Jump to content

Recommended Posts

Hi,

My system has been infected , I have attached the logs as per instructions.

Thanks in advance for any help!

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.5730.11

Run by Administrator at 8:52:51 on 2012-02-25

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.123 [GMT -5:00]

.

AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {D5676B8F-DAF6-4ECC-9766-1F2FAF02629C}

FW: Trend Micro Personal Firewall *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\DGAgent\DgService.exe

svchost.exe

svchost.exe

C:\Program Files\DGAgent\dgagent.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\WgaTray.exe

C:\Program Files\DGAgent\dgprompt.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe

C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe

svchost.exe

C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Program Files\Trend Micro\OfficeScan Client\Misc\xpupg.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe

C:\WINDOWS\system32\SearchIndexer.exe

\\.\globalroot\SystemRoot\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\TEMP\QK464E.EXE

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\Program Files\Trend Micro\OfficeScan Client\TSC.EXE

.

============== Pseudo HJT Report ===============

.

uStart Page = https://www.prometric.com/Network/Login.asp

uInternet Settings,ProxyOverride = <local>

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\officescan client\pccntmon.exe" -HideWindow

mRun: [DrvLsnr] c:\program files\analog devices\soundmax\DrvLsnr.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices

mRun: [<NO NAME>]

mRun: [statusClient] c:\program files\hewlett-packard\toolbox2.0\apache tomcat 4.0\webapps\toolbox\statusclient\StatusClient.exe /auto

mRun: [HPLJ Config] c:\program files\hewlett-packard\hp laserjet 1150_1300\SetConfig.exe -c Direct -p DOT4_001 -pn "hp LaserJet 1300 PCL 6" -n 0 -l 1033 -sl 120000

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

LSP: mswsock.dll

Trusted Zone: 2test.com

Trusted Zone: 2test.com\www

Trusted Zone: prometric.com\ehelp

Trusted Zone: prometric.com\polaris

Trusted Zone: prometric.com\pulse

Trusted Zone: prometric.com\www

Trusted Zone: prometric.com\www.polaris

Trusted Zone: yahoo.com

Trusted Zone: microsoft.com

Trusted Zone: prometric.com

Trusted Zone: webex.com

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242673537187

DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6} : NameServer = 172.16.9.5

TCP: Interfaces\{0B48F0F0-317A-4396-B50F-52C45E126EDA} : DhcpNameServer = 198.6.1.142 198.6.1.146 10.10.1.184 10.173.15.176

TCP: Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC} : NameServer = 172.16.9.5

TCP: Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35} : NameServer = 172.16.9.5

TCP: Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35} : DhcpNameServer = 198.6.1.142 198.6.1.146

TCP: Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772} : NameServer = 172.16.9.5

TCP: Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772} : DhcpNameServer = 198.6.1.142 198.6.1.146

TCP: Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C} : NameServer = 172.16.9.5

TCP: Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358} : NameServer = 172.16.9.5

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Handler: RS - {DE475C95-5280-11D4-A475-0090278A19C8} - c:\utdsys\POLESS.dll

Notify: igfxcui - igfxsrvc.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, OfpivkEbwagv.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\zg9mnrzg.default\

FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll

.

============= SERVICES / DRIVERS ===============

.

R0 dgbusmon;DGBusMon;c:\windows\system32\drivers\dgbusmon.sys []

R0 DGMASTER;DGMaster;c:\windows\system32\drivers\dgmaster.sys []

R0 dgtdimon;DGTDIMon;c:\windows\system32\drivers\dgtdimon.sys []

R2 DGService;Usage History Monitor;c:\program files\dgagent\DgService.exe []

R2 TmFilter;Trend Micro Filter;c:\program files\trend micro\officescan client\tmxpflt.sys [2006-9-6 262416]

R2 TmPreFilter;Trend Micro PreFilter;c:\program files\trend micro\officescan client\tmpreflt.sys [2006-9-6 36624]

R3 dgapimon;DGAPIMon;c:\windows\system32\drivers\dgapimon.sys []

R3 dgfsmon;DGFSMon;c:\windows\system32\drivers\dgfsmon.sys []

R3 dgkpmail;DGKPMail;c:\windows\system32\drivers\dgkpmail.sys []

R3 dgrule;DGRule;c:\windows\system32\drivers\dgrule.sys []

R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2004-11-5 307984]

R4 dgcotman;dgcotman;c:\windows\system32\drivers\dgcotman.sys []

S?2 avfilter;Mwstick;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S?2 avg7rsw;Meraksmtp;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S?2 awlegacy;Unrealircd;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S?2 axinstsv;Cpqarry2;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S?2 ccpwdsvc;Ghostsec;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S?2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S?2 CTMFLT;Blfp;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S?2 DMUSBUSBDCam;CTHWIUT.DLL;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S?2 ikfilesec;DivisCTS;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S?2 iksysflt;Useraccess;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S?2 iksyssec;WLAN_USB;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S?2 pavfnsvr;Epfw;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S2 ca-messagequeuing;Wpshelper;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]

S2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\passthrusvr.exe --> c:\program files\htc\internet pass-through\PassThruSvr.exe [?]

S3 DCamUSBVeo532;Veo Stingray/Connect Web Camera;c:\windows\system32\drivers\ubVeo532.sys [2002-7-1 95232]

S3 DGDmk;DGDmk;c:\windows\system32\drivers\DgDmk.sys []

S3 DgDmkDisk;DgDmkDisk;c:\windows\system32\drivers\DgDmkDisk.sys []

S3 DGDT;DGDT;c:\windows\system32\drivers\DgDt.sys []

S3 DGFILTR;DGFILTR;c:\windows\system32\drivers\dgfiltr.sys --> c:\windows\system32\drivers\DgFiltr.sys [?]

S3 DGFS;DGFS;c:\windows\system32\drivers\DgFs.sys []

S3 DGLFS;DGLFS;c:\windows\system32\drivers\DgLfs.sys []

S3 DGREC;DGREC;c:\windows\system32\drivers\dgrec.sys --> c:\windows\system32\drivers\DgRec.sys [?]

S3 DGScan;Usage History Scanning Service;c:\program files\dgagent\DgScan.exe []

S3 easytether;easytether;c:\windows\system32\drivers\easytthr.sys --> c:\windows\system32\drivers\easytthr.sys [?]

S3 FTRUSB;Futronic USB Fingerprint Scanner Device;c:\windows\system32\drivers\FTRUSB.sys [2005-12-7 16256]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2011-12-12 24576]

S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-22 21248]

S3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2008-1-28 36608]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

.

=============== Created Last 30 ================

.

2012-02-23 19:52:09 102400 ----a-w- c:\windows\RegBootClean.exe

2012-02-23 19:48:24 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes

2012-02-23 19:48:07 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-23 19:46:44 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-02-23 18:35:37 -------- d-----w- c:\documents and settings\administrator\application data\Windows Search

2012-02-23 18:33:46 -------- d-----w- c:\documents and settings\administrator\local settings\application data\ApplicationHistory

2012-02-23 15:09:35 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Adobe

2012-02-23 15:06:57 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Identities

2012-02-22 18:57:47 11264 ----a-w- c:\windows\DCEBoot.exe

2012-02-21 20:52:30 0 --sha-w- c:\windows\system32\dds_log_trash.cmd

2012-02-21 20:48:39 -------- d-sh--w- c:\documents and settings\administrator\local settings\application data\1703546e

2012-02-21 20:48:36 25600 ----a-w- c:\windows\system32\OfpivkEbwagv.dll

2012-02-18 20:46:48 -------- d-----w- c:\program files\Acro Software

2012-02-09 14:34:46 -------- d-----w- C:\Copy of HP_P2055_default_install_v6.1_ww

.

==================== Find3M ====================

.

2011-12-21 18:56:07 33638 ----a-w- c:\windows\system32\PDFCAWW6xxSM_Uninstall.exe

2011-12-17 18:52:16 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

============= FINISH: 8:57:07.48 ===============

Link to post
Share on other sites

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 1/22/2008 4:44:06 PM

System Uptime: 2/25/2012 8:49:41 AM (0 hours ago)

.

Motherboard: Hewlett-Packard | | 090Ch

Processor: Intel® Pentium® 4 CPU 3.00GHz | XU1 PROCESSOR | 2992/800mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 38 GiB total, 24.748 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP384: 1/20/2012 4:12:53 AM - System Checkpoint

RP385: 1/21/2012 4:22:42 AM - System Checkpoint

RP386: 1/22/2012 5:22:41 AM - System Checkpoint

RP387: 1/23/2012 6:22:40 AM - System Checkpoint

RP388: 1/24/2012 6:24:37 AM - System Checkpoint

RP389: 1/25/2012 6:29:22 AM - System Checkpoint

RP390: 1/26/2012 8:06:15 AM - System Checkpoint

RP391: 1/27/2012 10:12:00 AM - System Checkpoint

RP392: 1/28/2012 12:07:17 PM - System Checkpoint

RP393: 1/29/2012 12:55:04 PM - System Checkpoint

RP394: 1/30/2012 1:13:03 PM - System Checkpoint

RP395: 2/1/2012 9:46:10 AM - System Checkpoint

RP396: 2/2/2012 9:46:37 AM - System Checkpoint

RP397: 2/3/2012 9:58:59 AM - System Checkpoint

RP398: 2/4/2012 10:01:44 AM - System Checkpoint

RP399: 2/5/2012 10:59:06 AM - System Checkpoint

RP400: 2/6/2012 12:36:30 PM - System Checkpoint

RP401: 2/7/2012 12:53:54 PM - System Checkpoint

RP402: 2/8/2012 12:56:29 PM - System Checkpoint

RP403: 2/9/2012 1:16:00 PM - System Checkpoint

RP404: 2/10/2012 1:37:57 PM - System Checkpoint

RP405: 2/11/2012 2:54:38 PM - System Checkpoint

RP406: 2/12/2012 3:26:45 PM - System Checkpoint

RP407: 2/13/2012 4:35:07 PM - System Checkpoint

RP408: 2/14/2012 5:10:11 PM - System Checkpoint

RP409: 2/15/2012 5:58:32 PM - System Checkpoint

RP410: 2/16/2012 6:58:35 PM - System Checkpoint

RP411: 2/17/2012 7:50:32 PM - System Checkpoint

RP412: 2/18/2012 3:46:55 PM - Printer Driver CutePDF Writer Installed

RP413: 2/18/2012 5:30:15 PM - Removed Ask Toolbar.

RP414: 2/19/2012 6:19:39 PM - System Checkpoint

RP415: 2/20/2012 7:19:39 PM - System Checkpoint

RP416: 2/21/2012 7:32:06 PM - System Checkpoint

RP417: 2/23/2012 11:09:33 AM - System Checkpoint

.

==== Installed Programs ======================

.

.

32 Bit HP CIO Components Installer

Acrobat.com

Adobe AIR

Adobe Digital Editions

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 9.5.0

CCleaner (remove only)

CLNTATA8

Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition

DTS2 Security Update

High Definition Audio Driver Package - KB888111

Hot Drops Workstation Install

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB915800-v4)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

hp LaserJet 1150 / 1300

HP LaserJet P2050 Series 6.0

hppFonts

hppQFolderP2050

HTC BMP USB Driver

HTC Driver Installer

HTC Sync

Intel® Extreme Graphics 2 Driver

Intel® Graphics Media Accelerator Driver

Intel® PRO Network Connections 12.1.14.1

Java Auto Updater

Java 6 Update 18

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2572067)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Base Smart Card Cryptographic Service Provider Package

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft National Language Support Downlevel APIs

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Primary Interoperability Assemblies 2005

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 14

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox 8.0.1 (x86 en-US)

MSHowlerLatency_1,0,0,1

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MSXML 4.0 SP3 Parser

MSXML 6.0 Parser

Notepad++

NVIDIA Drivers

OSCE_MSI_NT_CLIENT

PMMSTrueID

Print Wait Install

ProNotifier

ProUTDCalc

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft Excel 2010 (KB2553070)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2530548)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2559049)

Security Update for Windows Internet Explorer 7 (KB2586448)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows Media Player 9 (KB936782)

Security Update for Windows Search 4 - KB963093

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

SoundMAX

Spelling Dictionaries Support For Adobe Reader 9

TCFlow Activity Manager

temp

Trend Micro OfficeScan Client

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

Update for Microsoft Windows (KB971513)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2492386)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB943729)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

UTD IBT Plugin

UTDCore

WebEx

WebEx Support Manager for Internet Explorer

WebFldrs XP

WebReg

WinDjView 1.0.3

Windows Driver Package - Infineon Technologies AG (IFXTPM) System (11/29/2006 1.90.0000.00)

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Management Framework Core

Windows Media Format 11 runtime

Windows Media Player 11

Windows Search 4.0

Windows XP Service Pack 3

WinSCP 4.3.6

ZeonUTDPDF_2,3,6,2

Link to post
Share on other sites

.

==== Event Viewer Messages From Past Week ========

.

2/25/2012 8:52:58 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Nmwcdc service to connect.

2/25/2012 8:35:41 AM, error: Service Control Manager [7023] - The Nmwcdc service terminated with the following error: The system cannot find the file specified.

2/25/2012 8:32:05 AM, error: Service Control Manager [7023] - The Wpshelper service terminated with the following error: The specified module could not be found.

2/25/2012 8:31:05 AM, error: Service Control Manager [7023] - The Nvmpu401 service terminated with the following error: The specified module could not be found.

2/25/2012 8:30:05 AM, error: Service Control Manager [7023] - The NWDNS service terminated with the following error: The specified module could not be found.

2/25/2012 8:29:05 AM, error: Service Control Manager [7023] - The MxlW2k service terminated with the following error: The specified module could not be found.

2/25/2012 8:28:05 AM, error: Service Control Manager [7023] - The NsTrcNT service terminated with the following error: The specified module could not be found.

2/25/2012 8:27:05 AM, error: Service Control Manager [7023] - The Apache2 service terminated with the following error: The specified module could not be found.

2/25/2012 8:26:05 AM, error: Service Control Manager [7023] - The Pvservice service terminated with the following error: The specified module could not be found.

2/25/2012 8:25:11 AM, error: Service Control Manager [7023] - The Mssqlserverolapservice service terminated with the following error: The specified module could not be found.

2/25/2012 8:24:11 AM, error: Service Control Manager [7023] - The CTEDSPIO.DLL service terminated with the following error: The specified module could not be found.

2/25/2012 8:23:11 AM, error: Service Control Manager [7023] - The Vmkbd service terminated with the following error: The specified module could not be found.

2/25/2012 8:22:05 AM, error: Service Control Manager [7023] - The Vpcnets2 service terminated with the following error: The specified module could not be found.

2/25/2012 8:21:11 AM, error: Service Control Manager [7023] - The Mail2ec service terminated with the following error: The specified module could not be found.

2/25/2012 8:20:11 AM, error: Service Control Manager [7023] - The Cfosspeeds service terminated with the following error: The specified module could not be found.

2/25/2012 8:19:11 AM, error: Service Control Manager [7023] - The Tifsfilter service terminated with the following error: The specified module could not be found.

2/25/2012 8:18:11 AM, error: Service Control Manager [7023] - The F700iob service terminated with the following error: The specified module could not be found.

2/25/2012 8:17:11 AM, error: Service Control Manager [7023] - The Smcservice service terminated with the following error: The specified module could not be found.

2/25/2012 8:16:05 AM, error: Service Control Manager [7023] - The Iwebmsg service terminated with the following error: The specified module could not be found.

2/25/2012 8:15:11 AM, error: Service Control Manager [7023] - The Backupexecnotificationserver service terminated with the following error: The specified module could not be found.

2/25/2012 8:14:11 AM, error: Service Control Manager [7023] - The Nmwcdcj service terminated with the following error: The specified module could not be found.

2/25/2012 8:13:11 AM, error: Service Control Manager [7023] - The SE2Cobex service terminated with the following error: The specified module could not be found.

2/25/2012 8:12:11 AM, error: Service Control Manager [7023] - The Avgtdi service terminated with the following error: The specified module could not be found.

2/25/2012 8:11:11 AM, error: Service Control Manager [7023] - The Service service terminated with the following error: The specified module could not be found.

2/25/2012 8:10:11 AM, error: Service Control Manager [7023] - The Streamloadservice service terminated with the following error: The specified module could not be found.

2/25/2012 8:09:11 AM, error: Service Control Manager [7023] - The Racsvc service terminated with the following error: The specified module could not be found.

2/25/2012 8:08:11 AM, error: Service Control Manager [7023] - The Tvtpktfilter service terminated with the following error: The specified module could not be found.

2/25/2012 8:07:11 AM, error: Service Control Manager [7023] - The Winpowerrmi service terminated with the following error: The specified module could not be found.

2/25/2012 8:06:11 AM, error: Service Control Manager [7023] - The S125mgmt service terminated with the following error: The specified module could not be found.

2/25/2012 8:05:12 AM, error: Service Control Manager [7023] - The Uploadmgr service terminated with the following error: The specified module could not be found.

2/25/2012 8:04:09 AM, error: Service Control Manager [7023] - The Pwd_2K service terminated with the following error: The specified module could not be found.

2/25/2012 8:03:12 AM, error: Service Control Manager [7023] - The Websensepolicyserver service terminated with the following error: The specified module could not be found.

2/25/2012 8:02:13 AM, error: Service Control Manager [7023] - The Crystaloutputfileserver service terminated with the following error: The specified module could not be found.

2/25/2012 8:01:15 AM, error: Service Control Manager [7023] - The Rtl8029 service terminated with the following error: The specified module could not be found.

2/25/2012 8:00:15 AM, error: Service Control Manager [7023] - The Lwwlicenseservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:59:16 AM, error: Service Control Manager [7023] - The Mwstick service terminated with the following error: The specified module could not be found.

2/25/2012 7:58:12 AM, error: Service Control Manager [7023] - The V0080Dev service terminated with the following error: The specified module could not be found.

2/25/2012 7:57:12 AM, error: Service Control Manager [7023] - The Cvintdrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:56:13 AM, error: Service Control Manager [7023] - The WLAN_USB service terminated with the following error: The specified module could not be found.

2/25/2012 7:55:13 AM, error: Service Control Manager [7023] - The Pnkbstra service terminated with the following error: The specified module could not be found.

2/25/2012 7:54:14 AM, error: Service Control Manager [7023] - The Deltafw service terminated with the following error: The specified module could not be found.

2/25/2012 7:53:13 AM, error: Service Control Manager [7023] - The Avg7updsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:52:41 AM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.

2/25/2012 7:52:23 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the KMW_USB service to connect.

2/25/2012 7:51:16 AM, error: Service Control Manager [7023] - The L8042pr2 service terminated with the following error: The specified module could not be found.

2/25/2012 7:50:15 AM, error: Service Control Manager [7023] - The MA_CMIDI service terminated with the following error: The specified module could not be found.

2/25/2012 7:49:13 AM, error: Service Control Manager [7023] - The Parallel service terminated with the following error: The specified module could not be found.

2/25/2012 7:48:04 AM, error: Service Control Manager [7023] - The ASLDRService service terminated with the following error: The specified module could not be found.

2/25/2012 7:47:25 AM, error: Service Control Manager [7023] - The ZDPSp50 service terminated with the following error: The specified module could not be found.

2/25/2012 7:46:09 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The WaveEnrollmentService service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The SRTSPL service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Sfhlp02 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Se2Dunic service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Se2Cnd5 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Psdvdisk service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Oraclesnmppeerencapsulator service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Ood2000 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Nwlnknb service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Moufiltr service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Isapisearch service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Fssfltr service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Fasttraksvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Curtainssyssvc service terminated with the following error: The system cannot find the file specified.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Websensecamserver service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The W300mdfl service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Vwd service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The VC6SecS service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Transactional service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Symredrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The SQLAgent$ABBEYIIOFFLINE service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Smartwiservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Se58mdfl service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Rpcnet service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Psasrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Prismxl service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Pmounter service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Pdlnsx25 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Oracleoradb10g_home1isql*plus service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The NWUSBPort service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The NICM service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Ndassvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The MtxDma0 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Ltck000c service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Lckfldservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The K750mdm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The IviVD service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The InCDsrvR service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Imaservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Hap17v2k service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Ha20x2k service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The GoProto service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The FTDIBUS service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Fsbwsys service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The El90xbc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Dvd43llh service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Dtsagntsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Cwafreportscheduler service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Cvsnt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The CADlink service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Belgium_id_card_service service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The APLMp50 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Zendcoreapache service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The WmaCVideo32 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Vci service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Vaiomediaplatform-photoserver-appserver service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The TSHWMDTCP service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Tfsnpool service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Servicelayer service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Scsiaccess service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Sandrathesrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The S117obex service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Rtm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Omnidrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Noipducservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Msftpsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Mi-raysat_3dsmax8 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The KR10N service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Issuser service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The IntelC51 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Int15.sys service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Iastor service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Hidusb service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The HIDSwvd service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Ehstart service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The DN2AKNET service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The CXTUNE service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Ctac32k service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Coste service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Cicssfs.scmmc223 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Ativraxx service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The AR5523 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The AFGSp50 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Ac97intc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Z525mgmt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The X10nets service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The WISTechVIDCAP service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The W70n51 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The W550mdm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Vsserv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The TPECioCtl service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The STV672 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Ss_mdm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Sqlagent$sony_mediamgr service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The SQLAgent$LG_LP2 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Spmgr service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The SNP2STD service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The SlNtHal service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Sisagp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Si3114r5 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Se59unic service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The RR2Mjpeg service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The RR2Ctrl service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Rppkt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Rkhdrv31 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Prtg4service service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Ppa3 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Pdlnatdl service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Orbmediaservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Omniserv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Nicconfigsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The MSTAPE service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Msgsrvservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Lxda_device service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Lvprcsrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Lirsgt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The K750mgmt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Ipodsrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Icollectservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Iaimtv4 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Hpqddsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The GVCplDrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The GTSCSER service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The F700isw service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Epstnt01 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The EpmShd service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Epiusb service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The EhttpSrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Dnsexit service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Dlaboiom service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Delldmi service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Db2governor service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Cxpt_service service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Cicsclient service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Btwmodem service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Bthenum service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Bt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Avgascln service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Asctrm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Artdhcp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The ANC service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Advservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Addfiltr service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Acrsch2svc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Zebrsce service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Wlancfg service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The WINIO service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Winachsf service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Wg3n service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Wacommousefilter service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The W800bus service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Vproeventmonitor service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The VirtualFD service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Usbaudio service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The U81xobex service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Traprcvr service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Tones service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The TICalc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Symsecureport service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The SymIM service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The StickyMesger service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Softfax service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Smrt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Slapd-config52 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Sit_prt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Sffp_sd service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The SE26mdfl service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Sbp2port service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The S116mdfl service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Rpsupdaterr service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Roxwatch service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The ROCKEYNT service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The PTDCMdm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The PQNTDrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Perfdisk service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Omci service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Ndiscm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Mstdc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Mssql$microsoftbcm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The MSMQTriggers service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Msmframework service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Mindretrieve service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Lxcg_device service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Licenseservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Lhidflt2 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Konfig service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Iwebcal service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The IntelC53 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Hpgate service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The GetPlusHelper service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Gdihook5 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The GameConsoleService service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The FVNETusb service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Freesshdservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Epfw service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The EMCFILT service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The E1000 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The DSXUSB service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Digirefresh service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The DfwWebAgent service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The CYGF32X service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The CTMMOUNT service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The COMMONFX.DLL service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Cltnetcnservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The CdaC15BA service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Btcsrusb service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Bmwebcfg service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The BLKWGU(Belkin) service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Bc_pat_f service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Avp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The ATWPKT2 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The ATSWPDRV service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Ati2mtaa service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Aslm75 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Acs service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The AcronisOSSReinstallSvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The {a7447300-8075-4b0d-83f1-3d75c8ebc623} service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:20 AM, error: Service Control Manager [7000] - The Internet Pass-Through Service service failed to start due to the following error: The system cannot find the file specified.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The ZBackupAssistService service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Xyz777b service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Wtwservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The WmUsbHid service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Whoisd32 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The W700mdm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The VRFIL service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Vpctcom service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The VMAUDIO service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Vds service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The VAIOMediaPlatform-MusicServer-HTTP service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Useraccess7 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The USBAAPL service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The UMPass service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The UimBus service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Trlokom_rmhsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Tosporte service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The TNaviSrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Tdimsys service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Tapeware service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Sysaidagent service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Sympxsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Symantecantibotagent service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The StMp3Rec service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The STEC3 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The StarOpen service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Speedfan service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SNPSTD3 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SNMP service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Smtpd32 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Smapint service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SeratoUsb service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SED133x service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SE27mdfl service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SbcpHid service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Rpaservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The RIOXDRV service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Rapapp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Qcmerced service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Phnxvcdservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Pdlnafac service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The PCTINDIS5 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Oraclewebassistant service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The NWADI service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The NVR0Dev service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Nsvclog service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Niorbk service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Netsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Netmnt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The NeroMediaHomeService.4 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Mvserver service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Mvc25U870_VID_1262&PID_25FD service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Msi_wlan_service service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Mohfilt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Mctskshd.exe service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Mcshield service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Ma763004 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Lxrjd31s service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Lxcccustomerconnect service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Lmimirr service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Ldap service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The KR10I service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Keriomailserver service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The JGOGO service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Iolodmv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Int15 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Iam service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Gv3 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Guardian2 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The GoBack2K service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The FirePM service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Eliservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The De_serv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Cygserver service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The CBTNDIS5 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Caisafe service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The CA561 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The BsHelpCS service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Backupexecagentbrowser service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Backupclientsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Avgems service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Avc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Automate6 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Asp.net_1.1.4322 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The ARCSOFTVIRTUALCAPTURE service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Anydvd service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Ageremodemaudio service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Adaptecstoragemanageragent service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The A88xTuner service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Zpaction service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Zntport service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Z800obex service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Xcomm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Wlluc48 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Win32sl service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Websenserealtimeanalyzer service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Websensecommunicationagent service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The WcesComm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The W810obex service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Vsbus service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Vrservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Vpcbus service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Vaiomediaplatform-integratedserver-http service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Useraccess service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Umwdf service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Toscosrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The TestHandler service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Tdcmdpst service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Symwsc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Symproxysvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Stylexpservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ssrtln service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Srescan service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The SMCB000 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Slabser service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The SiSGbeXP service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Sfsync04 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Se44obex service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The SE27bus service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Sdcoreservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Scdemu service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The S7otranx service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The S117unic service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Rt73 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Rslinx service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Rpcapd service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Rnadirectory service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Rmedia service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Regservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The RAPIProtocol service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Pxhelp20 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Pwkntmon service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Pserve service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Proxyhostmirrordisplay service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Pop3d32 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The PhilCam8116 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The PcdrNt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Patrol_scheduler service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The NxNetMon service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Nvnetbus service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ntuneservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Nm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Nipsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Nimcdldu service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The NdisFilt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The MSCamSvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Motoswitchservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Mldserv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Mfesmfk service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Mfcom service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Mcnasvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The MaxtorFrontPanel1 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The MA8032C service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The LKbdFlt2 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Lbtserv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Kwatchsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Jtagserver service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Jconfigd service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The IPSECSHM service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ipodservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ifxspmgtsrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ibmpmdrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Iaimtv0 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The HSXHWBS2 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Hprfdev service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Haspnt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ha10kx2k service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ghostsec service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The G400DH service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The FINEPIX_PCC service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Enethusb service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The EIO service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Dwusbdnt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Dnwhodisp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Dmisrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The DivisCTS service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The DcCam service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The DCamUSBEMPIA service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The CX88ENC service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The CTHWIUT.DLL service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The CdaD10BA service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Btwhid service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Bthusb service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Bthpan service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Blueservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Blfp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Beatjamupnpmusicserver service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The AVRec service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Automate5 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The As32svc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Arrayssl_vpn_service3,0,1,9 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The AppnApi service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Aiclient service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The AdobeActiveFileMonitor6.0 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The A88xXBar service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The 3compxe service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The 2wirepcp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Zppinger service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Zpmysql service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The ZDPNDIS5 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The WNIPROT5 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Wmdmpmsp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Windowblinds service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The W300bus service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Vmnetadapter service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The VirtualCam service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Unrealircd service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tvalz service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tpkmpsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tosrfbnp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tifm21 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tb2launch service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tappsrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Speakerphone service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Slave service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Se45unic service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Se45mdm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The SaiNtBus service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The S716mgmt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Pilogsrv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Pdlnslea service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Pclepci service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The PCISys service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The NwSapAgent service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Ntpr_nic_service2 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Nsausvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Npkcsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Nmea service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Ngdbserv service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Naiavfilter1 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Mssql$pinnaclesys service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Meraksmtp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Ma_cmidi_installerservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Lxcgcustomerconnect service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The LMS service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Lmimaint service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Ld51ocnucsnp service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Jsdaemon service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Ipsecmon service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The IFPUSB service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The ICAM3NT5 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Hddsvc service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The HcwPVRP2 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The HabuFltr service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Fsaa service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Emu10k1 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Dsncservice service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Cxlpt service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Cpqarry2 service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Cmdagent service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Avsvcmonitor service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Atmeltpm service terminated with the following error: The specified module could not be found.

2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Agnwifi service terminated with the following error: The specified module could not be found.

2/25/2012 7:44:31 AM, error: Print [33] - The PrintQueue Container could not be found because the DNS Domain name could not be retrieved. Error: 54b

2/25/2012 7:44:09 AM, error: NETLOGON [5719] - No Domain Controller is available for domain FL001 due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.

2/25/2012 7:16:26 AM, error: Service Control Manager [7000] - The OfficeScan NT Firewall service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/25/2012 7:16:25 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the OfficeScan NT Firewall service to connect.

.

==== End Of File ===========================

Link to post
Share on other sites

Welcome to the forum.

It looks like you're infected with with Rootkit.ZeroAccess, a BackDoor Trojan.

Let confirm that:

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

Click Scan to scan the system (don't run any other options)

Post back the report.

MrC

Link to post
Share on other sites

RogueKiller V7.1.0 [02/15/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: Administrator [Admin rights]

Mode: Scan -- Date: 02/25/2012 10:15:51

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] QK464E.EXE -- C:\WINDOWS\TEMP\QK464E.EXE -> KILLED [TermProc]

¤¤¤ Registry Entries: 19 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C} : NameServer (172.16.9.5) -> FOUND

[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358} : NameServer (172.16.9.5) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

SSDT[247] : NtSetValueKey @ 0x80580088 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5430)

SSDT[226] : NtSetInformationKey @ 0x80655F32 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5448)

SSDT[224] : NtSetInformationFile @ 0x805830D1 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5508)

SSDT[192] : NtRenameKey @ 0x8065684C -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE54A8)

SSDT[177] : NtQueryValueKey @ 0x80572F19 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5520)

SSDT[173] : NtQuerySystemInformation @ 0x805856A6 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5400)

SSDT[160] : NtQueryKey @ 0x8057EC02 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE54D8)

SSDT[125] : NtOpenSection @ 0x80579192 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5478)

SSDT[122] : NtOpenProcess @ 0x8057F93A -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5418)

SSDT[119] : NtOpenKey @ 0x80572BDF -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE53D0)

SSDT[71] : NtEnumerateKey @ 0x8057F002 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE54F0)

SSDT[65] : NtDeleteValueKey @ 0x805991E8 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE54C0)

SSDT[63] : NtDeleteKey @ 0x8059A5C9 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5490)

SSDT[50] : NtCreateSection @ 0x8056DB66 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5460)

SSDT[41] : NtCreateKey @ 0x80578AB4 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE53E8)

SSDT[25] : NtClose @ 0x8056F8D7 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE53B8)

¤¤¤ Infection : ZeroAccess ¤¤¤

[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Maxtor 6E040L0 +++++

--- User ---

[MBR] 7a1e8493f21e70b55597564181a40e9b

[bSP] b7cb42b22dc882131a6a6f85b63be1e5 : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 39202 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Link to post
Share on other sites

¤¤¤ Infection : ZeroAccess ¤¤¤

[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!

That confirms it.

Please read this warning and let me know what you would like to do.

Removing this infection can also disable the ability to connect to the internet.

I see you have a lot of system restore points, have you tried any of those?

MrC

Link to post
Share on other sites

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

tdss_1.jpg

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg

------------------------

Click the Start Scan button.

tdss_3.jpg

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

tdss_4.jpg

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

tdss_5.jpg

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

MrC

Link to post
Share on other sites

12:41:36.0359 3728 TDSS rootkit removing tool 2.7.14.0 Feb 22 2012 16:54:49

12:41:38.0125 3728 ============================================================

12:41:38.0125 3728 Current date / time: 2012/02/25 12:41:38.0125

12:41:38.0125 3728 SystemInfo:

12:41:38.0125 3728

12:41:38.0125 3728 OS Version: 5.1.2600 ServicePack: 3.0

12:41:38.0125 3728 Product type: Workstation

12:41:38.0125 3728 ComputerName: ADMIN1

12:41:38.0125 3728 UserName: Administrator

12:41:38.0125 3728 Windows directory: C:\WINDOWS

12:41:38.0125 3728 System windows directory: C:\WINDOWS

12:41:38.0125 3728 Processor architecture: Intel x86

12:41:38.0125 3728 Number of processors: 1

12:41:38.0140 3728 Page size: 0x1000

12:41:38.0140 3728 Boot type: Normal boot

12:41:38.0140 3728 ============================================================

12:41:45.0312 3728 Drive \Device\Harddisk0\DR0 - Size: 0x9925B0000 (38.29 Gb), SectorSize: 0x200, Cylinders: 0x14BE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054

12:41:45.0609 3728 \Device\Harddisk0\DR0:

12:41:45.0609 3728 MBR used

12:41:45.0609 3728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4C915A1

12:41:45.0656 3728 Initialize success

12:41:45.0656 3728 ============================================================

12:44:23.0171 3716 ============================================================

12:44:23.0171 3716 Scan started

12:44:23.0171 3716 Mode: Manual; SigCheck; TDLFS;

12:44:23.0171 3716 ============================================================

12:44:23.0343 3716 Abiosdsk - ok

12:44:23.0390 3716 abp480n5 - ok

12:44:23.0484 3716 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

12:44:26.0859 3716 ACPI - ok

12:44:26.0937 3716 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

12:44:27.0109 3716 ACPIEC - ok

12:44:27.0156 3716 ADIHdAudAddService - ok

12:44:27.0218 3716 adpu160m - ok

12:44:27.0281 3716 AEAudio (e696e749bedcda8b23757b8b5ea93780) C:\WINDOWS\system32\drivers\AEAudio.sys

12:44:27.0375 3716 AEAudio - ok

12:44:27.0437 3716 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

12:44:27.0609 3716 aec - ok

12:44:27.0703 3716 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

12:44:27.0796 3716 AFD - ok

12:44:27.0875 3716 Aha154x - ok

12:44:27.0921 3716 aic78u2 - ok

12:44:27.0953 3716 aic78xx - ok

12:44:28.0000 3716 AliIde - ok

12:44:28.0046 3716 amsint - ok

12:44:28.0140 3716 asc - ok

12:44:28.0187 3716 asc3350p - ok

12:44:28.0234 3716 asc3550 - ok

12:44:28.0312 3716 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

12:44:28.0468 3716 AsyncMac - ok

12:44:28.0562 3716 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

12:44:28.0718 3716 atapi - ok

12:44:28.0765 3716 Atdisk - ok

12:44:28.0875 3716 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

12:44:29.0031 3716 Atmarpc - ok

12:44:29.0125 3716 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

12:44:29.0265 3716 audstub - ok

12:44:29.0406 3716 b57w2k (3a3a82ffd268bcfb7ae6a48cecf00ad9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

12:44:29.0484 3716 b57w2k - ok

12:44:29.0609 3716 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

12:44:29.0765 3716 Beep - ok

12:44:29.0984 3716 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

12:44:30.0156 3716 cbidf2k - ok

12:44:30.0234 3716 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

12:44:30.0375 3716 CCDECODE - ok

12:44:30.0453 3716 cd20xrnt - ok

12:44:30.0515 3716 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

12:44:30.0656 3716 Cdaudio - ok

12:44:30.0750 3716 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

12:44:30.0906 3716 Cdfs - ok

12:44:30.0984 3716 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

12:44:31.0140 3716 Cdrom - ok

12:44:31.0234 3716 Changer - ok

12:44:31.0343 3716 CmdIde - ok

12:44:31.0437 3716 Cpqarray - ok

12:44:31.0593 3716 dac2w2k - ok

12:44:31.0625 3716 dac960nt - ok

12:44:31.0718 3716 DCamUSBVeo532 (e3834cdc0ea44bdda7c54861a4c92d32) C:\WINDOWS\system32\Drivers\ubVeo532.sys

12:44:31.0781 3716 DCamUSBVeo532 - ok

12:44:31.0859 3716 Suspicious service (Hidden): dgapimon

12:44:31.0937 3716 dgapimon (fbb1ac7d581fef4d942edb57dbc093f4) C:\WINDOWS\system32\drivers\dgapimon.sys

12:44:31.0968 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgapimon.sys. md5: fbb1ac7d581fef4d942edb57dbc093f4

12:44:31.0968 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgapimon.sys. md5: fbb1ac7d581fef4d942edb57dbc093f4

12:44:31.0968 3716 dgapimon ( HiddenService.Multi.Generic ) - warning

12:44:31.0968 3716 dgapimon - detected HiddenService.Multi.Generic (1)

12:44:31.0984 3716 Suspicious service (Hidden): dgbusmon

12:44:32.0062 3716 dgbusmon (7c03d2b114cae7563db80144954c10a0) C:\WINDOWS\system32\drivers\dgbusmon.sys

12:44:32.0078 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgbusmon.sys. md5: 7c03d2b114cae7563db80144954c10a0

12:44:32.0078 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgbusmon.sys. md5: 7c03d2b114cae7563db80144954c10a0

12:44:32.0078 3716 dgbusmon ( HiddenService.Multi.Generic ) - warning

12:44:32.0078 3716 dgbusmon - detected HiddenService.Multi.Generic (1)

12:44:32.0093 3716 Suspicious service (Hidden): dgcotman

12:44:32.0156 3716 dgcotman (ac5f71d2f15bfefd096dbe0d417c17df) C:\WINDOWS\system32\drivers\dgcotman.sys

12:44:32.0187 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgcotman.sys. md5: ac5f71d2f15bfefd096dbe0d417c17df

12:44:32.0187 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgcotman.sys. md5: ac5f71d2f15bfefd096dbe0d417c17df

12:44:32.0187 3716 dgcotman ( HiddenService.Multi.Generic ) - warning

12:44:32.0187 3716 dgcotman - detected HiddenService.Multi.Generic (1)

12:44:32.0203 3716 Suspicious service (Hidden): DGDmk

12:44:32.0265 3716 DGDmk (b1b46c375f43a5a03a62376cf6e0c1ab) C:\WINDOWS\system32\Drivers\DgDmk.sys

12:44:32.0312 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDmk.sys. md5: b1b46c375f43a5a03a62376cf6e0c1ab

12:44:32.0312 3716 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDmk.sys. md5: b1b46c375f43a5a03a62376cf6e0c1ab

12:44:32.0312 3716 DGDmk ( HiddenService.Multi.Generic ) - warning

12:44:32.0312 3716 DGDmk - detected HiddenService.Multi.Generic (1)

12:44:32.0328 3716 Suspicious service (Hidden): DgDmkDisk

12:44:32.0406 3716 DgDmkDisk (16d8515941afec346f351fbc043301a1) C:\WINDOWS\system32\Drivers\DgDmkDisk.sys

12:44:32.0421 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDmkDisk.sys. md5: 16d8515941afec346f351fbc043301a1

12:44:32.0421 3716 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDmkDisk.sys. md5: 16d8515941afec346f351fbc043301a1

12:44:32.0421 3716 DgDmkDisk ( HiddenService.Multi.Generic ) - warning

12:44:32.0421 3716 DgDmkDisk - detected HiddenService.Multi.Generic (1)

12:44:32.0437 3716 Suspicious service (Hidden): DGDT

12:44:32.0515 3716 DGDT (d8e440ce2be20121f9281ae88c34a032) C:\WINDOWS\system32\Drivers\DgDt.sys

12:44:32.0546 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDt.sys. md5: d8e440ce2be20121f9281ae88c34a032

12:44:32.0546 3716 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDt.sys. md5: d8e440ce2be20121f9281ae88c34a032

12:44:32.0546 3716 DGDT ( HiddenService.Multi.Generic ) - warning

12:44:32.0546 3716 DGDT - detected HiddenService.Multi.Generic (1)

12:44:32.0562 3716 Suspicious service (Hidden): DgDtl

12:44:32.0562 3716 Suspicious service (Hidden): DGFILTR

12:44:32.0625 3716 DGFILTR ( HiddenService.Multi.Generic ) - warning

12:44:32.0625 3716 DGFILTR - detected HiddenService.Multi.Generic (1)

12:44:32.0640 3716 Suspicious service (Hidden): DGFS

12:44:32.0687 3716 DGFS (c711dcb3ba4159280cddff170d43efb2) C:\WINDOWS\system32\Drivers\DgFs.sys

12:44:32.0718 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgFs.sys. md5: c711dcb3ba4159280cddff170d43efb2

12:44:32.0718 3716 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgFs.sys. md5: c711dcb3ba4159280cddff170d43efb2

12:44:32.0718 3716 DGFS ( HiddenService.Multi.Generic ) - warning

12:44:32.0718 3716 DGFS - detected HiddenService.Multi.Generic (1)

12:44:32.0734 3716 Suspicious service (Hidden): dgfsmon

12:44:32.0812 3716 dgfsmon (8f65427a48df7bb242b6122be52c3a8d) C:\WINDOWS\system32\drivers\dgfsmon.sys

12:44:32.0828 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgfsmon.sys. md5: 8f65427a48df7bb242b6122be52c3a8d

12:44:32.0828 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgfsmon.sys. md5: 8f65427a48df7bb242b6122be52c3a8d

12:44:32.0828 3716 dgfsmon ( HiddenService.Multi.Generic ) - warning

12:44:32.0828 3716 dgfsmon - detected HiddenService.Multi.Generic (1)

12:44:32.0843 3716 Suspicious service (Hidden): dgkpmail

12:44:32.0906 3716 dgkpmail (b26117b2c7acb401ad984bc36cd87849) C:\WINDOWS\system32\drivers\dgkpmail.sys

12:44:32.0921 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgkpmail.sys. md5: b26117b2c7acb401ad984bc36cd87849

12:44:32.0921 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgkpmail.sys. md5: b26117b2c7acb401ad984bc36cd87849

12:44:32.0921 3716 dgkpmail ( HiddenService.Multi.Generic ) - warning

12:44:32.0921 3716 dgkpmail - detected HiddenService.Multi.Generic (1)

12:44:32.0937 3716 Suspicious service (Hidden): DGLFS

12:44:33.0000 3716 DGLFS (c3c5c26aae25702473d5d49810267545) C:\WINDOWS\system32\Drivers\DgLfs.sys

12:44:33.0015 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgLfs.sys. md5: c3c5c26aae25702473d5d49810267545

12:44:33.0031 3716 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgLfs.sys. md5: c3c5c26aae25702473d5d49810267545

12:44:33.0031 3716 DGLFS ( HiddenService.Multi.Generic ) - warning

12:44:33.0031 3716 DGLFS - detected HiddenService.Multi.Generic (1)

12:44:33.0046 3716 Suspicious service (Hidden): DGMASTER

12:44:33.0156 3716 DGMASTER (a19df0e175210992cfaa13529c9e9815) C:\WINDOWS\system32\drivers\dgmaster.sys

12:44:33.0328 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgmaster.sys. md5: a19df0e175210992cfaa13529c9e9815

12:44:33.0328 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgmaster.sys. md5: a19df0e175210992cfaa13529c9e9815

12:44:33.0328 3716 DGMASTER ( HiddenService.Multi.Generic ) - warning

12:44:33.0343 3716 DGMASTER - detected HiddenService.Multi.Generic (1)

12:44:33.0343 3716 Suspicious service (Hidden): DGREC

12:44:33.0406 3716 DGREC ( HiddenService.Multi.Generic ) - warning

12:44:33.0406 3716 DGREC - detected HiddenService.Multi.Generic (1)

12:44:33.0406 3716 Suspicious service (Hidden): dgrule

12:44:33.0468 3716 dgrule (eb39a30bc4873ffeeac6ec88f31cc3bf) C:\WINDOWS\system32\drivers\dgrule.sys

12:44:33.0484 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgrule.sys. md5: eb39a30bc4873ffeeac6ec88f31cc3bf

12:44:33.0484 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgrule.sys. md5: eb39a30bc4873ffeeac6ec88f31cc3bf

12:44:33.0484 3716 dgrule ( HiddenService.Multi.Generic ) - warning

12:44:33.0484 3716 dgrule - detected HiddenService.Multi.Generic (1)

12:44:33.0500 3716 Suspicious service (Hidden): DGScan

12:44:33.0515 3716 Suspicious service (Hidden): DGService

12:44:33.0515 3716 Suspicious service (Hidden): dgtdimon

12:44:33.0578 3716 dgtdimon (39b573b4db693522919cdc57a684d0ef) C:\WINDOWS\system32\drivers\dgtdimon.sys

12:44:33.0593 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgtdimon.sys. md5: 39b573b4db693522919cdc57a684d0ef

12:44:33.0593 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgtdimon.sys. md5: 39b573b4db693522919cdc57a684d0ef

12:44:33.0593 3716 dgtdimon ( HiddenService.Multi.Generic ) - warning

12:44:33.0593 3716 dgtdimon - detected HiddenService.Multi.Generic (1)

12:44:33.0687 3716 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

12:44:33.0843 3716 Disk - ok

12:44:34.0000 3716 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

12:44:34.0234 3716 dmboot - ok

12:44:34.0328 3716 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

12:44:34.0500 3716 dmio - ok

12:44:34.0593 3716 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

12:44:34.0750 3716 dmload - ok

12:44:34.0859 3716 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

12:44:35.0000 3716 DMusic - ok

12:44:35.0125 3716 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys

12:44:35.0296 3716 Dot4 - ok

12:44:35.0375 3716 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys

12:44:35.0531 3716 Dot4Print - ok

12:44:35.0625 3716 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys

12:44:35.0781 3716 dot4usb - ok

12:44:35.0843 3716 dpti2o - ok

12:44:35.0921 3716 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

12:44:36.0062 3716 drmkaud - ok

12:44:36.0171 3716 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys

12:44:36.0281 3716 e1express - ok

12:44:36.0359 3716 easytether - ok

12:44:36.0546 3716 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

12:44:36.0718 3716 Fastfat - ok

12:44:36.0828 3716 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

12:44:36.0984 3716 Fdc - ok

12:44:37.0078 3716 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

12:44:37.0234 3716 Fips - ok

12:44:37.0312 3716 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

12:44:37.0468 3716 Flpydisk - ok

12:44:37.0546 3716 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

12:44:37.0718 3716 FltMgr - ok

12:44:37.0796 3716 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

12:44:37.0953 3716 Fs_Rec - ok

12:44:38.0015 3716 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

12:44:38.0187 3716 Ftdisk - ok

12:44:38.0281 3716 FTRUSB (cdcef7829f2ecc4af5531d781e6ebd62) C:\WINDOWS\system32\DRIVERS\FTRUSB.sys

12:44:38.0312 3716 FTRUSB ( UnsignedFile.Multi.Generic ) - warning

12:44:38.0312 3716 FTRUSB - detected UnsignedFile.Multi.Generic (1)

12:44:38.0468 3716 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

12:44:38.0609 3716 Gpc - ok

12:44:38.0703 3716 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

12:44:38.0875 3716 HDAudBus - ok

12:44:38.0968 3716 HECI (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys

12:44:39.0015 3716 HECI - ok

12:44:39.0156 3716 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\WINDOWS\system32\drivers\hpfxbulk.sys

12:44:39.0171 3716 HPFXBULK - ok

12:44:39.0218 3716 hpn - ok

12:44:39.0328 3716 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys

12:44:39.0390 3716 HTCAND32 - ok

12:44:39.0484 3716 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys

12:44:39.0578 3716 htcnprot - ok

12:44:39.0671 3716 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

12:44:39.0734 3716 HTTP - ok

12:44:39.0812 3716 i2omgmt - ok

12:44:39.0859 3716 i2omp - ok

12:44:39.0906 3716 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

12:44:40.0078 3716 i8042prt - ok

12:44:40.0171 3716 ialm (1432958dc80b7bbacf07377763d70e91) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

12:44:40.0343 3716 ialm - ok

12:44:40.0515 3716 IFXTPM (2cdf483f8fc2bf3f7b93e3bdd734cfbd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS

12:44:40.0562 3716 IFXTPM - ok

12:44:40.0703 3716 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

12:44:40.0859 3716 Imapi - ok

12:44:40.0937 3716 ini910u - ok

12:44:41.0140 3716 IntcAzAudAddService (06b0e8d608ab69643b14a1f95f7feab3) C:\WINDOWS\system32\drivers\RtkHDAud.sys

12:44:41.0796 3716 IntcAzAudAddService - ok

12:44:41.0890 3716 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

12:44:42.0031 3716 IntelIde - ok

12:44:42.0125 3716 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

12:44:42.0265 3716 intelppm - ok

12:44:42.0390 3716 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

12:44:42.0562 3716 Ip6Fw - ok

12:44:42.0640 3716 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

12:44:42.0796 3716 IpFilterDriver - ok

12:44:42.0875 3716 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

12:44:43.0031 3716 IpInIp - ok

12:44:43.0125 3716 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

12:44:43.0281 3716 IpNat - ok

12:44:43.0359 3716 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

12:44:43.0515 3716 IPSec - ok

12:44:43.0609 3716 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

12:44:43.0781 3716 IRENUM - ok

12:44:43.0890 3716 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

12:44:44.0078 3716 isapnp - ok

12:44:44.0234 3716 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

12:44:44.0390 3716 Kbdclass - ok

12:44:44.0515 3716 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

12:44:44.0671 3716 kmixer - ok

12:44:44.0796 3716 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

12:44:44.0921 3716 KSecDD - ok

12:44:45.0031 3716 lbrtfdc - ok

12:44:45.0531 3716 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

12:44:45.0671 3716 mnmdd - ok

12:44:45.0765 3716 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

12:44:45.0921 3716 Modem - ok

12:44:46.0015 3716 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

12:44:46.0156 3716 Mouclass - ok

12:44:46.0250 3716 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

12:44:46.0421 3716 MountMgr - ok

12:44:46.0500 3716 mraid35x - ok

12:44:46.0578 3716 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

12:44:46.0734 3716 MRxDAV - ok

12:44:46.0843 3716 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

12:44:47.0015 3716 MRxSmb - ok

12:44:47.0171 3716 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

12:44:47.0312 3716 Msfs - ok

12:44:47.0484 3716 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

12:44:47.0625 3716 MSKSSRV - ok

12:44:47.0718 3716 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

12:44:47.0875 3716 MSPCLOCK - ok

12:44:47.0953 3716 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

12:44:48.0093 3716 MSPQM - ok

12:44:48.0203 3716 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

12:44:48.0343 3716 mssmbios - ok

12:44:48.0484 3716 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

12:44:48.0625 3716 MSTEE - ok

12:44:48.0734 3716 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

12:44:48.0812 3716 Mup - ok

12:44:48.0937 3716 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

12:44:49.0093 3716 NABTSFEC - ok

12:44:49.0203 3716 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

12:44:49.0359 3716 NDIS - ok

12:44:49.0453 3716 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

12:44:49.0609 3716 NdisIP - ok

12:44:49.0687 3716 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

12:44:49.0765 3716 NdisTapi - ok

12:44:49.0859 3716 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

12:44:50.0015 3716 Ndisuio - ok

12:44:50.0109 3716 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

12:44:50.0265 3716 NdisWan - ok

12:44:50.0343 3716 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

12:44:50.0437 3716 NDProxy - ok

12:44:50.0562 3716 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

12:44:50.0703 3716 NetBIOS - ok

12:44:50.0812 3716 NetBT (0514772a3a60cb88971e4b363e13de5a) C:\WINDOWS\system32\DRIVERS\netbt.sys

12:44:50.0875 3716 NetBT ( UnsignedFile.Multi.Generic ) - warning

12:44:50.0875 3716 NetBT - detected UnsignedFile.Multi.Generic (1)

12:44:51.0218 3716 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

12:44:51.0359 3716 Npfs - ok

12:44:51.0531 3716 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

12:44:51.0812 3716 Ntfs - ok

12:44:52.0000 3716 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

12:44:52.0156 3716 Null - ok

12:44:52.0328 3716 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

12:44:52.0500 3716 NwlnkFlt - ok

12:44:52.0578 3716 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

12:44:52.0750 3716 NwlnkFwd - ok

12:44:53.0187 3716 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

12:44:53.0343 3716 Parport - ok

12:44:53.0437 3716 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

12:44:53.0593 3716 PartMgr - ok

12:44:53.0703 3716 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

12:44:53.0859 3716 ParVdm - ok

12:44:54.0000 3716 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

12:44:54.0156 3716 PCI - ok

12:44:54.0234 3716 PCIDump - ok

12:44:54.0328 3716 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

12:44:54.0562 3716 PCIIde - ok

12:44:54.0656 3716 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

12:44:54.0828 3716 Pcmcia - ok

12:44:54.0921 3716 PDCOMP - ok

12:44:54.0968 3716 PDFRAME - ok

12:44:55.0062 3716 PDRELI - ok

12:44:55.0109 3716 PDRFRAME - ok

12:44:55.0156 3716 perc2 - ok

12:44:55.0203 3716 perc2hib - ok

12:44:55.0531 3716 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

12:44:55.0687 3716 PptpMiniport - ok

12:44:55.0906 3716 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

12:44:56.0062 3716 PSched - ok

12:44:56.0156 3716 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

12:44:56.0312 3716 Ptilink - ok

12:44:56.0437 3716 ql1080 - ok

12:44:56.0484 3716 Ql10wnt - ok

12:44:56.0515 3716 ql12160 - ok

12:44:56.0562 3716 ql1240 - ok

12:44:56.0609 3716 ql1280 - ok

12:44:56.0734 3716 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

12:44:56.0890 3716 RasAcd - ok

12:44:56.0984 3716 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

12:44:57.0140 3716 Rasl2tp - ok

12:44:57.0218 3716 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

12:44:57.0359 3716 RasPppoe - ok

12:44:57.0421 3716 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

12:44:57.0578 3716 Raspti - ok

12:44:57.0671 3716 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

12:44:57.0843 3716 Rdbss - ok

12:44:57.0906 3716 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

12:44:58.0062 3716 RDPCDD - ok

12:44:58.0156 3716 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

12:44:58.0312 3716 rdpdr - ok

12:44:58.0421 3716 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

12:44:58.0515 3716 RDPWD - ok

12:44:58.0640 3716 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

12:44:58.0781 3716 redbook - ok

12:44:59.0687 3716 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

12:44:59.0828 3716 Secdrv - ok

12:44:59.0937 3716 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

12:45:00.0078 3716 serenum - ok

12:45:00.0156 3716 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

12:45:00.0312 3716 Serial - ok

12:45:00.0531 3716 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

12:45:00.0687 3716 Sfloppy - ok

12:45:00.0890 3716 Simbad - ok

12:45:01.0062 3716 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

12:45:01.0218 3716 SLIP - ok

12:45:01.0437 3716 smwdm (fa3368a7039f5abaa4b933703ac34763) C:\WINDOWS\system32\drivers\smwdm.sys

12:45:01.0578 3716 smwdm - ok

12:45:01.0734 3716 Sparrow - ok

12:45:01.0843 3716 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

12:45:01.0984 3716 splitter - ok

12:45:02.0203 3716 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

12:45:02.0359 3716 sr - ok

12:45:02.0515 3716 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

12:45:02.0656 3716 Srv - ok

12:45:02.0984 3716 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

12:45:03.0140 3716 streamip - ok

12:45:03.0312 3716 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

12:45:03.0468 3716 swenum - ok

12:45:03.0562 3716 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

12:45:03.0703 3716 swmidi - ok

12:45:03.0828 3716 symc810 - ok

12:45:03.0875 3716 symc8xx - ok

12:45:03.0953 3716 sym_hi - ok

12:45:04.0000 3716 sym_u3 - ok

12:45:04.0062 3716 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

12:45:04.0218 3716 sysaudio - ok

12:45:04.0421 3716 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

12:45:04.0609 3716 Tcpip - ok

12:45:04.0750 3716 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

12:45:04.0906 3716 TDPIPE - ok

12:45:05.0015 3716 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

12:45:05.0156 3716 TDTCP - ok

12:45:05.0234 3716 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

12:45:05.0390 3716 TermDD - ok

12:45:05.0703 3716 tmcfw (8d1900669f830178e60aca8b89f20ad4) C:\WINDOWS\system32\DRIVERS\TM_CFW.sys

12:45:05.0765 3716 tmcfw - ok

12:45:05.0875 3716 tmcomm (eb2283c0a4dfbd2e53d14f2c4d5a1e89) C:\WINDOWS\system32\drivers\tmcomm.sys

12:45:05.0906 3716 tmcomm - ok

12:45:06.0015 3716 TmFilter (717e406972bbc07f8fb2a989416cab73) C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys

12:45:06.0109 3716 TmFilter - ok

12:45:06.0234 3716 TmPreFilter (379c4f99994a56b66e11d1e32bb22a1c) C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys

12:45:06.0281 3716 TmPreFilter - ok

12:45:06.0359 3716 TosIde - ok

12:45:06.0718 3716 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

12:45:06.0875 3716 Udfs - ok

12:45:07.0000 3716 ultra - ok

12:45:07.0078 3716 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

12:45:07.0281 3716 Update - ok

12:45:07.0484 3716 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

12:45:07.0625 3716 usbccgp - ok

12:45:07.0750 3716 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

12:45:07.0906 3716 usbehci - ok

12:45:08.0000 3716 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

12:45:08.0156 3716 usbhub - ok

12:45:08.0265 3716 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

12:45:08.0421 3716 usbprint - ok

12:45:08.0562 3716 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

12:45:08.0703 3716 USBSTOR - ok

12:45:08.0812 3716 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

12:45:08.0953 3716 usbuhci - ok

12:45:09.0093 3716 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

12:45:09.0234 3716 usb_rndisx - ok

12:45:09.0531 3716 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

12:45:09.0671 3716 VgaSave - ok

12:45:09.0796 3716 ViaIde - ok

12:45:09.0921 3716 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

12:45:10.0078 3716 VolSnap - ok

12:45:10.0234 3716 VSApiNt (642eb152cb980ad9181b2161066be629) C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys

12:45:10.0406 3716 VSApiNt - ok

12:45:10.0687 3716 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

12:45:10.0859 3716 Wanarp - ok

12:45:11.0078 3716 Wdf01000 (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\Drivers\wdf01000.sys

12:45:11.0187 3716 Wdf01000 - ok

12:45:11.0250 3716 WDICA - ok

12:45:11.0328 3716 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

12:45:11.0484 3716 wdmaud - ok

12:45:12.0015 3716 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

12:45:12.0156 3716 WmiAcpi - ok

12:45:12.0468 3716 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

12:45:12.0625 3716 WSTCODEC - ok

12:45:12.0734 3716 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

12:45:12.0828 3716 WudfPf - ok

12:45:12.0921 3716 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

12:45:12.0968 3716 WudfRd - ok

12:45:13.0531 3716 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

12:45:13.0687 3716 \Device\Harddisk0\DR0 - ok

12:45:13.0703 3716 Boot (0x1200) (0554a279fb3046843f87e9234e1014a7) \Device\Harddisk0\DR0\Partition0

12:45:13.0703 3716 \Device\Harddisk0\DR0\Partition0 - ok

12:45:13.0703 3716 ============================================================

12:45:13.0703 3716 Scan finished

12:45:13.0703 3716 ============================================================

12:45:13.0812 3700 Detected object count: 17

12:45:13.0812 3700 Actual detected object count: 17

12:45:57.0250 3700 dgapimon ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0250 3700 dgapimon ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0250 3700 dgbusmon ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0250 3700 dgbusmon ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0250 3700 dgcotman ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0250 3700 dgcotman ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0250 3700 DGDmk ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0250 3700 DGDmk ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0250 3700 DgDmkDisk ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0250 3700 DgDmkDisk ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0250 3700 DGDT ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0250 3700 DGDT ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0250 3700 DGFILTR ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0250 3700 DGFILTR ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0250 3700 DGFS ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0250 3700 DGFS ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0265 3700 dgfsmon ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0265 3700 dgfsmon ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0265 3700 dgkpmail ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0265 3700 dgkpmail ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0265 3700 DGLFS ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0265 3700 DGLFS ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0265 3700 DGMASTER ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0265 3700 DGMASTER ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0265 3700 DGREC ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0265 3700 DGREC ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0265 3700 dgrule ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0265 3700 dgrule ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0265 3700 dgtdimon ( HiddenService.Multi.Generic ) - skipped by user

12:45:57.0265 3700 dgtdimon ( HiddenService.Multi.Generic ) - User select action: Skip

12:45:57.0265 3700 FTRUSB ( UnsignedFile.Multi.Generic ) - skipped by user

12:45:57.0265 3700 FTRUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:45:57.0265 3700 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user

12:45:57.0265 3700 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:46:34.0671 6068 ============================================================

12:46:34.0671 6068 Scan started

12:46:34.0671 6068 Mode: Manual; SigCheck; TDLFS;

12:46:34.0671 6068 ============================================================

12:46:34.0875 6068 Abiosdsk - ok

12:46:34.0921 6068 abp480n5 - ok

12:46:35.0000 6068 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

12:46:35.0328 6068 ACPI - ok

12:46:35.0421 6068 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

12:46:35.0578 6068 ACPIEC - ok

12:46:35.0640 6068 ADIHdAudAddService - ok

12:46:35.0687 6068 adpu160m - ok

12:46:35.0765 6068 AEAudio (e696e749bedcda8b23757b8b5ea93780) C:\WINDOWS\system32\drivers\AEAudio.sys

12:46:35.0796 6068 AEAudio - ok

12:46:35.0875 6068 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

12:46:36.0015 6068 aec - ok

12:46:36.0125 6068 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

12:46:36.0140 6068 AFD - ok

12:46:36.0218 6068 Aha154x - ok

12:46:36.0265 6068 aic78u2 - ok

12:46:36.0296 6068 aic78xx - ok

12:46:36.0343 6068 AliIde - ok

12:46:36.0390 6068 amsint - ok

12:46:36.0453 6068 asc - ok

12:46:36.0484 6068 asc3350p - ok

12:46:36.0515 6068 asc3550 - ok

12:46:36.0609 6068 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

12:46:36.0750 6068 AsyncMac - ok

12:46:36.0828 6068 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

12:46:36.0968 6068 atapi - ok

12:46:37.0031 6068 Atdisk - ok

12:46:37.0109 6068 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

12:46:37.0265 6068 Atmarpc - ok

12:46:37.0359 6068 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

12:46:37.0500 6068 audstub - ok

12:46:37.0640 6068 b57w2k (3a3a82ffd268bcfb7ae6a48cecf00ad9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

12:46:37.0671 6068 b57w2k - ok

12:46:37.0781 6068 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

12:46:37.0937 6068 Beep - ok

12:46:38.0156 6068 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

12:46:38.0296 6068 cbidf2k - ok

12:46:38.0375 6068 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

12:46:38.0531 6068 CCDECODE - ok

12:46:38.0578 6068 cd20xrnt - ok

12:46:38.0640 6068 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

12:46:38.0781 6068 Cdaudio - ok

12:46:38.0859 6068 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

12:46:39.0000 6068 Cdfs - ok

12:46:39.0093 6068 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

12:46:39.0234 6068 Cdrom - ok

12:46:39.0312 6068 Changer - ok

12:46:39.0406 6068 CmdIde - ok

12:46:39.0500 6068 Cpqarray - ok

12:46:39.0656 6068 dac2w2k - ok

12:46:39.0687 6068 dac960nt - ok

12:46:39.0765 6068 DCamUSBVeo532 (e3834cdc0ea44bdda7c54861a4c92d32) C:\WINDOWS\system32\Drivers\ubVeo532.sys

12:46:39.0781 6068 DCamUSBVeo532 - ok

12:46:39.0859 6068 Suspicious service (Hidden): dgapimon

12:46:39.0937 6068 dgapimon (fbb1ac7d581fef4d942edb57dbc093f4) C:\WINDOWS\system32\drivers\dgapimon.sys

12:46:39.0937 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgapimon.sys. md5: fbb1ac7d581fef4d942edb57dbc093f4

12:46:39.0937 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgapimon.sys. md5: fbb1ac7d581fef4d942edb57dbc093f4

12:46:39.0937 6068 dgapimon ( HiddenService.Multi.Generic ) - warning

12:46:39.0937 6068 dgapimon - detected HiddenService.Multi.Generic (1)

12:46:39.0953 6068 Suspicious service (Hidden): dgbusmon

12:46:40.0031 6068 dgbusmon (7c03d2b114cae7563db80144954c10a0) C:\WINDOWS\system32\drivers\dgbusmon.sys

12:46:40.0031 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgbusmon.sys. md5: 7c03d2b114cae7563db80144954c10a0

12:46:40.0031 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgbusmon.sys. md5: 7c03d2b114cae7563db80144954c10a0

12:46:40.0031 6068 dgbusmon ( HiddenService.Multi.Generic ) - warning

12:46:40.0031 6068 dgbusmon - detected HiddenService.Multi.Generic (1)

12:46:40.0046 6068 Suspicious service (Hidden): dgcotman

12:46:40.0109 6068 dgcotman (ac5f71d2f15bfefd096dbe0d417c17df) C:\WINDOWS\system32\drivers\dgcotman.sys

12:46:40.0109 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgcotman.sys. md5: ac5f71d2f15bfefd096dbe0d417c17df

12:46:40.0109 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgcotman.sys. md5: ac5f71d2f15bfefd096dbe0d417c17df

12:46:40.0109 6068 dgcotman ( HiddenService.Multi.Generic ) - warning

12:46:40.0109 6068 dgcotman - detected HiddenService.Multi.Generic (1)

12:46:40.0125 6068 Suspicious service (Hidden): DGDmk

12:46:40.0203 6068 DGDmk (b1b46c375f43a5a03a62376cf6e0c1ab) C:\WINDOWS\system32\Drivers\DgDmk.sys

12:46:40.0203 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDmk.sys. md5: b1b46c375f43a5a03a62376cf6e0c1ab

12:46:40.0203 6068 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDmk.sys. md5: b1b46c375f43a5a03a62376cf6e0c1ab

12:46:40.0203 6068 DGDmk ( HiddenService.Multi.Generic ) - warning

12:46:40.0203 6068 DGDmk - detected HiddenService.Multi.Generic (1)

12:46:40.0218 6068 Suspicious service (Hidden): DgDmkDisk

12:46:40.0296 6068 DgDmkDisk (16d8515941afec346f351fbc043301a1) C:\WINDOWS\system32\Drivers\DgDmkDisk.sys

12:46:40.0296 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDmkDisk.sys. md5: 16d8515941afec346f351fbc043301a1

12:46:40.0296 6068 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDmkDisk.sys. md5: 16d8515941afec346f351fbc043301a1

12:46:40.0296 6068 DgDmkDisk ( HiddenService.Multi.Generic ) - warning

12:46:40.0296 6068 DgDmkDisk - detected HiddenService.Multi.Generic (1)

12:46:40.0312 6068 Suspicious service (Hidden): DGDT

12:46:40.0406 6068 DGDT (d8e440ce2be20121f9281ae88c34a032) C:\WINDOWS\system32\Drivers\DgDt.sys

12:46:40.0406 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDt.sys. md5: d8e440ce2be20121f9281ae88c34a032

12:46:40.0406 6068 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDt.sys. md5: d8e440ce2be20121f9281ae88c34a032

12:46:40.0406 6068 DGDT ( HiddenService.Multi.Generic ) - warning

12:46:40.0406 6068 DGDT - detected HiddenService.Multi.Generic (1)

12:46:40.0421 6068 Suspicious service (Hidden): DgDtl

12:46:40.0421 6068 Suspicious service (Hidden): DGFILTR

12:46:40.0484 6068 DGFILTR ( HiddenService.Multi.Generic ) - warning

12:46:40.0484 6068 DGFILTR - detected HiddenService.Multi.Generic (1)

12:46:40.0500 6068 Suspicious service (Hidden): DGFS

12:46:40.0546 6068 DGFS (c711dcb3ba4159280cddff170d43efb2) C:\WINDOWS\system32\Drivers\DgFs.sys

12:46:40.0546 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgFs.sys. md5: c711dcb3ba4159280cddff170d43efb2

12:46:40.0546 6068 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgFs.sys. md5: c711dcb3ba4159280cddff170d43efb2

12:46:40.0546 6068 DGFS ( HiddenService.Multi.Generic ) - warning

12:46:40.0546 6068 DGFS - detected HiddenService.Multi.Generic (1)

12:46:40.0562 6068 Suspicious service (Hidden): dgfsmon

12:46:40.0656 6068 dgfsmon (8f65427a48df7bb242b6122be52c3a8d) C:\WINDOWS\system32\drivers\dgfsmon.sys

12:46:40.0656 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgfsmon.sys. md5: 8f65427a48df7bb242b6122be52c3a8d

12:46:40.0656 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgfsmon.sys. md5: 8f65427a48df7bb242b6122be52c3a8d

12:46:40.0656 6068 dgfsmon ( HiddenService.Multi.Generic ) - warning

12:46:40.0656 6068 dgfsmon - detected HiddenService.Multi.Generic (1)

12:46:40.0671 6068 Suspicious service (Hidden): dgkpmail

12:46:40.0750 6068 dgkpmail (b26117b2c7acb401ad984bc36cd87849) C:\WINDOWS\system32\drivers\dgkpmail.sys

12:46:40.0750 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgkpmail.sys. md5: b26117b2c7acb401ad984bc36cd87849

12:46:40.0750 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgkpmail.sys. md5: b26117b2c7acb401ad984bc36cd87849

12:46:40.0750 6068 dgkpmail ( HiddenService.Multi.Generic ) - warning

12:46:40.0750 6068 dgkpmail - detected HiddenService.Multi.Generic (1)

12:46:40.0765 6068 Suspicious service (Hidden): DGLFS

12:46:40.0828 6068 DGLFS (c3c5c26aae25702473d5d49810267545) C:\WINDOWS\system32\Drivers\DgLfs.sys

12:46:40.0828 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgLfs.sys. md5: c3c5c26aae25702473d5d49810267545

12:46:40.0828 6068 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgLfs.sys. md5: c3c5c26aae25702473d5d49810267545

12:46:40.0828 6068 DGLFS ( HiddenService.Multi.Generic ) - warning

12:46:40.0828 6068 DGLFS - detected HiddenService.Multi.Generic (1)

12:46:40.0843 6068 Suspicious service (Hidden): DGMASTER

12:46:40.0921 6068 DGMASTER (a19df0e175210992cfaa13529c9e9815) C:\WINDOWS\system32\drivers\dgmaster.sys

12:46:40.0921 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgmaster.sys. md5: a19df0e175210992cfaa13529c9e9815

12:46:40.0921 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgmaster.sys. md5: a19df0e175210992cfaa13529c9e9815

12:46:40.0937 6068 DGMASTER ( HiddenService.Multi.Generic ) - warning

12:46:40.0937 6068 DGMASTER - detected HiddenService.Multi.Generic (1)

12:46:40.0953 6068 Suspicious service (Hidden): DGREC

12:46:40.0984 6068 DGREC ( HiddenService.Multi.Generic ) - warning

12:46:40.0984 6068 DGREC - detected HiddenService.Multi.Generic (1)

12:46:41.0000 6068 Suspicious service (Hidden): dgrule

12:46:41.0046 6068 dgrule (eb39a30bc4873ffeeac6ec88f31cc3bf) C:\WINDOWS\system32\drivers\dgrule.sys

12:46:41.0046 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgrule.sys. md5: eb39a30bc4873ffeeac6ec88f31cc3bf

12:46:41.0046 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgrule.sys. md5: eb39a30bc4873ffeeac6ec88f31cc3bf

12:46:41.0046 6068 dgrule ( HiddenService.Multi.Generic ) - warning

12:46:41.0046 6068 dgrule - detected HiddenService.Multi.Generic (1)

12:46:41.0062 6068 Suspicious service (Hidden): DGScan

12:46:41.0062 6068 Suspicious service (Hidden): DGService

12:46:41.0078 6068 Suspicious service (Hidden): dgtdimon

12:46:41.0156 6068 dgtdimon (39b573b4db693522919cdc57a684d0ef) C:\WINDOWS\system32\drivers\dgtdimon.sys

12:46:41.0156 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgtdimon.sys. md5: 39b573b4db693522919cdc57a684d0ef

12:46:41.0156 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgtdimon.sys. md5: 39b573b4db693522919cdc57a684d0ef

12:46:41.0156 6068 dgtdimon ( HiddenService.Multi.Generic ) - warning

12:46:41.0156 6068 dgtdimon - detected HiddenService.Multi.Generic (1)

12:46:41.0250 6068 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

12:46:41.0390 6068 Disk - ok

12:46:41.0546 6068 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

12:46:41.0718 6068 dmboot - ok

12:46:41.0812 6068 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

12:46:41.0953 6068 dmio - ok

12:46:42.0062 6068 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

12:46:42.0203 6068 dmload - ok

12:46:42.0296 6068 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

12:46:42.0421 6068 DMusic - ok

12:46:42.0546 6068 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys

12:46:42.0671 6068 Dot4 - ok

12:46:42.0765 6068 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys

12:46:42.0906 6068 Dot4Print - ok

12:46:43.0000 6068 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys

12:46:43.0140 6068 dot4usb - ok

12:46:43.0187 6068 dpti2o - ok

12:46:43.0265 6068 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

12:46:43.0390 6068 drmkaud - ok

12:46:43.0500 6068 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys

12:46:43.0515 6068 e1express - ok

12:46:43.0578 6068 easytether - ok

12:46:43.0781 6068 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

12:46:43.0906 6068 Fastfat - ok

12:46:44.0031 6068 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

12:46:44.0156 6068 Fdc - ok

12:46:44.0265 6068 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

12:46:44.0421 6068 Fips - ok

12:46:44.0500 6068 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

12:46:44.0640 6068 Flpydisk - ok

12:46:44.0718 6068 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

12:46:44.0843 6068 FltMgr - ok

12:46:44.0921 6068 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

12:46:45.0062 6068 Fs_Rec - ok

12:46:45.0140 6068 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

12:46:45.0281 6068 Ftdisk - ok

12:46:45.0359 6068 FTRUSB (cdcef7829f2ecc4af5531d781e6ebd62) C:\WINDOWS\system32\DRIVERS\FTRUSB.sys

12:46:45.0390 6068 FTRUSB ( UnsignedFile.Multi.Generic ) - warning

12:46:45.0390 6068 FTRUSB - detected UnsignedFile.Multi.Generic (1)

12:46:45.0531 6068 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

12:46:45.0656 6068 Gpc - ok

12:46:45.0734 6068 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

12:46:45.0875 6068 HDAudBus - ok

12:46:45.0968 6068 HECI (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys

12:46:46.0000 6068 HECI - ok

12:46:46.0109 6068 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\WINDOWS\system32\drivers\hpfxbulk.sys

12:46:46.0125 6068 HPFXBULK - ok

12:46:46.0156 6068 hpn - ok

12:46:46.0281 6068 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys

12:46:46.0312 6068 HTCAND32 - ok

12:46:46.0406 6068 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys

12:46:46.0437 6068 htcnprot - ok

12:46:46.0531 6068 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

12:46:46.0562 6068 HTTP - ok

12:46:46.0640 6068 i2omgmt - ok

12:46:46.0687 6068 i2omp - ok

12:46:46.0734 6068 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

12:46:46.0875 6068 i8042prt - ok

12:46:46.0984 6068 ialm (1432958dc80b7bbacf07377763d70e91) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

12:46:47.0046 6068 ialm - ok

12:46:47.0203 6068 IFXTPM (2cdf483f8fc2bf3f7b93e3bdd734cfbd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS

12:46:47.0234 6068 IFXTPM - ok

12:46:47.0359 6068 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

12:46:47.0484 6068 Imapi - ok

12:46:47.0578 6068 ini910u - ok

12:46:47.0765 6068 IntcAzAudAddService (06b0e8d608ab69643b14a1f95f7feab3) C:\WINDOWS\system32\drivers\RtkHDAud.sys

12:46:47.0968 6068 IntcAzAudAddService - ok

12:46:48.0062 6068 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

12:46:48.0187 6068 IntelIde - ok

12:46:48.0265 6068 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

12:46:48.0406 6068 intelppm - ok

12:46:48.0531 6068 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

12:46:48.0656 6068 Ip6Fw - ok

12:46:48.0734 6068 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

12:46:48.0875 6068 IpFilterDriver - ok

12:46:48.0984 6068 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

12:46:49.0109 6068 IpInIp - ok

12:46:49.0203 6068 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

12:46:49.0328 6068 IpNat - ok

12:46:49.0421 6068 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

12:46:49.0546 6068 IPSec - ok

12:46:49.0640 6068 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

12:46:49.0765 6068 IRENUM - ok

12:46:49.0875 6068 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

12:46:50.0015 6068 isapnp - ok

12:46:50.0171 6068 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

12:46:50.0296 6068 Kbdclass - ok

12:46:50.0390 6068 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

12:46:50.0546 6068 kmixer - ok

12:46:50.0656 6068 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

12:46:50.0687 6068 KSecDD - ok

12:46:50.0781 6068 lbrtfdc - ok

12:46:51.0265 6068 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

12:46:51.0406 6068 mnmdd - ok

12:46:51.0500 6068 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

12:46:51.0625 6068 Modem - ok

12:46:51.0718 6068 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

12:46:51.0843 6068 Mouclass - ok

12:46:51.0937 6068 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

12:46:52.0078 6068 MountMgr - ok

12:46:52.0156 6068 mraid35x - ok

12:46:52.0234 6068 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

12:46:52.0375 6068 MRxDAV - ok

12:46:52.0468 6068 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

12:46:52.0515 6068 MRxSmb - ok

12:46:52.0640 6068 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

12:46:52.0765 6068 Msfs - ok

12:46:52.0890 6068 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

12:46:53.0031 6068 MSKSSRV - ok

12:46:53.0140 6068 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

12:46:53.0265 6068 MSPCLOCK - ok

12:46:53.0375 6068 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

12:46:53.0515 6068 MSPQM - ok

12:46:53.0609 6068 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

12:46:53.0734 6068 mssmbios - ok

12:46:53.0906 6068 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

12:46:54.0062 6068 MSTEE - ok

12:46:54.0171 6068 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

12:46:54.0203 6068 Mup - ok

12:46:54.0312 6068 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

12:46:54.0453 6068 NABTSFEC - ok

12:46:54.0546 6068 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

12:46:54.0687 6068 NDIS - ok

12:46:54.0765 6068 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

12:46:54.0906 6068 NdisIP - ok

12:46:55.0015 6068 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

12:46:55.0046 6068 NdisTapi - ok

12:46:55.0140 6068 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

12:46:55.0281 6068 Ndisuio - ok

12:46:55.0390 6068 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

12:46:55.0562 6068 NdisWan - ok

12:46:55.0656 6068 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

12:46:55.0703 6068 NDProxy - ok

12:46:55.0812 6068 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

12:46:55.0953 6068 NetBIOS - ok

12:46:56.0062 6068 NetBT (0514772a3a60cb88971e4b363e13de5a) C:\WINDOWS\system32\DRIVERS\netbt.sys

12:46:56.0078 6068 NetBT ( UnsignedFile.Multi.Generic ) - warning

12:46:56.0078 6068 NetBT - detected UnsignedFile.Multi.Generic (1)

12:46:56.0359 6068 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

12:46:56.0484 6068 Npfs - ok

12:46:56.0625 6068 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

12:46:56.0781 6068 Ntfs - ok

12:46:56.0953 6068 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

12:46:57.0093 6068 Null - ok

12:46:57.0281 6068 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

12:46:57.0406 6068 NwlnkFlt - ok

12:46:57.0484 6068 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

12:46:57.0625 6068 NwlnkFwd - ok

12:46:58.0046 6068 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

12:46:58.0171 6068 Parport - ok

12:46:58.0265 6068 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

12:46:58.0390 6068 PartMgr - ok

12:46:58.0484 6068 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

12:46:58.0609 6068 ParVdm - ok

12:46:58.0750 6068 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

12:46:58.0875 6068 PCI - ok

12:46:58.0937 6068 PCIDump - ok

12:46:59.0031 6068 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

12:46:59.0171 6068 PCIIde - ok

12:46:59.0265 6068 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

12:46:59.0406 6068 Pcmcia - ok

12:46:59.0500 6068 PDCOMP - ok

12:46:59.0531 6068 PDFRAME - ok

12:46:59.0625 6068 PDRELI - ok

12:46:59.0656 6068 PDRFRAME - ok

12:46:59.0703 6068 perc2 - ok

12:46:59.0734 6068 perc2hib - ok

12:47:00.0046 6068 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

12:47:00.0187 6068 PptpMiniport - ok

12:47:00.0406 6068 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

12:47:00.0562 6068 PSched - ok

12:47:00.0687 6068 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

12:47:00.0828 6068 Ptilink - ok

12:47:00.0968 6068 ql1080 - ok

12:47:01.0031 6068 Ql10wnt - ok

12:47:01.0078 6068 ql12160 - ok

12:47:01.0125 6068 ql1240 - ok

12:47:01.0171 6068 ql1280 - ok

12:47:01.0296 6068 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

12:47:01.0421 6068 RasAcd - ok

12:47:01.0531 6068 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

12:47:01.0656 6068 Rasl2tp - ok

12:47:01.0750 6068 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

12:47:01.0890 6068 RasPppoe - ok

12:47:01.0968 6068 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

12:47:02.0125 6068 Raspti - ok

12:47:02.0234 6068 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

12:47:02.0359 6068 Rdbss - ok

12:47:02.0453 6068 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

12:47:02.0578 6068 RDPCDD - ok

12:47:02.0687 6068 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

12:47:02.0828 6068 rdpdr - ok

12:47:02.0937 6068 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

12:47:02.0984 6068 RDPWD - ok

12:47:03.0093 6068 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

12:47:03.0234 6068 redbook - ok

12:47:04.0062 6068 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

12:47:04.0218 6068 Secdrv - ok

12:47:04.0328 6068 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

12:47:04.0453 6068 serenum - ok

12:47:04.0531 6068 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

12:47:04.0671 6068 Serial - ok

12:47:04.0890 6068 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

12:47:05.0031 6068 Sfloppy - ok

12:47:05.0250 6068 Simbad - ok

12:47:05.0437 6068 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

12:47:05.0562 6068 SLIP - ok

12:47:05.0765 6068 smwdm (fa3368a7039f5abaa4b933703ac34763) C:\WINDOWS\system32\drivers\smwdm.sys

12:47:05.0812 6068 smwdm - ok

12:47:05.0968 6068 Sparrow - ok

12:47:06.0062 6068 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

12:47:06.0187 6068 splitter - ok

12:47:06.0437 6068 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

12:47:06.0562 6068 sr - ok

12:47:06.0718 6068 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

12:47:06.0765 6068 Srv - ok

12:47:07.0093 6068 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

12:47:07.0234 6068 streamip - ok

12:47:07.0421 6068 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

12:47:07.0546 6068 swenum - ok

12:47:07.0640 6068 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

12:47:07.0765 6068 swmidi - ok

12:47:07.0890 6068 symc810 - ok

12:47:07.0937 6068 symc8xx - ok

12:47:08.0015 6068 sym_hi - ok

12:47:08.0062 6068 sym_u3 - ok

12:47:08.0125 6068 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

12:47:08.0250 6068 sysaudio - ok

12:47:08.0453 6068 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

12:47:08.0515 6068 Tcpip - ok

12:47:08.0640 6068 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

12:47:08.0781 6068 TDPIPE - ok

12:47:08.0875 6068 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

12:47:09.0000 6068 TDTCP - ok

12:47:09.0109 6068 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

12:47:09.0234 6068 TermDD - ok

12:47:09.0531 6068 tmcfw (8d1900669f830178e60aca8b89f20ad4) C:\WINDOWS\system32\DRIVERS\TM_CFW.sys

12:47:09.0546 6068 tmcfw - ok

12:47:09.0640 6068 tmcomm (eb2283c0a4dfbd2e53d14f2c4d5a1e89) C:\WINDOWS\system32\drivers\tmcomm.sys

12:47:09.0656 6068 tmcomm - ok

12:47:09.0750 6068 TmFilter (717e406972bbc07f8fb2a989416cab73) C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys

12:47:09.0781 6068 TmFilter - ok

12:47:09.0890 6068 TmPreFilter (379c4f99994a56b66e11d1e32bb22a1c) C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys

12:47:09.0906 6068 TmPreFilter - ok

12:47:10.0000 6068 TosIde - ok

12:47:10.0296 6068 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

12:47:10.0437 6068 Udfs - ok

12:47:10.0562 6068 ultra - ok

12:47:10.0640 6068 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

12:47:10.0796 6068 Update - ok

12:47:11.0000 6068 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

12:47:11.0140 6068 usbccgp - ok

12:47:11.0265 6068 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

12:47:11.0390 6068 usbehci - ok

12:47:11.0484 6068 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

12:47:11.0625 6068 usbhub - ok

12:47:11.0718 6068 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

12:47:11.0859 6068 usbprint - ok

12:47:11.0984 6068 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

12:47:12.0109 6068 USBSTOR - ok

12:47:12.0218 6068 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

12:47:12.0343 6068 usbuhci - ok

12:47:12.0484 6068 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

12:47:12.0609 6068 usb_rndisx - ok

12:47:12.0859 6068 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

12:47:13.0000 6068 VgaSave - ok

12:47:13.0109 6068 ViaIde - ok

12:47:13.0250 6068 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

12:47:13.0375 6068 VolSnap - ok

12:47:13.0546 6068 VSApiNt (642eb152cb980ad9181b2161066be629) C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys

12:47:13.0609 6068 VSApiNt - ok

12:47:13.0875 6068 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

12:47:14.0000 6068 Wanarp - ok

12:47:14.0234 6068 Wdf01000 (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\Drivers\wdf01000.sys

12:47:14.0265 6068 Wdf01000 - ok

12:47:14.0328 6068 WDICA - ok

12:47:14.0406 6068 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

12:47:14.0546 6068 wdmaud - ok

12:47:15.0078 6068 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

12:47:15.0187 6068 WmiAcpi - ok

12:47:15.0500 6068 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

12:47:15.0625 6068 WSTCODEC - ok

12:47:15.0750 6068 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

12:47:15.0796 6068 WudfPf - ok

12:47:15.0890 6068 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

12:47:15.0921 6068 WudfRd - ok

12:47:16.0468 6068 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

12:47:16.0640 6068 \Device\Harddisk0\DR0 - ok

12:47:16.0640 6068 Boot (0x1200) (0554a279fb3046843f87e9234e1014a7) \Device\Harddisk0\DR0\Partition0

12:47:16.0640 6068 \Device\Harddisk0\DR0\Partition0 - ok

12:47:16.0656 6068 ============================================================

12:47:16.0656 6068 Scan finished

12:47:16.0656 6068 ============================================================

12:47:16.0671 6020 Detected object count: 17

12:47:16.0671 6020 Actual detected object count: 17

12:48:44.0718 6020 dgapimon ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0718 6020 dgapimon ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0718 6020 dgbusmon ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0718 6020 dgbusmon ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0718 6020 dgcotman ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0718 6020 dgcotman ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0718 6020 DGDmk ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 DGDmk ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0734 6020 DgDmkDisk ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 DgDmkDisk ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0734 6020 DGDT ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 DGDT ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0734 6020 DGFILTR ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 DGFILTR ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0734 6020 DGFS ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 DGFS ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0734 6020 dgfsmon ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 dgfsmon ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0734 6020 dgkpmail ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 dgkpmail ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0734 6020 DGLFS ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 DGLFS ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0734 6020 DGMASTER ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 DGMASTER ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0734 6020 DGREC ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 DGREC ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0734 6020 dgrule ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0734 6020 dgrule ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0750 6020 dgtdimon ( HiddenService.Multi.Generic ) - skipped by user

12:48:44.0750 6020 dgtdimon ( HiddenService.Multi.Generic ) - User select action: Skip

12:48:44.0750 6020 FTRUSB ( UnsignedFile.Multi.Generic ) - skipped by user

12:48:44.0750 6020 FTRUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:48:44.0750 6020 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user

12:48:44.0750 6020 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:48:53.0234 3696 Deinitialize success

Link to post
Share on other sites

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

Link to post
Share on other sites

ComboFix 12-02-25.01 - Administrator 02/25/2012 14:26:07.1.1 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.198 [GMT -5:00]

Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe

AV: Trend Micro OfficeScan Antivirus *Disabled/Outdated* {D5676B8F-DAF6-4ECC-9766-1F2FAF02629C}

FW: Trend Micro Personal Firewall *Disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files\DGAgent\plugins\09D849B6-32D3-4A40-85EE-6B84BA29E35B\ame_outlooksensor.dll

c:\program files\DGAgent\plugins\09D849B6-32D3-4A40-85EE-6B84BA29E35B\ame_smtpsensor.dll

c:\program files\DGAgent\plugins\8E4EA70A-6128-4B57-BD3F-8E9E0F0DA6BB\os_plugin.dll

c:\windows\$NtUninstallKB48274$\386094190\@

c:\windows\$NtUninstallKB48274$\386094190\L\pelbytiy

c:\windows\$NtUninstallKB48274$\386094190\loader.tlb

c:\windows\$NtUninstallKB48274$\386094190\U\@00000001

c:\windows\$NtUninstallKB48274$\386094190\U\@000000c0

c:\windows\$NtUninstallKB48274$\386094190\U\@000000cb

c:\windows\$NtUninstallKB48274$\386094190\U\@000000cf

c:\windows\$NtUninstallKB48274$\386094190\U\@80000000

c:\windows\$NtUninstallKB48274$\386094190\U\@800000c0

c:\windows\$NtUninstallKB48274$\386094190\U\@800000cb

c:\windows\$NtUninstallKB48274$\386094190\U\@800000cf

c:\windows\$NtUninstallKB48274$\618235046

c:\windows\system32\SET12D.tmp

c:\windows\system32\SET131.tmp

c:\windows\system32\SET139.tmp

c:\windows\unwise32.exe

c:\windows\$NtUninstallKB48274$ . . . . Failed to delete

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_DGMASTER

-------\Legacy_USNJSVC

-------\Service_DGMASTER

-------\Service_usnjsvc

.

.

((((((((((((((((((((((((( Files Created from 2012-01-25 to 2012-02-25 )))))))))))))))))))))))))))))))

.

.

2012-02-23 19:52 . 2012-02-25 13:35 102400 ----a-w- c:\windows\RegBootClean.exe

2012-02-23 19:48 . 2012-02-23 19:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes

2012-02-23 19:48 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-23 19:46 . 2012-02-23 19:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-02-23 18:35 . 2012-02-23 18:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Search

2012-02-23 18:33 . 2012-02-23 18:35 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory

2012-02-23 15:09 . 2012-02-23 21:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe

2012-02-23 15:06 . 2012-02-23 15:06 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities

2012-02-22 18:57 . 2012-02-25 17:41 11264 ----a-w- c:\windows\DCEBoot.exe

2012-02-21 20:52 . 2012-02-25 16:44 0 --sha-w- c:\windows\system32\dds_log_trash.cmd

2012-02-21 20:48 . 2012-02-21 20:48 -------- d-sh--w- c:\documents and settings\Administrator\Local Settings\Application Data\1703546e

2012-02-21 20:48 . 2012-02-21 20:48 25600 ----a-w- c:\windows\system32\OfpivkEbwagv.dll

2012-02-18 20:46 . 2012-02-18 22:29 -------- d-----w- c:\program files\Acro Software

2012-02-14 12:53 . 2012-02-14 12:53 -------- d-----w- c:\windows\Sun

2012-02-09 14:34 . 2012-02-09 14:34 -------- d-----w- C:\Copy of HP_P2055_default_install_v6.1_ww

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-09 14:39 . 2012-02-09 14:39 65421473 ----a-w- C:\Copy of HP_P2055_default_install_v6.zip

2011-12-21 18:56 . 2011-03-23 22:01 33638 ----a-w- c:\windows\system32\PDFCAWW6xxSM_Uninstall.exe

2011-12-17 18:52 . 2011-12-17 18:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OfficeScanNT Monitor"="c:\program files\Trend Micro\OfficeScan Client\pccntmon.exe" [2007-09-07 710000]

"DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 69632]

"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-19 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-19 126976]

"Persistence"="c:\windows\system32\igfxpers.exe" [2006-08-14 94208]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"StatusClient"="c:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, OfpivkEbwagv.dll

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGAPIMon.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGBUSMon.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DgDmk.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGDT.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGFS.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGFSMon.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGKPMail.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGLFS.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGRule.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGService]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProtectedStorage]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]

path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

backup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-02 15:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2012-01-04 03:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]

2003-03-31 22:28 155648 -c--a-w- c:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=

"c:\\Documents and Settings\\Administrator\\My Documents\\tri\\firefox.exe"=

"c:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe"=

"c:\\Documents and Settings\\Administrator\\My Documents\\tri\\Malwarebytes' Anti-Malware\\mbam.exe"=

.

R0 dgbusmon;DGBusMon;c:\windows\system32\drivers\DGBUSMon.sys [9/23/2010 4:46 PM 73928]

R0 dgtdimon;DGTDIMon;c:\windows\system32\drivers\DGTDIMon.sys [9/23/2010 4:46 PM 57672]

R2 DGService;Usage History Monitor;c:\program files\DGAgent\DgService.exe [9/23/2010 4:46 PM 412232]

R2 TmFilter;Trend Micro Filter;c:\program files\Trend Micro\OfficeScan Client\tmxpflt.sys [9/6/2006 8:27 PM 262416]

R2 TmPreFilter;Trend Micro PreFilter;c:\program files\Trend Micro\OfficeScan Client\tmpreflt.sys [9/6/2006 8:27 PM 36624]

R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [11/5/2004 4:05 PM 307984]

R3 TmPfw;OfficeScan NT Firewall;c:\program files\Trend Micro\OfficeScan Client\TmPfw.exe [5/18/2009 2:42 PM 943696]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]

S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe --> c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [?]

S3 DCamUSBVeo532;Veo Stingray/Connect Web Camera;c:\windows\system32\drivers\ubVeo532.sys [7/1/2002 5:30 PM 95232]

S3 dgapimon;DGAPIMon;c:\windows\system32\drivers\DGAPIMon.sys [9/23/2010 4:46 PM 160456]

S3 DGDmk;DGDmk;c:\windows\system32\drivers\dgdmk.sys [9/23/2010 4:44 PM 381768]

S3 DgDmkDisk;DgDmkDisk;c:\windows\system32\drivers\DgDmkDisk.sys [9/23/2010 4:45 PM 13640]

S3 DGDT;DGDT;c:\windows\system32\drivers\dgdt.sys [9/23/2010 4:45 PM 175560]

S3 DGFILTR;DGFILTR;c:\windows\system32\Drivers\DgFiltr.sys --> c:\windows\system32\Drivers\DgFiltr.sys [?]

S3 DGFS;DGFS;c:\windows\system32\drivers\dgfs.sys [9/23/2010 4:44 PM 128200]

S3 dgfsmon;DGFSMon;c:\windows\system32\drivers\dgfsmon.sys [9/23/2010 4:46 PM 124744]

S3 dgkpmail;DGKPMail;c:\windows\system32\drivers\DGKPMail.sys [9/23/2010 4:45 PM 50888]

S3 DGLFS;DGLFS;c:\windows\system32\drivers\dglfs.sys [9/23/2010 4:44 PM 191176]

S3 DGREC;DGREC;c:\windows\system32\Drivers\DgRec.sys --> c:\windows\system32\Drivers\DgRec.sys [?]

S3 dgrule;DGRule;c:\windows\system32\drivers\DGRule.sys [9/23/2010 4:44 PM 129480]

S3 DGScan;Usage History Scanning Service;c:\program files\DGAgent\DgScan.exe [9/23/2010 4:46 PM 567880]

S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys --> c:\windows\system32\DRIVERS\easytthr.sys [?]

S3 FTRUSB;Futronic USB Fingerprint Scanner Device;c:\windows\system32\drivers\FTRUSB.sys [12/7/2005 7:05 AM 16256]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [12/12/2011 3:03 PM 24576]

S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [6/22/2010 6:01 PM 21248]

S3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [1/28/2008 3:15 PM 36608]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 10:15 AM 31125880]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2/28/2006 7:00 AM 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]

S4 dgcotman;dgcotman;c:\windows\system32\drivers\DGCotMan.sys [9/23/2010 4:45 PM 136008]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

WINRM REG_MULTI_SZ WINRM

.

NETSVCS REQUIRES REPAIRS - current entries shown

6to4

AppMgmt

AudioSrv

Browser

CryptSvc

DMServer

DHCP

ERSvc

EventSystem

FastUserSwitchingCompatibility

HidServ

Ias

Iprip

Irmon

LanmanServer

LanmanWorkstation

Messenger

Netman

Nla

Ntmssvc

NWCWorkstation

Nwsapagent

Rasauto

thpsrv

aksusb

dbustrcm

vaiomediaplatform-mobile-gateway

mmc_2K

wampmysqld

winmtsrv

zdeviceservice

WmXlCore

cercsr6

ssdiagn

wandrv

NVXBAR

athr

sbiesvc

cpucoolserver

maxbackserviceint

aswupdsv

xusb21

s125mdfl

qcdonner

sp_clamsrv

stylexphelper

oracle_load_balancer_60_server-forms6ip14

irmon

cpqvcagent

protexislicensing

LVPrcMon

pdlncbas

spcstb

CdaC15BA

SQLAgent$MICROSOFTBCM

ageresoftmodem

hpzid412

pavfnsvr

TuneUp.Defrag

USBModem

netsvc

ec2007service

Jukebox

snpstd2

RadProbe

ptbsync

FETNDIS

svcwmu

SE2Ebus

logmein

pae_1394

igfx

abnetmon

ithsgt

ibmcicstransactiongateway

IJPLMSVC

mstdc

eSettingsService

vmount2

oracleorahometnslistener

mstdfrgs

ibmasrex

swupdtmr

tifm

centennialiptransferagent

ahcix86s

rfcomm

wintab32

atkdisplf

GcKernel

DLH5X

lvpr2mon

s217obex

procdd

VHidMinidrv

pcx1nd5

LPCFilter

admservice

qbfcservice

ctxhttp

nvsmu

usbvideo

wanusb

vga

egathdrv

nvmd

MaxtorFrontPanel1

lvhidsvc

ccpwdsvc

aexnsclient

pmj151la

livesrv

NetwareWorkstation

actser

PXRDDriver

CTMFLT

npkcmsvc

ZSMC303

TPPWRIF

scanexplicit

lanusb

backupexecjobengine

DM9102

USB_NDIS_51

sgectl

pxhelp20

MA8032U

proxyhostdriver

avipbb

LPDSVC

DKbFltr

clr_optimization_v2.0.50215_32

w300mdm

smbios

MREMP50a64

blueletscoaudio

driverhardwarev2

mcdbus

thkeys

bgs_sdservice

plsremotesvc

snare

OEM02Vfx

SNTIE

issm

ps2

bcm43xx

NWSNS

oracleformsserver-forms60server-oraform

sfrem01

cdudf_xp

co_mon

wap3gx

websenseclientdeployservice

euq_monitor

CTEDSPSY.DLL

CTAUDFX.DLL

V0070VID

se58nd5

smrt

caili

cmpci

{95808DC4-FA4A-4c74-92FE-5B863F82066B}

RalinkRegistryWriter

sleepy

patrol_scheduler

HSX_DP

cmuda3

SPLITCAM

dsunidrv

usb20l

s217mgmt

slave

PhilCam8116

BootScreen

diskperf

JGOGO

RR2Ctrl

PQNTDrv

s616obex

w810obex

servidor

WISTechVIDCAP

AEADIFilters

mediamaxxlservice

rimmptsk

AVerBDA

sqlagent$soshome22

cxlpt

p17

iaimtv2

PhilCam8116_XP

PD0620VID

epsonstatusagent2

AMDPCI

evteng

commserver

pfmodnt

pivotmou

rupsd

NMSCFG

prfldsvc

dlcg_device

oracleorahomeclientcache

cdr4_xp

s3ssavage

LXARScan

mcstrm

winvnc

btwaudio

n558

ma_cmidi_installerservice

HWIONT

ovmsmaccessmanager

oracleorahomehttpserver

rp_fws

PAC7302

bthserv

svcwrsssdk

vaiomediaplatform-integratedserver-appserver

AIRPLUS

SiSGbeXP

tfsnopio

U81xmdm

APLMp50

getPlusHelper

wlancfg

nsm1bus

slimsvc

exfat

s125mdm

acsvc

pdlnecfg

nimcdfxk

se2Cnd5

ALYac_PZSrv

NWFILTER

OsaFsLoc

mvwebserver

StarOpen

s616nd5

amdk8

netcfgsvr

CdaD10BA

uscbs108

sifilter

vrmonsvc

cics.region1

qbreminderflash

softfax

captureservice

AFGMp50

symmpi

vusbbus

KS0108

ac97intc

UWProSys

vmauthdservice

SunkFilt

flashcomadmin

hsf_msft

websenserealtimeanalyzer

WUSB54Gv4SVC

NWDNS

spsslm

AffinegyService

deltafw

veteboot

Xyz777b

mgabgexe

slabser

emclisrv

iaimfp0

minilog

bthidmgr

TryAndDecideService

eabfiltr

3combootp

CTDevice_Srv

ilicensesvc

SGIR

servicemgr

cm102u32

fcprintservice

cusrvc

zumbus

elservice

tfsnifs

MpFilter

btdriver

ccevtmgr

ErrDev

PGPwded

pdlnctdl

incdfs

nim32

SE2Dbus

se2Eunic

ireike

pcx1unic

USB11LDR

USBMN1X1

alertservice

msfwsvc

vet-rec

ami0nt

rppkt

gagp30kx

tiumfwl

winpppoverethernet

dlbx_device

WSIMD

pnkbstrk

mwlsvc

{a7447300-8075-4b0d-83f1-3d75c8ebc623}

GMSIPCI

anbmservice

logonsvcid

hdaudaddservice

mbr

n3900

smservauth

SMCB000

CamAv

mcproxy

CX23880

NICM

hf30service

slpmonx

pilogsrv

rtl8139

PBADRV

ctprxy2k

raidmagt

VRcore

db2remotecmd

SE2Cmdfl

aswtdi

quickbooksdb

ndiscm

cebdaldr

pelmouse

qbposdbservices

grmnusb

ctusfsyn

WinHttpAutoProxySvc

prodrv06

SE2Cobex

iAimFP6

FirePM

ntcharge

outpostfirewall

ELacpi

hpqwmiex

aniwzcsdservice

tmxpflt

winproxy

screadspool

z525mdfl

sffdisk

zpcollector

nod32krn

oraclewebassistant

sysplant

anydvd

SMTPSVC

Invoker

msmpsvc

avcgbfl

PTDCMdm

rvsinst

pav_security

mpfp

vclone

NETGEAR_MA111

wpsdrvnt

spmgr

wlankeeper

ha20x2k

sbcssvc

p2k

soma

shuttleengine

smservaz

bt3cser

nm

cmuda

hprfdev

vpn5000service

dm1service

MagicTune

tpkmpsvc

WmVirHid

ET5Drv

acs

hsvcmod

bdselfpr

SE26mdm

richvideo

lxcf_device

pdlndldl

cpuidlep

UDFReadr

SWNC8U51

lvpopflt

emu10k1

dlaudfam

DcLps

pinnacleupdatesvc

iPassP

ziptoa

websensecamserver

SrvcSSIOMngr

TuneUp.ProgramStatisticsSvc

penclass

issuser

SGHIDI

cwafnotesservice

btwmodem

zpsc

btwrchid

nidomainservice

zunenetworksvc

lckfldservice

BrScnUsb

NxNetMon

SbieDrv

USBCamera

dcstor32

dnsexit

rca

umwdf

Evian

GV600_4

w550mdm

GBFSHook

srvdpi

ati2mtag

sffp_sd

CVirtA

MxlW2k

w200mdm

NWSIPX32

adsexpb

mssql$sqlexpress

websensewfreportserver

CnxtHdAudService

rimvserport

pdlnacom

MREMP50

USB28xxBGA

wg5n

SE26bus

SaiU040B

sp_rssrv

djsnetcn

pdlncfwk

btcsrusb

obvious

tmesrv3

ss_mdm

snmptrapdservice

C-Dilla

vulfntrs

vhidmini

spbbcsvc

Freedom

atalk

bthusb

se44mdfl

statusagent4

mod7700

pavsrv

prohlp02

purendis

palmusbd

mfeavfk

alcxsens

s125mgmt

LCcfltr

RR2Mjpeg

stllssvr

SiS300i

aliadwdm

gdrv

ageremodemaudio

sskbfd

relational

Alpham2

OneCareMP

MA-620

pavagente

avgclean

sonicatheaterinstallerservice

iAimTV5

win32sl

se44nd5

ASMMAP

s7oppitx

backupexecnamingservice

s716bus

toshidpt

lyncusbserv

MegaSR

W2acehid

ARCSOFTVIRTUALCAPTURE

DniVad

puscsrvc

ZSMC301b

adaptecstoragemanageragent

BlueSoleilCS

lxce_device

ATKGFNEXSrv

yukonwlh

F700isw

lgsnd_filter

se59mgmt

cq_mem

NEOFLTR_600_13319

w800mgmt

zebrsce

advservice

aeclienthostservice

snareiis

bgsvcgen

avinitnt

sisagp

cimnotify

hpci

admjoy

Cam5603C

cics.region2

w810mdm

clisvc

s117obex

MaVctrl

inotask

SWNC8U20

p2pgasvc

se59obex

steamdvr

WLAN_USB

nHancer

UlSata

keymaestro

patrolagent

atfsd

CYGF32X

MA_CMIDI

vncmirror

sfhlp01

atmeltpm

eelsservice

ICAM5USB

iaimtv3

elbycdio

vzfw

PTproct

ASNDIS5

rkhdrv31

p1110vid

alim1541

SDdriver

ibmsmbus

db2das00

array_utility_service4,0,1,3

lxct_device

rtm

YahooAUService

mclogmanagerservice

SecureStorageService

STV680

qkbfiltr

avp

w550mgmt

s716unic

vmx86

mfesmfk

IPSECSHM

aswlsvc

CSRBC

ntsecure

Rawwan

smstsmgr

L6POD

EMSCR

gmer

nmservice

Wbutton

s117unic

aclient

antivirservice

roxwatch

incdrec

LVCap138

SABProcEnum

houdinilicenseserver

TUWinStylerThemeSvc

spupdsvc

ipassconnectengine

v2imount

ovsecurityserver

FTSER2K

MQAC

P17xfi

symfw

vmodem

snoopfree

zebrceb

monfilt

CTAudSvcService

umxfwhlp

adminserver

axsnmsvc

pcctlcom

ltxred

roxwatch9

speedfan

atinrvxx

mctskshd.exe

ipsecmon

AeLookupSvc

pwd_2K

sfng32

kbfiltr

mcmscsvc

RR2IOMod

ntpr_nic_service2

s125bus

dot4ufd

CAMCHALA

addfiltr

nvenetfd

oracle%oracle_home_service%clientcache80

SMNDIS5

roxupnpserver

tvtpktfilter

SQLAgent$LG_LP2

de_serv

pmshellsrv

vtserver

ctsfm2k

nvedavt

uagp35

vcomm

mssqlserver

acrsch2svc

inorpc

firelm01

tphkdrv

slee_81_service

df5serv

entech

rassstp

Pctspk

w810mgmt

CXTUNE

MR97310_USB_DUAL_CAMERA

DMICall

pinetmgr

utilman

SE27mdm

npapimon

dvd43llh

defragfs

ivscheduler

ss_bus

ghoststartservice

osaio

cacheserver

rvscc

webrootenterpriseclientservice

elbycdfl

cvslock

vproeventmonitor

se59unic

suservice

E1000

eloggersvc6

pavprsrv

oracleorahome90agent

gv3

autostore

winachsx

marvinbus

PAR1284

XAudio

googledesktopmanager

eelogsvc

PSSdk21

fsbwsys

UBHelper

swmsflt

OracleOraHome92ClientCache

sit_mdm

s616bus

USBDeviceService

UPATC

nimxdfk

crystaloutputfileserver

ALABULK

sis315

ntuneservice

se59bus

tng-dtmg

tsmservice

epstnt01

awhost32

se58mdm

Epfwndis

surveyor

wg6n

bobo

oraclesnmppeermasteragent

LHidFilt

sfusvc

savrt

HWSCtrl

ISAMSvc

ESMCR

vet-filt

mhn

AN983

jukebox3

HidBth

ni_nic

db2governor

hpqcxs08

slabbus

mfeapfk

aolservice

WaveFDE

StkAMini

incdsrv

cdvp

QWAVE

tfsncofs

tcpip6

stacsv

szserver

msi_wlan_service

nsm1serd

Dell1100_FUService

ROOTUSB

iksyssec

taphss

dlbt_device

ATMsg

wmp54gssvc

Dfs

USBCCID

sr_watchdog

Defrag32

ssfs0509

ROB_A

z525obex

btwusb

bc_ngn

sonypvs1

se44obex

SfCtlCom

isamsmt

EU3_USB

stac97

InterBaseServer

Ktp

windrvNT

fingrd32

NWUSBPort

catchme

g400

macformatservice

PSDFilter

SE2Dmdm

tpkd

rnadiagnosticsservice

mxserver

avg7rsw

U2SP

dsncservice

noipducservice

timounter

roxmediadb9

icam4usb

trioservice

neokdss

ABVPN2K

vpnva

CcmExec

LMS

XUIF

lxbt_device

usbsermpt

parallel

psdistributionagent

tfsnpool

nwrdr

crcdisk

3dkeybd

odysseyIM4

atchksrv

amfilter

lxrjd31s

fgdxbus

elaunidr

PDExchange

point32

cltnetcnservice

w200mdfl

bltrust

MRENDIS5

DCamUSBSQTECH

mssql$microsoftbcm

s616mdfl

W700mdm

drvnddm

SiS7018

rspndr

odysseyIM3

S3GIGP

MSICPL

aaksrv

aegisp

mhndrv

enodpl

GameConsoleService

bc_ip_f

HPFECP20

sonicstagemonitoring

lmab_device

SISNICXP

MXOFX

CoachAud

sony_ssm.sys

mgabg

U81xmgmt

ma763004

SECYPUSB

appnnode

cpqdfw

icepack

backupexecrpcservice

GoProto

DynDNS_Updater_Service

ibmfilter

ispwdsvc

USBVCD

nicconfigsvc

belgium_id_card_service

SaiClass

winpowermanager

uploadmgr

openldap-slapd

avfilter

s3twistr

nmwcdc

nmindexingservice

Tablet2k

sfcure01

niorbk

nv4

wfxsvc

s117bus

CTSYN

lvupdtio

spcsutilityservice

ovepstatusengine

omniusb

ctxcpubal

kservice

amon

ccispwdsvc

MRV6X32P

rpcnet

lockmgr

bthport

mozybackup

SymIM

mwsejcap

netrcacm

ihcservice

SE2Emdfl

aswmon2

k750obex

CVPND

ati2mtaa

WINUSB

zpjobq

mpfservice

adobeactivefilemonitor5.0

ngserver

motmodem

oracle_load_balancer_60_server-forms6i

ICAM3NT5

fireport

bcftdi

bc_filter

ZuneWlanCfgSvc

Uim_IM

fax

idrivert

MRESP50

arp1394

generichidservice

vpcvmm

asctrm

SQLBrowser

tmesbs32

diskeeper

bvrp_pci

ezplay

lusbaudio

tosrfnds

IFP700

wwsecsvc

MobilityService

knobserv

wmccdsls

omnidrv

navapsvc

FlexBios

imountsrv

sysmgmthp

agrsrvce

si3114r

s3savagenb

se44mdm

avsinc

ichaud

iolo_srv

tvichw32

TMKEmu

IntelC53

smartlinkservice

portmapper

govsrv

deventagent

cs429x

pktfilter

WmaCDriverV32

smartwiservice

PCDCODEC

adiloader

sisnic

aksfridge

oraclesnmppeerencapsulator

iAimFP5

ngdbserv

pdlnebas

infrastructure

TdmService

stylexpservice

TestHandler

merakcontrol

aolavupd

stcagent

avgtdi

LVBulk

Pcatip

db2licd

ADIDTSFiltService

SNC

ftsata2

atkkeyboardservice

wwnetdde

acprfmgrsvc

license

mirrorv3

dsNcAdpt

se44bus

freepops

rt2870

arcltsrv

SenFiltService

pdfcreatormessages

EMCFILT

dnetc

mrvw245

s716mdfl

datunidr

wpshelper

mvdcodec

alertmanager

mbackmonitor

StreamDispatcher

vstor2

aic116x

pinnaclemarvinusb

bdpredir

k750mdm

AmeLanPc

bc_pat_f

McciCMService

rtl8023

hmonitor

AKSIFDH

personalsecuredriveservice

filterservice

SE2Bbus

viagfx

nmwcd

O2SCBUS

tosporte

se45unic

UimBus

se59nd5

avcgbdr

TSHWMDTCP

mysqlinventime

mozyFilter

raysatxsi5_0server

{85ccb53b-23d8-4e73-b1b7-9ddb71827d9b}

netw4x32

DCamUSBDXGTech

emAudio

pinnaclesys.mediaserver

tosrfec

imagedrv

npkcsvc

FET5X86V

NPDriver

syslogd

AtlsAud

RR2Vbi

mqdmmdm

iaimtv4

TMHIDSRV

jconfigd

w800bus

vaiomediaplatform-musicserver-appserver

HssTrayService

flashpnt

USB28xxOEM

SQLAgent$MICROSOFTSMLBIZ

HpqRemHid

dvd-ram_service

W55U01

smartscaps

beatjammusicstreamingserver

webdriveservice

kbdhid

fsRamDsk

ssrvc

USB_RNDIS

eventclientmultiplexer

retrolauncher

AVRec

clnt_clientman

iaimtv1

psadd

CDRPDACC

StkASSrv

nvata

ufad-ws60

tgsrvc_smartagent

oracleorahomepagingserver

PNRPSvc

tphdexlgsvc

tdsmapi

epson_pm_rpcv2_02

CoachUsb

lsdiorw

BrUsbSer

konfig

ss_mdfl

ASLDRService

MSMQTriggers

A88xEnc

ifp800

centennialclientagent

vwkernel

e1000

jobserver_report

transarcafsdaemon

bt

arc

mi-raysat_3dsMax2008_32

wuolservice

dlaboiom

UVCFTR

https-admserv61

MailService

EntDrv51

se2Bunic

HabuFltr

ms_mpu401

iaimfp2

curtainssyssvc

genmcmn

hcf_msft

ntsyslog

wencrservice

EPSON_EB_RPCV4_01

npkcusb

thinkpadmodemservice

USR1806V

mldserv

avgems

fix

w810bus

x10nets

s116unic

st330service

pwkntmon

ScanUSBEMPIA

SNDO763

WGX

RMSvc

yats32

nmwcdcj

SRS_SSCFilter

NWDHCP

sdcplh

ofcpfwsvc

tifm21

midisyn

ser2plms

Sntnlusb

pca

NCPro

npkcrypt

wg4n

SE2Dmdfl

liveupdate

qbposdbextservices

SQTECH905C

iolodmv

ATKFUSService

QPCapSvc

Machnm32

Udfreadr_xp

digictrl

btkrnl

SE2Bmgmt

ELmon

olregcap

nuvvid2

MTsensor

d-link_st3402

usnsvc

nv

upsmonservice

dmprimer

iclarityqosservice

AsDsm

edspport

nsvcip

cmdmon

VAIOMediaPlatform-MusicServer-HTTP

ctdvda2k

irbus

venturi2

asusgsb

axsaki

WscNetDr

lvtuner

AsuhfivrO

omsad

NOWMEMDF

filemon701

nmwcdcm

SaiNtBus

GTWModem

AVWLP_USB

mks_scan

tng-doba

FTDIBUS

SeaPort

nvrd32

s217nd5

DSDrv4

EACSys

ftpds

zpjava

twdns

tiwlnsvc

megamonitorsrv

sagefserver

bhmonitorservice

msgsrvservice

lktimesync

U81xmdfl

sprtsvc_smartagent

zmxpzip

entertainment

roxliveshare9

oracledbconsoleorcl

cachemgr

inort

pnkbstra

hibernation

z525mgmt

RIOUNIV

winpowermonitor

kerbkey

ntiopnp

NxSysMon

FsVga

elosystemservice

vsmon

UpdateCenterService

WmFilter

cavasm

symredrv

MS1000

TIEHDUSB

WUSB54GCSVC

regmanserv

tones

hpqddsvc

crystalinputfileserver

symantecantibotwatcher

VMAUDIO

com4qlb

rt73

Airgo

BRCMDECO

dlabmfsm

tvtnetwk

websenseuserservice

GoogleDesktopManager-010708-104812

se59mdm

cidaemon

UsbDiag

NeroMediaHomeService.4

dsproct

deckzpsx

vrfwsvc

dlaudf_m

csctl50

mgactrl

F700iob

rpaservice

razerusb

bantext

ds1

mscsptisrv

pxfhserd

iaimfp1

tbhsd

rootmodem

mssqlserverolapservice

pinger

whoisd32

BCM42RLY

issvc

RIOXDRV

rbfilter

aslm75

pav_service

clcapsvc

NWUSBModem

s217unic

CnxTrLan

pdscheduler

pccsmcfd

DcFpoint

tmactmon

hidusb

DFUBTUSB

websenseusagemonitor

{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}

was

tfsndrct

X10UIF

regmon701

CTHWIUT.DLL

Appn

bdss

nv_agp

sdbus

tosrfbnp

ppmoucls

ELhid

winpowerrmi

webfilter

acedrv07

cmdagent

buslogic

SE2Emdm

remotelyanywhere

dwusbdnt

nvnforce

symidsco

automate5

aswrdr

toddsrv

SE2Dobex

tapvpn

issimon

phnxvcdservice

WmHidLo

RESMGR

XilinxPC4Driver

awlegacy

netdevio

tosrfbd

InterBaseGuardian

DN2AKNET

tdcmdpst

z800mdfl

genregistrar

lxdm_device

SlNtHal

Si3132

nmsaccess

pmem

fetnd5bv

winss

SE27mdfl

M3AD

DMUSBUSBDCam

dcfssvc

tavsvc

ZY202_XP

xaudioservice

LwUsbHid

cxusb

Packet

oracleorahomemanagementserver

StkScan

KMW_KBD

sit_flt

fuj02b1

fallback

atimpab

cachemanxp

Sus2pl

hotspotshieldservice

vnxservice

epsonbidirectionalservice

usbscan

citrixwmiservice

NETMDUSB

amdagp

mapserver6.3

adobeactivefilemonitor4.0

uhcd

mouhid

trufos

MSW_USB

sscdmdfl

cqmgserv

s116bus

SaiNtSub

eaps2kbd

SRTSP

viaagp

slee_503_service

dmisrv

prosync1

USBAAPL

ventrilo

SQTECH9080

tfsnudfa

se2Cunic

cwbrxd

s24trans

hdthermal

WavxDMgr

WNCPKT

mcontrol

vetfddnt

webupdate

eectrl

s716nd5

btwdndis

cpntsrv

licensemanagersocket

FireTDI

sshrmd

PTDCVsp

backuplauncher

ikfilesec

btfirst

BUFADPT

kraidsvc

prism_a02

nwdls

ati2mpaa

alcaudsl

pclepci

cwafeventrouter

USBDongle

bglivesvc

nvlddmkm

cfgwzsvc

vmnetdhcp

kpfwsvc

sdhelper

retrowdsvc

id2scaps

acdpowerservice

MSSQL$AUTODESKVAULT

symdns

ATMsrvc

vetefile

idisw2km

nicser_wmp11

srtspx

adpu320

pdlnepkt

autocomplete

agp440

IWCA

oracleorahome92pagingserver

thotkey

iksysflt

DCFS2K

HFACSVC

arrayssl_vpn_service3,0,1,9

MSIRCOMM

fasttx2k

BsHelpCS

DNE

axinstsv

hsf_dp

opcenum

ctxcpusched

mfcom

mssql$microsoftsmlbiz

mqdmbus

NTSIM

upnp

nvrd64

WUSB54GPV4SRV

MA8032M

cwafrmiregistry

Cardex

w200mgmt

bwcsrv

iomegaaccess

AVCSTRM

sscdbhk5

tosrfusb

se44mgmt

DeviceScanner

HssSrv

slssvc

Gernuwa

DevUpper

cccredmgr

a016bus

xfilt

inspect

s616mdm

btaudio

BLKWGU(Belkin)

odclientservice

se58bus

SetupNT

cqmghost

nmap

digitizer

msgame

USIUDF

W700obex

pxfhmdm

msk80service

RecAgent

shdserv

Shockprf

webrootcommagentservice

compbatt

SprintRcAppSvc

VAIOMediaPlatform-VideoServer-UPnP

ShockMgr

s24eventmonitor

ClntMgmt.sys

ipssvc

Intels51

GBDevice

pacsptisvr

artourservice

clmtomcatstartersvc

stunnel

dvpapi

LUsbKbd

Si3132r5

dcpflics

DCamUSBMke

SQLWriter

NITaggerService

RTLE8023xp

VrAcFil

ctljystk

cmbatt

gtndis5

xnacc

mcp

Rasman

Remoteaccess

Schedule

Seclogon

SENS

Sharedaccess

SRService

Tapisrv

Themes

TrkWks

W32Time

WZCSVC

Wmi

WmdmPmSp

winmgmt

wscsvc

xmlprov

BITS

wuauserv

ShellHWDetection

helpsvc

WmdmPmSN

napagent

hkmsvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

.

.

.

------- Supplementary Scan -------

.

uStart Page = https://www.prometric.com/Network/Login.asp

uInternet Settings,ProxyOverride = <local>

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

Trusted Zone: 2test.com

Trusted Zone: 2test.com\www

Trusted Zone: prometric.com\ehelp

Trusted Zone: prometric.com\polaris

Trusted Zone: prometric.com\pulse

Trusted Zone: prometric.com\www

Trusted Zone: prometric.com\www.polaris

Trusted Zone: yahoo.com

Trusted Zone: microsoft.com

Trusted Zone: prometric.com

Trusted Zone: webex.com

TCP: DhcpNameServer = 74.238.59.137

TCP: Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6}: NameServer = 172.16.9.5

TCP: Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC}: NameServer = 172.16.9.5

TCP: Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35}: NameServer = 172.16.9.5

TCP: Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772}: NameServer = 172.16.9.5

TCP: Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C}: NameServer = 172.16.9.5

TCP: Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358}: NameServer = 172.16.9.5

Handler: RS - {DE475C95-5280-11D4-A475-0090278A19C8} - c:\utdsys\POLESS.dll

FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zg9mnrzg.default\

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKLM-Run-HPLJ Config - c:\program files\Hewlett-Packard\hp LaserJet 1150_1300\SetConfig.exe

SafeBoot-DGMaster.sys

MSConfigStartUp-HTC Sync Loader - c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe

AddRemove-MSHowlerLatency_1,0,0,1 - f:\dts\Sys\MSHowlerLatency.EXE

AddRemove-ZeonUTDPDF - f:\dts\SYS\ZeonUTDPDFInstall.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-02-25 14:49

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\fasttx2k]

"ServiceDll"=""

.

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ONSIO]

"ServiceDll"=""

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(3964)

c:\windows\system32\WININET.dll

c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf

c:\progra~1\MICROS~3\Office14\1033\GrooveIntlResource.dll

c:\windows\system32\IEFRAME.dll

c:\windows\system32\WPDShServiceObj.dll

c:\documents and settings\Administrator\My Documents\tri\WinSCP\DragExt.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Trend Micro\OfficeScan Client\ntrtscan.exe

c:\program files\Analog Devices\SoundMAX\SMAgent.exe

c:\program files\Trend Micro\OfficeScan Client\tmlisten.exe

c:\windows\system32\SearchIndexer.exe

c:\program files\DGAgent\dgprompt.exe

c:\windows\TEMP\HFD182.EXE

c:\program files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe

c:\program files\Trend Micro\OfficeScan Client\Misc\xpupg.exe

c:\program files\Trend Micro\OfficeScan Client\pccntupd.exe

.

**************************************************************************

.

Completion time: 2012-02-25 14:58:09 - machine was rebooted

ComboFix-quarantined-files.txt 2012-02-25 19:58

.

Pre-Run: 26,371,530,752 bytes free

Post-Run: 26,366,226,432 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - EFA8DF4CFCAB3AC0372D21864DEC5535

Link to post
Share on other sites

Enable Hidden files:

http://www.howtogeek...-folders-in-xp/

Please find this file and upload it to VirusTotal for a free scan, post back the results (the url)

c:\windows\system32\OfpivkEbwagv.dll

http://www.virustotal.com/

--------------------

also can you take a look at this folder and see what's inside and do you recognize it:

c:\documents and settings\Administrator\Local Settings\Application Data\1703546e

MrC

Link to post
Share on other sites

That sure is malware!

Please do this........

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

4. If ComboFix wants to update.....please allow it to.

File::

c:\windows\system32\OfpivkEbwagv.dll

Registry::

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScript.gif

Refering to the picture above, drag CFScript into ComboFix.exe

CAUTION: Do not mouse-click ComboFix while it is running. It may cause it to stall.

After reboot, (in case it asks to reboot)......

Please provide the contents of the ComboFix log (C:\ComboFix.txt) in your next reply.

MrC

Link to post
Share on other sites

MrCharlie,

Thanks for waiting for my reply, here is the log you requested.

ComboFix 12-02-25.01 - Administrator 02/29/2012 11:37:46.2.1 - x86

Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt

AV: Trend Micro OfficeScan Antivirus *Disabled/Outdated* {D5676B8F-DAF6-4ECC-9766-1F2FAF02629C}

FW: Trend Micro Personal Firewall *Disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}

* Created a new restore point

.

FILE ::

"c:\windows\system32\OfpivkEbwagv.dll"

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_Dgmaster

-------\Service_Dgmaster

.

.

((((((((((((((((((((((((( Files Created from 2012-01-28 to 2012-02-29 )))))))))))))))))))))))))))))))

.

.

2012-02-27 14:21 . 2012-02-27 14:21 -------- d-----w- c:\program files\ETS

2012-02-23 19:52 . 2012-02-25 13:35 102400 ----a-w- c:\windows\RegBootClean.exe

2012-02-23 19:48 . 2012-02-23 19:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes

2012-02-23 19:48 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-23 19:46 . 2012-02-23 19:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-02-23 18:35 . 2012-02-23 18:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Search

2012-02-23 18:33 . 2012-02-23 18:35 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory

2012-02-23 15:09 . 2012-02-23 21:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe

2012-02-23 15:06 . 2012-02-23 15:06 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities

2012-02-22 18:57 . 2012-02-25 17:41 11264 ----a-w- c:\windows\DCEBoot.exe

2012-02-21 20:52 . 2012-02-25 16:44 0 --sha-w- c:\windows\system32\dds_log_trash.cmd

2012-02-21 20:48 . 2012-02-21 20:48 -------- d-sh--w- c:\documents and settings\Administrator\Local Settings\Application Data\1703546e

2012-02-21 20:48 . 2012-02-21 20:48 25600 ----a-w- c:\windows\system32\OfpivkEbwagv.dll

2012-02-18 20:46 . 2012-02-18 22:29 -------- d-----w- c:\program files\Acro Software

2012-02-14 12:53 . 2012-02-14 12:53 -------- d-----w- c:\windows\Sun

2012-02-09 14:34 . 2012-02-09 14:34 -------- d-----w- C:\Copy of HP_P2055_default_install_v6.1_ww

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-09 14:39 . 2012-02-09 14:39 65421473 ----a-w- C:\Copy of HP_P2055_default_install_v6.zip

2011-12-21 18:56 . 2011-03-23 22:01 33638 ----a-w- c:\windows\system32\PDFCAWW6xxSM_Uninstall.exe

2011-12-17 18:52 . 2011-12-17 18:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

.

.

((((((((((((((((((((((((((((( SnapShot@2012-02-25_19.49.05 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-02-29 16:51 . 2012-02-29 16:51 16384 c:\windows\Temp\Perflib_Perfdata_718.dat

+ 2012-02-29 16:51 . 2007-09-07 01:45 300392 c:\windows\Temp\SF6A6A.EXE

+ 2008-01-22 15:46 . 2012-02-27 15:45 333872 c:\windows\system32\FNTCACHE.DAT

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OfficeScanNT Monitor"="c:\program files\Trend Micro\OfficeScan Client\pccntmon.exe" [2007-09-07 710000]

"DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 69632]

"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-19 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-19 126976]

"Persistence"="c:\windows\system32\igfxpers.exe" [2006-08-14 94208]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

"StatusClient"="c:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGAPIMon.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGBUSMon.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DgDmk.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGDT.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGFS.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGFSMon.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGKPMail.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGLFS.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGRule.sys]

@="Driver"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGService]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProtectedStorage]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]

path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

backup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnkStartup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-02 15:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2012-01-04 03:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]

2003-03-31 22:28 155648 -c--a-w- c:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=

"c:\\Documents and Settings\\Administrator\\My Documents\\tri\\firefox.exe"=

"c:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe"=

"c:\\Documents and Settings\\Administrator\\My Documents\\tri\\Malwarebytes' Anti-Malware\\mbam.exe"=

.

R0 dgbusmon;DGBusMon;c:\windows\system32\drivers\DGBUSMon.sys [9/23/2010 4:46 PM 73928]

R0 dgtdimon;DGTDIMon;c:\windows\system32\drivers\DGTDIMon.sys [9/23/2010 4:46 PM 57672]

R2 DGService;Usage History Monitor;c:\program files\DGAgent\DgService.exe [9/23/2010 4:46 PM 412232]

R2 TmFilter;Trend Micro Filter;c:\program files\Trend Micro\OfficeScan Client\tmxpflt.sys [9/6/2006 8:27 PM 262416]

R2 TmPreFilter;Trend Micro PreFilter;c:\program files\Trend Micro\OfficeScan Client\tmpreflt.sys [9/6/2006 8:27 PM 36624]

R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [11/5/2004 4:05 PM 307984]

R3 TmPfw;OfficeScan NT Firewall;c:\program files\Trend Micro\OfficeScan Client\TmPfw.exe [5/18/2009 2:42 PM 943696]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]

S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe --> c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [?]

S3 DCamUSBVeo532;Veo Stingray/Connect Web Camera;c:\windows\system32\drivers\ubVeo532.sys [7/1/2002 5:30 PM 95232]

S3 dgapimon;DGAPIMon;c:\windows\system32\drivers\DGAPIMon.sys [9/23/2010 4:46 PM 160456]

S3 DGDmk;DGDmk;c:\windows\system32\drivers\dgdmk.sys [9/23/2010 4:44 PM 381768]

S3 DgDmkDisk;DgDmkDisk;c:\windows\system32\drivers\DgDmkDisk.sys [9/23/2010 4:45 PM 13640]

S3 DGDT;DGDT;c:\windows\system32\drivers\dgdt.sys [9/23/2010 4:45 PM 175560]

S3 DGFILTR;DGFILTR;c:\windows\system32\Drivers\DgFiltr.sys --> c:\windows\system32\Drivers\DgFiltr.sys [?]

S3 DGFS;DGFS;c:\windows\system32\drivers\dgfs.sys [9/23/2010 4:44 PM 128200]

S3 dgfsmon;DGFSMon;c:\windows\system32\drivers\dgfsmon.sys [9/23/2010 4:46 PM 124744]

S3 dgkpmail;DGKPMail;c:\windows\system32\drivers\DGKPMail.sys [9/23/2010 4:45 PM 50888]

S3 DGLFS;DGLFS;c:\windows\system32\drivers\dglfs.sys [9/23/2010 4:44 PM 191176]

S3 DGREC;DGREC;c:\windows\system32\Drivers\DgRec.sys --> c:\windows\system32\Drivers\DgRec.sys [?]

S3 dgrule;DGRule;c:\windows\system32\drivers\DGRule.sys [9/23/2010 4:44 PM 129480]

S3 DGScan;Usage History Scanning Service;c:\program files\DGAgent\DgScan.exe [9/23/2010 4:46 PM 567880]

S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys --> c:\windows\system32\DRIVERS\easytthr.sys [?]

S3 FTRUSB;Futronic USB Fingerprint Scanner Device;c:\windows\system32\drivers\FTRUSB.sys [12/7/2005 7:05 AM 16256]

S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [12/12/2011 3:03 PM 24576]

S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [6/22/2010 6:01 PM 21248]

S3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [1/28/2008 3:15 PM 36608]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 10:15 AM 31125880]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]

S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2/28/2006 7:00 AM 14336]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]

S4 dgcotman;dgcotman;c:\windows\system32\drivers\DGCotMan.sys [9/23/2010 4:45 PM 136008]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

WINRM REG_MULTI_SZ WINRM

.

NETSVCS REQUIRES REPAIRS - current entries shown

6to4

AppMgmt

AudioSrv

Browser

CryptSvc

DMServer

DHCP

ERSvc

EventSystem

FastUserSwitchingCompatibility

HidServ

Ias

Iprip

Irmon

LanmanServer

LanmanWorkstation

Messenger

Netman

Nla

Ntmssvc

NWCWorkstation

Nwsapagent

Rasauto

thpsrv

aksusb

dbustrcm

vaiomediaplatform-mobile-gateway

mmc_2K

wampmysqld

winmtsrv

zdeviceservice

WmXlCore

cercsr6

ssdiagn

wandrv

NVXBAR

athr

sbiesvc

cpucoolserver

maxbackserviceint

aswupdsv

xusb21

s125mdfl

qcdonner

sp_clamsrv

stylexphelper

oracle_load_balancer_60_server-forms6ip14

irmon

cpqvcagent

protexislicensing

LVPrcMon

pdlncbas

spcstb

CdaC15BA

SQLAgent$MICROSOFTBCM

ageresoftmodem

hpzid412

pavfnsvr

TuneUp.Defrag

USBModem

netsvc

ec2007service

Jukebox

snpstd2

RadProbe

ptbsync

FETNDIS

svcwmu

SE2Ebus

logmein

pae_1394

igfx

abnetmon

ithsgt

ibmcicstransactiongateway

IJPLMSVC

mstdc

eSettingsService

vmount2

oracleorahometnslistener

mstdfrgs

ibmasrex

swupdtmr

tifm

centennialiptransferagent

ahcix86s

rfcomm

wintab32

atkdisplf

GcKernel

DLH5X

lvpr2mon

s217obex

procdd

VHidMinidrv

pcx1nd5

LPCFilter

admservice

qbfcservice

ctxhttp

nvsmu

usbvideo

wanusb

vga

egathdrv

nvmd

MaxtorFrontPanel1

lvhidsvc

ccpwdsvc

aexnsclient

pmj151la

livesrv

NetwareWorkstation

actser

PXRDDriver

CTMFLT

npkcmsvc

ZSMC303

TPPWRIF

scanexplicit

lanusb

backupexecjobengine

DM9102

USB_NDIS_51

sgectl

pxhelp20

MA8032U

proxyhostdriver

avipbb

LPDSVC

DKbFltr

clr_optimization_v2.0.50215_32

w300mdm

smbios

MREMP50a64

blueletscoaudio

driverhardwarev2

mcdbus

thkeys

bgs_sdservice

plsremotesvc

snare

OEM02Vfx

SNTIE

issm

ps2

bcm43xx

NWSNS

oracleformsserver-forms60server-oraform

sfrem01

cdudf_xp

co_mon

wap3gx

websenseclientdeployservice

euq_monitor

CTEDSPSY.DLL

CTAUDFX.DLL

V0070VID

se58nd5

smrt

caili

cmpci

{95808DC4-FA4A-4c74-92FE-5B863F82066B}

RalinkRegistryWriter

sleepy

patrol_scheduler

HSX_DP

cmuda3

SPLITCAM

dsunidrv

usb20l

s217mgmt

slave

PhilCam8116

BootScreen

diskperf

JGOGO

RR2Ctrl

PQNTDrv

s616obex

w810obex

servidor

WISTechVIDCAP

AEADIFilters

mediamaxxlservice

rimmptsk

AVerBDA

sqlagent$soshome22

cxlpt

p17

iaimtv2

PhilCam8116_XP

PD0620VID

epsonstatusagent2

AMDPCI

evteng

commserver

pfmodnt

pivotmou

rupsd

NMSCFG

prfldsvc

dlcg_device

oracleorahomeclientcache

cdr4_xp

s3ssavage

LXARScan

mcstrm

winvnc

btwaudio

n558

ma_cmidi_installerservice

HWIONT

ovmsmaccessmanager

oracleorahomehttpserver

rp_fws

PAC7302

bthserv

svcwrsssdk

vaiomediaplatform-integratedserver-appserver

AIRPLUS

SiSGbeXP

tfsnopio

U81xmdm

APLMp50

getPlusHelper

wlancfg

nsm1bus

slimsvc

exfat

s125mdm

acsvc

pdlnecfg

nimcdfxk

se2Cnd5

ALYac_PZSrv

NWFILTER

OsaFsLoc

mvwebserver

StarOpen

s616nd5

amdk8

netcfgsvr

CdaD10BA

uscbs108

sifilter

vrmonsvc

cics.region1

qbreminderflash

softfax

captureservice

AFGMp50

symmpi

vusbbus

KS0108

ac97intc

UWProSys

vmauthdservice

SunkFilt

flashcomadmin

hsf_msft

websenserealtimeanalyzer

WUSB54Gv4SVC

NWDNS

spsslm

AffinegyService

deltafw

veteboot

Xyz777b

mgabgexe

slabser

emclisrv

iaimfp0

minilog

bthidmgr

TryAndDecideService

eabfiltr

3combootp

CTDevice_Srv

ilicensesvc

SGIR

servicemgr

cm102u32

fcprintservice

cusrvc

zumbus

elservice

tfsnifs

MpFilter

btdriver

ccevtmgr

ErrDev

PGPwded

pdlnctdl

incdfs

nim32

SE2Dbus

se2Eunic

ireike

pcx1unic

USB11LDR

USBMN1X1

alertservice

msfwsvc

vet-rec

ami0nt

rppkt

gagp30kx

tiumfwl

winpppoverethernet

dlbx_device

WSIMD

pnkbstrk

mwlsvc

{a7447300-8075-4b0d-83f1-3d75c8ebc623}

GMSIPCI

anbmservice

logonsvcid

hdaudaddservice

mbr

n3900

smservauth

SMCB000

CamAv

mcproxy

CX23880

NICM

hf30service

slpmonx

pilogsrv

rtl8139

PBADRV

ctprxy2k

raidmagt

VRcore

db2remotecmd

SE2Cmdfl

aswtdi

quickbooksdb

ndiscm

cebdaldr

pelmouse

qbposdbservices

grmnusb

ctusfsyn

WinHttpAutoProxySvc

prodrv06

SE2Cobex

iAimFP6

FirePM

ntcharge

outpostfirewall

ELacpi

hpqwmiex

aniwzcsdservice

tmxpflt

winproxy

screadspool

z525mdfl

sffdisk

zpcollector

nod32krn

oraclewebassistant

sysplant

anydvd

SMTPSVC

Invoker

msmpsvc

avcgbfl

PTDCMdm

rvsinst

pav_security

mpfp

vclone

NETGEAR_MA111

wpsdrvnt

spmgr

wlankeeper

ha20x2k

sbcssvc

p2k

soma

shuttleengine

smservaz

bt3cser

nm

cmuda

hprfdev

vpn5000service

dm1service

MagicTune

tpkmpsvc

WmVirHid

ET5Drv

acs

hsvcmod

bdselfpr

SE26mdm

richvideo

lxcf_device

pdlndldl

cpuidlep

UDFReadr

SWNC8U51

lvpopflt

emu10k1

dlaudfam

DcLps

pinnacleupdatesvc

iPassP

ziptoa

websensecamserver

SrvcSSIOMngr

TuneUp.ProgramStatisticsSvc

penclass

issuser

SGHIDI

cwafnotesservice

btwmodem

zpsc

btwrchid

nidomainservice

zunenetworksvc

lckfldservice

BrScnUsb

NxNetMon

SbieDrv

USBCamera

dcstor32

dnsexit

rca

umwdf

Evian

GV600_4

w550mdm

GBFSHook

srvdpi

ati2mtag

sffp_sd

CVirtA

MxlW2k

w200mdm

NWSIPX32

adsexpb

mssql$sqlexpress

websensewfreportserver

CnxtHdAudService

rimvserport

pdlnacom

MREMP50

USB28xxBGA

wg5n

SE26bus

SaiU040B

sp_rssrv

djsnetcn

pdlncfwk

btcsrusb

obvious

tmesrv3

ss_mdm

snmptrapdservice

C-Dilla

vulfntrs

vhidmini

spbbcsvc

Freedom

atalk

bthusb

se44mdfl

statusagent4

mod7700

pavsrv

prohlp02

purendis

palmusbd

mfeavfk

alcxsens

s125mgmt

LCcfltr

RR2Mjpeg

stllssvr

SiS300i

aliadwdm

gdrv

ageremodemaudio

sskbfd

relational

Alpham2

OneCareMP

MA-620

pavagente

avgclean

sonicatheaterinstallerservice

iAimTV5

win32sl

se44nd5

ASMMAP

s7oppitx

backupexecnamingservice

s716bus

toshidpt

lyncusbserv

MegaSR

W2acehid

ARCSOFTVIRTUALCAPTURE

DniVad

puscsrvc

ZSMC301b

adaptecstoragemanageragent

BlueSoleilCS

lxce_device

ATKGFNEXSrv

yukonwlh

F700isw

lgsnd_filter

se59mgmt

cq_mem

NEOFLTR_600_13319

w800mgmt

zebrsce

advservice

aeclienthostservice

snareiis

bgsvcgen

avinitnt

sisagp

cimnotify

hpci

admjoy

Cam5603C

cics.region2

w810mdm

clisvc

s117obex

MaVctrl

inotask

SWNC8U20

p2pgasvc

se59obex

steamdvr

WLAN_USB

nHancer

UlSata

keymaestro

patrolagent

atfsd

CYGF32X

MA_CMIDI

vncmirror

sfhlp01

atmeltpm

eelsservice

ICAM5USB

iaimtv3

elbycdio

vzfw

PTproct

ASNDIS5

rkhdrv31

p1110vid

alim1541

SDdriver

ibmsmbus

db2das00

array_utility_service4,0,1,3

lxct_device

rtm

YahooAUService

mclogmanagerservice

SecureStorageService

STV680

qkbfiltr

avp

w550mgmt

s716unic

vmx86

mfesmfk

IPSECSHM

aswlsvc

CSRBC

ntsecure

Rawwan

smstsmgr

L6POD

EMSCR

gmer

nmservice

Wbutton

s117unic

aclient

antivirservice

roxwatch

incdrec

LVCap138

SABProcEnum

houdinilicenseserver

TUWinStylerThemeSvc

spupdsvc

ipassconnectengine

v2imount

ovsecurityserver

FTSER2K

MQAC

P17xfi

symfw

vmodem

snoopfree

zebrceb

monfilt

CTAudSvcService

umxfwhlp

adminserver

axsnmsvc

pcctlcom

ltxred

roxwatch9

speedfan

atinrvxx

mctskshd.exe

ipsecmon

AeLookupSvc

pwd_2K

sfng32

kbfiltr

mcmscsvc

RR2IOMod

ntpr_nic_service2

s125bus

dot4ufd

CAMCHALA

addfiltr

nvenetfd

oracle%oracle_home_service%clientcache80

SMNDIS5

roxupnpserver

tvtpktfilter

SQLAgent$LG_LP2

de_serv

pmshellsrv

vtserver

ctsfm2k

nvedavt

uagp35

vcomm

mssqlserver

acrsch2svc

inorpc

firelm01

tphkdrv

slee_81_service

df5serv

entech

rassstp

Pctspk

w810mgmt

CXTUNE

MR97310_USB_DUAL_CAMERA

DMICall

pinetmgr

utilman

SE27mdm

npapimon

dvd43llh

defragfs

ivscheduler

ss_bus

ghoststartservice

osaio

cacheserver

rvscc

webrootenterpriseclientservice

elbycdfl

cvslock

vproeventmonitor

se59unic

suservice

E1000

eloggersvc6

pavprsrv

oracleorahome90agent

gv3

autostore

winachsx

marvinbus

PAR1284

XAudio

googledesktopmanager

eelogsvc

PSSdk21

fsbwsys

UBHelper

swmsflt

OracleOraHome92ClientCache

sit_mdm

s616bus

USBDeviceService

UPATC

nimxdfk

crystaloutputfileserver

ALABULK

sis315

ntuneservice

se59bus

tng-dtmg

tsmservice

epstnt01

awhost32

se58mdm

Epfwndis

surveyor

wg6n

bobo

oraclesnmppeermasteragent

LHidFilt

sfusvc

savrt

HWSCtrl

ISAMSvc

ESMCR

vet-filt

mhn

AN983

jukebox3

HidBth

ni_nic

db2governor

hpqcxs08

slabbus

mfeapfk

aolservice

WaveFDE

StkAMini

incdsrv

cdvp

QWAVE

tfsncofs

tcpip6

stacsv

szserver

msi_wlan_service

nsm1serd

Dell1100_FUService

ROOTUSB

iksyssec

taphss

dlbt_device

ATMsg

wmp54gssvc

Dfs

USBCCID

sr_watchdog

Defrag32

ssfs0509

ROB_A

z525obex

btwusb

bc_ngn

sonypvs1

se44obex

SfCtlCom

isamsmt

EU3_USB

stac97

InterBaseServer

Ktp

windrvNT

fingrd32

NWUSBPort

catchme

g400

macformatservice

PSDFilter

SE2Dmdm

tpkd

rnadiagnosticsservice

mxserver

avg7rsw

U2SP

dsncservice

noipducservice

timounter

roxmediadb9

icam4usb

trioservice

neokdss

ABVPN2K

vpnva

CcmExec

LMS

XUIF

lxbt_device

usbsermpt

parallel

psdistributionagent

tfsnpool

nwrdr

crcdisk

3dkeybd

odysseyIM4

atchksrv

amfilter

lxrjd31s

fgdxbus

elaunidr

PDExchange

point32

cltnetcnservice

w200mdfl

bltrust

MRENDIS5

DCamUSBSQTECH

mssql$microsoftbcm

s616mdfl

W700mdm

drvnddm

SiS7018

rspndr

odysseyIM3

S3GIGP

MSICPL

aaksrv

aegisp

mhndrv

enodpl

GameConsoleService

bc_ip_f

HPFECP20

sonicstagemonitoring

lmab_device

SISNICXP

MXOFX

CoachAud

sony_ssm.sys

mgabg

U81xmgmt

ma763004

SECYPUSB

appnnode

cpqdfw

icepack

backupexecrpcservice

GoProto

DynDNS_Updater_Service

ibmfilter

ispwdsvc

USBVCD

nicconfigsvc

belgium_id_card_service

SaiClass

winpowermanager

uploadmgr

openldap-slapd

avfilter

s3twistr

nmwcdc

nmindexingservice

Tablet2k

sfcure01

niorbk

nv4

wfxsvc

s117bus

CTSYN

lvupdtio

spcsutilityservice

ovepstatusengine

omniusb

ctxcpubal

kservice

amon

ccispwdsvc

MRV6X32P

rpcnet

lockmgr

bthport

mozybackup

SymIM

mwsejcap

netrcacm

ihcservice

SE2Emdfl

aswmon2

k750obex

CVPND

ati2mtaa

WINUSB

zpjobq

mpfservice

adobeactivefilemonitor5.0

ngserver

motmodem

oracle_load_balancer_60_server-forms6i

ICAM3NT5

fireport

bcftdi

bc_filter

ZuneWlanCfgSvc

Uim_IM

fax

idrivert

MRESP50

arp1394

generichidservice

vpcvmm

asctrm

SQLBrowser

tmesbs32

diskeeper

bvrp_pci

ezplay

lusbaudio

tosrfnds

IFP700

wwsecsvc

MobilityService

knobserv

wmccdsls

omnidrv

navapsvc

FlexBios

imountsrv

sysmgmthp

agrsrvce

si3114r

s3savagenb

se44mdm

avsinc

ichaud

iolo_srv

tvichw32

TMKEmu

IntelC53

smartlinkservice

portmapper

govsrv

deventagent

cs429x

pktfilter

WmaCDriverV32

smartwiservice

PCDCODEC

adiloader

sisnic

aksfridge

oraclesnmppeerencapsulator

iAimFP5

ngdbserv

pdlnebas

infrastructure

TdmService

stylexpservice

TestHandler

merakcontrol

aolavupd

stcagent

avgtdi

LVBulk

Pcatip

db2licd

ADIDTSFiltService

SNC

ftsata2

atkkeyboardservice

wwnetdde

acprfmgrsvc

license

mirrorv3

dsNcAdpt

se44bus

freepops

rt2870

arcltsrv

SenFiltService

pdfcreatormessages

EMCFILT

dnetc

mrvw245

s716mdfl

datunidr

wpshelper

mvdcodec

alertmanager

mbackmonitor

StreamDispatcher

vstor2

aic116x

pinnaclemarvinusb

bdpredir

k750mdm

AmeLanPc

bc_pat_f

McciCMService

rtl8023

hmonitor

AKSIFDH

personalsecuredriveservice

filterservice

SE2Bbus

viagfx

nmwcd

O2SCBUS

tosporte

se45unic

UimBus

se59nd5

avcgbdr

TSHWMDTCP

mysqlinventime

mozyFilter

raysatxsi5_0server

{85ccb53b-23d8-4e73-b1b7-9ddb71827d9b}

netw4x32

DCamUSBDXGTech

emAudio

pinnaclesys.mediaserver

tosrfec

imagedrv

npkcsvc

FET5X86V

NPDriver

syslogd

AtlsAud

RR2Vbi

mqdmmdm

iaimtv4

TMHIDSRV

jconfigd

w800bus

vaiomediaplatform-musicserver-appserver

HssTrayService

flashpnt

USB28xxOEM

SQLAgent$MICROSOFTSMLBIZ

HpqRemHid

dvd-ram_service

W55U01

smartscaps

beatjammusicstreamingserver

webdriveservice

kbdhid

fsRamDsk

ssrvc

USB_RNDIS

eventclientmultiplexer

retrolauncher

AVRec

clnt_clientman

iaimtv1

psadd

CDRPDACC

StkASSrv

nvata

ufad-ws60

tgsrvc_smartagent

oracleorahomepagingserver

PNRPSvc

tphdexlgsvc

tdsmapi

epson_pm_rpcv2_02

CoachUsb

lsdiorw

BrUsbSer

konfig

ss_mdfl

ASLDRService

MSMQTriggers

A88xEnc

ifp800

centennialclientagent

vwkernel

e1000

jobserver_report

transarcafsdaemon

bt

arc

mi-raysat_3dsMax2008_32

wuolservice

dlaboiom

UVCFTR

https-admserv61

MailService

EntDrv51

se2Bunic

HabuFltr

ms_mpu401

iaimfp2

curtainssyssvc

genmcmn

hcf_msft

ntsyslog

wencrservice

EPSON_EB_RPCV4_01

npkcusb

thinkpadmodemservice

USR1806V

mldserv

avgems

fix

w810bus

x10nets

s116unic

st330service

pwkntmon

ScanUSBEMPIA

SNDO763

WGX

RMSvc

yats32

nmwcdcj

SRS_SSCFilter

NWDHCP

sdcplh

ofcpfwsvc

tifm21

midisyn

ser2plms

Sntnlusb

pca

NCPro

npkcrypt

wg4n

SE2Dmdfl

liveupdate

qbposdbextservices

SQTECH905C

iolodmv

ATKFUSService

QPCapSvc

Machnm32

Udfreadr_xp

digictrl

btkrnl

SE2Bmgmt

ELmon

olregcap

nuvvid2

MTsensor

d-link_st3402

usnsvc

nv

upsmonservice

dmprimer

iclarityqosservice

AsDsm

edspport

nsvcip

cmdmon

VAIOMediaPlatform-MusicServer-HTTP

ctdvda2k

irbus

venturi2

asusgsb

axsaki

WscNetDr

lvtuner

AsuhfivrO

omsad

NOWMEMDF

filemon701

nmwcdcm

SaiNtBus

GTWModem

AVWLP_USB

mks_scan

tng-doba

FTDIBUS

SeaPort

nvrd32

s217nd5

DSDrv4

EACSys

ftpds

zpjava

twdns

tiwlnsvc

megamonitorsrv

sagefserver

bhmonitorservice

msgsrvservice

lktimesync

U81xmdfl

sprtsvc_smartagent

zmxpzip

entertainment

roxliveshare9

oracledbconsoleorcl

cachemgr

inort

pnkbstra

hibernation

z525mgmt

RIOUNIV

winpowermonitor

kerbkey

ntiopnp

NxSysMon

FsVga

elosystemservice

vsmon

UpdateCenterService

WmFilter

cavasm

symredrv

MS1000

TIEHDUSB

WUSB54GCSVC

regmanserv

tones

hpqddsvc

crystalinputfileserver

symantecantibotwatcher

VMAUDIO

com4qlb

rt73

Airgo

BRCMDECO

dlabmfsm

tvtnetwk

websenseuserservice

GoogleDesktopManager-010708-104812

se59mdm

cidaemon

UsbDiag

NeroMediaHomeService.4

dsproct

deckzpsx

vrfwsvc

dlaudf_m

csctl50

mgactrl

F700iob

rpaservice

razerusb

bantext

ds1

mscsptisrv

pxfhserd

iaimfp1

tbhsd

rootmodem

mssqlserverolapservice

pinger

whoisd32

BCM42RLY

issvc

RIOXDRV

rbfilter

aslm75

pav_service

clcapsvc

NWUSBModem

s217unic

CnxTrLan

pdscheduler

pccsmcfd

DcFpoint

tmactmon

hidusb

DFUBTUSB

websenseusagemonitor

{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}

was

tfsndrct

X10UIF

regmon701

CTHWIUT.DLL

Appn

bdss

nv_agp

sdbus

tosrfbnp

ppmoucls

ELhid

winpowerrmi

webfilter

acedrv07

cmdagent

buslogic

SE2Emdm

remotelyanywhere

dwusbdnt

nvnforce

symidsco

automate5

aswrdr

toddsrv

SE2Dobex

tapvpn

issimon

phnxvcdservice

WmHidLo

RESMGR

XilinxPC4Driver

awlegacy

netdevio

tosrfbd

InterBaseGuardian

DN2AKNET

tdcmdpst

z800mdfl

genregistrar

lxdm_device

SlNtHal

Si3132

nmsaccess

pmem

fetnd5bv

winss

SE27mdfl

M3AD

DMUSBUSBDCam

dcfssvc

tavsvc

ZY202_XP

xaudioservice

LwUsbHid

cxusb

Packet

oracleorahomemanagementserver

StkScan

KMW_KBD

sit_flt

fuj02b1

fallback

atimpab

cachemanxp

Sus2pl

hotspotshieldservice

vnxservice

epsonbidirectionalservice

usbscan

citrixwmiservice

NETMDUSB

amdagp

mapserver6.3

adobeactivefilemonitor4.0

uhcd

mouhid

trufos

MSW_USB

sscdmdfl

cqmgserv

s116bus

SaiNtSub

eaps2kbd

SRTSP

viaagp

slee_503_service

dmisrv

prosync1

USBAAPL

ventrilo

SQTECH9080

tfsnudfa

se2Cunic

cwbrxd

s24trans

hdthermal

WavxDMgr

WNCPKT

mcontrol

vetfddnt

webupdate

eectrl

s716nd5

btwdndis

cpntsrv

licensemanagersocket

FireTDI

sshrmd

PTDCVsp

backuplauncher

ikfilesec

btfirst

BUFADPT

kraidsvc

prism_a02

nwdls

ati2mpaa

alcaudsl

pclepci

cwafeventrouter

USBDongle

bglivesvc

nvlddmkm

cfgwzsvc

vmnetdhcp

kpfwsvc

sdhelper

retrowdsvc

id2scaps

acdpowerservice

MSSQL$AUTODESKVAULT

symdns

ATMsrvc

vetefile

idisw2km

nicser_wmp11

srtspx

adpu320

pdlnepkt

autocomplete

agp440

IWCA

oracleorahome92pagingserver

thotkey

iksysflt

DCFS2K

HFACSVC

arrayssl_vpn_service3,0,1,9

MSIRCOMM

fasttx2k

BsHelpCS

DNE

axinstsv

hsf_dp

opcenum

ctxcpusched

mfcom

mssql$microsoftsmlbiz

mqdmbus

NTSIM

upnp

nvrd64

WUSB54GPV4SRV

MA8032M

cwafrmiregistry

Cardex

w200mgmt

bwcsrv

iomegaaccess

AVCSTRM

sscdbhk5

tosrfusb

se44mgmt

DeviceScanner

HssSrv

slssvc

Gernuwa

DevUpper

cccredmgr

a016bus

xfilt

inspect

s616mdm

btaudio

BLKWGU(Belkin)

odclientservice

se58bus

SetupNT

cqmghost

nmap

digitizer

msgame

USIUDF

W700obex

pxfhmdm

msk80service

RecAgent

shdserv

Shockprf

webrootcommagentservice

compbatt

SprintRcAppSvc

VAIOMediaPlatform-VideoServer-UPnP

ShockMgr

s24eventmonitor

ClntMgmt.sys

ipssvc

Intels51

GBDevice

pacsptisvr

artourservice

clmtomcatstartersvc

stunnel

dvpapi

LUsbKbd

Si3132r5

dcpflics

DCamUSBMke

SQLWriter

NITaggerService

RTLE8023xp

VrAcFil

ctljystk

cmbatt

gtndis5

xnacc

mcp

Rasman

Remoteaccess

Schedule

Seclogon

SENS

Sharedaccess

SRService

Tapisrv

Themes

TrkWks

W32Time

WZCSVC

Wmi

WmdmPmSp

winmgmt

wscsvc

xmlprov

BITS

wuauserv

ShellHWDetection

helpsvc

WmdmPmSN

napagent

hkmsvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

.

.

.

------- Supplementary Scan -------

.

uStart Page = https://www.prometric.com/Network/Login.asp

uInternet Settings,ProxyOverride = <local>

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105

Trusted Zone: 2test.com

Trusted Zone: 2test.com\www

Trusted Zone: prometric.com\ehelp

Trusted Zone: prometric.com\polaris

Trusted Zone: prometric.com\pulse

Trusted Zone: prometric.com\www

Trusted Zone: prometric.com\www.polaris

Trusted Zone: yahoo.com

Trusted Zone: microsoft.com

Trusted Zone: prometric.com

Trusted Zone: webex.com

TCP: DhcpNameServer = 74.238.59.137

TCP: Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6}: NameServer = 172.16.9.5

TCP: Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC}: NameServer = 172.16.9.5

TCP: Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35}: NameServer = 172.16.9.5

TCP: Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772}: NameServer = 172.16.9.5

TCP: Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C}: NameServer = 172.16.9.5

TCP: Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358}: NameServer = 172.16.9.5

Handler: RS - {DE475C95-5280-11D4-A475-0090278A19C8} - c:\utdsys\POLESS.dll

FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zg9mnrzg.default\

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-02-29 11:57

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\fasttx2k]

"ServiceDll"=""

.

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ONSIO]

"ServiceDll"=""

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(484)

c:\windows\system32\WININET.dll

c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf

c:\progra~1\MICROS~3\Office14\1033\GrooveIntlResource.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\WPDShServiceObj.dll

c:\documents and settings\Administrator\My Documents\tri\WinSCP\DragExt.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Trend Micro\OfficeScan Client\ntrtscan.exe

c:\program files\Analog Devices\SoundMAX\SMAgent.exe

c:\program files\Trend Micro\OfficeScan Client\tmlisten.exe

c:\windows\system32\SearchIndexer.exe

c:\windows\TEMP\SF6A6A.EXE

c:\program files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe

c:\program files\DGAgent\dgprompt.exe

c:\program files\Trend Micro\OfficeScan Client\Misc\xpupg.exe

c:\program files\Trend Micro\OfficeScan Client\pccntupd.exe

.

**************************************************************************

.

Completion time: 2012-02-29 12:03:39 - machine was rebooted

ComboFix-quarantined-files.txt 2012-02-29 17:03

ComboFix2.txt 2012-02-25 19:58

.

Pre-Run: 26,118,524,928 bytes free

Post-Run: 26,058,444,800 bytes free

.

- - End Of File - - FFDF2295063A0825F65430AC95308A2D

Link to post
Share on other sites

Looks like its gone to me..

Here is my log:

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.23.03

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 7.0.5730.11

Administrator :: ADMIN1 [administrator]

2/29/2012 1:05:10 PM

mbam-log-2012-02-29 (13-05-10).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 223737

Time elapsed: 10 minute(s), 14 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Good thumbsup.gif

A little clean-up to do.

Please Uninstall ComboFix:

Go to start > run and copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

cf2.jpg

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

------------------------------

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

--------------------------------

Your Java is out of date, older versions are vulnerable to malware.

Go to your control panels add/remove programs and uninstall Java™ 6 Update 18

Then download and install the latest version Java™ 6 Update 31

http://www.java.com/...load/manual.jsp <---latest version

http://www.java.com/...d/installed.jsp <---verify your Java

-----------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.