gumdrop
-
Posts
57 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by gumdrop
-
Checkpoint confirms that Zonealarm Pro is a firewall only, with no anti-virus element
-
Thanks again for your help. Have I been in error in using tea timer ? Was any data actually stolen ? RogueKiller V8.4.0 [Dec 15 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Administrator [Admin rights] Mode : Remove -- Date : 12/17/2012 07:06:30 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> REPLACED (0) [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ SSDT[25] : NtClose @ 0x8056F8D7 -> HOOKED (Unknown @ 0xF7AA4CAC) SSDT[41] : NtCreateKey @ 0x80578ABE -> HOOKED (Unknown @ 0xF7AA4C66) SSDT[53] : NtCreateThread @ 0x80584D41 -> HOOKED (Unknown @ 0xF7AA4C5C) SSDT[63] : NtDeleteKey @ 0x80599777 -> HOOKED (Unknown @ 0xF7AA4C6B) SSDT[65] : NtDeleteValueKey @ 0x80598396 -> HOOKED (Unknown @ 0xF7AA4C75) SSDT[98] : NtLoadKey @ 0x805D5235 -> HOOKED (Unknown @ 0xF7AA4C7A) SSDT[177] : NtQueryValueKey @ 0x80572F19 -> HOOKED (Unknown @ 0xF7AA4CCF) SSDT[193] : NtReplaceKey @ 0x806571D6 -> HOOKED (Unknown @ 0xF7AA4C84) SSDT[204] : NtRestoreKey @ 0x80656D6D -> HOOKED (Unknown @ 0xF7AA4C7F) SSDT[213] : NtSetContextThread @ 0x8063628D -> HOOKED (Unknown @ 0xF7AA4CBB) SSDT[237] : NtSetSecurityObject @ 0x8059DDD3 -> HOOKED (Unknown @ 0xF7AA4CC5) SSDT[247] : NtSetValueKey @ 0x80580090 -> HOOKED (Unknown @ 0xF7AA4C70) S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xF7AA4CDE) S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xF7AA4CE3) ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD800JD-08LSA0 +++++ --- User --- [MBR] 3262568dc9d189ef5bea61906495ad37 [bSP] 49cdaa68ee98ee3c32955765d6f227b6 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 18010 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 36885240 | Size: 23454 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 84919590 | Size: 34859 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[3]_D_12172012_02d0706.txt >> RKreport[1]_S_12162012_02d0816.txt ; RKreport[2]_S_12172012_02d0705.txt ; RKreport[3]_D_12172012_02d0706.txt
-
I forgot to add that in Resident in spybot SD help was checked. Tea Timer was not when I followed your instructions regarding spybot. Therefore I changed nothing in spybot beyond dis-abling tea timer.
-
Should I delete the items found in Rogue Killer
-
Thanks again.......I ran tdsskiller.exe and it gave the following results 294 objects found 0 threats neutralized 0 threats quarantined 0 objects I was able to highlight the report but unable to copy with either mouse or keyboard RogueKiller V8.4.0 [Dec 15 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Administrator [Admin rights] Mode : Scan -- Date : 12/16/2012 08:16:27 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ SSDT[25] : NtClose @ 0x8056F8D7 -> HOOKED (Unknown @ 0xF7A8639C) SSDT[41] : NtCreateKey @ 0x80578ABE -> HOOKED (Unknown @ 0xF7A86356) SSDT[53] : NtCreateThread @ 0x80584D41 -> HOOKED (Unknown @ 0xF7A8634C) SSDT[63] : NtDeleteKey @ 0x80599777 -> HOOKED (Unknown @ 0xF7A8635B) SSDT[65] : NtDeleteValueKey @ 0x80598396 -> HOOKED (Unknown @ 0xF7A86365) SSDT[98] : NtLoadKey @ 0x805D5235 -> HOOKED (Unknown @ 0xF7A8636A) SSDT[177] : NtQueryValueKey @ 0x80572F19 -> HOOKED (Unknown @ 0xF7A863BF) SSDT[193] : NtReplaceKey @ 0x806571D6 -> HOOKED (Unknown @ 0xF7A86374) SSDT[204] : NtRestoreKey @ 0x80656D6D -> HOOKED (Unknown @ 0xF7A8636F) SSDT[213] : NtSetContextThread @ 0x8063628D -> HOOKED (Unknown @ 0xF7A863AB) SSDT[237] : NtSetSecurityObject @ 0x8059DDD3 -> HOOKED (Unknown @ 0xF7A863B5) SSDT[247] : NtSetValueKey @ 0x80580090 -> HOOKED (Unknown @ 0xF7A86360) S_SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xF7A863CE) S_SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xF7A863D3) ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD800JD-08LSA0 +++++ --- User --- [MBR] 3262568dc9d189ef5bea61906495ad37 [bSP] 49cdaa68ee98ee3c32955765d6f227b6 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 18010 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 36885240 | Size: 23454 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 84919590 | Size: 34859 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_12162012_02d0816.txt >> RKreport[1]_S_12162012_02d0816.txt 08:20:36.0187 2928 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 08:20:36.0500 2928 ============================================================ 08:20:36.0500 2928 Current date / time: 2012/12/16 08:20:36.0500 08:20:36.0500 2928 SystemInfo: 08:20:36.0500 2928 08:20:36.0500 2928 OS Version: 5.1.2600 ServicePack: 3.0 08:20:36.0500 2928 Product type: Workstation 08:20:36.0500 2928 ComputerName: DELL 08:20:36.0500 2928 UserName: Administrator 08:20:36.0500 2928 Windows directory: C:\WINDOWS 08:20:36.0500 2928 System windows directory: C:\WINDOWS 08:20:36.0500 2928 Processor architecture: Intel x86 08:20:36.0500 2928 Number of processors: 2 08:20:36.0500 2928 Page size: 0x1000 08:20:36.0500 2928 Boot type: Normal boot 08:20:36.0500 2928 ============================================================ 08:20:37.0656 2928 Drive \Device\Harddisk0\DR0 - Size: 0x12A2480000 (74.54 Gb), SectorSize: 0x200, Cylinders: 0x2602, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 08:20:37.0656 2928 ============================================================ 08:20:37.0656 2928 \Device\Harddisk0\DR0: 08:20:37.0656 2928 MBR partitions: 08:20:37.0656 2928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x232D2B9 08:20:37.0656 2928 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x232D2F8, BlocksNum 0x2DCF22E 08:20:37.0656 2928 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x50FC526, BlocksNum 0x4415E5C 08:20:37.0656 2928 ============================================================ 08:20:37.0859 2928 E: <-> \Device\Harddisk0\DR0\Partition3 08:20:37.0890 2928 C: <-> \Device\Harddisk0\DR0\Partition1 08:20:37.0921 2928 D: <-> \Device\Harddisk0\DR0\Partition2 08:20:37.0921 2928 ============================================================ 08:20:37.0921 2928 Initialize success 08:20:37.0921 2928 ============================================================ 08:20:39.0328 2112 ============================================================ 08:20:39.0328 2112 Scan started 08:20:39.0328 2112 Mode: Manual; 08:20:39.0328 2112 ============================================================ 08:20:40.0125 2112 ================ Scan system memory ======================== 08:20:40.0125 2112 System memory - ok 08:20:40.0125 2112 ================ Scan services ============================= 08:20:40.0187 2112 Abiosdsk - ok 08:20:40.0187 2112 abp480n5 - ok 08:20:40.0218 2112 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 08:20:40.0218 2112 ACPI - ok 08:20:40.0250 2112 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 08:20:40.0250 2112 ACPIEC - ok 08:20:40.0312 2112 [ 46A5CBB09B8F0C46F8CBE9210E5E3BE2 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe 08:20:40.0328 2112 AcrSch2Svc - ok 08:20:40.0328 2112 adpu160m - ok 08:20:40.0343 2112 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 08:20:40.0343 2112 aec - ok 08:20:40.0390 2112 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 08:20:40.0390 2112 AFD - ok 08:20:40.0390 2112 Aha154x - ok 08:20:40.0406 2112 aic78u2 - ok 08:20:40.0406 2112 aic78xx - ok 08:20:40.0453 2112 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 08:20:40.0453 2112 Alerter - ok 08:20:40.0468 2112 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 08:20:40.0468 2112 ALG - ok 08:20:40.0468 2112 AliIde - ok 08:20:40.0484 2112 amsint - ok 08:20:40.0531 2112 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 08:20:40.0531 2112 AntiVirSchedulerService - ok 08:20:40.0546 2112 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 08:20:40.0546 2112 AntiVirService - ok 08:20:40.0578 2112 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 08:20:40.0578 2112 AppMgmt - ok 08:20:40.0609 2112 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 08:20:40.0609 2112 Arp1394 - ok 08:20:40.0609 2112 asc - ok 08:20:40.0625 2112 asc3350p - ok 08:20:40.0640 2112 asc3550 - ok 08:20:40.0671 2112 [ 20D04091EBA710F6988F710507D85868 ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys 08:20:40.0671 2112 Aspi32 - ok 08:20:40.0703 2112 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 08:20:40.0703 2112 AsyncMac - ok 08:20:40.0718 2112 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 08:20:40.0718 2112 atapi - ok 08:20:40.0734 2112 Atdisk - ok 08:20:40.0750 2112 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 08:20:40.0750 2112 Atmarpc - ok 08:20:40.0765 2112 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 08:20:40.0765 2112 AudioSrv - ok 08:20:40.0781 2112 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 08:20:40.0781 2112 audstub - ok 08:20:40.0796 2112 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 08:20:40.0796 2112 avgntflt - ok 08:20:40.0812 2112 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 08:20:40.0812 2112 avipbb - ok 08:20:40.0828 2112 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 08:20:40.0828 2112 avkmgr - ok 08:20:40.0859 2112 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 08:20:40.0859 2112 Beep - ok 08:20:40.0906 2112 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 08:20:40.0906 2112 BITS - ok 08:20:40.0937 2112 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll 08:20:40.0937 2112 Browser - ok 08:20:40.0968 2112 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 08:20:40.0968 2112 cbidf2k - ok 08:20:40.0984 2112 cd20xrnt - ok 08:20:41.0000 2112 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 08:20:41.0000 2112 Cdaudio - ok 08:20:41.0031 2112 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 08:20:41.0031 2112 Cdfs - ok 08:20:41.0046 2112 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 08:20:41.0046 2112 Cdrom - ok 08:20:41.0062 2112 Changer - ok 08:20:41.0093 2112 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 08:20:41.0093 2112 CiSvc - ok 08:20:41.0125 2112 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 08:20:41.0125 2112 ClipSrv - ok 08:20:41.0125 2112 CmdIde - ok 08:20:41.0140 2112 COMSysApp - ok 08:20:41.0156 2112 Cpqarray - ok 08:20:41.0187 2112 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 08:20:41.0187 2112 CryptSvc - ok 08:20:41.0187 2112 dac2w2k - ok 08:20:41.0203 2112 dac960nt - ok 08:20:41.0250 2112 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 08:20:41.0250 2112 DcomLaunch - ok 08:20:41.0281 2112 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 08:20:41.0296 2112 Dhcp - ok 08:20:41.0312 2112 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 08:20:41.0312 2112 Disk - ok 08:20:41.0328 2112 dmadmin - ok 08:20:41.0375 2112 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 08:20:41.0375 2112 dmboot - ok 08:20:41.0406 2112 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 08:20:41.0406 2112 dmio - ok 08:20:41.0421 2112 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 08:20:41.0421 2112 dmload - ok 08:20:41.0437 2112 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 08:20:41.0437 2112 dmserver - ok 08:20:41.0468 2112 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 08:20:41.0468 2112 DMusic - ok 08:20:41.0484 2112 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 08:20:41.0484 2112 Dnscache - ok 08:20:41.0531 2112 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 08:20:41.0531 2112 Dot3svc - ok 08:20:41.0531 2112 dpti2o - ok 08:20:41.0546 2112 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 08:20:41.0546 2112 drmkaud - ok 08:20:41.0593 2112 [ A8B3EC8EE13CBE14F067C72110155A1B ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys 08:20:41.0593 2112 E1000 - ok 08:20:41.0625 2112 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 08:20:41.0625 2112 EapHost - ok 08:20:41.0656 2112 [ F07BA56B0235F15EFF8F10DC6389C42E ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys 08:20:41.0656 2112 epmntdrv - ok 08:20:41.0687 2112 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 08:20:41.0687 2112 ERSvc - ok 08:20:41.0703 2112 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys 08:20:41.0703 2112 EuGdiDrv - ok 08:20:41.0750 2112 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 08:20:41.0750 2112 Eventlog - ok 08:20:41.0781 2112 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 08:20:41.0781 2112 EventSystem - ok 08:20:41.0812 2112 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 08:20:41.0812 2112 Fastfat - ok 08:20:41.0828 2112 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 08:20:41.0843 2112 FastUserSwitchingCompatibility - ok 08:20:41.0859 2112 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe 08:20:41.0875 2112 Fax - ok 08:20:41.0875 2112 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 08:20:41.0875 2112 Fdc - ok 08:20:41.0890 2112 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 08:20:41.0890 2112 Fips - ok 08:20:41.0906 2112 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 08:20:41.0906 2112 Flpydisk - ok 08:20:41.0937 2112 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 08:20:41.0937 2112 FltMgr - ok 08:20:41.0937 2112 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 08:20:41.0937 2112 Fs_Rec - ok 08:20:41.0953 2112 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 08:20:41.0953 2112 Ftdisk - ok 08:20:42.0000 2112 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll 08:20:42.0000 2112 getPlusHelper - ok 08:20:42.0031 2112 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 08:20:42.0031 2112 Gpc - ok 08:20:42.0078 2112 [ 575976CD9F6A60BE788F8AEBAEF44AE5 ] ham50 C:\WINDOWS\system32\DRIVERS\IntelH51.sys 08:20:42.0078 2112 ham50 - ok 08:20:42.0140 2112 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 08:20:42.0140 2112 helpsvc - ok 08:20:42.0171 2112 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 08:20:42.0171 2112 HidUsb - ok 08:20:42.0203 2112 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 08:20:42.0203 2112 hkmsvc - ok 08:20:42.0218 2112 hpn - ok 08:20:42.0250 2112 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 08:20:42.0250 2112 HTTP - ok 08:20:42.0281 2112 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 08:20:42.0296 2112 HTTPFilter - ok 08:20:42.0296 2112 i2omgmt - ok 08:20:42.0312 2112 i2omp - ok 08:20:42.0328 2112 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 08:20:42.0328 2112 i8042prt - ok 08:20:42.0437 2112 [ 3CA41CDB9C912AED354B0C7ABE4A4654 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 08:20:42.0437 2112 ialm - ok 08:20:42.0531 2112 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 08:20:42.0531 2112 Imapi - ok 08:20:42.0609 2112 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 08:20:42.0609 2112 ImapiService - ok 08:20:42.0671 2112 [ BA316207C794B08F9DF091D69C15732D ] InCDfs C:\WINDOWS\system32\drivers\InCDfs.sys 08:20:42.0703 2112 InCDfs - ok 08:20:42.0750 2112 [ 67B66F3E1492BB1D6C4FC85AD70CDC2D ] InCDPass C:\WINDOWS\system32\DRIVERS\InCDPass.sys 08:20:42.0750 2112 InCDPass - ok 08:20:42.0781 2112 [ 09DE3DB2C41443049F3B2B7F56F57540 ] InCDrec C:\WINDOWS\system32\drivers\InCDrec.sys 08:20:42.0796 2112 InCDrec - ok 08:20:42.0812 2112 [ 0755C3F5D7A844E3CF2F1AE770F0F189 ] incdrm C:\WINDOWS\system32\drivers\incdrm.sys 08:20:42.0828 2112 incdrm - ok 08:20:42.0953 2112 [ 45B09DB32DF8D1C8FA26DF54ECB37B8D ] InCDsrv C:\Program Files\Ahead\InCD\InCDsrv.exe 08:20:42.0968 2112 InCDsrv - ok 08:20:42.0968 2112 ini910u - ok 08:20:42.0984 2112 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 08:20:42.0984 2112 IntelIde - ok 08:20:43.0015 2112 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 08:20:43.0015 2112 intelppm - ok 08:20:43.0031 2112 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 08:20:43.0031 2112 Ip6Fw - ok 08:20:43.0062 2112 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 08:20:43.0062 2112 IpFilterDriver - ok 08:20:43.0078 2112 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 08:20:43.0078 2112 IpInIp - ok 08:20:43.0109 2112 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 08:20:43.0109 2112 IpNat - ok 08:20:43.0140 2112 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 08:20:43.0140 2112 IPSec - ok 08:20:43.0156 2112 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 08:20:43.0156 2112 IRENUM - ok 08:20:43.0171 2112 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 08:20:43.0171 2112 isapnp - ok 08:20:43.0234 2112 [ 33112D12B95BD1DE18AF409D865DF10C ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys 08:20:43.0234 2112 ISWKL - ok 08:20:43.0265 2112 [ CFF1CD2C1CC8F5271967AA268982E878 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe 08:20:43.0265 2112 IswSvc - ok 08:20:43.0312 2112 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 08:20:43.0312 2112 JavaQuickStarterService - ok 08:20:43.0328 2112 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 08:20:43.0328 2112 Kbdclass - ok 08:20:43.0359 2112 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 08:20:43.0359 2112 kbdhid - ok 08:20:43.0375 2112 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 08:20:43.0375 2112 kmixer - ok 08:20:43.0390 2112 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 08:20:43.0406 2112 KSecDD - ok 08:20:43.0421 2112 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 08:20:43.0421 2112 lanmanserver - ok 08:20:43.0468 2112 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 08:20:43.0468 2112 lanmanworkstation - ok 08:20:43.0468 2112 Lavasoft Kernexplorer - ok 08:20:43.0484 2112 Lbd - ok 08:20:43.0500 2112 lbrtfdc - ok 08:20:43.0531 2112 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 08:20:43.0531 2112 LmHosts - ok 08:20:43.0562 2112 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 08:20:43.0562 2112 Messenger - ok 08:20:43.0578 2112 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 08:20:43.0578 2112 mnmdd - ok 08:20:43.0609 2112 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 08:20:43.0609 2112 mnmsrvc - ok 08:20:43.0640 2112 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 08:20:43.0640 2112 Modem - ok 08:20:43.0671 2112 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys 08:20:43.0671 2112 MODEMCSA - ok 08:20:43.0671 2112 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 08:20:43.0671 2112 Mouclass - ok 08:20:43.0703 2112 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 08:20:43.0703 2112 mouhid - ok 08:20:43.0734 2112 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 08:20:43.0734 2112 MountMgr - ok 08:20:43.0734 2112 mraid35x - ok 08:20:43.0765 2112 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 08:20:43.0765 2112 MRxDAV - ok 08:20:43.0796 2112 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 08:20:43.0796 2112 MRxSmb - ok 08:20:43.0812 2112 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 08:20:43.0812 2112 MSDTC - ok 08:20:43.0828 2112 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 08:20:43.0828 2112 Msfs - ok 08:20:43.0843 2112 MSIServer - ok 08:20:43.0875 2112 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 08:20:43.0875 2112 MSKSSRV - ok 08:20:43.0890 2112 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 08:20:43.0890 2112 MSPCLOCK - ok 08:20:43.0906 2112 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 08:20:43.0906 2112 MSPQM - ok 08:20:43.0937 2112 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 08:20:43.0937 2112 mssmbios - ok 08:20:43.0953 2112 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 08:20:43.0968 2112 Mup - ok 08:20:44.0000 2112 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 08:20:44.0031 2112 napagent - ok 08:20:44.0046 2112 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 08:20:44.0046 2112 NDIS - ok 08:20:44.0062 2112 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 08:20:44.0062 2112 NdisTapi - ok 08:20:44.0078 2112 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 08:20:44.0078 2112 Ndisuio - ok 08:20:44.0093 2112 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 08:20:44.0093 2112 NdisWan - ok 08:20:44.0109 2112 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 08:20:44.0109 2112 NDProxy - ok 08:20:44.0125 2112 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 08:20:44.0125 2112 NetBIOS - ok 08:20:44.0140 2112 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 08:20:44.0140 2112 NetBT - ok 08:20:44.0171 2112 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 08:20:44.0171 2112 NetDDE - ok 08:20:44.0187 2112 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 08:20:44.0187 2112 NetDDEdsdm - ok 08:20:44.0203 2112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 08:20:44.0203 2112 Netlogon - ok 08:20:44.0250 2112 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 08:20:44.0250 2112 Netman - ok 08:20:44.0265 2112 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 08:20:44.0265 2112 NIC1394 - ok 08:20:44.0312 2112 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 08:20:44.0312 2112 Nla - ok 08:20:44.0328 2112 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys 08:20:44.0328 2112 nm - ok 08:20:44.0359 2112 [ 9865516D33BC66FDDAC9DB4087D4B6AA ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll 08:20:44.0359 2112 nosGetPlusHelper - ok 08:20:44.0375 2112 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 08:20:44.0375 2112 Npfs - ok 08:20:44.0406 2112 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 08:20:44.0437 2112 Ntfs - ok 08:20:44.0453 2112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 08:20:44.0453 2112 NtLmSsp - ok 08:20:44.0500 2112 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 08:20:44.0515 2112 NtmsSvc - ok 08:20:44.0531 2112 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 08:20:44.0531 2112 Null - ok 08:20:44.0562 2112 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 08:20:44.0562 2112 NwlnkFlt - ok 08:20:44.0578 2112 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 08:20:44.0578 2112 NwlnkFwd - ok 08:20:44.0593 2112 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 08:20:44.0593 2112 ohci1394 - ok 08:20:44.0625 2112 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 08:20:44.0625 2112 Parport - ok 08:20:44.0640 2112 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 08:20:44.0640 2112 PartMgr - ok 08:20:44.0671 2112 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 08:20:44.0671 2112 ParVdm - ok 08:20:44.0687 2112 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 08:20:44.0687 2112 PCI - ok 08:20:44.0703 2112 PCIDump - ok 08:20:44.0703 2112 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys 08:20:44.0703 2112 PCIIde - ok 08:20:44.0734 2112 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 08:20:44.0734 2112 Pcmcia - ok 08:20:44.0796 2112 [ C98CD9EE0012DF72206BD519DB9780D4 ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe 08:20:44.0796 2112 PCToolsSSDMonitorSvc - ok 08:20:44.0812 2112 PDCOMP - ok 08:20:44.0828 2112 PDFRAME - ok 08:20:44.0828 2112 PDRELI - ok 08:20:44.0843 2112 PDRFRAME - ok 08:20:44.0843 2112 perc2 - ok 08:20:44.0859 2112 perc2hib - ok 08:20:44.0890 2112 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 08:20:44.0890 2112 PlugPlay - ok 08:20:44.0906 2112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 08:20:44.0906 2112 PolicyAgent - ok 08:20:44.0937 2112 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 08:20:44.0937 2112 PptpMiniport - ok 08:20:44.0937 2112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 08:20:44.0953 2112 ProtectedStorage - ok 08:20:44.0953 2112 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 08:20:44.0953 2112 PSched - ok 08:20:44.0968 2112 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 08:20:44.0968 2112 Ptilink - ok 08:20:44.0984 2112 ql1080 - ok 08:20:44.0984 2112 Ql10wnt - ok 08:20:45.0000 2112 ql12160 - ok 08:20:45.0000 2112 ql1240 - ok 08:20:45.0015 2112 ql1280 - ok 08:20:45.0031 2112 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 08:20:45.0031 2112 RasAcd - ok 08:20:45.0031 2112 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 08:20:45.0031 2112 RasAuto - ok 08:20:45.0062 2112 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 08:20:45.0062 2112 Rasl2tp - ok 08:20:45.0109 2112 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 08:20:45.0109 2112 RasMan - ok 08:20:45.0125 2112 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 08:20:45.0125 2112 RasPppoe - ok 08:20:45.0140 2112 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 08:20:45.0140 2112 Raspti - ok 08:20:45.0156 2112 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 08:20:45.0156 2112 Rdbss - ok 08:20:45.0156 2112 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 08:20:45.0171 2112 RDPCDD - ok 08:20:45.0187 2112 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 08:20:45.0187 2112 rdpdr - ok 08:20:45.0218 2112 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 08:20:45.0218 2112 RDPWD - ok 08:20:45.0234 2112 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 08:20:45.0250 2112 RDSessMgr - ok 08:20:45.0265 2112 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 08:20:45.0265 2112 redbook - ok 08:20:45.0296 2112 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 08:20:45.0296 2112 RemoteAccess - ok 08:20:45.0312 2112 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 08:20:45.0312 2112 RemoteRegistry - ok 08:20:45.0328 2112 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 08:20:45.0328 2112 RpcLocator - ok 08:20:45.0359 2112 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll 08:20:45.0359 2112 RpcSs - ok 08:20:45.0375 2112 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 08:20:45.0375 2112 RSVP - ok 08:20:45.0390 2112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 08:20:45.0406 2112 SamSs - ok 08:20:45.0406 2112 SBRE - ok 08:20:45.0421 2112 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 08:20:45.0421 2112 SCardSvr - ok 08:20:45.0453 2112 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 08:20:45.0453 2112 Schedule - ok 08:20:45.0484 2112 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 08:20:45.0484 2112 Secdrv - ok 08:20:45.0500 2112 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 08:20:45.0500 2112 seclogon - ok 08:20:45.0546 2112 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys 08:20:45.0562 2112 senfilt - ok 08:20:45.0578 2112 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 08:20:45.0578 2112 SENS - ok 08:20:45.0593 2112 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 08:20:45.0593 2112 serenum - ok 08:20:45.0609 2112 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 08:20:45.0609 2112 Serial - ok 08:20:45.0640 2112 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys 08:20:45.0640 2112 Sfloppy - ok 08:20:45.0671 2112 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 08:20:45.0687 2112 SharedAccess - ok 08:20:45.0703 2112 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 08:20:45.0703 2112 ShellHWDetection - ok 08:20:45.0718 2112 Simbad - ok 08:20:45.0750 2112 [ 0066FF77AEB4AE70066F7E94D5A6D866 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys 08:20:45.0765 2112 smwdm - ok 08:20:45.0796 2112 [ E78C98378A071CE4D48A7C514FA98FA1 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys 08:20:45.0796 2112 snapman - ok 08:20:45.0812 2112 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 08:20:45.0812 2112 SONYPVU1 - ok 08:20:45.0828 2112 Sparrow - ok 08:20:45.0843 2112 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 08:20:45.0843 2112 splitter - ok 08:20:45.0875 2112 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 08:20:45.0875 2112 Spooler - ok 08:20:45.0890 2112 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 08:20:45.0906 2112 sr - ok 08:20:45.0921 2112 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 08:20:45.0921 2112 srservice - ok 08:20:45.0968 2112 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 08:20:45.0968 2112 Srv - ok 08:20:45.0984 2112 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 08:20:45.0984 2112 SSDPSRV - ok 08:20:46.0015 2112 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 08:20:46.0015 2112 ssmdrv - ok 08:20:46.0062 2112 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 08:20:46.0062 2112 stisvc - ok 08:20:46.0093 2112 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 08:20:46.0093 2112 swenum - ok 08:20:46.0109 2112 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 08:20:46.0109 2112 swmidi - ok 08:20:46.0125 2112 SwPrv - ok 08:20:46.0140 2112 symc810 - ok 08:20:46.0140 2112 symc8xx - ok 08:20:46.0156 2112 sym_hi - ok 08:20:46.0156 2112 sym_u3 - ok 08:20:46.0171 2112 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 08:20:46.0187 2112 sysaudio - ok 08:20:46.0203 2112 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 08:20:46.0203 2112 SysmonLog - ok 08:20:46.0234 2112 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 08:20:46.0234 2112 TapiSrv - ok 08:20:46.0265 2112 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 08:20:46.0265 2112 Tcpip - ok 08:20:46.0296 2112 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 08:20:46.0296 2112 TDPIPE - ok 08:20:46.0312 2112 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 08:20:46.0312 2112 TDTCP - ok 08:20:46.0343 2112 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 08:20:46.0343 2112 TermDD - ok 08:20:46.0359 2112 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 08:20:46.0375 2112 TermService - ok 08:20:46.0390 2112 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 08:20:46.0390 2112 Themes - ok 08:20:46.0421 2112 [ B84B82C0CBEB1B0D7EB7A946BADE5830 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys 08:20:46.0421 2112 tifsfilter - ok 08:20:46.0437 2112 [ 74711884439BDF9CCF446C79CB05FAC0 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys 08:20:46.0453 2112 timounter - ok 08:20:46.0484 2112 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 08:20:46.0484 2112 TlntSvr - ok 08:20:46.0484 2112 TosIde - ok 08:20:46.0500 2112 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 08:20:46.0500 2112 TrkWks - ok 08:20:46.0531 2112 [ ACEB4F4F83B895E15C8C1A2F55009783 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys 08:20:46.0531 2112 truecrypt - ok 08:20:46.0546 2112 [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys 08:20:46.0562 2112 TrueSight - ok 08:20:46.0593 2112 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 08:20:46.0593 2112 Udfs - ok 08:20:46.0593 2112 ultra - ok 08:20:46.0625 2112 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 08:20:46.0640 2112 Update - ok 08:20:46.0656 2112 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 08:20:46.0671 2112 upnphost - ok 08:20:46.0671 2112 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 08:20:46.0687 2112 UPS - ok 08:20:46.0703 2112 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 08:20:46.0703 2112 usbccgp - ok 08:20:46.0734 2112 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 08:20:46.0734 2112 usbehci - ok 08:20:46.0734 2112 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 08:20:46.0734 2112 usbhub - ok 08:20:46.0765 2112 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 08:20:46.0765 2112 usbscan - ok 08:20:46.0781 2112 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 08:20:46.0781 2112 USBSTOR - ok 08:20:46.0796 2112 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 08:20:46.0796 2112 usbuhci - ok 08:20:46.0812 2112 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 08:20:46.0812 2112 VgaSave - ok 08:20:46.0828 2112 ViaIde - ok 08:20:46.0828 2112 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 08:20:46.0828 2112 VolSnap - ok 08:20:46.0875 2112 [ E0743BBE28AD2C310698148C75333729 ] Vsdatant C:\WINDOWS\system32\vsdatant.sys 08:20:46.0890 2112 Vsdatant - ok 08:20:46.0906 2112 vsmon - ok 08:20:46.0937 2112 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 08:20:46.0937 2112 VSS - ok 08:20:46.0984 2112 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 08:20:46.0984 2112 W32Time - ok 08:20:47.0031 2112 [ F0BDC2B474E26117EE77BFDBA051FB3C ] W8335XP C:\WINDOWS\system32\DRIVERS\Mrvw125.sys 08:20:47.0031 2112 W8335XP - ok 08:20:47.0046 2112 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 08:20:47.0046 2112 Wanarp - ok 08:20:47.0062 2112 WDICA - ok 08:20:47.0078 2112 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 08:20:47.0078 2112 wdmaud - ok 08:20:47.0109 2112 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 08:20:47.0109 2112 WebClient - ok 08:20:47.0171 2112 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 08:20:47.0171 2112 winmgmt - ok 08:20:47.0218 2112 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll 08:20:47.0218 2112 WmdmPmSN - ok 08:20:47.0265 2112 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll 08:20:47.0265 2112 Wmi - ok 08:20:47.0281 2112 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 08:20:47.0281 2112 WmiApSrv - ok 08:20:47.0328 2112 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 08:20:47.0328 2112 wscsvc - ok 08:20:47.0375 2112 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 08:20:47.0375 2112 wuauserv - ok 08:20:47.0406 2112 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 08:20:47.0421 2112 WZCSVC - ok 08:20:47.0453 2112 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 08:20:47.0453 2112 xmlprov - ok 08:20:47.0468 2112 ================ Scan global =============================== 08:20:47.0500 2112 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 08:20:47.0531 2112 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 08:20:47.0531 2112 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 08:20:47.0546 2112 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 08:20:47.0562 2112 [Global] - ok 08:20:47.0562 2112 ================ Scan MBR ================================== 08:20:47.0593 2112 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 08:20:47.0734 2112 \Device\Harddisk0\DR0 - ok 08:20:47.0734 2112 ================ Scan VBR ================================== 08:20:47.0750 2112 [ 0400AE14AB0914DB997F5CDE2A347C0E ] \Device\Harddisk0\DR0\Partition1 08:20:47.0750 2112 \Device\Harddisk0\DR0\Partition1 - ok 08:20:47.0765 2112 [ 377E80364CDE6122C2B890ABB0DDFCBC ] \Device\Harddisk0\DR0\Partition2 08:20:47.0765 2112 \Device\Harddisk0\DR0\Partition2 - ok 08:20:47.0796 2112 [ 6F620A36A6DCDDB5AF4390CDA7EF4011 ] \Device\Harddisk0\DR0\Partition3 08:20:47.0796 2112 \Device\Harddisk0\DR0\Partition3 - ok 08:20:47.0796 2112 ============================================================ 08:20:47.0796 2112 Scan finished 08:20:47.0796 2112 ============================================================ 08:20:47.0812 1612 Detected object count: 0 08:20:47.0812 1612 Actual detected object count: 0 08:20:36.0187 2928 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 08:20:36.0500 2928 ============================================================ 08:20:36.0500 2928 Current date / time: 2012/12/16 08:20:36.0500 08:20:36.0500 2928 SystemInfo: 08:20:36.0500 2928 08:20:36.0500 2928 OS Version: 5.1.2600 ServicePack: 3.0 08:20:36.0500 2928 Product type: Workstation 08:20:36.0500 2928 ComputerName: DELL 08:20:36.0500 2928 UserName: Administrator 08:20:36.0500 2928 Windows directory: C:\WINDOWS 08:20:36.0500 2928 System windows directory: C:\WINDOWS 08:20:36.0500 2928 Processor architecture: Intel x86 08:20:36.0500 2928 Number of processors: 2 08:20:36.0500 2928 Page size: 0x1000 08:20:36.0500 2928 Boot type: Normal boot 08:20:36.0500 2928 ============================================================ 08:20:37.0656 2928 Drive \Device\Harddisk0\DR0 - Size: 0x12A2480000 (74.54 Gb), SectorSize: 0x200, Cylinders: 0x2602, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 08:20:37.0656 2928 ============================================================ 08:20:37.0656 2928 \Device\Harddisk0\DR0: 08:20:37.0656 2928 MBR partitions: 08:20:37.0656 2928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x232D2B9 08:20:37.0656 2928 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x232D2F8, BlocksNum 0x2DCF22E 08:20:37.0656 2928 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x50FC526, BlocksNum 0x4415E5C 08:20:37.0656 2928 ============================================================ 08:20:37.0859 2928 E: <-> \Device\Harddisk0\DR0\Partition3 08:20:37.0890 2928 C: <-> \Device\Harddisk0\DR0\Partition1 08:20:37.0921 2928 D: <-> \Device\Harddisk0\DR0\Partition2 08:20:37.0921 2928 ============================================================ 08:20:37.0921 2928 Initialize success 08:20:37.0921 2928 ============================================================ 08:20:39.0328 2112 ============================================================ 08:20:39.0328 2112 Scan started 08:20:39.0328 2112 Mode: Manual; 08:20:39.0328 2112 ============================================================ 08:20:40.0125 2112 ================ Scan system memory ======================== 08:20:40.0125 2112 System memory - ok 08:20:40.0125 2112 ================ Scan services ============================= 08:20:40.0187 2112 Abiosdsk - ok 08:20:40.0187 2112 abp480n5 - ok 08:20:40.0218 2112 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 08:20:40.0218 2112 ACPI - ok 08:20:40.0250 2112 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 08:20:40.0250 2112 ACPIEC - ok 08:20:40.0312 2112 [ 46A5CBB09B8F0C46F8CBE9210E5E3BE2 ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe 08:20:40.0328 2112 AcrSch2Svc - ok 08:20:40.0328 2112 adpu160m - ok 08:20:40.0343 2112 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 08:20:40.0343 2112 aec - ok 08:20:40.0390 2112 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 08:20:40.0390 2112 AFD - ok 08:20:40.0390 2112 Aha154x - ok 08:20:40.0406 2112 aic78u2 - ok 08:20:40.0406 2112 aic78xx - ok 08:20:40.0453 2112 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 08:20:40.0453 2112 Alerter - ok 08:20:40.0468 2112 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 08:20:40.0468 2112 ALG - ok 08:20:40.0468 2112 AliIde - ok 08:20:40.0484 2112 amsint - ok 08:20:40.0531 2112 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 08:20:40.0531 2112 AntiVirSchedulerService - ok 08:20:40.0546 2112 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 08:20:40.0546 2112 AntiVirService - ok 08:20:40.0578 2112 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 08:20:40.0578 2112 AppMgmt - ok 08:20:40.0609 2112 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 08:20:40.0609 2112 Arp1394 - ok 08:20:40.0609 2112 asc - ok 08:20:40.0625 2112 asc3350p - ok 08:20:40.0640 2112 asc3550 - ok 08:20:40.0671 2112 [ 20D04091EBA710F6988F710507D85868 ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys 08:20:40.0671 2112 Aspi32 - ok 08:20:40.0703 2112 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 08:20:40.0703 2112 AsyncMac - ok 08:20:40.0718 2112 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 08:20:40.0718 2112 atapi - ok 08:20:40.0734 2112 Atdisk - ok 08:20:40.0750 2112 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 08:20:40.0750 2112 Atmarpc - ok 08:20:40.0765 2112 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 08:20:40.0765 2112 AudioSrv - ok 08:20:40.0781 2112 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 08:20:40.0781 2112 audstub - ok 08:20:40.0796 2112 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 08:20:40.0796 2112 avgntflt - ok 08:20:40.0812 2112 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 08:20:40.0812 2112 avipbb - ok 08:20:40.0828 2112 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 08:20:40.0828 2112 avkmgr - ok 08:20:40.0859 2112 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 08:20:40.0859 2112 Beep - ok 08:20:40.0906 2112 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 08:20:40.0906 2112 BITS - ok 08:20:40.0937 2112 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll 08:20:40.0937 2112 Browser - ok 08:20:40.0968 2112 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 08:20:40.0968 2112 cbidf2k - ok 08:20:40.0984 2112 cd20xrnt - ok 08:20:41.0000 2112 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 08:20:41.0000 2112 Cdaudio - ok 08:20:41.0031 2112 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 08:20:41.0031 2112 Cdfs - ok 08:20:41.0046 2112 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 08:20:41.0046 2112 Cdrom - ok 08:20:41.0062 2112 Changer - ok 08:20:41.0093 2112 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 08:20:41.0093 2112 CiSvc - ok 08:20:41.0125 2112 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 08:20:41.0125 2112 ClipSrv - ok 08:20:41.0125 2112 CmdIde - ok 08:20:41.0140 2112 COMSysApp - ok 08:20:41.0156 2112 Cpqarray - ok 08:20:41.0187 2112 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 08:20:41.0187 2112 CryptSvc - ok 08:20:41.0187 2112 dac2w2k - ok 08:20:41.0203 2112 dac960nt - ok 08:20:41.0250 2112 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 08:20:41.0250 2112 DcomLaunch - ok 08:20:41.0281 2112 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 08:20:41.0296 2112 Dhcp - ok 08:20:41.0312 2112 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 08:20:41.0312 2112 Disk - ok 08:20:41.0328 2112 dmadmin - ok 08:20:41.0375 2112 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 08:20:41.0375 2112 dmboot - ok 08:20:41.0406 2112 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 08:20:41.0406 2112 dmio - ok 08:20:41.0421 2112 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 08:20:41.0421 2112 dmload - ok 08:20:41.0437 2112 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 08:20:41.0437 2112 dmserver - ok 08:20:41.0468 2112 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 08:20:41.0468 2112 DMusic - ok 08:20:41.0484 2112 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 08:20:41.0484 2112 Dnscache - ok 08:20:41.0531 2112 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 08:20:41.0531 2112 Dot3svc - ok 08:20:41.0531 2112 dpti2o - ok 08:20:41.0546 2112 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 08:20:41.0546 2112 drmkaud - ok 08:20:41.0593 2112 [ A8B3EC8EE13CBE14F067C72110155A1B ] E1000 C:\WINDOWS\system32\DRIVERS\e1000325.sys 08:20:41.0593 2112 E1000 - ok 08:20:41.0625 2112 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 08:20:41.0625 2112 EapHost - ok 08:20:41.0656 2112 [ F07BA56B0235F15EFF8F10DC6389C42E ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys 08:20:41.0656 2112 epmntdrv - ok 08:20:41.0687 2112 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 08:20:41.0687 2112 ERSvc - ok 08:20:41.0703 2112 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys 08:20:41.0703 2112 EuGdiDrv - ok 08:20:41.0750 2112 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 08:20:41.0750 2112 Eventlog - ok 08:20:41.0781 2112 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 08:20:41.0781 2112 EventSystem - ok 08:20:41.0812 2112 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 08:20:41.0812 2112 Fastfat - ok 08:20:41.0828 2112 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 08:20:41.0843 2112 FastUserSwitchingCompatibility - ok 08:20:41.0859 2112 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe 08:20:41.0875 2112 Fax - ok 08:20:41.0875 2112 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 08:20:41.0875 2112 Fdc - ok 08:20:41.0890 2112 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 08:20:41.0890 2112 Fips - ok 08:20:41.0906 2112 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 08:20:41.0906 2112 Flpydisk - ok 08:20:41.0937 2112 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 08:20:41.0937 2112 FltMgr - ok 08:20:41.0937 2112 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 08:20:41.0937 2112 Fs_Rec - ok 08:20:41.0953 2112 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 08:20:41.0953 2112 Ftdisk - ok 08:20:42.0000 2112 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll 08:20:42.0000 2112 getPlusHelper - ok 08:20:42.0031 2112 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 08:20:42.0031 2112 Gpc - ok 08:20:42.0078 2112 [ 575976CD9F6A60BE788F8AEBAEF44AE5 ] ham50 C:\WINDOWS\system32\DRIVERS\IntelH51.sys 08:20:42.0078 2112 ham50 - ok 08:20:42.0140 2112 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 08:20:42.0140 2112 helpsvc - ok 08:20:42.0171 2112 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 08:20:42.0171 2112 HidUsb - ok 08:20:42.0203 2112 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 08:20:42.0203 2112 hkmsvc - ok 08:20:42.0218 2112 hpn - ok 08:20:42.0250 2112 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 08:20:42.0250 2112 HTTP - ok 08:20:42.0281 2112 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 08:20:42.0296 2112 HTTPFilter - ok 08:20:42.0296 2112 i2omgmt - ok 08:20:42.0312 2112 i2omp - ok 08:20:42.0328 2112 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 08:20:42.0328 2112 i8042prt - ok 08:20:42.0437 2112 [ 3CA41CDB9C912AED354B0C7ABE4A4654 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 08:20:42.0437 2112 ialm - ok 08:20:42.0531 2112 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 08:20:42.0531 2112 Imapi - ok 08:20:42.0609 2112 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 08:20:42.0609 2112 ImapiService - ok 08:20:42.0671 2112 [ BA316207C794B08F9DF091D69C15732D ] InCDfs C:\WINDOWS\system32\drivers\InCDfs.sys 08:20:42.0703 2112 InCDfs - ok 08:20:42.0750 2112 [ 67B66F3E1492BB1D6C4FC85AD70CDC2D ] InCDPass C:\WINDOWS\system32\DRIVERS\InCDPass.sys 08:20:42.0750 2112 InCDPass - ok 08:20:42.0781 2112 [ 09DE3DB2C41443049F3B2B7F56F57540 ] InCDrec C:\WINDOWS\system32\drivers\InCDrec.sys 08:20:42.0796 2112 InCDrec - ok 08:20:42.0812 2112 [ 0755C3F5D7A844E3CF2F1AE770F0F189 ] incdrm C:\WINDOWS\system32\drivers\incdrm.sys 08:20:42.0828 2112 incdrm - ok 08:20:42.0953 2112 [ 45B09DB32DF8D1C8FA26DF54ECB37B8D ] InCDsrv C:\Program Files\Ahead\InCD\InCDsrv.exe 08:20:42.0968 2112 InCDsrv - ok 08:20:42.0968 2112 ini910u - ok 08:20:42.0984 2112 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 08:20:42.0984 2112 IntelIde - ok 08:20:43.0015 2112 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 08:20:43.0015 2112 intelppm - ok 08:20:43.0031 2112 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 08:20:43.0031 2112 Ip6Fw - ok 08:20:43.0062 2112 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 08:20:43.0062 2112 IpFilterDriver - ok 08:20:43.0078 2112 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 08:20:43.0078 2112 IpInIp - ok 08:20:43.0109 2112 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 08:20:43.0109 2112 IpNat - ok 08:20:43.0140 2112 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 08:20:43.0140 2112 IPSec - ok 08:20:43.0156 2112 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 08:20:43.0156 2112 IRENUM - ok 08:20:43.0171 2112 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 08:20:43.0171 2112 isapnp - ok 08:20:43.0234 2112 [ 33112D12B95BD1DE18AF409D865DF10C ] ISWKL C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys 08:20:43.0234 2112 ISWKL - ok 08:20:43.0265 2112 [ CFF1CD2C1CC8F5271967AA268982E878 ] IswSvc C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe 08:20:43.0265 2112 IswSvc - ok 08:20:43.0312 2112 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 08:20:43.0312 2112 JavaQuickStarterService - ok 08:20:43.0328 2112 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 08:20:43.0328 2112 Kbdclass - ok 08:20:43.0359 2112 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 08:20:43.0359 2112 kbdhid - ok 08:20:43.0375 2112 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 08:20:43.0375 2112 kmixer - ok 08:20:43.0390 2112 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 08:20:43.0406 2112 KSecDD - ok 08:20:43.0421 2112 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 08:20:43.0421 2112 lanmanserver - ok 08:20:43.0468 2112 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 08:20:43.0468 2112 lanmanworkstation - ok 08:20:43.0468 2112 Lavasoft Kernexplorer - ok 08:20:43.0484 2112 Lbd - ok 08:20:43.0500 2112 lbrtfdc - ok 08:20:43.0531 2112 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 08:20:43.0531 2112 LmHosts - ok 08:20:43.0562 2112 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 08:20:43.0562 2112 Messenger - ok 08:20:43.0578 2112 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 08:20:43.0578 2112 mnmdd - ok 08:20:43.0609 2112 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 08:20:43.0609 2112 mnmsrvc - ok 08:20:43.0640 2112 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 08:20:43.0640 2112 Modem - ok 08:20:43.0671 2112 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys 08:20:43.0671 2112 MODEMCSA - ok 08:20:43.0671 2112 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 08:20:43.0671 2112 Mouclass - ok 08:20:43.0703 2112 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 08:20:43.0703 2112 mouhid - ok 08:20:43.0734 2112 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 08:20:43.0734 2112 MountMgr - ok 08:20:43.0734 2112 mraid35x - ok 08:20:43.0765 2112 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 08:20:43.0765 2112 MRxDAV - ok 08:20:43.0796 2112 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 08:20:43.0796 2112 MRxSmb - ok 08:20:43.0812 2112 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 08:20:43.0812 2112 MSDTC - ok 08:20:43.0828 2112 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 08:20:43.0828 2112 Msfs - ok 08:20:43.0843 2112 MSIServer - ok 08:20:43.0875 2112 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 08:20:43.0875 2112 MSKSSRV - ok 08:20:43.0890 2112 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 08:20:43.0890 2112 MSPCLOCK - ok 08:20:43.0906 2112 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 08:20:43.0906 2112 MSPQM - ok 08:20:43.0937 2112 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 08:20:43.0937 2112 mssmbios - ok 08:20:43.0953 2112 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 08:20:43.0968 2112 Mup - ok 08:20:44.0000 2112 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 08:20:44.0031 2112 napagent - ok 08:20:44.0046 2112 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 08:20:44.0046 2112 NDIS - ok 08:20:44.0062 2112 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 08:20:44.0062 2112 NdisTapi - ok 08:20:44.0078 2112 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 08:20:44.0078 2112 Ndisuio - ok 08:20:44.0093 2112 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 08:20:44.0093 2112 NdisWan - ok 08:20:44.0109 2112 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 08:20:44.0109 2112 NDProxy - ok 08:20:44.0125 2112 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 08:20:44.0125 2112 NetBIOS - ok 08:20:44.0140 2112 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 08:20:44.0140 2112 NetBT - ok 08:20:44.0171 2112 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 08:20:44.0171 2112 NetDDE - ok 08:20:44.0187 2112 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 08:20:44.0187 2112 NetDDEdsdm - ok 08:20:44.0203 2112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 08:20:44.0203 2112 Netlogon - ok 08:20:44.0250 2112 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 08:20:44.0250 2112 Netman - ok 08:20:44.0265 2112 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 08:20:44.0265 2112 NIC1394 - ok 08:20:44.0312 2112 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 08:20:44.0312 2112 Nla - ok 08:20:44.0328 2112 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys 08:20:44.0328 2112 nm - ok 08:20:44.0359 2112 [ 9865516D33BC66FDDAC9DB4087D4B6AA ] nosGetPlusHelper C:\Program Files\NOS\bin\getPlus_Helper_3004.dll 08:20:44.0359 2112 nosGetPlusHelper - ok 08:20:44.0375 2112 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 08:20:44.0375 2112 Npfs - ok 08:20:44.0406 2112 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 08:20:44.0437 2112 Ntfs - ok 08:20:44.0453 2112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 08:20:44.0453 2112 NtLmSsp - ok 08:20:44.0500 2112 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 08:20:44.0515 2112 NtmsSvc - ok 08:20:44.0531 2112 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 08:20:44.0531 2112 Null - ok 08:20:44.0562 2112 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 08:20:44.0562 2112 NwlnkFlt - ok 08:20:44.0578 2112 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 08:20:44.0578 2112 NwlnkFwd - ok 08:20:44.0593 2112 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 08:20:44.0593 2112 ohci1394 - ok 08:20:44.0625 2112 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 08:20:44.0625 2112 Parport - ok 08:20:44.0640 2112 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 08:20:44.0640 2112 PartMgr - ok 08:20:44.0671 2112 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 08:20:44.0671 2112 ParVdm - ok 08:20:44.0687 2112 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 08:20:44.0687 2112 PCI - ok 08:20:44.0703 2112 PCIDump - ok 08:20:44.0703 2112 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys 08:20:44.0703 2112 PCIIde - ok 08:20:44.0734 2112 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 08:20:44.0734 2112 Pcmcia - ok 08:20:44.0796 2112 [ C98CD9EE0012DF72206BD519DB9780D4 ] PCToolsSSDMonitorSvc C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe 08:20:44.0796 2112 PCToolsSSDMonitorSvc - ok 08:20:44.0812 2112 PDCOMP - ok 08:20:44.0828 2112 PDFRAME - ok 08:20:44.0828 2112 PDRELI - ok 08:20:44.0843 2112 PDRFRAME - ok 08:20:44.0843 2112 perc2 - ok 08:20:44.0859 2112 perc2hib - ok 08:20:44.0890 2112 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 08:20:44.0890 2112 PlugPlay - ok 08:20:44.0906 2112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 08:20:44.0906 2112 PolicyAgent - ok 08:20:44.0937 2112 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 08:20:44.0937 2112 PptpMiniport - ok 08:20:44.0937 2112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 08:20:44.0953 2112 ProtectedStorage - ok 08:20:44.0953 2112 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 08:20:44.0953 2112 PSched - ok 08:20:44.0968 2112 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 08:20:44.0968 2112 Ptilink - ok 08:20:44.0984 2112 ql1080 - ok 08:20:44.0984 2112 Ql10wnt - ok 08:20:45.0000 2112 ql12160 - ok 08:20:45.0000 2112 ql1240 - ok 08:20:45.0015 2112 ql1280 - ok 08:20:45.0031 2112 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 08:20:45.0031 2112 RasAcd - ok 08:20:45.0031 2112 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 08:20:45.0031 2112 RasAuto - ok 08:20:45.0062 2112 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 08:20:45.0062 2112 Rasl2tp - ok 08:20:45.0109 2112 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 08:20:45.0109 2112 RasMan - ok 08:20:45.0125 2112 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 08:20:45.0125 2112 RasPppoe - ok 08:20:45.0140 2112 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 08:20:45.0140 2112 Raspti - ok 08:20:45.0156 2112 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 08:20:45.0156 2112 Rdbss - ok 08:20:45.0156 2112 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 08:20:45.0171 2112 RDPCDD - ok 08:20:45.0187 2112 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 08:20:45.0187 2112 rdpdr - ok 08:20:45.0218 2112 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 08:20:45.0218 2112 RDPWD - ok 08:20:45.0234 2112 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 08:20:45.0250 2112 RDSessMgr - ok 08:20:45.0265 2112 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 08:20:45.0265 2112 redbook - ok 08:20:45.0296 2112 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 08:20:45.0296 2112 RemoteAccess - ok 08:20:45.0312 2112 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 08:20:45.0312 2112 RemoteRegistry - ok 08:20:45.0328 2112 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 08:20:45.0328 2112 RpcLocator - ok 08:20:45.0359 2112 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll 08:20:45.0359 2112 RpcSs - ok 08:20:45.0375 2112 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 08:20:45.0375 2112 RSVP - ok 08:20:45.0390 2112 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 08:20:45.0406 2112 SamSs - ok 08:20:45.0406 2112 SBRE - ok 08:20:45.0421 2112 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 08:20:45.0421 2112 SCardSvr - ok 08:20:45.0453 2112 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 08:20:45.0453 2112 Schedule - ok 08:20:45.0484 2112 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 08:20:45.0484 2112 Secdrv - ok 08:20:45.0500 2112 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 08:20:45.0500 2112 seclogon - ok 08:20:45.0546 2112 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys 08:20:45.0562 2112 senfilt - ok 08:20:45.0578 2112 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 08:20:45.0578 2112 SENS - ok 08:20:45.0593 2112 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 08:20:45.0593 2112 serenum - ok 08:20:45.0609 2112 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 08:20:45.0609 2112 Serial - ok 08:20:45.0640 2112 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys 08:20:45.0640 2112 Sfloppy - ok 08:20:45.0671 2112 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 08:20:45.0687 2112 SharedAccess - ok 08:20:45.0703 2112 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 08:20:45.0703 2112 ShellHWDetection - ok 08:20:45.0718 2112 Simbad - ok 08:20:45.0750 2112 [ 0066FF77AEB4AE70066F7E94D5A6D866 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys 08:20:45.0765 2112 smwdm - ok 08:20:45.0796 2112 [ E78C98378A071CE4D48A7C514FA98FA1 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys 08:20:45.0796 2112 snapman - ok 08:20:45.0812 2112 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 08:20:45.0812 2112 SONYPVU1 - ok 08:20:45.0828 2112 Sparrow - ok 08:20:45.0843 2112 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 08:20:45.0843 2112 splitter - ok 08:20:45.0875 2112 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 08:20:45.0875 2112 Spooler - ok 08:20:45.0890 2112 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 08:20:45.0906 2112 sr - ok 08:20:45.0921 2112 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 08:20:45.0921 2112 srservice - ok 08:20:45.0968 2112 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 08:20:45.0968 2112 Srv - ok 08:20:45.0984 2112 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 08:20:45.0984 2112 SSDPSRV - ok 08:20:46.0015 2112 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys 08:20:46.0015 2112 ssmdrv - ok 08:20:46.0062 2112 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 08:20:46.0062 2112 stisvc - ok 08:20:46.0093 2112 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 08:20:46.0093 2112 swenum - ok 08:20:46.0109 2112 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 08:20:46.0109 2112 swmidi - ok 08:20:46.0125 2112 SwPrv - ok 08:20:46.0140 2112 symc810 - ok 08:20:46.0140 2112 symc8xx - ok 08:20:46.0156 2112 sym_hi - ok 08:20:46.0156 2112 sym_u3 - ok 08:20:46.0171 2112 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 08:20:46.0187 2112 sysaudio - ok 08:20:46.0203 2112 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 08:20:46.0203 2112 SysmonLog - ok 08:20:46.0234 2112 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 08:20:46.0234 2112 TapiSrv - ok 08:20:46.0265 2112 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 08:20:46.0265 2112 Tcpip - ok 08:20:46.0296 2112 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 08:20:46.0296 2112 TDPIPE - ok 08:20:46.0312 2112 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 08:20:46.0312 2112 TDTCP - ok 08:20:46.0343 2112 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 08:20:46.0343 2112 TermDD - ok 08:20:46.0359 2112 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 08:20:46.0375 2112 TermService - ok 08:20:46.0390 2112 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 08:20:46.0390 2112 Themes - ok 08:20:46.0421 2112 [ B84B82C0CBEB1B0D7EB7A946BADE5830 ] tifsfilter C:\WINDOWS\system32\DRIVERS\tifsfilt.sys 08:20:46.0421 2112 tifsfilter - ok 08:20:46.0437 2112 [ 74711884439BDF9CCF446C79CB05FAC0 ] timounter C:\WINDOWS\system32\DRIVERS\timntr.sys 08:20:46.0453 2112 timounter - ok 08:20:46.0484 2112 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 08:20:46.0484 2112 TlntSvr - ok 08:20:46.0484 2112 TosIde - ok 08:20:46.0500 2112 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 08:20:46.0500 2112 TrkWks - ok 08:20:46.0531 2112 [ ACEB4F4F83B895E15C8C1A2F55009783 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys 08:20:46.0531 2112 truecrypt - ok 08:20:46.0546 2112 [ 81532F3628F8ACC80FD1264095960C3A ] TrueSight C:\WINDOWS\system32\drivers\TrueSight.sys 08:20:46.0562 2112 TrueSight - ok 08:20:46.0593 2112 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 08:20:46.0593 2112 Udfs - ok 08:20:46.0593 2112 ultra - ok 08:20:46.0625 2112 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 08:20:46.0640 2112 Update - ok 08:20:46.0656 2112 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 08:20:46.0671 2112 upnphost - ok 08:20:46.0671 2112 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 08:20:46.0687 2112 UPS - ok 08:20:46.0703 2112 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 08:20:46.0703 2112 usbccgp - ok 08:20:46.0734 2112 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 08:20:46.0734 2112 usbehci - ok 08:20:46.0734 2112 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 08:20:46.0734 2112 usbhub - ok 08:20:46.0765 2112 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 08:20:46.0765 2112 usbscan - ok 08:20:46.0781 2112 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 08:20:46.0781 2112 USBSTOR - ok 08:20:46.0796 2112 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 08:20:46.0796 2112 usbuhci - ok 08:20:46.0812 2112 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 08:20:46.0812 2112 VgaSave - ok 08:20:46.0828 2112 ViaIde - ok 08:20:46.0828 2112 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 08:20:46.0828 2112 VolSnap - ok 08:20:46.0875 2112 [ E0743BBE28AD2C310698148C75333729 ] Vsdatant C:\WINDOWS\system32\vsdatant.sys 08:20:46.0890 2112 Vsdatant - ok 08:20:46.0906 2112 vsmon - ok 08:20:46.0937 2112 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 08:20:46.0937 2112 VSS - ok 08:20:46.0984 2112 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 08:20:46.0984 2112 W32Time - ok 08:20:47.0031 2112 [ F0BDC2B474E26117EE77BFDBA051FB3C ] W8335XP C:\WINDOWS\system32\DRIVERS\Mrvw125.sys 08:20:47.0031 2112 W8335XP - ok 08:20:47.0046 2112 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 08:20:47.0046 2112 Wanarp - ok 08:20:47.0062 2112 WDICA - ok 08:20:47.0078 2112 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 08:20:47.0078 2112 wdmaud - ok 08:20:47.0109 2112 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 08:20:47.0109 2112 WebClient - ok 08:20:47.0171 2112 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 08:20:47.0171 2112 winmgmt - ok 08:20:47.0218 2112 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll 08:20:47.0218 2112 WmdmPmSN - ok 08:20:47.0265 2112 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll 08:20:47.0265 2112 Wmi - ok 08:20:47.0281 2112 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 08:20:47.0281 2112 WmiApSrv - ok 08:20:47.0328 2112 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 08:20:47.0328 2112 wscsvc - ok 08:20:47.0375 2112 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 08:20:47.0375 2112 wuauserv - ok 08:20:47.0406 2112 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 08:20:47.0421 2112 WZCSVC - ok 08:20:47.0453 2112 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 08:20:47.0453 2112 xmlprov - ok 08:20:47.0468 2112 ================ Scan global =============================== 08:20:47.0500 2112 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 08:20:47.0531 2112 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 08:20:47.0531 2112 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 08:20:47.0546 2112 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 08:20:47.0562 2112 [Global] - ok 08:20:47.0562 2112 ================ Scan MBR ================================== 08:20:47.0593 2112 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 08:20:47.0734 2112 \Device\Harddisk0\DR0 - ok 08:20:47.0734 2112 ================ Scan VBR ================================== 08:20:47.0750 2112 [ 0400AE14AB0914DB997F5CDE2A347C0E ] \Device\Harddisk0\DR0\Partition1 08:20:47.0750 2112 \Device\Harddisk0\DR0\Partition1 - ok 08:20:47.0765 2112 [ 377E80364CDE6122C2B890ABB0DDFCBC ] \Device\Harddisk0\DR0\Partition2 08:20:47.0765 2112 \Device\Harddisk0\DR0\Partition2 - ok 08:20:47.0796 2112 [ 6F620A36A6DCDDB5AF4390CDA7EF4011 ] \Device\Harddisk0\DR0\Partition3 08:20:47.0796 2112 \Device\Harddisk0\DR0\Partition3 - ok 08:20:47.0796 2112 ============================================================ 08:20:47.0796 2112 Scan finished 08:20:47.0796 2112 ============================================================ 08:20:47.0812 1612 Detected object count: 0 08:20:47.0812 1612 Actual detected object count: 0
-
Thanks for the respnse. I am running XP Professional 2002 SP3 Zone Alarm Pro 11.0.000.018 info.txt logfile of random's system information tool 1.09 2012-12-15 13:15:58 ======Uninstall list====== -->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\NuNInst.exe /UNINSTALL -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe" Acronis True Image Home-->MsiExec.exe /X{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B} Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB} Adobe Download Manager-->"C:\Program Files\NOS\bin\getPlusUninst_Adobe.exe" /Get1 Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10p_ActiveX.exe -maintain activex Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe -maintain plugin Adobe Reader X (10.1.2)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001} Agent Ransack Version 1.7.3-->"C:\Program Files\Mythicsoft\Agent Ransack\unins000.exe" Agfa ScanWise 2.00-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Agfa\ScanWise 2_00\uninst.isu" -c"C:\Program Files\Agfa\ScanWise 2_00\UNINSTALL.DLL" Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1} Avira Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Canon PIXMA iP4000-->C:\WINDOWS\system32\CNMCP64.exe "-PRINTERNAMECanon PIXMA iP4000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP4000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP4000 Installer\Inst2\cnmi0409.dll" CCleaner-->"C:\Program Files\CCleaner\uninst.exe" Corel Uninstaller-->C:\WINDOWS\Corel\uninst32.exe EASEUS Partition Master 5.0.1 Home Edition-->"C:\Program Files\EASEUS\EASEUS Partition Master 5.0.1 Home Edition\unins000.exe" EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe" GNU Privacy Guard-->"C:\Program Files\GNU\GnuPG\uninst-gnupg.exe" Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HD Tune 2.55-->"C:\Program Files\HD Tune\unins000.exe" Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2756822)-->"C:\WINDOWS\$NtUninstallKB2756822$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe" Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" Intel® Extreme Graphics 2 Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx PCI\VEN_8086&DEV_2572 Intel® PRO Network Adapters and Drivers-->Prounstl.exe Java 6 Update 37-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216033FF} Malwarebytes Anti-Malware version 1.65.1.1000-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} Microsoft Works 4.5-->C:\Program Files\MSWorks\Setup45\setup.exe Microsoft Works Setup Launcher-->C:\Program Files\Microsoft Works 4.5\Setup\Launcher.exe D:\ Mozilla Firefox 15.0.1 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Thunderbird 17.0 (x86 en-US)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} NCH Toolbox-->C:\Program Files\NCH Swift Sound\ToolBox\uninst.exe Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID="" OpenOffice.org 3.3-->MsiExec.exe /I{3E171899-0175-47CC-84C4-562ACDD4C021} PowerDVD-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\CyberLink\PowerDVD\Uninst.isu" Registry Mechanic 10.0-->"C:\Program Files\Registry Mechanic\unins000.exe" /Log Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2675157)-->"C:\WINDOWS\ie8updates\KB2675157-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2699988)-->"C:\WINDOWS\ie8updates\KB2699988-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2722913)-->"C:\WINDOWS\ie8updates\KB2722913-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2744842)-->"C:\WINDOWS\ie8updates\KB2744842-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2761465)-->"C:\WINDOWS\ie8updates\KB2761465-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB976325)-->"C:\WINDOWS\ie8updates\KB976325-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB978207)-->"C:\WINDOWS\ie8updates\KB978207-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe" Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe" Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe" Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe" Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe" Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe" Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe" Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe" Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe" Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe" Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe" Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe" Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe" Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe" Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe" Security Update for Windows XP (KB2491683)-->"C:\WINDOWS\$NtUninstallKB2491683$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe" Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe" Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe" Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe" Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe" Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe" Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe" Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe" Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe" Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe" Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe" Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe" Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe" Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe" Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe" Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe" Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe" Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe" Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe" Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe" Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe" Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe" Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe" Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe" Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe" Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe" Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe" Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe" Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe" Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe" Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe" Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe" Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe" Security Update for Windows XP (KB2705219)-->"C:\WINDOWS\$NtUninstallKB2705219$\spuninst\spuninst.exe" Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe" Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe" Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe" Security Update for Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe" Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe" Security Update for Windows XP (KB2723135)-->"C:\WINDOWS\$NtUninstallKB2723135$\spuninst\spuninst.exe" Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe" Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe" Security Update for Windows XP (KB2731847)-->"C:\WINDOWS\$NtUninstallKB2731847$\spuninst\spuninst.exe" Security Update for Windows XP (KB2753842)-->"C:\WINDOWS\$NtUninstallKB2753842$\spuninst\spuninst.exe" Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe" Security Update for Windows XP (KB2761226)-->"C:\WINDOWS\$NtUninstallKB2761226$\spuninst\spuninst.exe" Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe" Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe" Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe" Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe" Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe" Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe" Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe" Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe" SimpleOCR 3.1-->C:\PROGRA~1\SIMPLE~1\UNWISE.EXE C:\PROGRA~1\SIMPLE~1\INSTALL.LOG SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe" Switch Sound File Converter-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe SyncBack-->"C:\Program Files\2BrightSparks\SyncBack\unins000.exe" TrueCrypt-->"C:\Program Files\TrueCrypt\TrueCrypt Setup.exe" /u Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB978506)-->"C:\WINDOWS\ie8updates\KB978506-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe" Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe" Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe" Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe" Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe" Update for Windows XP (KB2616676-v2)-->"C:\WINDOWS\$NtUninstallKB2616676-v2$\spuninst\spuninst.exe" Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe" Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe" Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe" Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe" Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe" Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Update for Windows XP (KB978207)-->"C:\WINDOWS\$NtUninstallKB978207$\spuninst\spuninst.exe" VC 9.0 Runtime-->MsiExec.exe /I{02E89EFC-7B07-4D5A-AA03-9EC0902914EE} VLC media player 2.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe WavePad Sound Editor-->C:\Program Files\NCH Swift Sound\WavePad\uninst.exe Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" ZoneAlarm Firewall-->MsiExec.exe /I{E25ED28D-3F3F-4707-8DFA-66CA75FB9329} ZoneAlarm Pro-->"C:\Program Files\CheckPoint\Install\Install.exe" /s uninstall ZoneAlarm Security-->MsiExec.exe /I{AD32654E-90CF-42F2-8CB3-88DA6F1AA11A} ======Hosts File====== 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com ======Security center information====== AV: Avira Desktop (disabled) FW: ZoneAlarm Pro Firewall (disabled) ======System event log====== Computer Name: DELL Event Code: 1003 Message: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 0019B92F743A. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. Record Number: 52830 Source Name: Dhcp Time Written: 20120919064622.000000+060 Event Type: warning User: Computer Name: DELL Event Code: 4226 Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Record Number: 52826 Source Name: Tcpip Time Written: 20120918151512.000000+060 Event Type: warning User: Computer Name: DELL Event Code: 7026 Message: The following boot-start or system-start driver(s) failed to load: Lbd SBRE Record Number: 52814 Source Name: Service Control Manager Time Written: 20120918114919.000000+060 Event Type: error User: Computer Name: DELL Event Code: 1002 Message: The IP address lease 192.168.1.2 for the Network Card with network address 0019B92F743A has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). Record Number: 52808 Source Name: Dhcp Time Written: 20120918114815.000000+060 Event Type: error User: Computer Name: DELL Event Code: 7026 Message: The following boot-start or system-start driver(s) failed to load: Lbd SBRE Record Number: 52793 Source Name: Service Control Manager Time Written: 20120918061952.000000+060 Event Type: error User: =====Application event log===== Computer Name: DELL Event Code: 0 Message: Record Number: 5036 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20120407074350.000000+060 Event Type: warning User: Computer Name: DELL Event Code: 0 Message: Record Number: 5034 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20120407074347.000000+060 Event Type: warning User: Computer Name: DELL Event Code: 0 Message: Record Number: 5033 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20120407074347.000000+060 Event Type: warning User: Computer Name: DELL Event Code: 0 Message: Record Number: 5032 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20120407074346.000000+060 Event Type: warning User: Computer Name: DELL Event Code: 0 Message: Record Number: 5031 Source Name: System.ServiceModel.Install 3.0.0.0 Time Written: 20120407074346.000000+060 Event Type: warning User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 4, GenuineIntel "PROCESSOR_REVISION"=0304 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "tvdebugcategories"=Off "tvdumpflags"=8 -----------------EOF----------------- Logfile of random's system information tool 1.09 (written by random/random) Run by Administrator at 2012-12-15 13:44:47 Microsoft Windows XP Professional Service Pack 3 System drive C: has 9 GB (48%) free of 18 GB Total RAM: 2039 MB (71% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:44:58, on 15/12/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Administrator\Desktop\RSIT.exe C:\Program Files\trend micro\Administrator.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R3 - URLSearchHook: ZoneAlarm Security Suite Toolbar - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: ZoneAlarm Security Suite - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - (no file) O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: ZoneAlarm Security Suite Toolbar - {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - (no file) O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: AutorunsDisabled O4 - Global Startup: AutorunsDisabled O8 - Extra context menu item: Download Flash with Flash &Grabber - res://C:\PROGRA~1\FLASHG~1\swfgrab.dll/iesave O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1341986214343 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe O24 - Desktop Component AutorunsDisabled: (no name) - (no file) -- End of file - 7324 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\SyncBack BACKUP OF DATA.job C:\WINDOWS\tasks\SyncBack daily.job C:\WINDOWS\tasks\wavepadShakeIcon.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kbx4p9zm.Default User 1 prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25, {3ce45c4f-bfff-4988-9a3c-a75c1f491319}:3.5.1.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.18" prefs.js - "keyword.URL" - "chrome://browser-region/locale/region.properties" "{FFB96CC1-7EB3-449D-B827-DB661701C6BB}"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker "jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.5.502.135 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@checkpoint.com/FFApi] "Description"=ZoneAlarm LTD Toolbar Api "Path"=C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37] "Description"= "Path"=C:\WINDOWS\system32\npdeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nosltd.com/getPlus+®,version=1.6.2.102] "Description"=getPlus+® "Path"=C:\Program Files\NOS\bin\np_gp.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=8] "Description"=Google Update "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.1] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files\Mozilla Firefox\plugins\ nppdf32.dll np_gp.dll C:\Program Files\Mozilla Firefox\searchplugins\ amazondotcom.xml bing.xml eBay.xml google.xml twitter.xml wikipedia.xml yahoo.xml C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\kbx4p9zm.Default User 1\extensions\ {E2883E8F-472F-4fb0-9522-AC9BF37916A7} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ce45c4f-bfff-4988-9a3c-a75c1f491319}] ZoneAlarm Security Suite Toolbar [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-10-25 329712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}] ZoneAlarm Security Engine Registrar - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-02 603816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-10-25 59376] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-10-25 79856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {3ce45c4f-bfff-4988-9a3c-a75c1f491319} - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2012-11-02 603816] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2012-08-01 348664] "TrueImageMonitor.exe"=C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [2007-02-16 1169776] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928] "IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2006-05-25 155648] "HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2006-05-25 126976] "AcronisTimounterMonitor"=C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe [2007-02-16 1945960] "Acronis Scheduler2 Service"=C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [2007-02-16 149024] "ISW"= [] "ZoneAlarm"=C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [2012-11-07 73392] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896] C:\Documents and Settings\All Users\Start Menu\Programs\Startup AutorunsDisabled C:\Documents and Settings\Administrator\Start Menu\Programs\Startup AutorunsDisabled [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2006-05-25 348160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa] "authentication packages"=msv1_0 relog_ap [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "wave1"=serwvdrv.dll ======File associations====== .reg - edit - .reg - open - ======List of files/folders created in the last 1 month====== 2012-12-15 13:15:37 ----D---- C:\Program Files\trend micro 2012-12-15 13:15:36 ----D---- C:\rsit 2012-12-12 06:59:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$ 2012-12-12 06:51:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$ 2012-12-12 06:50:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$ 2012-12-12 06:50:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$ 2012-12-12 06:49:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842$ 2012-12-09 19:01:05 ----D---- C:\Program Files\Mozilla Thunderbird 2012-11-21 19:33:18 ----D---- C:\Program Files\Common Files\Java 2012-11-21 19:32:01 ----A---- C:\WINDOWS\system32\javaws.exe 2012-11-21 19:32:01 ----A---- C:\WINDOWS\system32\javaw.exe 2012-11-21 19:32:01 ----A---- C:\WINDOWS\system32\java.exe 2012-11-16 09:15:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$ 2012-11-16 09:15:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2761226$ ======List of files/folders modified in the last 1 month====== 2012-12-15 13:44:58 ----D---- C:\WINDOWS\Prefetch 2012-12-15 13:44:24 ----D---- C:\WINDOWS\Temp 2012-12-15 13:15:37 ----RD---- C:\Program Files 2012-12-15 08:59:49 ----SHD---- C:\System Volume Information 2012-12-15 08:56:52 ----D---- C:\WINDOWS\system32\NtmsData 2012-12-15 08:18:13 ----D---- C:\WINDOWS\Registration 2012-12-15 08:17:46 ----D---- C:\WINDOWS\system32\drivers 2012-12-15 08:11:24 ----D---- C:\WINDOWS\system32\CatRoot2 2012-12-15 08:10:49 ----A---- C:\WINDOWS\SchedLgU.Txt 2012-12-15 06:55:27 ----SD---- C:\WINDOWS\Tasks 2012-12-15 06:54:12 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2012-12-15 06:44:51 ----D---- C:\WINDOWS 2012-12-14 18:28:59 ----D---- C:\Program Files\Mozilla Firefox 2012-12-13 09:02:12 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2012-12-12 17:38:23 ----D---- C:\WINDOWS\system32 2012-12-12 08:09:23 ----D---- C:\WINDOWS\Debug 2012-12-12 06:59:30 ----D---- C:\WINDOWS\inf 2012-12-12 06:59:24 ----RSHDC---- C:\WINDOWS\system32\dllcache 2012-12-12 06:56:01 ----D---- C:\Program Files\Internet Explorer 2012-12-12 06:51:54 ----A---- C:\WINDOWS\system32\MRT.exe 2012-12-12 06:50:58 ----D---- C:\WINDOWS\ie8updates 2012-12-12 06:50:43 ----HD---- C:\WINDOWS\$hf_mig$ 2012-12-10 17:49:20 ----D---- C:\Documents and Settings\Administrator\Application Data\vlc 2012-12-10 17:49:18 ----D---- C:\Documents and Settings\Administrator\Application Data\dvdcss 2012-12-10 11:37:53 ----D---- C:\WINDOWS\system32\FxsTmp 2012-12-07 20:42:24 ----D---- C:\Program Files\Winamp 2012-12-07 17:17:47 ----A---- C:\WINDOWS\winamp.ini 2012-11-28 19:45:48 ----D---- C:\Program Files\CCleaner 2012-11-23 09:48:43 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2012-11-23 09:44:41 ----SHD---- C:\WINDOWS\Installer 2012-11-23 09:44:41 ----D---- C:\WINDOWS\WinSxS 2012-11-23 09:44:33 ----D---- C:\Program Files\Common Files\Microsoft Shared 2012-11-21 19:33:18 ----D---- C:\Program Files\Common Files 2012-11-21 19:31:58 ----D---- C:\Program Files\Java 2012-11-21 18:25:43 ----SH---- C:\boot.ini 2012-11-21 18:25:43 ----A---- C:\WINDOWS\win.ini 2012-11-21 18:25:43 ----A---- C:\WINDOWS\system.ini 2012-11-18 15:14:54 ----D---- C:\Program Files\CheckPoint 2012-11-18 15:13:18 ----D---- C:\Documents and Settings\All Users\Application Data\CheckPoint 2012-11-17 09:25:52 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2012-11-16 16:26:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2012-11-16 08:59:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 snapman;Acronis Snapshots Manager; C:\WINDOWS\system32\DRIVERS\snapman.sys [2010-01-27 114048] R0 timounter;Acronis True Image Backup Archive Explorer; C:\WINDOWS\system32\DRIVERS\timntr.sys [2010-01-27 392320] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2012-05-08 137928] R1 avkmgr;avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [2011-09-15 36000] R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-09-20 29696] R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2005-09-20 28672] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-06-17 28520] R1 truecrypt;truecrypt; C:\WINDOWS\System32\drivers\truecrypt.sys [2010-03-09 223440] R1 Vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2012-11-07 527408] R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1997-12-23 23936] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2012-05-08 83392] R2 ISWKL;ZoneAlarm LTD Toolbar ISWKL; \??\C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [] R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2010-01-27 32768] R3 E1000;Intel® PRO/1000 Adapter Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2003-07-11 121856] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-05-25 807804] R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-22 260224] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-09-20 101760] S0 Lbd;Lbd; C:\WINDOWS\system32\DRIVERS\Lbd.sys [] S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] S1 SBRE;SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [] S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [] S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [] S3 ham50;Intel V92 HaM Data Fax Voice; C:\WINDOWS\system32\DRIVERS\IntelH51.sys [2002-06-21 469935] S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] S3 Lavasoft Kernexplorer;Lavasoft helper driver; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [] S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128] S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320] S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 W8335XP;802.11g/b Driver for Windows XP ; C:\WINDOWS\system32\DRIVERS\Mrvw125.sys [2007-06-19 282624] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-02-16 411168] R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224] R2 AntiVirService;Avira Realtime Protection; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2012-05-08 110032] R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-09-20 877056] R2 IswSvc;ZoneAlarm LTD Toolbar IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [2012-11-02 497320] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-09-24 153584] R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-01-28 632792] S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776] S2 vsmon;TrueVector Internet Monitor; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [2012-11-07 2447440] S3 getPlusHelper;getPlus® Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 nosGetPlusHelper;getPlus® Helper 3004; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] -----------------EOF-----------------
-
Somehow win32/help.txt hit oue computer this week. Malwarebytes found it and its now in quarantine. I ran Malwrebytes, Spybot and Avira anti-virus today with no detections of anything. However I understand that the .txt message can be controlling s trojan and I am therefore unsure if I have a problem or not. I tried to run ddr.scr after checking that IE has both script debugging items checked as disabled in Internet options. A notice appears telling me that 2 logs will be placed on my desktop and a bunch of Zonealarm warings come up which I allow. However nothing happens and the Dell GX270 PC is frozen. I have tried repeating the operation again with no luck. Internet connection was off and Avira disabled. Help!
-
Somehow in the last week we have been hit by win32/help.txt which was found by Mwlwarebytes yesterday and quarantined. Today we have run Malwarebytes, Spybot and Avira anti-virus and nothing has been highlighted. However web pages mention the possibility of a hidden trojan collecting passwords connected to Stolen.data. Should we be concerned and if so what should we do...Thanks