2684 dac2w2k - ok

16:08:12.0796 2684 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys

16:08:12.0812 2684 dac960nt - ok

16:08:12.0875 2684 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

16:08:12.0890 2684 DcomLaunch - ok

16:08:12.0937 2684 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

16:08:12.0937 2684 Dhcp - ok

16:08:12.0968 2684 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

16:08:12.0968 2684 Disk - ok

16:08:12.0984 2684 dmadmin - ok

16:08:13.0031 2684 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

16:08:13.0062 2684 dmboot - ok

16:08:13.0109 2684 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

16:08:13.0109 2684 dmio - ok

16:08:13.0171 2684 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

16:08:13.0171 2684 dmload - ok

16:08:13.0250 2684 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

16:08:13.0250 2684 dmserver - ok

16:08:13.0312 2684 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

16:08:13.0312 2684 DMusic - ok

16:08:13.0375 2684 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

16:08:13.0375 2684 Dnscache - ok

16:08:13.0500 2684 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

16:08:13.0546 2684 Dot3svc - ok

16:08:13.0578 2684 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys

16:08:13.0578 2684 dpti2o - ok

16:08:13.0593 2684 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

16:08:13.0609 2684 drmkaud - ok

16:08:13.0656 2684 [ 800DE2DFA19DB3FD87AA95308BA0C17B ] dvd_2K C:\WINDOWS\system32\drivers\dvd_2K.sys

16:08:13.0687 2684 dvd_2K - ok

16:08:13.0750 2684 [ 7D91DC6342248369F94D6EBA0CF42E99 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys

16:08:13.0750 2684 E100B - ok

16:08:13.0796 2684 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

16:08:13.0812 2684 EapHost - ok

16:08:13.0843 2684 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

16:08:13.0843 2684 ERSvc - ok

16:08:13.0890 2684 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

16:08:13.0890 2684 Eventlog - ok

16:08:13.0953 2684 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

16:08:13.0953 2684 EventSystem - ok

16:08:14.0078 2684 [ E081184B8A58DC49BFE2200D56C297B2 ] F-Secure BlackLight Sensor C:\WINDOWS\TEMP\F-Secure\Anti-Virus\fsblsrv.exe

16:08:14.0078 2684 F-Secure BlackLight Sensor - ok

16:08:14.0125 2684 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

16:08:14.0125 2684 Fastfat - ok

16:08:14.0203 2684 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

16:08:14.0203 2684 FastUserSwitchingCompatibility - ok

16:08:14.0265 2684 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe

16:08:14.0281 2684 Fax - ok

16:08:14.0296 2684 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

16:08:14.0296 2684 Fdc - ok

16:08:14.0343 2684 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

16:08:14.0343 2684 Fips - ok

16:08:14.0390 2684 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

16:08:14.0390 2684 Flpydisk - ok

16:08:14.0437 2684 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

16:08:14.0453 2684 FltMgr - ok

16:08:14.0515 2684 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

16:08:14.0531 2684 FontCache3.0.0.0 - ok

16:08:14.0578 2684 fsbl - ok

16:08:14.0609 2684 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

16:08:14.0609 2684 Fs_Rec - ok

16:08:14.0640 2684 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

16:08:14.0640 2684 Ftdisk - ok

16:08:14.0687 2684 [ 72FE2BEA6863D4EB93442A1C4FB5CA48 ] GcKernel C:\WINDOWS\system32\DRIVERS\GcKernel.sys

16:08:14.0687 2684 GcKernel - ok

16:08:14.0734 2684 [ 5DC17164F66380CBFEFD895C18467773 ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys

16:08:14.0734 2684 GEARAspiWDM - ok

16:08:14.0765 2684 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

16:08:14.0781 2684 Gpc - ok

16:08:14.0859 2684 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

16:08:14.0859 2684 helpsvc - ok

16:08:14.0906 2684 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

16:08:14.0906 2684 HidServ - ok

16:08:14.0968 2684 [ BD205320308FB41C88A4049A2D1764B4 ] HIDSwvd C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys

16:08:14.0968 2684 HIDSwvd - ok

16:08:15.0000 2684 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

16:08:15.0000 2684 HidUsb - ok

16:08:15.0046 2684 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

16:08:15.0046 2684 hkmsvc - ok

16:08:15.0078 2684 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys

16:08:15.0078 2684 hpn - ok

16:08:15.0140 2684 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

16:08:15.0140 2684 HTTP - ok

16:08:15.0187 2684 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

16:08:15.0187 2684 HTTPFilter - ok

16:08:15.0250 2684 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys

16:08:15.0250 2684 i2omgmt - ok

16:08:15.0281 2684 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys

16:08:15.0281 2684 i2omp - ok

16:08:15.0328 2684 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

16:08:15.0328 2684 i8042prt - ok

16:08:15.0421 2684 [ 9A883C3C4D91292C0D09DE7C728E781C ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

16:08:15.0484 2684 ialm - ok

16:08:15.0656 2684 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

16:08:15.0656 2684 IDriverT - ok

16:08:15.0750 2684 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

16:08:15.0828 2684 idsvc - ok

16:08:15.0875 2684 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\drivers\Imapi.sys

16:08:15.0890 2684 Imapi - ok

16:08:15.0937 2684 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\Imapi.exe

16:08:15.0937 2684 ImapiService - ok

16:08:15.0968 2684 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys

16:08:15.0968 2684 ini910u - ok

16:08:16.0078 2684 [ 7509C548400F4C9E0211E3F6E66ABBE6 ] IntelC51 C:\WINDOWS\system32\DRIVERS\IntelC51.sys

16:08:16.0109 2684 IntelC51 - ok

16:08:16.0171 2684 [ 9584FFDD41D37F2C239681D0DAC2513E ] IntelC52 C:\WINDOWS\system32\DRIVERS\IntelC52.sys

16:08:16.0218 2684 IntelC52 - ok

16:08:16.0250 2684 [ CF0B937710CEC6EF39416EDECD803CBB ] IntelC53 C:\WINDOWS\system32\DRIVERS\IntelC53.sys

16:08:16.0265 2684 IntelC53 - ok

16:08:16.0359 2684 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys

16:08:16.0359 2684 IntelIde - ok

16:08:16.0406 2684 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

16:08:16.0406 2684 intelppm - ok

16:08:16.0437 2684 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

16:08:16.0453 2684 Ip6Fw - ok

16:08:16.0500 2684 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

16:08:16.0500 2684 IpFilterDriver - ok

16:08:16.0546 2684 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

16:08:16.0546 2684 IpInIp - ok

16:08:16.0625 2684 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

16:08:16.0625 2684 IpNat - ok

16:08:16.0687 2684 [ 1CB96E83FD76EB5580451CEF29E24303 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

16:08:16.0718 2684 iPod Service - ok

16:08:16.0750 2684 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

16:08:16.0750 2684 IPSec - ok

16:08:16.0796 2684 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

16:08:16.0796 2684 IRENUM - ok

16:08:16.0843 2684 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

16:08:16.0859 2684 isapnp - ok

16:08:16.0875 2684 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

16:08:16.0875 2684 Kbdclass - ok

16:08:16.0906 2684 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

16:08:16.0906 2684 kbdhid - ok

16:08:16.0953 2684 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

16:08:16.0953 2684 kmixer - ok

16:08:17.0000 2684 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

16:08:17.0000 2684 KSecDD - ok

16:08:17.0062 2684 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

16:08:17.0062 2684 lanmanserver - ok

16:08:17.0125 2684 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

16:08:17.0140 2684 lanmanworkstation - ok

16:08:17.0156 2684 lbrtfdc - ok

16:08:17.0218 2684 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

16:08:17.0218 2684 LmHosts - ok

16:08:17.0234 2684 lxcc_device - ok

16:08:17.0296 2684 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

16:08:17.0296 2684 Messenger - ok

16:08:17.0359 2684 [ 0A35AD036DE912858A1C5E9637840724 ] mmc_2K C:\WINDOWS\system32\drivers\mmc_2K.sys

16:08:17.0406 2684 mmc_2K - ok

16:08:17.0437 2684 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

16:08:17.0437 2684 mnmdd - ok

16:08:17.0500 2684 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

16:08:17.0500 2684 mnmsrvc - ok

16:08:17.0562 2684 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

16:08:17.0562 2684 Modem - ok

16:08:17.0609 2684 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys

16:08:17.0609 2684 MODEMCSA - ok

16:08:17.0625 2684 [ 59B8B11FF70728EEC60E72131C58B716 ] mohfilt C:\WINDOWS\system32\DRIVERS\mohfilt.sys

16:08:17.0625 2684 mohfilt - ok

16:08:17.0671 2684 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

16:08:17.0671 2684 Mouclass - ok

16:08:17.0718 2684 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

16:08:17.0718 2684 mouhid - ok

16:08:17.0750 2684 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

16:08:17.0750 2684 MountMgr - ok

16:08:17.0828 2684 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

16:08:17.0828 2684 MozillaMaintenance - ok

16:08:17.0890 2684 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

16:08:17.0906 2684 MpFilter - ok

16:08:17.0953 2684 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys

16:08:17.0953 2684 mraid35x - ok

16:08:17.0984 2684 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

16:08:18.0000 2684 MRxDAV - ok

16:08:18.0062 2684 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

16:08:18.0078 2684 MRxSmb - ok

16:08:18.0109 2684 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

16:08:18.0125 2684 MSDTC - ok

16:08:18.0187 2684 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

16:08:18.0187 2684 Msfs - ok

16:08:18.0203 2684 MSIServer - ok

16:08:18.0250 2684 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

16:08:18.0250 2684 MSKSSRV - ok

16:08:18.0328 2684 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

16:08:18.0343 2684 MsMpSvc - ok

16:08:18.0390 2684 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

16:08:18.0390 2684 MSPCLOCK - ok

16:08:18.0421 2684 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

16:08:18.0421 2684 MSPQM - ok

16:08:18.0468 2684 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

16:08:18.0468 2684 mssmbios - ok

16:08:18.0515 2684 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

16:08:18.0515 2684 Mup - ok

16:08:18.0609 2684 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

16:08:18.0656 2684 napagent - ok

16:08:18.0734 2684 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

16:08:18.0734 2684 NDIS - ok

16:08:18.0796 2684 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

16:08:18.0796 2684 NdisTapi - ok

16:08:18.0843 2684 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

16:08:18.0843 2684 Ndisuio - ok

16:08:18.0875 2684 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

16:08:18.0875 2684 NdisWan - ok

16:08:18.0937 2684 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

16:08:18.0937 2684 NDProxy - ok

16:08:18.0953 2684 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

16:08:18.0968 2684 NetBIOS - ok

16:08:19.0000 2684 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

16:08:19.0015 2684 NetBT - ok

16:08:19.0046 2684 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

16:08:19.0062 2684 NetDDE - ok

16:08:19.0078 2684 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

16:08:19.0078 2684 NetDDEdsdm - ok

16:08:19.0125 2684 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

16:08:19.0125 2684 Netlogon - ok

16:08:19.0171 2684 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

16:08:19.0171 2684 Netman - ok

16:08:19.0312 2684 [ 02D0798F376FCBD0210EDA58476D0B1B ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

16:08:19.0453 2684 NetSvc - ok

16:08:19.0515 2684 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:08:19.0515 2684 NetTcpPortSharing - ok

16:08:19.0562 2684 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

16:08:19.0562 2684 Nla - ok

16:08:19.0640 2684 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

16:08:19.0640 2684 Npfs - ok

16:08:19.0687 2684 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

16:08:19.0718 2684 Ntfs - ok

16:08:19.0734 2684 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

16:08:19.0734 2684 NtLmSsp - ok

16:08:19.0796 2684 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

16:08:19.0828 2684 NtmsSvc - ok

16:08:19.0843 2684 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

16:08:19.0843 2684 Null - ok

16:08:19.0937 2684 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

16:08:20.0015 2684 nv - ok

16:08:20.0062 2684 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

16:08:20.0062 2684 NwlnkFlt - ok

16:08:20.0093 2684 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

16:08:20.0093 2684 NwlnkFwd - ok

16:08:20.0156 2684 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

16:08:20.0156 2684 Parport - ok

16:08:20.0187 2684 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

16:08:20.0203 2684 PartMgr - ok

16:08:20.0250 2684 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

16:08:20.0250 2684 ParVdm - ok

16:08:20.0281 2684 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

16:08:20.0296 2684 PCI - ok

16:08:20.0312 2684 PCIDump - ok

16:08:20.0343 2684 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

16:08:20.0359 2684 PCIIde - ok

16:08:20.0406 2684 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

16:08:20.0406 2684 Pcmcia - ok

16:08:20.0421 2684 PDCOMP - ok

16:08:20.0437 2684 PDFRAME - ok

16:08:20.0468 2684 PDRELI - ok

16:08:20.0484 2684 PDRFRAME - ok

16:08:20.0515 2684 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys

16:08:20.0515 2684 perc2 - ok

16:08:20.0546 2684 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys

16:08:20.0546 2684 perc2hib - ok

16:08:20.0609 2684 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

16:08:20.0609 2684 PlugPlay - ok

16:08:20.0640 2684 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

16:08:20.0640 2684 PolicyAgent - ok

16:08:20.0687 2684 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

16:08:20.0687 2684 PptpMiniport - ok

16:08:20.0703 2684 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

16:08:20.0703 2684 ProtectedStorage - ok

16:08:20.0734 2684 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

16:08:20.0734 2684 PSched - ok

16:08:20.0796 2684 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

16:08:20.0796 2684 Ptilink - ok

16:08:20.0828 2684 [ 1840112F3F3B7ECE84DBBD93A70C4135 ] pwd_2K C:\WINDOWS\system32\drivers\pwd_2K.sys

16:08:20.0890 2684 pwd_2K - ok

16:08:20.0953 2684 [ 1962166E0CEB740704F30FA55AD3D509 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

16:08:20.0953 2684 PxHelp20 - ok

16:08:21.0015 2684 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys

16:08:21.0015 2684 ql1080 - ok

16:08:21.0046 2684 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

16:08:21.0046 2684 Ql10wnt - ok

16:08:21.0078 2684 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys

16:08:21.0078 2684 ql12160 - ok

16:08:21.0093 2684 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys

16:08:21.0109 2684 ql1240 - ok

16:08:21.0125 2684 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys

16:08:21.0125 2684 ql1280 - ok

16:08:21.0156 2684 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

16:08:21.0171 2684 RasAcd - ok

16:08:21.0234 2684 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

16:08:21.0234 2684 RasAuto - ok

16:08:21.0281 2684 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

16:08:21.0296 2684 Rasl2tp - ok

16:08:21.0328 2684 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

16:08:21.0343 2684 RasMan - ok

16:08:21.0375 2684 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

16:08:21.0375 2684 RasPppoe - ok

16:08:21.0406 2684 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

16:08:21.0406 2684 Raspti - ok

16:08:21.0453 2684 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

16:08:21.0468 2684 Rdbss - ok

16:08:21.0500 2684 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

16:08:21.0500 2684 RDPCDD - ok

16:08:21.0562 2684 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

16:08:21.0562 2684 rdpdr - ok

16:08:21.0640 2684 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

16:08:21.0640 2684 RDPWD - ok

16:08:21.0687 2684 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

16:08:21.0687 2684 RDSessMgr - ok

16:08:21.0718 2684 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

16:08:21.0718 2684 redbook - ok

16:08:21.0750 2684 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

16:08:21.0750 2684 RemoteAccess - ok

16:08:21.0796 2684 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

16:08:21.0796 2684 RpcLocator - ok

16:08:21.0843 2684 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll

16:08:21.0843 2684 RpcSs - ok

16:08:21.0890 2684 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

16:08:21.0906 2684 RSVP - ok

16:08:21.0937 2684 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

16:08:21.0937 2684 SamSs - ok

16:08:22.0000 2684 [ 30D94039A729571146EB9D736EC1AADD ] SbcpHid C:\WINDOWS\system32\Drivers\SbcpHid.sys

16:08:22.0078 2684 SbcpHid - ok

16:08:22.0109 2684 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

16:08:22.0109 2684 SCardSvr - ok

16:08:22.0171 2684 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

16:08:22.0187 2684 Schedule - ok

16:08:22.0250 2684 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

16:08:22.0250 2684 Secdrv - ok

16:08:22.0296 2684 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

16:08:22.0296 2684 seclogon - ok

16:08:22.0390 2684 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys

16:08:22.0421 2684 senfilt - ok

16:08:22.0500 2684 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

16:08:22.0500 2684 SENS - ok

16:08:22.0562 2684 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

16:08:22.0562 2684 serenum - ok

16:08:22.0609 2684 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

16:08:22.0609 2684 Serial - ok

16:08:22.0656 2684 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

16:08:22.0656 2684 Sfloppy - ok

16:08:22.0703 2684 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

16:08:22.0718 2684 SharedAccess - ok

16:08:22.0765 2684 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

16:08:22.0765 2684 ShellHWDetection - ok

16:08:22.0781 2684 Simbad - ok

16:08:22.0812 2684 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys

16:08:22.0828 2684 sisagp - ok

16:08:22.0890 2684 [ C6D9959E493682F872A639B6EC1B4A08 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys

16:08:22.0906 2684 smwdm - ok

16:08:22.0968 2684 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS

16:08:22.0968 2684 SONYPVU1 - ok

16:08:23.0000 2684 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys

16:08:23.0000 2684 Sparrow - ok

16:08:23.0015 2684 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

16:08:23.0031 2684 splitter - ok

16:08:23.0062 2684 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

16:08:23.0078 2684 Spooler - ok

16:08:23.0156 2684 [ 7F1B7C4D446CD3F926AF45B8C48BD593 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys

16:08:23.0156 2684 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 7F1B7C4D446CD3F926AF45B8C48BD593

16:08:23.0156 2684 sptd ( LockedFile.Multi.Generic ) - warning

16:08:23.0156 2684 sptd - detected LockedFile.Multi.Generic (1)

16:08:23.0203 2684 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

16:08:23.0218 2684 sr - ok

16:08:23.0265 2684 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

16:08:23.0265 2684 srservice - ok

16:08:23.0343 2684 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

16:08:23.0359 2684 Srv - ok

16:08:23.0390 2684 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

16:08:23.0406 2684 SSDPSRV - ok

16:08:23.0468 2684 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

16:08:23.0515 2684 stisvc - ok

16:08:23.0562 2684 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

16:08:23.0562 2684 swenum - ok

16:08:23.0593 2684 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

16:08:23.0593 2684 swmidi - ok

16:08:23.0609 2684 SwPrv - ok

16:08:23.0656 2684 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys

16:08:23.0656 2684 symc810 - ok

16:08:23.0671 2684 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys

16:08:23.0671 2684 symc8xx - ok

16:08:23.0687 2684 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys

16:08:23.0687 2684 sym_hi - ok

16:08:23.0718 2684 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys

16:08:23.0718 2684 sym_u3 - ok

16:08:23.0765 2684 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

16:08:23.0765 2684 sysaudio - ok

16:08:23.0796 2684 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

16:08:23.0812 2684 SysmonLog - ok

16:08:23.0843 2684 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

16:08:23.0843 2684 TapiSrv - ok

16:08:23.0906 2684 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

16:08:23.0921 2684 Tcpip - ok

16:08:23.0968 2684 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

16:08:23.0968 2684 TDPIPE - ok

16:08:24.0015 2684 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

16:08:24.0015 2684 TDTCP - ok

16:08:24.0078 2684 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

16:08:24.0078 2684 TermDD - ok

16:08:24.0140 2684 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

16:08:24.0187 2684 TermService - ok

16:08:24.0234 2684 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

16:08:24.0234 2684 Themes - ok

16:08:24.0312 2684 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys

16:08:24.0312 2684 TosIde - ok

16:08:24.0359 2684 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

16:08:24.0359 2684 TrkWks - ok

16:08:24.0421 2684 [ E1B5BFBA7F1CDE1FC28934639E83B3CF ] UdfReadr_xp C:\WINDOWS\system32\drivers\UdfReadr_xp.sys

16:08:24.0484 2684 UdfReadr_xp - ok

16:08:24.0531 2684 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

16:08:24.0531 2684 Udfs - ok

16:08:24.0562 2684 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys

16:08:24.0562 2684 ultra - ok

16:08:24.0625 2684 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

16:08:24.0640 2684 Update - ok

16:08:24.0687 2684 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

16:08:24.0687 2684 upnphost - ok

16:08:24.0718 2684 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

16:08:24.0718 2684 UPS - ok

16:08:24.0734 2684 USBAAPL - ok

16:08:24.0765 2684 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys

16:08:24.0781 2684 usbaudio - ok

16:08:24.0812 2684 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

16:08:24.0828 2684 usbccgp - ok

16:08:24.0843 2684 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

16:08:24.0843 2684 usbehci - ok

16:08:24.0875 2684 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

16:08:24.0890 2684 usbhub - ok

16:08:24.0906 2684 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

16:08:24.0906 2684 usbprint - ok

16:08:24.0937 2684 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

16:08:24.0953 2684 usbscan - ok

16:08:24.0984 2684 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

16:08:24.0984 2684 USBSTOR - ok

16:08:25.0015 2684 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

16:08:25.0015 2684 usbuhci - ok

16:08:25.0062 2684 [ D3986793DEDC6BB93DB4DA5A793E42CE ] UxTuneUp C:\WINDOWS\System32\uxtuneup.dll

16:08:25.0062 2684 UxTuneUp - ok

16:08:25.0125 2684 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

16:08:25.0125 2684 VgaSave - ok

16:08:25.0171 2684 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys

16:08:25.0171 2684 viaagp - ok

16:08:25.0203 2684 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys

16:08:25.0203 2684 ViaIde - ok

16:08:25.0281 2684 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

16:08:25.0281 2684 VolSnap - ok

16:08:25.0343 2684 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

16:08:25.0359 2684 VSS - ok

16:08:25.0390 2684 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll

16:08:25.0406 2684 w32time - ok

16:08:25.0468 2684 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

16:08:25.0468 2684 Wanarp - ok

16:08:25.0484 2684 wanatw - ok

16:08:25.0500 2684 WDICA - ok

16:08:25.0546 2684 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

16:08:25.0546 2684 wdmaud - ok

16:08:25.0593 2684 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

16:08:25.0593 2684 WebClient - ok

16:08:25.0703 2684 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

16:08:25.0703 2684 winmgmt - ok

16:08:25.0765 2684 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

16:08:25.0765 2684 WmdmPmSN - ok

16:08:25.0812 2684 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

16:08:25.0828 2684 WmiApSrv - ok

16:08:25.0953 2684 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

16:08:26.0015 2684 WMPNetworkSvc - ok

16:08:26.0031 2684 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

16:08:26.0046 2684 WS2IFSL - ok

16:08:26.0078 2684 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

16:08:26.0093 2684 wscsvc - ok

16:08:26.0140 2684 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

16:08:26.0140 2684 wuauserv - ok

16:08:26.0218 2684 [ EAA6324F51214D2F6718977EC9CE0DEF ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

16:08:26.0218 2684 WudfPf - ok

16:08:26.0281 2684 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

16:08:26.0281 2684 WudfRd - ok

16:08:26.0328 2684 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

16:08:26.0328 2684 WudfSvc - ok

16:08:26.0406 2684 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

16:08:26.0437 2684 WZCSVC - ok

16:08:26.0468 2684 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

16:08:26.0484 2684 xmlprov - ok

16:08:26.0500 2684 ================ Scan global ===============================

16:08:26.0546 2684 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

16:08:26.0625 2684 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

16:08:26.0718 2684 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

16:08:26.0750 2684 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

16:08:26.0750 2684 [Global] - ok

16:08:26.0750 2684 ================ Scan MBR ==================================

16:08:26.0781 2684 [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0

16:08:26.0968 2684 \Device\Harddisk0\DR0 - ok

16:08:26.0984 2684 ================ Scan VBR ==================================

16:08:26.0984 2684 [ F1E789B7E2561AAEE3E8BEFAE321566F ] \Device\Harddisk0\DR0\Partition1

16:08:26.0984 2684 \Device\Harddisk0\DR0\Partition1 - ok

16:08:27.0000 2684 ============================================================

16:08:27.0000 2684 Scan finished

16:08:27.0000 2684 ============================================================

16:08:27.0031 3936 Detected object count: 1

16:08:27.0031 3936 Actual detected object count: 1

16:13:35.0812 3936 sptd ( LockedFile.Multi.Generic ) - skipped by user

16:13:35.0812 3936 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

December 3, 2012

checkup.txt:

Results of screen317's Security Check version 0.99.56

Windows XP Service Pack 3 x86

Internet Explorer 7 Out of date!

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

ESET Online Scanner v3

Microsoft Security Essentials

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.62.0.1300

TuneUp Utilities 2007

Java 6 Update 31

Java version out of Date!

Adobe Flash Player 9 Flash Player out of Date!

Adobe Flash Player 11.4.402.287

Adobe Reader 9 Adobe Reader out of Date!

Mozilla Firefox 16.0.2 Firefox out of Date!

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 39% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

December 3, 2012

RogueKiller:

RogueKiller V8.3.1 [Dec 2 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : Laurel [Admin rights]

Mode : Scan -- Date : 12/03/2012 15:00:07

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST340014A +++++

--- User ---

[MBR] ac3c79f542f12c1061531a0e14fa2945

[bSP] b72667633f4c7c2babf1970635a88ab8 : MBR Code unknown

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 80325 | Size: 35000 Mo

2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 71762355 | Size: 3098 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_12032012_02d1500.txt >>

RKreport[1]_S_12032012_02d1500.txt

December 3, 2012

I ran the BitDefender scan in IE and it said "Good news! We found no active infections on your PC!" with no option to view a log.

December 3, 2012

info.txt:

info.txt logfile of random's system information tool 1.09 2012-12-03 14:27:17

======Uninstall list======

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNNMP.exe /UNINSTALL

-->C:\WINDOWS\UNNVEContent.exe /UNINSTALL

-->MsiExec.exe /I{403EF592-953B-4794-BCEF-ECAB835C2095}

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -maintain plugin

Adobe Flash Player 9 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete

Adobe Reader 9.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}

Adobe Shockwave Player-->C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log

Apple Application Support-->MsiExec.exe /I{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}

Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe"

Barbarossa Kampagne Version 2.0-->"C:\Program Files\Ubi Soft\IL2 Sturmovik\unins000.exe"

BIG-IP Edge Client Components (All Users)-->"C:\Documents and Settings\All Users\Application Data\F5 Networks\f5unistall.exe" /uninstall

Bonjour Print Services-->MsiExec.exe /I{9D210D79-AEC5-453B-960C-4DD2C73931E1}

Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}

Canadian Pacific Alco C630 Locomotives-->MsiExec.exe /I{7B40232B-C068-4E3A-A4BA-F7CBD5BB0B95}

Canadian Pacific Holiday Train-->MsiExec.exe /I{7235275B-B4A9-43E0-8C05-86734380E63E}

CD Box Labeler Pro-->"C:\Program Files\Green Point Software\CD Box Labeler Pro\unins000.exe"

CPR AC4400 9590-->MsiExec.exe /I{28644560-6A34-4D36-B016-C49A17D96901}

CPR CLC-FM Locomotive Pack-->MsiExec.exe /I{E005E648-37A3-48DE-AEBB-EFE7337E5073}

CPR GP38 3012-->MsiExec.exe /I{68946AFE-50D4-44CF-A495-F31D31ABC519}

CPR Green Goat GG20B locomotives-->MsiExec.exe /I{D61CED72-63CA-403D-B330-8C98648802E7}

CPR Heritage RSD17-->MsiExec.exe /I{C12B8127-0D92-4E89-B4D0-58B9548F19B8}

Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"

Dell Driver Reset Tool-->MsiExec.exe /I{5905F42D-3F5F-4916-ADA6-94A3646AEE76}

DVD Photo Slideshow Pro 7.61-->C:\Program Files\DVD Photo Slideshow Professional\uninst.exe

Easy CD Creator 5 Basic-->MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}

ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"

ESET Online Scanner v3-->C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe

European Air War-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\MicroProse Software\European Air War\Uninst.isu"

EZ Vinyl Converter 2.0.0 by MixMeister-->"C:\Program Files\MixMeister EZ Vinyl Converter\unins000.exe"

Free Audio CD Burner version 1.3-->"C:\Program Files\DVDVideoSoft\Free Audio CD Burner\unins000.exe"

Free Studio version 4.8-->"C:\Program Files\DVDVideoSoft\Free Studio\unins000.exe"

Free YouTube to MP3 Converter version 3.5-->"C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\unins000.exe"

Game Console - WildGames-->"C:\Program Files\WildGames\Game Console - WildGames\Uninstall.exe"

Handbrake 0.9.4-->C:\Program Files\Handbrake\uninst.exe

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2756822)-->"C:\WINDOWS\$NtUninstallKB2756822$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

Intel® 537EP V9x DFV PCI Modem-->rundll32 IntelCci.dll,iSMUninstallation "Intel® 537EP V9x DFV PCI Modem"

Intel® Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572

Intel® PRO Network Adapters and Drivers-->Prounstl.exe

Intel® PROSet for Wired Connections-->MsiExec.exe /I{17334AAF-C9E7-483B-9F45-E3FCAF07FFA7}

iPod for Windows 2006-01-10-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033

iTunes-->MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}

Java 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}

Lexmark 3300 Series-->C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxccUNST.EXE -NOLICENSE

Lexmark Fax Solutions-->C:\Program Files\Lexmark Fax Solutions\Install\Uninst.exe

Mahjongg Platinum 2-->"C:\Program Files\Selectsoft\Mahjongg Platinum 2\uninstall.exe"

Malwarebytes Anti-Malware version 1.62.0.1300-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft .NET Framework 1.1 Security Update (KB2656370)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656370\M2656370Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB2698023)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2698023\M2698023Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Security Client-->MsiExec.exe /X{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}

Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft User-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWudf01009$\spuninst\spuninst.exe"

MLT Kicking Horse Pass CPR Demo Route-->MsiExec.exe /I{9AF14D4E-8224-4F4C-8D99-A8E3CB4E6142}

Moraff's MahJongg 2005 Luxury Edition-->"C:\Program Files\Moraff's MahJongg 2005 Luxury Edition\Uninstall\unins000.exe"

Mozilla Firefox 16.0.2 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"

MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP

MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""

Norton Security Scan-->MsiExec.exe /X{3FADAA19-E595-44CA-A072-58B6B0851768}

Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}

Pandrol Jackson Railgrinding Train-->MsiExec.exe /I{20EBB977-2426-4C0C-ABCD-D99918DB14A9}

QuickTax 2007-->MsiExec.exe /X{22EC35BD-F8F2-45EB-8DCB-1C7FB65D0A71}

QuickTax 2008-->MsiExec.exe /X{AA0D2D5F-612B-45D3-8759-DA87206E5CC9}

QuickTax 2009-->MsiExec.exe /X{ECB9C58E-C565-4683-9599-B72290BD3B25}

QuickTime-->MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}

RealPlayer Basic-->C:\Program Files\Common Files\Real\Update\\rnuninst.exe RealNetworks|RealPlayer|6.0

Royal Canadian Pacific Luxury Train-->MsiExec.exe /I{C120D99B-6628-4974-86A9-94FB4724A2F1}

Safari-->MsiExec.exe /I{EAFEF30E-3789-49C7-A6D9-77C12E005BAC}

SD40-2_Content_Update-->MsiExec.exe /I{BF7C1B99-A250-45EF-B186-0C33B7308F95}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""

Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"

Security Update for Step By Step Interactive Training (KB898458)-->"C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"

Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2183461)-->"C:\WINDOWS\ie7updates\KB2183461-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2416400)-->"C:\WINDOWS\ie7updates\KB2416400-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2482017)-->"C:\WINDOWS\ie7updates\KB2482017-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2497640)-->"C:\WINDOWS\ie7updates\KB2497640-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2530548)-->"C:\WINDOWS\ie7updates\KB2530548-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2544521)-->"C:\WINDOWS\ie7updates\KB2544521-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2559049)-->"C:\WINDOWS\ie7updates\KB2559049-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2586448)-->"C:\WINDOWS\ie7updates\KB2586448-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2618444)-->"C:\WINDOWS\ie7updates\KB2618444-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2647516)-->"C:\WINDOWS\ie7updates\KB2647516-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2675157)-->"C:\WINDOWS\ie7updates\KB2675157-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2699988)-->"C:\WINDOWS\ie7updates\KB2699988-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2722913)-->"C:\WINDOWS\ie7updates\KB2722913-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2744842)-->"C:\WINDOWS\ie7updates\KB2744842-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"

Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2491683)-->"C:\WINDOWS\$NtUninstallKB2491683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2705219)-->"C:\WINDOWS\$NtUninstallKB2705219$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2723135)-->"C:\WINDOWS\$NtUninstallKB2723135$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2731847)-->"C:\WINDOWS\$NtUninstallKB2731847$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2761226)-->"C:\WINDOWS\$NtUninstallKB2761226$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977165-v2)-->"C:\WINDOWS\$NtUninstallKB977165-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"

Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

Shaw Internet Update 3.3.1-->"C:\Progra~1\Shaw\Update\unins000.exe"

Shaw Support 3.1.30-->"C:\Program Files\shaw\unins000.exe"

Sperry Rail Detector Car-->MsiExec.exe /I{3D9DA157-F7E4-41CD-84C0-85B68AC2A97E}

The CPR Canadian - 1955-->MsiExec.exe /I{1FE78F4C-6088-478C-9B46-EBB9042F90EB}

The CPR Empress-->MsiExec.exe /I{69122487-668B-4CA1-B001-CD363506EE6C}

The Sims Deluxe Edition-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{10798AE3-DCBB-43C3-9C93-C23512427E25}\setup.exe" -l0009

TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}

Uninstall 1.0.0.1-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"

Update for Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"

Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"

Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"

Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"

Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"

Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe"

Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"

Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"

Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe"

Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe"

Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe"

Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

VLC media player 1.0.3-->C:\Program Files\VideoLAN\VLC\uninstall.exe

WildTangent Web Driver-->C:\Program Files\WildTangent\Apps\CDA\CDAUninstall.exe

Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}

Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}

Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}

Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5}

Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}

Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 10 Hotfix - KB895316-->"C:\WINDOWS\$NtUninstallKB895316$\spuninst\spuninst.exe"

Windows Media Player 10-->MsiExec.exe /I{33BB4982-DC52-4886-A03B-F4C5C80BEE89}

Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

WordPerfect Office 12-->MsiExec.exe /I{AF19F291-F22F-4798-9662-525305AE9E48}

======Security center information======

AV: Microsoft Security Essentials

======System event log======

Computer Name: RUSTY

Event Code: 2001

Message: Microsoft Antimalware has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.137.1320.0

Update Source: Microsoft Update Server

Update Stage: Install

Source Path: http://www.microsoft.com

Signature Type: AntiVirus

Update Type: Full

User: NT AUTHORITY\SYSTEM

Current Engine Version:

Previous Engine Version: 1.1.8800.0

Error code: 0x80240016

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Record Number: 41597

Source Name: Microsoft Antimalware

Time Written: 20121010084904.000000-360

Event Type: error

User:

Computer Name: RUSTY

Event Code: 19

Message: Sharing printer failed + 1722, Printer Microsoft XPS Document Writer share name Printer.

Record Number: 41551

Source Name: Print

Time Written: 20121009083856.000000-360

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: RUSTY

Event Code: 19

Message: Sharing printer failed + 1722, Printer Microsoft XPS Document Writer share name Printer.

Record Number: 41400

Source Name: Print

Time Written: 20121004151941.000000-360

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: RUSTY

Event Code: 19

Message: Sharing printer failed + 1722, Printer LexmarkFax share name Printer2.

Record Number: 41119

Source Name: Print

Time Written: 20120926082454.000000-360

Event Type: error

User: NT AUTHORITY\SYSTEM

Computer Name: RUSTY

Event Code: 19

Message: Sharing printer failed + 1722, Printer Microsoft XPS Document Writer share name Printer.

Record Number: 40941

Source Name: Print

Time Written: 20120920084647.000000-360

Event Type: error

User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: RUSTY

Event Code: 482

Message: svchost (1092) An attempt to write to the file "C:\WINDOWS\system32\CatRoot2\edb.log" at offset 107008 (0x000000000001a200) for 512 (0x00000200) bytes failed with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Record Number: 562

Source Name: ESENT

Time Written: 20100723055244.000000-360

Event Type: error

User:

Computer Name: RUSTY

Event Code: 408

Message: Catalog Database (1092) Unable to write to logfile C:\WINDOWS\system32\CatRoot2\edb.log. Error -1808 (0xfffff8f0).

Record Number: 561

Source Name: ESENT

Time Written: 20100723055244.000000-360

Event Type: error

User:

Computer Name: RUSTY

Event Code: 482

Message: svchost (1092) An attempt to write to the file "C:\WINDOWS\system32\CatRoot2\edb.log" at offset 107008 (0x000000000001a200) for 512 (0x00000200) bytes failed with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Record Number: 560

Source Name: ESENT

Time Written: 20100723055244.000000-360

Event Type: error

User:

Computer Name: RUSTY

Event Code: 408

Message: Catalog Database (1092) Unable to write to logfile C:\WINDOWS\system32\CatRoot2\edb.log. Error -1808 (0xfffff8f0).

Record Number: 559

Source Name: ESENT

Time Written: 20100723055244.000000-360

Event Type: error

User:

Computer Name: RUSTY

Event Code: 482

Message: svchost (1092) An attempt to write to the file "C:\WINDOWS\system32\CatRoot2\edb.log" at offset 107008 (0x000000000001a200) for 512 (0x00000200) bytes failed with system error 112 (0x00000070): "There is not enough space on the disk. ". The write operation will fail with error -1808 (0xfffff8f0). If this error persists then the file may be damaged and may need to be restored from a previous backup.

Record Number: 558

Source Name: ESENT

Time Written: 20100723055244.000000-360

Event Type: error

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\QuickTime\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel

"PROCESSOR_REVISION"=0401

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

December 3, 2012

Step 3:

log.txt:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Laurel at 2012-12-03 14:25:35

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 2 GB (7%) free of 35 GB

Total RAM: 1278 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 2:27:07 PM, on 12/3/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17114)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\cisvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Documents and Settings\Laurel\My Documents\Downloads\RSIT.exe

C:\Program Files\trend micro\Laurel.exe

c:\Program Files\Microsoft Security Client\MpCmdRun.exe

C:\WINDOWS\system32\wuauclt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: ActiveGS.cab - http://www.virtualapple.org/activegs.cab

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {2A0B9B82-D5C8-4D3D-8338-AD55B23662B1} (F5 Networks CacheCleaner) - https://employees.cpr.ca/vdesk/cachecleaner.cab#version=7000,2011,0622,1013

O16 - DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} (F5 Networks Auto Update) - https://employees.cpr.ca/vdesk/terminal/InstallerControl.cab#version=7000,2011,0622,1118

O16 - DPF: {5CB1506E-1DEA-4E63-89A7-E40E52AEA1FD} (OnagerCtrl Class) - http://fulfillment.puretracks.com/onager.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab

O16 - DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} (WheelofFortune Object) - http://messenger.zone.msn.com/binary/WoF.cab31267.cab

O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnimedia.com/upload/activex/v2_0_0_9/PCAXSetupv2.0.0.9.cab?

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ,mj.shawcable.net,mj.shawcable.net

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = ,mj.shawcable.net,mj.shawcable.net

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ,mj.shawcable.net,mj.shawcable.net

O18 - Protocol: intu-qt2007 - {026BF40D-BA05-467B-9F1F-AD0D7A3F5F11} - C:\Program Files\QuickTax 2007\ic2007pp.dll

O18 - Protocol: intu-qt2008 - {05E53CE9-66C8-4A9E-A99F-FDB7A8E7B596} - C:\Program Files\QuickTax 2008\ic2008pp.dll

O18 - Protocol: intu-qt2009 - {03947252-2355-4E9B-B446-8CCC75C43370} - C:\Program Files\QuickTax 2009\ic2009pp.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: F-Secure BlackLight Sensor - F-Secure Corporation - C:\WINDOWS\TEMP\F-Secure\Anti-Virus\fsblsrv.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe

--

End of file - 7551 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Laurel\Application Data\Mozilla\Firefox\Profiles\kusos9lw.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.4.402.287 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

C:\Program Files\Mozilla Firefox\extensions\

{3112ca9c-de6d-4884-a869-9855de68056c}

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\

np32dsw.dll

npdeployJava1.dll

nppdf32.dll

ShockwavePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\

amazondotcom.xml

bing.xml

eBay.xml

google.xml

twitter.xml

wikipedia.xml

yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-04 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-04 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-04-04 79648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"LXCCCATS"=rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16 []

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

""= []

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]

C:\Program Files\Dell Support\DSAgnt.exe /startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]

C:\Program Files\Lexmark Fax Solutions\fm3032.exe [2005-01-19 299008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2008-03-30 267048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxccmon.exe]

C:\Program Files\Lexmark 3300 Series\lxccmon.exe [2005-02-21 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]

C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]

C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\QuickTime\qttask.exe [2008-03-28 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]

C:\Program Files\Real\RealPlayer\RealPlay.exe [2005-04-25 26112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]

C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe /r []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NkbMonitor.exe.lnk]

C:\PROGRA~1\Nikon\PICTUR~1\NKBMON~1.EXE []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\system32\igfxdev.dll [2005-09-20 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"NoSetActiveDesktop"=0

"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

"NoSetActiveDesktop"=0

"NoActiveDesktopChanges"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=i420vfw.dll

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.l3acm"=l3codecx.acm

"wave"=serwvdrv.dll

"wave1"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll

"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

"vidc.yv12"=yv12vfw.dll

"wave2"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux"=wdmaud.drv

"wave3"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"aux1"=wdmaud.drv

======List of files/folders created in the last 3 months======

2012-12-03 14:25:42 ----D---- C:\Program Files\trend micro

2012-12-03 14:25:35 ----DC---- C:\rsit

2012-12-03 14:20:22 ----D---- C:\WINDOWS\ERDNT

2012-12-03 14:19:32 ----D---- C:\Program Files\ERUNT

2012-11-15 08:46:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$

2012-11-15 08:46:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2761226$

2012-10-28 09:36:56 ----D---- C:\Program Files\Mozilla Firefox

2012-10-10 08:56:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2724197$

2012-10-10 08:50:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2756822$

2012-10-10 08:50:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$

2012-10-10 08:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$

2012-10-10 08:48:09 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

2012-09-12 06:23:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$

======List of files/folders modified in the last 3 months======

2012-12-03 14:26:21 ----D---- C:\WINDOWS\Prefetch

2012-12-03 14:25:47 ----SD---- C:\WINDOWS\Tasks

2012-12-03 14:25:42 ----D---- C:\Program Files

2012-12-03 14:20:22 ----D---- C:\WINDOWS

2012-12-03 14:17:00 ----D---- C:\WINDOWS\Temp

2012-12-03 14:16:15 ----A---- C:\WINDOWS\ModemLog_Intel® 537EP V9x DF PCI Modem.txt

2012-12-03 14:16:14 ----D---- C:\WINDOWS\system32\CatRoot2

2012-12-03 08:30:41 ----A---- C:\WINDOWS\SchedLgU.Txt

2012-12-03 05:37:31 ----D---- C:\Program Files\Lx_cats

2012-11-30 07:44:51 ----D---- C:\WINDOWS\system32\drivers\ETC

2012-11-17 09:16:19 ----D---- C:\WINDOWS\Microsoft.NET

2012-11-17 09:16:07 ----RSD---- C:\WINDOWS\ASSEMBLY

2012-11-16 07:25:37 ----D---- C:\WINDOWS\SYSTEM32

2012-11-15 08:55:03 ----SHD---- C:\WINDOWS\Installer

2012-11-15 08:55:00 ----SHDC---- C:\Config.Msi

2012-11-15 08:47:37 ----A---- C:\WINDOWS\system32\MRT.exe

2012-11-15 08:46:40 ----HD---- C:\WINDOWS\INF

2012-11-15 08:46:37 ----RSHD---- C:\WINDOWS\system32\DLLCACHE

2012-11-15 08:46:23 ----A---- C:\WINDOWS\imsins.BAK

2012-11-14 08:49:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2012-11-14 08:48:19 ----D---- C:\WINDOWS\WinSxS

2012-11-14 08:45:00 ----HD---- C:\WINDOWS\$hf_mig$

2012-11-04 18:58:41 ----D---- C:\WINDOWS\network diagnostic

2012-10-28 09:44:16 ----D---- C:\Program Files\Mozilla Maintenance Service

2012-10-10 08:48:42 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2012-10-02 12:04:21 ----A---- C:\WINDOWS\system32\synceng.dll

2012-10-02 08:51:09 ----D---- C:\WINDOWS\system32\DRIVERS

2012-10-02 08:50:55 ----D---- C:\Program Files\Microsoft Security Client

2012-09-22 09:03:54 ----D---- C:\WINDOWS\system32\en-US

2012-09-22 09:03:54 ----D---- C:\Program Files\Internet Explorer

2012-09-11 06:34:38 ----N---- C:\WINDOWS\system32\tzchange.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]

R0 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]

R0 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]

R0 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]

R0 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-08-30 193552]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2006-10-18 36624]

R0 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2008-03-07 716272]

R0 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

R1 Cdr4_xp;Cdr4_xp; C:\WINDOWS\system32\drivers\Cdr4_xp.sys [2006-10-18 2432]

R1 Cdralw2k;Cdralw2k; C:\WINDOWS\system32\drivers\Cdralw2k.sys [2006-10-18 2560]

R1 cdudf_xp;cdudf_xp; C:\WINDOWS\system32\drivers\cdudf_xp.sys [2007-06-09 241280]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 MpKsla9b150a6;MpKsla9b150a6; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D46A6439-D930-4EA2-9368-9C71DA3CC867}\MpKsla9b150a6.sys []

R1 pwd_2K;pwd_2K; C:\WINDOWS\system32\drivers\pwd_2K.sys [2007-06-09 144250]

R1 SbcpHid;SbcpHid; \??\C:\WINDOWS\system32\Drivers\SbcpHid.sys []

R1 UdfReadr_xp;UdfReadr_xp; C:\WINDOWS\system32\drivers\UdfReadr_xp.sys [2007-06-09 206464]

R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2005-04-25 8552]

R3 dvd_2K;dvd_2K; C:\WINDOWS\system32\drivers\dvd_2K.sys [2007-06-09 25930]

R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-02-10 154112]

R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]

R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-09-20 1302332]

R3 IntelC51;IntelC51; C:\WINDOWS\system32\DRIVERS\IntelC51.sys [2004-03-05 1233525]

R3 IntelC52;IntelC52; C:\WINDOWS\system32\DRIVERS\IntelC52.sys [2004-03-05 647929]

R3 IntelC53;IntelC53; C:\WINDOWS\system32\DRIVERS\IntelC53.sys [2004-06-15 61157]

R3 mmc_2K;mmc_2K; C:\WINDOWS\system32\drivers\mmc_2K.sys [2007-06-09 30662]

R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]

R3 mohfilt;mohfilt; C:\WINDOWS\system32\DRIVERS\mohfilt.sys [2004-03-05 37048]

R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]

R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]

R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]

S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]

S3 aa5hvmsz;aa5hvmsz; C:\WINDOWS\system32\drivers\aa5hvmsz.sys []

S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []

S3 fsbl;F-Secure BlackLight Engine Driver; \??\C:\Program Files\Shaw Secure\Anti-Virus\fsbldrv.sys []

S3 GcKernel;Microsoft SideWinder Value Add - Filter Driver; C:\WINDOWS\system32\DRIVERS\GcKernel.sys [2008-04-13 59136]

S3 HIDSwvd;Microsoft SideWinder Virtual HID Device Mini-Driver; C:\WINDOWS\system32\DRIVERS\HIDSwvd.sys [2001-08-17 2688]

S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]

S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys []

S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-04-04 153376]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472]

R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-10 250808]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 F-Secure BlackLight Sensor;F-Secure BlackLight Sensor; C:\WINDOWS\TEMP\F-Secure\Anti-Virus\fsblsrv.exe [2011-09-08 167936]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-03-30 504104]

S3 lxcc_device;lxcc_device; C:\WINDOWS\system32\lxcccoms.exe [2005-02-25 466944]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-28 115168]

S3 NetSvc;Intel NCS NetService; C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe [2003-12-17 143360]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

November 29, 2012

Hello,

I will definitely try those steps but I will have to wait a day or two until I can do so.

Thanks.

November 24, 2012

Hi all,

Back in August, my parents' computer was infected with the Live Security Platinum/zeroaccess rootkit. I tried removing it at the time, but it was taking way too much time and it was still having problems, so I am planning on saving the computer's files, photos, etc. and starting over. I heard that even if you try to remove the virus, your computer may not be 100% safe, which is why I'd rather start over and re-install Windows.

This is what I did to try and remove the virus: http://www.bleepingc...opic464360.html I didn't do anything else to the computer after my last post there. No one has used the computer since then.

Is it possible to save everything onto a external hard drive or USB storage without transferring infected files? If so, how do I ensure this doesn't happen and spread to another computer? How do I erase everything on the hard drive (or whatever it is that I could do to erase everything, including the virus)?

I don't know a lot about computers so I apologize for all the questions.

Thank you.

Sign In

waves

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Posts posted by waves

How do I backup files and start over after a rootkit?

How do I backup files and start over after a rootkit?

How do I backup files and start over after a rootkit?

How do I backup files and start over after a rootkit?

How do I backup files and start over after a rootkit?

How do I backup files and start over after a rootkit?

How do I backup files and start over after a rootkit?

How do I backup files and start over after a rootkit?

How do I backup files and start over after a rootkit?

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information