sol7789 Posted February 25, 2012 ID:530395 Share Posted February 25, 2012 Hi,My system has been infected , I have attached the logs as per instructions.Thanks in advance for any help!.DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 7.0.5730.11Run by Administrator at 8:52:51 on 2012-02-25Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.123 [GMT -5:00].AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {D5676B8F-DAF6-4ECC-9766-1F2FAF02629C}FW: Trend Micro Personal Firewall *Enabled*.============== Running Processes ===============.C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\Program Files\DGAgent\DgService.exesvchost.exesvchost.exeC:\Program Files\DGAgent\dgagent.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\system32\WgaTray.exeC:\Program Files\DGAgent\dgprompt.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exeC:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exeC:\WINDOWS\system32\hkcmd.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exeC:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exeC:\Program Files\Windows Desktop Search\WindowsSearch.exesvchost.exeC:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exeC:\Program Files\Trend Micro\OfficeScan Client\Misc\xpupg.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\NOTEPAD.EXEC:\WINDOWS\System32\svchost.exe -k HPZ12C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exeC:\WINDOWS\System32\svchost.exe -k HPZ12C:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exeC:\WINDOWS\system32\SearchIndexer.exe\\.\globalroot\SystemRoot\system32\svchost.exe -k netsvcsC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\TEMP\QK464E.EXEC:\WINDOWS\system32\SearchProtocolHost.exeC:\Program Files\Trend Micro\OfficeScan Client\TSC.EXE.============== Pseudo HJT Report ===============.uStart Page = https://www.prometric.com/Network/Login.aspuInternet Settings,ProxyOverride = <local>BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLLBHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLLBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No FileuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exemRun: [OfficeScanNT Monitor] "c:\program files\trend micro\officescan client\pccntmon.exe" -HideWindowmRun: [DrvLsnr] c:\program files\analog devices\soundmax\DrvLsnr.exemRun: [RTHDCPL] RTHDCPL.EXEmRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServicesmRun: [<NO NAME>]mRun: [statusClient] c:\program files\hewlett-packard\toolbox2.0\apache tomcat 4.0\webapps\toolbox\statusclient\StatusClient.exe /automRun: [HPLJ Config] c:\program files\hewlett-packard\hp laserjet 1150_1300\SetConfig.exe -c Direct -p DOT4_001 -pn "hp LaserJet 1300 PCL 6" -n 0 -l 1033 -sl 120000mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exeIE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dllLSP: mswsock.dllTrusted Zone: 2test.comTrusted Zone: 2test.com\wwwTrusted Zone: prometric.com\ehelpTrusted Zone: prometric.com\polarisTrusted Zone: prometric.com\pulseTrusted Zone: prometric.com\wwwTrusted Zone: prometric.com\www.polarisTrusted Zone: yahoo.comTrusted Zone: microsoft.comTrusted Zone: prometric.comTrusted Zone: webex.comDPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1242673537187DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cabDPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabTCP: Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6} : NameServer = 172.16.9.5TCP: Interfaces\{0B48F0F0-317A-4396-B50F-52C45E126EDA} : DhcpNameServer = 198.6.1.142 198.6.1.146 10.10.1.184 10.173.15.176TCP: Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC} : NameServer = 172.16.9.5TCP: Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35} : NameServer = 172.16.9.5TCP: Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35} : DhcpNameServer = 198.6.1.142 198.6.1.146TCP: Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772} : NameServer = 172.16.9.5TCP: Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772} : DhcpNameServer = 198.6.1.142 198.6.1.146TCP: Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C} : NameServer = 172.16.9.5TCP: Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358} : NameServer = 172.16.9.5Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLLHandler: RS - {DE475C95-5280-11D4-A475-0090278A19C8} - c:\utdsys\POLESS.dllNotify: igfxcui - igfxsrvc.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLLSEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dllSecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, OfpivkEbwagv.dll.================= FIREFOX ===================.FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\zg9mnrzg.default\FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLLFF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLLFF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dllFF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll.============= SERVICES / DRIVERS ===============.R0 dgbusmon;DGBusMon;c:\windows\system32\drivers\dgbusmon.sys []R0 DGMASTER;DGMaster;c:\windows\system32\drivers\dgmaster.sys []R0 dgtdimon;DGTDIMon;c:\windows\system32\drivers\dgtdimon.sys []R2 DGService;Usage History Monitor;c:\program files\dgagent\DgService.exe []R2 TmFilter;Trend Micro Filter;c:\program files\trend micro\officescan client\tmxpflt.sys [2006-9-6 262416]R2 TmPreFilter;Trend Micro PreFilter;c:\program files\trend micro\officescan client\tmpreflt.sys [2006-9-6 36624]R3 dgapimon;DGAPIMon;c:\windows\system32\drivers\dgapimon.sys []R3 dgfsmon;DGFSMon;c:\windows\system32\drivers\dgfsmon.sys []R3 dgkpmail;DGKPMail;c:\windows\system32\drivers\dgkpmail.sys []R3 dgrule;DGRule;c:\windows\system32\drivers\dgrule.sys []R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2004-11-5 307984]R4 dgcotman;dgcotman;c:\windows\system32\drivers\dgcotman.sys []S?2 avfilter;Mwstick;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S?2 avg7rsw;Meraksmtp;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S?2 awlegacy;Unrealircd;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S?2 axinstsv;Cpqarry2;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S?2 ccpwdsvc;Ghostsec;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S?2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S?2 CTMFLT;Blfp;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S?2 DMUSBUSBDCam;CTHWIUT.DLL;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S?2 ikfilesec;DivisCTS;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S?2 iksysflt;Useraccess;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S?2 iksyssec;WLAN_USB;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S?2 pavfnsvr;Epfw;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S2 ca-messagequeuing;Wpshelper;c:\windows\system32\svchost.exe -k netsvcs [2006-2-28 14336]S2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\passthrusvr.exe --> c:\program files\htc\internet pass-through\PassThruSvr.exe [?]S3 DCamUSBVeo532;Veo Stingray/Connect Web Camera;c:\windows\system32\drivers\ubVeo532.sys [2002-7-1 95232]S3 DGDmk;DGDmk;c:\windows\system32\drivers\DgDmk.sys []S3 DgDmkDisk;DgDmkDisk;c:\windows\system32\drivers\DgDmkDisk.sys []S3 DGDT;DGDT;c:\windows\system32\drivers\DgDt.sys []S3 DGFILTR;DGFILTR;c:\windows\system32\drivers\dgfiltr.sys --> c:\windows\system32\drivers\DgFiltr.sys [?]S3 DGFS;DGFS;c:\windows\system32\drivers\DgFs.sys []S3 DGLFS;DGLFS;c:\windows\system32\drivers\DgLfs.sys []S3 DGREC;DGREC;c:\windows\system32\drivers\dgrec.sys --> c:\windows\system32\drivers\DgRec.sys [?]S3 DGScan;Usage History Scanning Service;c:\program files\dgagent\DgScan.exe []S3 easytether;easytether;c:\windows\system32\drivers\easytthr.sys --> c:\windows\system32\drivers\easytthr.sys [?]S3 FTRUSB;Futronic USB Fingerprint Scanner Device;c:\windows\system32\drivers\FTRUSB.sys [2005-12-7 16256]S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2011-12-12 24576]S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-22 21248]S3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [2008-1-28 36608]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000].=============== Created Last 30 ================.2012-02-23 19:52:09 102400 ----a-w- c:\windows\RegBootClean.exe2012-02-23 19:48:24 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes2012-02-23 19:48:07 20464 ----a-w- c:\windows\system32\drivers\mbam.sys2012-02-23 19:46:44 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes2012-02-23 18:35:37 -------- d-----w- c:\documents and settings\administrator\application data\Windows Search2012-02-23 18:33:46 -------- d-----w- c:\documents and settings\administrator\local settings\application data\ApplicationHistory2012-02-23 15:09:35 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Adobe2012-02-23 15:06:57 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Identities2012-02-22 18:57:47 11264 ----a-w- c:\windows\DCEBoot.exe2012-02-21 20:52:30 0 --sha-w- c:\windows\system32\dds_log_trash.cmd2012-02-21 20:48:39 -------- d-sh--w- c:\documents and settings\administrator\local settings\application data\1703546e2012-02-21 20:48:36 25600 ----a-w- c:\windows\system32\OfpivkEbwagv.dll2012-02-18 20:46:48 -------- d-----w- c:\program files\Acro Software2012-02-09 14:34:46 -------- d-----w- C:\Copy of HP_P2055_default_install_v6.1_ww.==================== Find3M ====================.2011-12-21 18:56:07 33638 ----a-w- c:\windows\system32\PDFCAWW6xxSM_Uninstall.exe2011-12-17 18:52:16 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl.============= FINISH: 8:57:07.48 =============== Link to post Share on other sites More sharing options...
sol7789 Posted February 25, 2012 Author ID:530397 Share Posted February 25, 2012 .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 1/22/2008 4:44:06 PMSystem Uptime: 2/25/2012 8:49:41 AM (0 hours ago).Motherboard: Hewlett-Packard | | 090ChProcessor: Intel® Pentium® 4 CPU 3.00GHz | XU1 PROCESSOR | 2992/800mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 38 GiB total, 24.748 GiB free.D: is CDROM ().==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP384: 1/20/2012 4:12:53 AM - System CheckpointRP385: 1/21/2012 4:22:42 AM - System CheckpointRP386: 1/22/2012 5:22:41 AM - System CheckpointRP387: 1/23/2012 6:22:40 AM - System CheckpointRP388: 1/24/2012 6:24:37 AM - System CheckpointRP389: 1/25/2012 6:29:22 AM - System CheckpointRP390: 1/26/2012 8:06:15 AM - System CheckpointRP391: 1/27/2012 10:12:00 AM - System CheckpointRP392: 1/28/2012 12:07:17 PM - System CheckpointRP393: 1/29/2012 12:55:04 PM - System CheckpointRP394: 1/30/2012 1:13:03 PM - System CheckpointRP395: 2/1/2012 9:46:10 AM - System CheckpointRP396: 2/2/2012 9:46:37 AM - System CheckpointRP397: 2/3/2012 9:58:59 AM - System CheckpointRP398: 2/4/2012 10:01:44 AM - System CheckpointRP399: 2/5/2012 10:59:06 AM - System CheckpointRP400: 2/6/2012 12:36:30 PM - System CheckpointRP401: 2/7/2012 12:53:54 PM - System CheckpointRP402: 2/8/2012 12:56:29 PM - System CheckpointRP403: 2/9/2012 1:16:00 PM - System CheckpointRP404: 2/10/2012 1:37:57 PM - System CheckpointRP405: 2/11/2012 2:54:38 PM - System CheckpointRP406: 2/12/2012 3:26:45 PM - System CheckpointRP407: 2/13/2012 4:35:07 PM - System CheckpointRP408: 2/14/2012 5:10:11 PM - System CheckpointRP409: 2/15/2012 5:58:32 PM - System CheckpointRP410: 2/16/2012 6:58:35 PM - System CheckpointRP411: 2/17/2012 7:50:32 PM - System CheckpointRP412: 2/18/2012 3:46:55 PM - Printer Driver CutePDF Writer InstalledRP413: 2/18/2012 5:30:15 PM - Removed Ask Toolbar.RP414: 2/19/2012 6:19:39 PM - System CheckpointRP415: 2/20/2012 7:19:39 PM - System CheckpointRP416: 2/21/2012 7:32:06 PM - System CheckpointRP417: 2/23/2012 11:09:33 AM - System Checkpoint.==== Installed Programs ======================..32 Bit HP CIO Components InstallerAcrobat.comAdobe AIRAdobe Digital EditionsAdobe Flash Player 10 ActiveXAdobe Flash Player 11 PluginAdobe Reader 9.5.0CCleaner (remove only)CLNTATA8Definition update for Microsoft Office 2010 (KB982726) 32-Bit EditionDTS2 Security UpdateHigh Definition Audio Driver Package - KB888111Hot Drops Workstation InstallHotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB915800-v4)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)hp LaserJet 1150 / 1300HP LaserJet P2050 Series 6.0hppFontshppQFolderP2050HTC BMP USB DriverHTC Driver InstallerHTC SyncIntel® Extreme Graphics 2 DriverIntel® Graphics Media Accelerator DriverIntel® PRO Network Connections 12.1.14.1Java Auto UpdaterJava 6 Update 18Malwarebytes Anti-Malware version 1.60.1.1000Microsoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2572067)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft .NET Framework 4 Client ProfileMicrosoft Base Smart Card Cryptographic Service Provider PackageMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft Kernel-Mode Driver Framework Feature Pack 1.7Microsoft National Language Support Downlevel APIsMicrosoft Office 2010 Service Pack 1 (SP1)Microsoft Office Access MUI (English) 2010Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft Primary Interoperability Assemblies 2005Microsoft SilverlightMicrosoft Software Update for Web Folders (English) 14Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 RedistributableMozilla Firefox 8.0.1 (x86 en-US)MSHowlerLatency_1,0,0,1MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)MSXML 4.0 SP2 Parser and SDKMSXML 4.0 SP3 ParserMSXML 6.0 ParserNotepad++NVIDIA DriversOSCE_MSI_NT_CLIENTPMMSTrueIDPrint Wait InstallProNotifierProUTDCalcRealtek High Definition Audio DriverSecurity Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft Excel 2010 (KB2553070)Security Update for Microsoft Office 2010 (KB2553091)Security Update for Microsoft Office 2010 (KB2553096)Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)Security Update for Microsoft Windows (KB2564958)Security Update for Windows Internet Explorer 7 (KB2482017)Security Update for Windows Internet Explorer 7 (KB2497640)Security Update for Windows Internet Explorer 7 (KB2530548)Security Update for Windows Internet Explorer 7 (KB2544521)Security Update for Windows Internet Explorer 7 (KB2559049)Security Update for Windows Internet Explorer 7 (KB2586448)Security Update for Windows Internet Explorer 7 (KB938127-v2)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB911564)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows Media Player 9 (KB936782)Security Update for Windows Search 4 - KB963093Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2503665)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2510581)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2536276)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2544893)Security Update for Windows XP (KB2555917)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923789)Security Update for Windows XP (KB938464-v2)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB971961)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981349)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)SoundMAXSpelling Dictionaries Support For Adobe Reader 9TCFlow Activity ManagertempTrend Micro OfficeScan ClientUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft Office 2010 (KB2553065)Update for Microsoft Office 2010 (KB2553092)Update for Microsoft Office 2010 (KB2553181) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553310) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2553455) 32-Bit EditionUpdate for Microsoft Office 2010 (KB2566458)Update for Microsoft OneNote 2010 (KB2553290) 32-Bit EditionUpdate for Microsoft Outlook 2010 (KB2553323) 32-Bit EditionUpdate for Microsoft Outlook Social Connector (KB2583935)Update for Microsoft Windows (KB971513)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2492386)Update for Windows XP (KB2541763)Update for Windows XP (KB2607712)Update for Windows XP (KB2616676)Update for Windows XP (KB2641690)Update for Windows XP (KB943729)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)UTD IBT PluginUTDCoreWebExWebEx Support Manager for Internet ExplorerWebFldrs XPWebRegWinDjView 1.0.3Windows Driver Package - Infineon Technologies AG (IFXTPM) System (11/29/2006 1.90.0000.00)Windows Genuine Advantage Notifications (KB905474)Windows Genuine Advantage Validation Tool (KB892130)Windows Internet Explorer 7Windows Management Framework CoreWindows Media Format 11 runtimeWindows Media Player 11Windows Search 4.0Windows XP Service Pack 3WinSCP 4.3.6ZeonUTDPDF_2,3,6,2 Link to post Share on other sites More sharing options...
sol7789 Posted February 25, 2012 Author ID:530398 Share Posted February 25, 2012 .==== Event Viewer Messages From Past Week ========.2/25/2012 8:52:58 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Nmwcdc service to connect.2/25/2012 8:35:41 AM, error: Service Control Manager [7023] - The Nmwcdc service terminated with the following error: The system cannot find the file specified.2/25/2012 8:32:05 AM, error: Service Control Manager [7023] - The Wpshelper service terminated with the following error: The specified module could not be found.2/25/2012 8:31:05 AM, error: Service Control Manager [7023] - The Nvmpu401 service terminated with the following error: The specified module could not be found.2/25/2012 8:30:05 AM, error: Service Control Manager [7023] - The NWDNS service terminated with the following error: The specified module could not be found.2/25/2012 8:29:05 AM, error: Service Control Manager [7023] - The MxlW2k service terminated with the following error: The specified module could not be found.2/25/2012 8:28:05 AM, error: Service Control Manager [7023] - The NsTrcNT service terminated with the following error: The specified module could not be found.2/25/2012 8:27:05 AM, error: Service Control Manager [7023] - The Apache2 service terminated with the following error: The specified module could not be found.2/25/2012 8:26:05 AM, error: Service Control Manager [7023] - The Pvservice service terminated with the following error: The specified module could not be found.2/25/2012 8:25:11 AM, error: Service Control Manager [7023] - The Mssqlserverolapservice service terminated with the following error: The specified module could not be found.2/25/2012 8:24:11 AM, error: Service Control Manager [7023] - The CTEDSPIO.DLL service terminated with the following error: The specified module could not be found.2/25/2012 8:23:11 AM, error: Service Control Manager [7023] - The Vmkbd service terminated with the following error: The specified module could not be found.2/25/2012 8:22:05 AM, error: Service Control Manager [7023] - The Vpcnets2 service terminated with the following error: The specified module could not be found.2/25/2012 8:21:11 AM, error: Service Control Manager [7023] - The Mail2ec service terminated with the following error: The specified module could not be found.2/25/2012 8:20:11 AM, error: Service Control Manager [7023] - The Cfosspeeds service terminated with the following error: The specified module could not be found.2/25/2012 8:19:11 AM, error: Service Control Manager [7023] - The Tifsfilter service terminated with the following error: The specified module could not be found.2/25/2012 8:18:11 AM, error: Service Control Manager [7023] - The F700iob service terminated with the following error: The specified module could not be found.2/25/2012 8:17:11 AM, error: Service Control Manager [7023] - The Smcservice service terminated with the following error: The specified module could not be found.2/25/2012 8:16:05 AM, error: Service Control Manager [7023] - The Iwebmsg service terminated with the following error: The specified module could not be found.2/25/2012 8:15:11 AM, error: Service Control Manager [7023] - The Backupexecnotificationserver service terminated with the following error: The specified module could not be found.2/25/2012 8:14:11 AM, error: Service Control Manager [7023] - The Nmwcdcj service terminated with the following error: The specified module could not be found.2/25/2012 8:13:11 AM, error: Service Control Manager [7023] - The SE2Cobex service terminated with the following error: The specified module could not be found.2/25/2012 8:12:11 AM, error: Service Control Manager [7023] - The Avgtdi service terminated with the following error: The specified module could not be found.2/25/2012 8:11:11 AM, error: Service Control Manager [7023] - The Service service terminated with the following error: The specified module could not be found.2/25/2012 8:10:11 AM, error: Service Control Manager [7023] - The Streamloadservice service terminated with the following error: The specified module could not be found.2/25/2012 8:09:11 AM, error: Service Control Manager [7023] - The Racsvc service terminated with the following error: The specified module could not be found.2/25/2012 8:08:11 AM, error: Service Control Manager [7023] - The Tvtpktfilter service terminated with the following error: The specified module could not be found.2/25/2012 8:07:11 AM, error: Service Control Manager [7023] - The Winpowerrmi service terminated with the following error: The specified module could not be found.2/25/2012 8:06:11 AM, error: Service Control Manager [7023] - The S125mgmt service terminated with the following error: The specified module could not be found.2/25/2012 8:05:12 AM, error: Service Control Manager [7023] - The Uploadmgr service terminated with the following error: The specified module could not be found.2/25/2012 8:04:09 AM, error: Service Control Manager [7023] - The Pwd_2K service terminated with the following error: The specified module could not be found.2/25/2012 8:03:12 AM, error: Service Control Manager [7023] - The Websensepolicyserver service terminated with the following error: The specified module could not be found.2/25/2012 8:02:13 AM, error: Service Control Manager [7023] - The Crystaloutputfileserver service terminated with the following error: The specified module could not be found.2/25/2012 8:01:15 AM, error: Service Control Manager [7023] - The Rtl8029 service terminated with the following error: The specified module could not be found.2/25/2012 8:00:15 AM, error: Service Control Manager [7023] - The Lwwlicenseservice service terminated with the following error: The specified module could not be found.2/25/2012 7:59:16 AM, error: Service Control Manager [7023] - The Mwstick service terminated with the following error: The specified module could not be found.2/25/2012 7:58:12 AM, error: Service Control Manager [7023] - The V0080Dev service terminated with the following error: The specified module could not be found.2/25/2012 7:57:12 AM, error: Service Control Manager [7023] - The Cvintdrv service terminated with the following error: The specified module could not be found.2/25/2012 7:56:13 AM, error: Service Control Manager [7023] - The WLAN_USB service terminated with the following error: The specified module could not be found.2/25/2012 7:55:13 AM, error: Service Control Manager [7023] - The Pnkbstra service terminated with the following error: The specified module could not be found.2/25/2012 7:54:14 AM, error: Service Control Manager [7023] - The Deltafw service terminated with the following error: The specified module could not be found.2/25/2012 7:53:13 AM, error: Service Control Manager [7023] - The Avg7updsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:52:41 AM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.2/25/2012 7:52:23 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the KMW_USB service to connect.2/25/2012 7:51:16 AM, error: Service Control Manager [7023] - The L8042pr2 service terminated with the following error: The specified module could not be found.2/25/2012 7:50:15 AM, error: Service Control Manager [7023] - The MA_CMIDI service terminated with the following error: The specified module could not be found.2/25/2012 7:49:13 AM, error: Service Control Manager [7023] - The Parallel service terminated with the following error: The specified module could not be found.2/25/2012 7:48:04 AM, error: Service Control Manager [7023] - The ASLDRService service terminated with the following error: The specified module could not be found.2/25/2012 7:47:25 AM, error: Service Control Manager [7023] - The ZDPSp50 service terminated with the following error: The specified module could not be found.2/25/2012 7:46:09 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The WaveEnrollmentService service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The SRTSPL service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Sfhlp02 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Se2Dunic service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Se2Cnd5 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Psdvdisk service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Oraclesnmppeerencapsulator service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Ood2000 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Nwlnknb service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Moufiltr service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Isapisearch service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Fssfltr service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Fasttraksvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:24 AM, error: Service Control Manager [7023] - The Curtainssyssvc service terminated with the following error: The system cannot find the file specified.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Websensecamserver service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The W300mdfl service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Vwd service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The VC6SecS service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Transactional service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Symredrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The SQLAgent$ABBEYIIOFFLINE service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Smartwiservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Se58mdfl service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Rpcnet service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Psasrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Prismxl service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Pmounter service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Pdlnsx25 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Oracleoradb10g_home1isql*plus service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The NWUSBPort service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The NICM service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Ndassvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The MtxDma0 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Ltck000c service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Lckfldservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The K750mdm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The IviVD service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The InCDsrvR service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Imaservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Hap17v2k service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Ha20x2k service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The GoProto service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The FTDIBUS service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Fsbwsys service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The El90xbc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Dvd43llh service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Dtsagntsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Cwafreportscheduler service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Cvsnt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The CADlink service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The Belgium_id_card_service service terminated with the following error: The specified module could not be found.2/25/2012 7:45:23 AM, error: Service Control Manager [7023] - The APLMp50 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Zendcoreapache service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The WmaCVideo32 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Vci service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Vaiomediaplatform-photoserver-appserver service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The TSHWMDTCP service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Tfsnpool service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Servicelayer service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Scsiaccess service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Sandrathesrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The S117obex service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Rtm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Omnidrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Noipducservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Msftpsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Mi-raysat_3dsmax8 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The KR10N service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Issuser service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The IntelC51 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Int15.sys service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Iastor service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Hidusb service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The HIDSwvd service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Ehstart service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The DN2AKNET service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The CXTUNE service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Ctac32k service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Coste service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Cicssfs.scmmc223 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Ativraxx service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The AR5523 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The AFGSp50 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:22 AM, error: Service Control Manager [7023] - The Ac97intc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Z525mgmt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The X10nets service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The WISTechVIDCAP service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The W70n51 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The W550mdm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Vsserv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The TPECioCtl service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The STV672 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Ss_mdm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Sqlagent$sony_mediamgr service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The SQLAgent$LG_LP2 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Spmgr service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The SNP2STD service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The SlNtHal service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Sisagp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Si3114r5 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Se59unic service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The RR2Mjpeg service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The RR2Ctrl service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Rppkt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Rkhdrv31 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Prtg4service service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Ppa3 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Pdlnatdl service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Orbmediaservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Omniserv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Nicconfigsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The MSTAPE service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Msgsrvservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Lxda_device service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Lvprcsrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Lirsgt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The K750mgmt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Ipodsrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Icollectservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Iaimtv4 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Hpqddsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The GVCplDrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The GTSCSER service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The F700isw service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Epstnt01 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The EpmShd service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Epiusb service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The EhttpSrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Dnsexit service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Dlaboiom service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Delldmi service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Db2governor service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Cxpt_service service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Cicsclient service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Btwmodem service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Bthenum service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Bt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Avgascln service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Asctrm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Artdhcp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The ANC service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Advservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Addfiltr service terminated with the following error: The specified module could not be found.2/25/2012 7:45:21 AM, error: Service Control Manager [7023] - The Acrsch2svc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Zebrsce service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Wlancfg service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The WINIO service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Winachsf service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Wg3n service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Wacommousefilter service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The W800bus service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Vproeventmonitor service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The VirtualFD service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Usbaudio service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The U81xobex service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Traprcvr service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Tones service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The TICalc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Symsecureport service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The SymIM service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The StickyMesger service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Softfax service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Smrt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Slapd-config52 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Sit_prt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Sffp_sd service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The SE26mdfl service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Sbp2port service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The S116mdfl service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Rpsupdaterr service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Roxwatch service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The ROCKEYNT service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The PTDCMdm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The PQNTDrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Perfdisk service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Omci service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Ndiscm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Mstdc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Mssql$microsoftbcm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The MSMQTriggers service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Msmframework service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Mindretrieve service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Lxcg_device service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Licenseservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Lhidflt2 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Konfig service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Iwebcal service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The IntelC53 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Hpgate service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The GetPlusHelper service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Gdihook5 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The GameConsoleService service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The FVNETusb service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Freesshdservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Epfw service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The EMCFILT service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The E1000 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The DSXUSB service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Digirefresh service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The DfwWebAgent service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The CYGF32X service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The CTMMOUNT service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The COMMONFX.DLL service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Cltnetcnservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The CdaC15BA service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Btcsrusb service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Bmwebcfg service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The BLKWGU(Belkin) service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Bc_pat_f service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Avp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The ATWPKT2 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The ATSWPDRV service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Ati2mtaa service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Aslm75 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The Acs service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The AcronisOSSReinstallSvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7023] - The {a7447300-8075-4b0d-83f1-3d75c8ebc623} service terminated with the following error: The specified module could not be found.2/25/2012 7:45:20 AM, error: Service Control Manager [7000] - The Internet Pass-Through Service service failed to start due to the following error: The system cannot find the file specified.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The ZBackupAssistService service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Xyz777b service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Wtwservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The WmUsbHid service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Whoisd32 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The W700mdm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The VRFIL service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Vpctcom service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The VMAUDIO service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Vds service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The VAIOMediaPlatform-MusicServer-HTTP service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Useraccess7 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The USBAAPL service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The UMPass service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The UimBus service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Trlokom_rmhsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Tosporte service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The TNaviSrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Tdimsys service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Tapeware service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Sysaidagent service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Sympxsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Symantecantibotagent service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The StMp3Rec service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The STEC3 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The StarOpen service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Speedfan service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SNPSTD3 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SNMP service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Smtpd32 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Smapint service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SeratoUsb service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SED133x service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SE27mdfl service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The SbcpHid service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Rpaservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The RIOXDRV service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Rapapp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Qcmerced service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Phnxvcdservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Pdlnafac service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The PCTINDIS5 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Oraclewebassistant service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The NWADI service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The NVR0Dev service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Nsvclog service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Niorbk service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Netsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Netmnt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The NeroMediaHomeService.4 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Mvserver service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Mvc25U870_VID_1262&PID_25FD service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Msi_wlan_service service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Mohfilt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Mctskshd.exe service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Mcshield service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Ma763004 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Lxrjd31s service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Lxcccustomerconnect service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Lmimirr service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Ldap service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The KR10I service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Keriomailserver service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The JGOGO service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Iolodmv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Int15 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Iam service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Gv3 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Guardian2 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The GoBack2K service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The FirePM service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Eliservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The De_serv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Cygserver service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The CBTNDIS5 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Caisafe service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The CA561 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The BsHelpCS service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Backupexecagentbrowser service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Backupclientsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Avgems service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Avc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Automate6 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Asp.net_1.1.4322 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The ARCSOFTVIRTUALCAPTURE service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Anydvd service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Ageremodemaudio service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The Adaptecstoragemanageragent service terminated with the following error: The specified module could not be found.2/25/2012 7:45:19 AM, error: Service Control Manager [7023] - The A88xTuner service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Zpaction service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Zntport service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Z800obex service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Xcomm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Wlluc48 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Win32sl service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Websenserealtimeanalyzer service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Websensecommunicationagent service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The WcesComm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The W810obex service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Vsbus service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Vrservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Vpcbus service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Vaiomediaplatform-integratedserver-http service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Useraccess service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Umwdf service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Toscosrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The TestHandler service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Tdcmdpst service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Symwsc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Symproxysvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Stylexpservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ssrtln service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Srescan service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The SMCB000 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Slabser service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The SiSGbeXP service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Sfsync04 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Se44obex service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The SE27bus service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Sdcoreservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Scdemu service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The S7otranx service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The S117unic service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Rt73 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Rslinx service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Rpcapd service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Rnadirectory service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Rmedia service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Regservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The RAPIProtocol service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Pxhelp20 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Pwkntmon service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Pserve service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Proxyhostmirrordisplay service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Pop3d32 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The PhilCam8116 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The PcdrNt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Patrol_scheduler service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The NxNetMon service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Nvnetbus service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ntuneservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Nm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Nipsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Nimcdldu service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The NdisFilt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The MSCamSvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Motoswitchservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Mldserv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Mfesmfk service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Mfcom service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Mcnasvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The MaxtorFrontPanel1 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The MA8032C service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The LKbdFlt2 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Lbtserv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Kwatchsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Jtagserver service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Jconfigd service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The IPSECSHM service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ipodservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ifxspmgtsrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ibmpmdrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Iaimtv0 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The HSXHWBS2 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Hprfdev service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Haspnt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ha10kx2k service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Ghostsec service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The G400DH service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The FINEPIX_PCC service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Enethusb service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The EIO service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Dwusbdnt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Dnwhodisp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Dmisrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The DivisCTS service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The DcCam service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The DCamUSBEMPIA service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The CX88ENC service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The CTHWIUT.DLL service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The CdaD10BA service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Btwhid service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Bthusb service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Bthpan service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Blueservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Blfp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Beatjamupnpmusicserver service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The AVRec service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Automate5 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The As32svc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Arrayssl_vpn_service3,0,1,9 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The AppnApi service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The Aiclient service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The AdobeActiveFileMonitor6.0 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The A88xXBar service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The 3compxe service terminated with the following error: The specified module could not be found.2/25/2012 7:45:18 AM, error: Service Control Manager [7023] - The 2wirepcp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Zppinger service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Zpmysql service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The ZDPNDIS5 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The WNIPROT5 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Wmdmpmsp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Windowblinds service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The W300bus service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Vmnetadapter service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The VirtualCam service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Unrealircd service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tvalz service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tpkmpsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tosrfbnp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tifm21 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tb2launch service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Tappsrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Speakerphone service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Slave service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Se45unic service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Se45mdm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The SaiNtBus service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The S716mgmt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Pilogsrv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Pdlnslea service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Pclepci service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The PCISys service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The NwSapAgent service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Ntpr_nic_service2 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Nsausvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Npkcsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Nmea service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Ngdbserv service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Naiavfilter1 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Mssql$pinnaclesys service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Meraksmtp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Ma_cmidi_installerservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Lxcgcustomerconnect service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The LMS service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Lmimaint service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Ld51ocnucsnp service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Jsdaemon service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Ipsecmon service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The IFPUSB service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The ICAM3NT5 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Hddsvc service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The HcwPVRP2 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The HabuFltr service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Fsaa service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Emu10k1 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Dsncservice service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Cxlpt service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Cpqarry2 service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Cmdagent service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Avsvcmonitor service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Atmeltpm service terminated with the following error: The specified module could not be found.2/25/2012 7:45:17 AM, error: Service Control Manager [7023] - The Agnwifi service terminated with the following error: The specified module could not be found.2/25/2012 7:44:31 AM, error: Print [33] - The PrintQueue Container could not be found because the DNS Domain name could not be retrieved. Error: 54b2/25/2012 7:44:09 AM, error: NETLOGON [5719] - No Domain Controller is available for domain FL001 due to the following: There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.2/25/2012 7:16:26 AM, error: Service Control Manager [7000] - The OfficeScan NT Firewall service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.2/25/2012 7:16:25 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the OfficeScan NT Firewall service to connect..==== End Of File =========================== Link to post Share on other sites More sharing options...
MrCharlie Posted February 25, 2012 ID:530407 Share Posted February 25, 2012 Welcome to the forum.It looks like you're infected with with Rootkit.ZeroAccess, a BackDoor Trojan.Let confirm that:Please remove any usb or external drives from the computer before you run this scan!Please download and run RogueKiller.Click Scan to scan the system (don't run any other options)Post back the report.MrC Link to post Share on other sites More sharing options...
sol7789 Posted February 25, 2012 Author ID:530424 Share Posted February 25, 2012 RogueKiller V7.1.0 [02/15/2012] by Tigzymail: tigzyRK<at>gmail<dot>comFeedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/Blog: http://tigzyrk.blogspot.comOperating System: Windows XP (5.1.2600 Service Pack 3) 32 bits versionStarted in : Normal modeUser: Administrator [Admin rights]Mode: Scan -- Date: 02/25/2012 10:15:51¤¤¤ Bad processes: 1 ¤¤¤[sUSP PATH] QK464E.EXE -- C:\WINDOWS\TEMP\QK464E.EXE -> KILLED [TermProc]¤¤¤ Registry Entries: 19 ¤¤¤[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet001\Parameters\Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet002\Parameters\Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C} : NameServer (172.16.9.5) -> FOUND[DNS] HKLM\[...]\ControlSet003\Parameters\Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358} : NameServer (172.16.9.5) -> FOUND[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND¤¤¤ Particular Files / Folders: ¤¤¤¤¤¤ Driver: [LOADED] ¤¤¤SSDT[247] : NtSetValueKey @ 0x80580088 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5430)SSDT[226] : NtSetInformationKey @ 0x80655F32 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5448)SSDT[224] : NtSetInformationFile @ 0x805830D1 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5508)SSDT[192] : NtRenameKey @ 0x8065684C -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE54A8)SSDT[177] : NtQueryValueKey @ 0x80572F19 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5520)SSDT[173] : NtQuerySystemInformation @ 0x805856A6 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5400)SSDT[160] : NtQueryKey @ 0x8057EC02 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE54D8)SSDT[125] : NtOpenSection @ 0x80579192 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5478)SSDT[122] : NtOpenProcess @ 0x8057F93A -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5418)SSDT[119] : NtOpenKey @ 0x80572BDF -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE53D0)SSDT[71] : NtEnumerateKey @ 0x8057F002 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE54F0)SSDT[65] : NtDeleteValueKey @ 0x805991E8 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE54C0)SSDT[63] : NtDeleteKey @ 0x8059A5C9 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5490)SSDT[50] : NtCreateSection @ 0x8056DB66 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE5460)SSDT[41] : NtCreateKey @ 0x80578AB4 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE53E8)SSDT[25] : NtClose @ 0x8056F8D7 -> HOOKED (\??\C:\WINDOWS\system32\drivers\dgapimon.sys @ 0xEEFE53B8)¤¤¤ Infection : ZeroAccess ¤¤¤[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!¤¤¤ HOSTS File: ¤¤¤127.0.0.1 localhost¤¤¤ MBR Check: ¤¤¤+++++ PhysicalDrive0: Maxtor 6E040L0 +++++--- User ---[MBR] 7a1e8493f21e70b55597564181a40e9b[bSP] b7cb42b22dc882131a6a6f85b63be1e5 : Windows XP MBR CodePartition table:0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 39202 MoUser = LL1 ... OK!User = LL2 ... OK!Finished : << RKreport[1].txt >>RKreport[1].txt Link to post Share on other sites More sharing options...
MrCharlie Posted February 25, 2012 ID:530428 Share Posted February 25, 2012 ¤¤¤ Infection : ZeroAccess ¤¤¤[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!That confirms it.Please read this warning and let me know what you would like to do.Removing this infection can also disable the ability to connect to the internet.I see you have a lot of system restore points, have you tried any of those?MrC Link to post Share on other sites More sharing options...
sol7789 Posted February 25, 2012 Author ID:530448 Share Posted February 25, 2012 MrCharlie,I am trying to run a system restore, but it is not working. Can we go ahead and try to remove the virus?Triana Link to post Share on other sites More sharing options...
MrCharlie Posted February 25, 2012 ID:530449 Share Posted February 25, 2012 Please download and run TDSSKiller to your desktop as outlined below:Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.-------------------------Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.------------------------Click the Start Scan button.-----------------------If a suspicious object is detected, the default action will be Skip, click on ContinueIf you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please chooseSkip and click on Continue----------------------If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.--------------------A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply. MrC Link to post Share on other sites More sharing options...
sol7789 Posted February 25, 2012 Author ID:530463 Share Posted February 25, 2012 12:41:36.0359 3728 TDSS rootkit removing tool 2.7.14.0 Feb 22 2012 16:54:4912:41:38.0125 3728 ============================================================12:41:38.0125 3728 Current date / time: 2012/02/25 12:41:38.012512:41:38.0125 3728 SystemInfo:12:41:38.0125 3728 12:41:38.0125 3728 OS Version: 5.1.2600 ServicePack: 3.012:41:38.0125 3728 Product type: Workstation12:41:38.0125 3728 ComputerName: ADMIN112:41:38.0125 3728 UserName: Administrator12:41:38.0125 3728 Windows directory: C:\WINDOWS12:41:38.0125 3728 System windows directory: C:\WINDOWS12:41:38.0125 3728 Processor architecture: Intel x8612:41:38.0125 3728 Number of processors: 112:41:38.0140 3728 Page size: 0x100012:41:38.0140 3728 Boot type: Normal boot12:41:38.0140 3728 ============================================================12:41:45.0312 3728 Drive \Device\Harddisk0\DR0 - Size: 0x9925B0000 (38.29 Gb), SectorSize: 0x200, Cylinders: 0x14BE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x0000005412:41:45.0609 3728 \Device\Harddisk0\DR0:12:41:45.0609 3728 MBR used12:41:45.0609 3728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4C915A112:41:45.0656 3728 Initialize success12:41:45.0656 3728 ============================================================12:44:23.0171 3716 ============================================================12:44:23.0171 3716 Scan started12:44:23.0171 3716 Mode: Manual; SigCheck; TDLFS;12:44:23.0171 3716 ============================================================12:44:23.0343 3716 Abiosdsk - ok12:44:23.0390 3716 abp480n5 - ok12:44:23.0484 3716 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys12:44:26.0859 3716 ACPI - ok12:44:26.0937 3716 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys12:44:27.0109 3716 ACPIEC - ok12:44:27.0156 3716 ADIHdAudAddService - ok12:44:27.0218 3716 adpu160m - ok12:44:27.0281 3716 AEAudio (e696e749bedcda8b23757b8b5ea93780) C:\WINDOWS\system32\drivers\AEAudio.sys12:44:27.0375 3716 AEAudio - ok12:44:27.0437 3716 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys12:44:27.0609 3716 aec - ok12:44:27.0703 3716 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys12:44:27.0796 3716 AFD - ok12:44:27.0875 3716 Aha154x - ok12:44:27.0921 3716 aic78u2 - ok12:44:27.0953 3716 aic78xx - ok12:44:28.0000 3716 AliIde - ok12:44:28.0046 3716 amsint - ok12:44:28.0140 3716 asc - ok12:44:28.0187 3716 asc3350p - ok12:44:28.0234 3716 asc3550 - ok12:44:28.0312 3716 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys12:44:28.0468 3716 AsyncMac - ok12:44:28.0562 3716 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys12:44:28.0718 3716 atapi - ok12:44:28.0765 3716 Atdisk - ok12:44:28.0875 3716 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys12:44:29.0031 3716 Atmarpc - ok12:44:29.0125 3716 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys12:44:29.0265 3716 audstub - ok12:44:29.0406 3716 b57w2k (3a3a82ffd268bcfb7ae6a48cecf00ad9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys12:44:29.0484 3716 b57w2k - ok12:44:29.0609 3716 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys12:44:29.0765 3716 Beep - ok12:44:29.0984 3716 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys12:44:30.0156 3716 cbidf2k - ok12:44:30.0234 3716 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys12:44:30.0375 3716 CCDECODE - ok12:44:30.0453 3716 cd20xrnt - ok12:44:30.0515 3716 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys12:44:30.0656 3716 Cdaudio - ok12:44:30.0750 3716 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys12:44:30.0906 3716 Cdfs - ok12:44:30.0984 3716 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys12:44:31.0140 3716 Cdrom - ok12:44:31.0234 3716 Changer - ok12:44:31.0343 3716 CmdIde - ok12:44:31.0437 3716 Cpqarray - ok12:44:31.0593 3716 dac2w2k - ok12:44:31.0625 3716 dac960nt - ok12:44:31.0718 3716 DCamUSBVeo532 (e3834cdc0ea44bdda7c54861a4c92d32) C:\WINDOWS\system32\Drivers\ubVeo532.sys12:44:31.0781 3716 DCamUSBVeo532 - ok12:44:31.0859 3716 Suspicious service (Hidden): dgapimon12:44:31.0937 3716 dgapimon (fbb1ac7d581fef4d942edb57dbc093f4) C:\WINDOWS\system32\drivers\dgapimon.sys12:44:31.0968 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgapimon.sys. md5: fbb1ac7d581fef4d942edb57dbc093f412:44:31.0968 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgapimon.sys. md5: fbb1ac7d581fef4d942edb57dbc093f412:44:31.0968 3716 dgapimon ( HiddenService.Multi.Generic ) - warning12:44:31.0968 3716 dgapimon - detected HiddenService.Multi.Generic (1)12:44:31.0984 3716 Suspicious service (Hidden): dgbusmon12:44:32.0062 3716 dgbusmon (7c03d2b114cae7563db80144954c10a0) C:\WINDOWS\system32\drivers\dgbusmon.sys12:44:32.0078 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgbusmon.sys. md5: 7c03d2b114cae7563db80144954c10a012:44:32.0078 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgbusmon.sys. md5: 7c03d2b114cae7563db80144954c10a012:44:32.0078 3716 dgbusmon ( HiddenService.Multi.Generic ) - warning12:44:32.0078 3716 dgbusmon - detected HiddenService.Multi.Generic (1)12:44:32.0093 3716 Suspicious service (Hidden): dgcotman12:44:32.0156 3716 dgcotman (ac5f71d2f15bfefd096dbe0d417c17df) C:\WINDOWS\system32\drivers\dgcotman.sys12:44:32.0187 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgcotman.sys. md5: ac5f71d2f15bfefd096dbe0d417c17df12:44:32.0187 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgcotman.sys. md5: ac5f71d2f15bfefd096dbe0d417c17df12:44:32.0187 3716 dgcotman ( HiddenService.Multi.Generic ) - warning12:44:32.0187 3716 dgcotman - detected HiddenService.Multi.Generic (1)12:44:32.0203 3716 Suspicious service (Hidden): DGDmk12:44:32.0265 3716 DGDmk (b1b46c375f43a5a03a62376cf6e0c1ab) C:\WINDOWS\system32\Drivers\DgDmk.sys12:44:32.0312 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDmk.sys. md5: b1b46c375f43a5a03a62376cf6e0c1ab12:44:32.0312 3716 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDmk.sys. md5: b1b46c375f43a5a03a62376cf6e0c1ab12:44:32.0312 3716 DGDmk ( HiddenService.Multi.Generic ) - warning12:44:32.0312 3716 DGDmk - detected HiddenService.Multi.Generic (1)12:44:32.0328 3716 Suspicious service (Hidden): DgDmkDisk12:44:32.0406 3716 DgDmkDisk (16d8515941afec346f351fbc043301a1) C:\WINDOWS\system32\Drivers\DgDmkDisk.sys12:44:32.0421 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDmkDisk.sys. md5: 16d8515941afec346f351fbc043301a112:44:32.0421 3716 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDmkDisk.sys. md5: 16d8515941afec346f351fbc043301a112:44:32.0421 3716 DgDmkDisk ( HiddenService.Multi.Generic ) - warning12:44:32.0421 3716 DgDmkDisk - detected HiddenService.Multi.Generic (1)12:44:32.0437 3716 Suspicious service (Hidden): DGDT12:44:32.0515 3716 DGDT (d8e440ce2be20121f9281ae88c34a032) C:\WINDOWS\system32\Drivers\DgDt.sys12:44:32.0546 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDt.sys. md5: d8e440ce2be20121f9281ae88c34a03212:44:32.0546 3716 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDt.sys. md5: d8e440ce2be20121f9281ae88c34a03212:44:32.0546 3716 DGDT ( HiddenService.Multi.Generic ) - warning12:44:32.0546 3716 DGDT - detected HiddenService.Multi.Generic (1)12:44:32.0562 3716 Suspicious service (Hidden): DgDtl12:44:32.0562 3716 Suspicious service (Hidden): DGFILTR12:44:32.0625 3716 DGFILTR ( HiddenService.Multi.Generic ) - warning12:44:32.0625 3716 DGFILTR - detected HiddenService.Multi.Generic (1)12:44:32.0640 3716 Suspicious service (Hidden): DGFS12:44:32.0687 3716 DGFS (c711dcb3ba4159280cddff170d43efb2) C:\WINDOWS\system32\Drivers\DgFs.sys12:44:32.0718 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgFs.sys. md5: c711dcb3ba4159280cddff170d43efb212:44:32.0718 3716 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgFs.sys. md5: c711dcb3ba4159280cddff170d43efb212:44:32.0718 3716 DGFS ( HiddenService.Multi.Generic ) - warning12:44:32.0718 3716 DGFS - detected HiddenService.Multi.Generic (1)12:44:32.0734 3716 Suspicious service (Hidden): dgfsmon12:44:32.0812 3716 dgfsmon (8f65427a48df7bb242b6122be52c3a8d) C:\WINDOWS\system32\drivers\dgfsmon.sys12:44:32.0828 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgfsmon.sys. md5: 8f65427a48df7bb242b6122be52c3a8d12:44:32.0828 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgfsmon.sys. md5: 8f65427a48df7bb242b6122be52c3a8d12:44:32.0828 3716 dgfsmon ( HiddenService.Multi.Generic ) - warning12:44:32.0828 3716 dgfsmon - detected HiddenService.Multi.Generic (1)12:44:32.0843 3716 Suspicious service (Hidden): dgkpmail12:44:32.0906 3716 dgkpmail (b26117b2c7acb401ad984bc36cd87849) C:\WINDOWS\system32\drivers\dgkpmail.sys12:44:32.0921 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgkpmail.sys. md5: b26117b2c7acb401ad984bc36cd8784912:44:32.0921 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgkpmail.sys. md5: b26117b2c7acb401ad984bc36cd8784912:44:32.0921 3716 dgkpmail ( HiddenService.Multi.Generic ) - warning12:44:32.0921 3716 dgkpmail - detected HiddenService.Multi.Generic (1)12:44:32.0937 3716 Suspicious service (Hidden): DGLFS12:44:33.0000 3716 DGLFS (c3c5c26aae25702473d5d49810267545) C:\WINDOWS\system32\Drivers\DgLfs.sys12:44:33.0015 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgLfs.sys. md5: c3c5c26aae25702473d5d4981026754512:44:33.0031 3716 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgLfs.sys. md5: c3c5c26aae25702473d5d4981026754512:44:33.0031 3716 DGLFS ( HiddenService.Multi.Generic ) - warning12:44:33.0031 3716 DGLFS - detected HiddenService.Multi.Generic (1)12:44:33.0046 3716 Suspicious service (Hidden): DGMASTER12:44:33.0156 3716 DGMASTER (a19df0e175210992cfaa13529c9e9815) C:\WINDOWS\system32\drivers\dgmaster.sys12:44:33.0328 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgmaster.sys. md5: a19df0e175210992cfaa13529c9e981512:44:33.0328 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgmaster.sys. md5: a19df0e175210992cfaa13529c9e981512:44:33.0328 3716 DGMASTER ( HiddenService.Multi.Generic ) - warning12:44:33.0343 3716 DGMASTER - detected HiddenService.Multi.Generic (1)12:44:33.0343 3716 Suspicious service (Hidden): DGREC12:44:33.0406 3716 DGREC ( HiddenService.Multi.Generic ) - warning12:44:33.0406 3716 DGREC - detected HiddenService.Multi.Generic (1)12:44:33.0406 3716 Suspicious service (Hidden): dgrule12:44:33.0468 3716 dgrule (eb39a30bc4873ffeeac6ec88f31cc3bf) C:\WINDOWS\system32\drivers\dgrule.sys12:44:33.0484 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgrule.sys. md5: eb39a30bc4873ffeeac6ec88f31cc3bf12:44:33.0484 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgrule.sys. md5: eb39a30bc4873ffeeac6ec88f31cc3bf12:44:33.0484 3716 dgrule ( HiddenService.Multi.Generic ) - warning12:44:33.0484 3716 dgrule - detected HiddenService.Multi.Generic (1)12:44:33.0500 3716 Suspicious service (Hidden): DGScan12:44:33.0515 3716 Suspicious service (Hidden): DGService12:44:33.0515 3716 Suspicious service (Hidden): dgtdimon12:44:33.0578 3716 dgtdimon (39b573b4db693522919cdc57a684d0ef) C:\WINDOWS\system32\drivers\dgtdimon.sys12:44:33.0593 3716 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgtdimon.sys. md5: 39b573b4db693522919cdc57a684d0ef12:44:33.0593 3716 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgtdimon.sys. md5: 39b573b4db693522919cdc57a684d0ef12:44:33.0593 3716 dgtdimon ( HiddenService.Multi.Generic ) - warning12:44:33.0593 3716 dgtdimon - detected HiddenService.Multi.Generic (1)12:44:33.0687 3716 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys12:44:33.0843 3716 Disk - ok12:44:34.0000 3716 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys12:44:34.0234 3716 dmboot - ok12:44:34.0328 3716 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys12:44:34.0500 3716 dmio - ok12:44:34.0593 3716 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys12:44:34.0750 3716 dmload - ok12:44:34.0859 3716 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys12:44:35.0000 3716 DMusic - ok12:44:35.0125 3716 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys12:44:35.0296 3716 Dot4 - ok12:44:35.0375 3716 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys12:44:35.0531 3716 Dot4Print - ok12:44:35.0625 3716 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys12:44:35.0781 3716 dot4usb - ok12:44:35.0843 3716 dpti2o - ok12:44:35.0921 3716 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys12:44:36.0062 3716 drmkaud - ok12:44:36.0171 3716 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys12:44:36.0281 3716 e1express - ok12:44:36.0359 3716 easytether - ok12:44:36.0546 3716 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys12:44:36.0718 3716 Fastfat - ok12:44:36.0828 3716 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys12:44:36.0984 3716 Fdc - ok12:44:37.0078 3716 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys12:44:37.0234 3716 Fips - ok12:44:37.0312 3716 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys12:44:37.0468 3716 Flpydisk - ok12:44:37.0546 3716 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys12:44:37.0718 3716 FltMgr - ok12:44:37.0796 3716 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys12:44:37.0953 3716 Fs_Rec - ok12:44:38.0015 3716 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys12:44:38.0187 3716 Ftdisk - ok12:44:38.0281 3716 FTRUSB (cdcef7829f2ecc4af5531d781e6ebd62) C:\WINDOWS\system32\DRIVERS\FTRUSB.sys12:44:38.0312 3716 FTRUSB ( UnsignedFile.Multi.Generic ) - warning12:44:38.0312 3716 FTRUSB - detected UnsignedFile.Multi.Generic (1)12:44:38.0468 3716 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys12:44:38.0609 3716 Gpc - ok12:44:38.0703 3716 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys12:44:38.0875 3716 HDAudBus - ok12:44:38.0968 3716 HECI (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys12:44:39.0015 3716 HECI - ok12:44:39.0156 3716 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\WINDOWS\system32\drivers\hpfxbulk.sys12:44:39.0171 3716 HPFXBULK - ok12:44:39.0218 3716 hpn - ok12:44:39.0328 3716 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys12:44:39.0390 3716 HTCAND32 - ok12:44:39.0484 3716 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys12:44:39.0578 3716 htcnprot - ok12:44:39.0671 3716 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys12:44:39.0734 3716 HTTP - ok12:44:39.0812 3716 i2omgmt - ok12:44:39.0859 3716 i2omp - ok12:44:39.0906 3716 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys12:44:40.0078 3716 i8042prt - ok12:44:40.0171 3716 ialm (1432958dc80b7bbacf07377763d70e91) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys12:44:40.0343 3716 ialm - ok12:44:40.0515 3716 IFXTPM (2cdf483f8fc2bf3f7b93e3bdd734cfbd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS12:44:40.0562 3716 IFXTPM - ok12:44:40.0703 3716 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys12:44:40.0859 3716 Imapi - ok12:44:40.0937 3716 ini910u - ok12:44:41.0140 3716 IntcAzAudAddService (06b0e8d608ab69643b14a1f95f7feab3) C:\WINDOWS\system32\drivers\RtkHDAud.sys12:44:41.0796 3716 IntcAzAudAddService - ok12:44:41.0890 3716 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys12:44:42.0031 3716 IntelIde - ok12:44:42.0125 3716 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys12:44:42.0265 3716 intelppm - ok12:44:42.0390 3716 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys12:44:42.0562 3716 Ip6Fw - ok12:44:42.0640 3716 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys12:44:42.0796 3716 IpFilterDriver - ok12:44:42.0875 3716 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys12:44:43.0031 3716 IpInIp - ok12:44:43.0125 3716 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys12:44:43.0281 3716 IpNat - ok12:44:43.0359 3716 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys12:44:43.0515 3716 IPSec - ok12:44:43.0609 3716 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys12:44:43.0781 3716 IRENUM - ok12:44:43.0890 3716 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys12:44:44.0078 3716 isapnp - ok12:44:44.0234 3716 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys12:44:44.0390 3716 Kbdclass - ok12:44:44.0515 3716 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys12:44:44.0671 3716 kmixer - ok12:44:44.0796 3716 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys12:44:44.0921 3716 KSecDD - ok12:44:45.0031 3716 lbrtfdc - ok12:44:45.0531 3716 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys12:44:45.0671 3716 mnmdd - ok12:44:45.0765 3716 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys12:44:45.0921 3716 Modem - ok12:44:46.0015 3716 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys12:44:46.0156 3716 Mouclass - ok12:44:46.0250 3716 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys12:44:46.0421 3716 MountMgr - ok12:44:46.0500 3716 mraid35x - ok12:44:46.0578 3716 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys12:44:46.0734 3716 MRxDAV - ok12:44:46.0843 3716 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys12:44:47.0015 3716 MRxSmb - ok12:44:47.0171 3716 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys12:44:47.0312 3716 Msfs - ok12:44:47.0484 3716 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys12:44:47.0625 3716 MSKSSRV - ok12:44:47.0718 3716 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys12:44:47.0875 3716 MSPCLOCK - ok12:44:47.0953 3716 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys12:44:48.0093 3716 MSPQM - ok12:44:48.0203 3716 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys12:44:48.0343 3716 mssmbios - ok12:44:48.0484 3716 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys12:44:48.0625 3716 MSTEE - ok12:44:48.0734 3716 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys12:44:48.0812 3716 Mup - ok12:44:48.0937 3716 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys12:44:49.0093 3716 NABTSFEC - ok12:44:49.0203 3716 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys12:44:49.0359 3716 NDIS - ok12:44:49.0453 3716 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys12:44:49.0609 3716 NdisIP - ok12:44:49.0687 3716 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys12:44:49.0765 3716 NdisTapi - ok12:44:49.0859 3716 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys12:44:50.0015 3716 Ndisuio - ok12:44:50.0109 3716 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys12:44:50.0265 3716 NdisWan - ok12:44:50.0343 3716 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys12:44:50.0437 3716 NDProxy - ok12:44:50.0562 3716 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys12:44:50.0703 3716 NetBIOS - ok12:44:50.0812 3716 NetBT (0514772a3a60cb88971e4b363e13de5a) C:\WINDOWS\system32\DRIVERS\netbt.sys12:44:50.0875 3716 NetBT ( UnsignedFile.Multi.Generic ) - warning12:44:50.0875 3716 NetBT - detected UnsignedFile.Multi.Generic (1)12:44:51.0218 3716 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys12:44:51.0359 3716 Npfs - ok12:44:51.0531 3716 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys12:44:51.0812 3716 Ntfs - ok12:44:52.0000 3716 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys12:44:52.0156 3716 Null - ok12:44:52.0328 3716 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys12:44:52.0500 3716 NwlnkFlt - ok12:44:52.0578 3716 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys12:44:52.0750 3716 NwlnkFwd - ok12:44:53.0187 3716 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys12:44:53.0343 3716 Parport - ok12:44:53.0437 3716 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys12:44:53.0593 3716 PartMgr - ok12:44:53.0703 3716 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys12:44:53.0859 3716 ParVdm - ok12:44:54.0000 3716 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys12:44:54.0156 3716 PCI - ok12:44:54.0234 3716 PCIDump - ok12:44:54.0328 3716 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys12:44:54.0562 3716 PCIIde - ok12:44:54.0656 3716 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys12:44:54.0828 3716 Pcmcia - ok12:44:54.0921 3716 PDCOMP - ok12:44:54.0968 3716 PDFRAME - ok12:44:55.0062 3716 PDRELI - ok12:44:55.0109 3716 PDRFRAME - ok12:44:55.0156 3716 perc2 - ok12:44:55.0203 3716 perc2hib - ok12:44:55.0531 3716 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys12:44:55.0687 3716 PptpMiniport - ok12:44:55.0906 3716 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys12:44:56.0062 3716 PSched - ok12:44:56.0156 3716 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys12:44:56.0312 3716 Ptilink - ok12:44:56.0437 3716 ql1080 - ok12:44:56.0484 3716 Ql10wnt - ok12:44:56.0515 3716 ql12160 - ok12:44:56.0562 3716 ql1240 - ok12:44:56.0609 3716 ql1280 - ok12:44:56.0734 3716 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys12:44:56.0890 3716 RasAcd - ok12:44:56.0984 3716 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys12:44:57.0140 3716 Rasl2tp - ok12:44:57.0218 3716 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys12:44:57.0359 3716 RasPppoe - ok12:44:57.0421 3716 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys12:44:57.0578 3716 Raspti - ok12:44:57.0671 3716 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys12:44:57.0843 3716 Rdbss - ok12:44:57.0906 3716 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys12:44:58.0062 3716 RDPCDD - ok12:44:58.0156 3716 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys12:44:58.0312 3716 rdpdr - ok12:44:58.0421 3716 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys12:44:58.0515 3716 RDPWD - ok12:44:58.0640 3716 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys12:44:58.0781 3716 redbook - ok12:44:59.0687 3716 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys12:44:59.0828 3716 Secdrv - ok12:44:59.0937 3716 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys12:45:00.0078 3716 serenum - ok12:45:00.0156 3716 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys12:45:00.0312 3716 Serial - ok12:45:00.0531 3716 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys12:45:00.0687 3716 Sfloppy - ok12:45:00.0890 3716 Simbad - ok12:45:01.0062 3716 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys12:45:01.0218 3716 SLIP - ok12:45:01.0437 3716 smwdm (fa3368a7039f5abaa4b933703ac34763) C:\WINDOWS\system32\drivers\smwdm.sys12:45:01.0578 3716 smwdm - ok12:45:01.0734 3716 Sparrow - ok12:45:01.0843 3716 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys12:45:01.0984 3716 splitter - ok12:45:02.0203 3716 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys12:45:02.0359 3716 sr - ok12:45:02.0515 3716 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys12:45:02.0656 3716 Srv - ok12:45:02.0984 3716 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys12:45:03.0140 3716 streamip - ok12:45:03.0312 3716 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys12:45:03.0468 3716 swenum - ok12:45:03.0562 3716 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys12:45:03.0703 3716 swmidi - ok12:45:03.0828 3716 symc810 - ok12:45:03.0875 3716 symc8xx - ok12:45:03.0953 3716 sym_hi - ok12:45:04.0000 3716 sym_u3 - ok12:45:04.0062 3716 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys12:45:04.0218 3716 sysaudio - ok12:45:04.0421 3716 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys12:45:04.0609 3716 Tcpip - ok12:45:04.0750 3716 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys12:45:04.0906 3716 TDPIPE - ok12:45:05.0015 3716 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys12:45:05.0156 3716 TDTCP - ok12:45:05.0234 3716 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys12:45:05.0390 3716 TermDD - ok12:45:05.0703 3716 tmcfw (8d1900669f830178e60aca8b89f20ad4) C:\WINDOWS\system32\DRIVERS\TM_CFW.sys12:45:05.0765 3716 tmcfw - ok12:45:05.0875 3716 tmcomm (eb2283c0a4dfbd2e53d14f2c4d5a1e89) C:\WINDOWS\system32\drivers\tmcomm.sys12:45:05.0906 3716 tmcomm - ok12:45:06.0015 3716 TmFilter (717e406972bbc07f8fb2a989416cab73) C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys12:45:06.0109 3716 TmFilter - ok12:45:06.0234 3716 TmPreFilter (379c4f99994a56b66e11d1e32bb22a1c) C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys12:45:06.0281 3716 TmPreFilter - ok12:45:06.0359 3716 TosIde - ok12:45:06.0718 3716 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys12:45:06.0875 3716 Udfs - ok12:45:07.0000 3716 ultra - ok12:45:07.0078 3716 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys12:45:07.0281 3716 Update - ok12:45:07.0484 3716 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys12:45:07.0625 3716 usbccgp - ok12:45:07.0750 3716 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys12:45:07.0906 3716 usbehci - ok12:45:08.0000 3716 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys12:45:08.0156 3716 usbhub - ok12:45:08.0265 3716 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys12:45:08.0421 3716 usbprint - ok12:45:08.0562 3716 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS12:45:08.0703 3716 USBSTOR - ok12:45:08.0812 3716 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys12:45:08.0953 3716 usbuhci - ok12:45:09.0093 3716 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys12:45:09.0234 3716 usb_rndisx - ok12:45:09.0531 3716 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys12:45:09.0671 3716 VgaSave - ok12:45:09.0796 3716 ViaIde - ok12:45:09.0921 3716 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys12:45:10.0078 3716 VolSnap - ok12:45:10.0234 3716 VSApiNt (642eb152cb980ad9181b2161066be629) C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys12:45:10.0406 3716 VSApiNt - ok12:45:10.0687 3716 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys12:45:10.0859 3716 Wanarp - ok12:45:11.0078 3716 Wdf01000 (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\Drivers\wdf01000.sys12:45:11.0187 3716 Wdf01000 - ok12:45:11.0250 3716 WDICA - ok12:45:11.0328 3716 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys12:45:11.0484 3716 wdmaud - ok12:45:12.0015 3716 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys12:45:12.0156 3716 WmiAcpi - ok12:45:12.0468 3716 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS12:45:12.0625 3716 WSTCODEC - ok12:45:12.0734 3716 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys12:45:12.0828 3716 WudfPf - ok12:45:12.0921 3716 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys12:45:12.0968 3716 WudfRd - ok12:45:13.0531 3716 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR012:45:13.0687 3716 \Device\Harddisk0\DR0 - ok12:45:13.0703 3716 Boot (0x1200) (0554a279fb3046843f87e9234e1014a7) \Device\Harddisk0\DR0\Partition012:45:13.0703 3716 \Device\Harddisk0\DR0\Partition0 - ok12:45:13.0703 3716 ============================================================12:45:13.0703 3716 Scan finished12:45:13.0703 3716 ============================================================12:45:13.0812 3700 Detected object count: 1712:45:13.0812 3700 Actual detected object count: 1712:45:57.0250 3700 dgapimon ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0250 3700 dgapimon ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0250 3700 dgbusmon ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0250 3700 dgbusmon ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0250 3700 dgcotman ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0250 3700 dgcotman ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0250 3700 DGDmk ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0250 3700 DGDmk ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0250 3700 DgDmkDisk ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0250 3700 DgDmkDisk ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0250 3700 DGDT ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0250 3700 DGDT ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0250 3700 DGFILTR ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0250 3700 DGFILTR ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0250 3700 DGFS ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0250 3700 DGFS ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0265 3700 dgfsmon ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0265 3700 dgfsmon ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0265 3700 dgkpmail ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0265 3700 dgkpmail ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0265 3700 DGLFS ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0265 3700 DGLFS ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0265 3700 DGMASTER ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0265 3700 DGMASTER ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0265 3700 DGREC ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0265 3700 DGREC ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0265 3700 dgrule ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0265 3700 dgrule ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0265 3700 dgtdimon ( HiddenService.Multi.Generic ) - skipped by user12:45:57.0265 3700 dgtdimon ( HiddenService.Multi.Generic ) - User select action: Skip12:45:57.0265 3700 FTRUSB ( UnsignedFile.Multi.Generic ) - skipped by user12:45:57.0265 3700 FTRUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip12:45:57.0265 3700 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user12:45:57.0265 3700 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip12:46:34.0671 6068 ============================================================12:46:34.0671 6068 Scan started12:46:34.0671 6068 Mode: Manual; SigCheck; TDLFS;12:46:34.0671 6068 ============================================================12:46:34.0875 6068 Abiosdsk - ok12:46:34.0921 6068 abp480n5 - ok12:46:35.0000 6068 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys12:46:35.0328 6068 ACPI - ok12:46:35.0421 6068 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys12:46:35.0578 6068 ACPIEC - ok12:46:35.0640 6068 ADIHdAudAddService - ok12:46:35.0687 6068 adpu160m - ok12:46:35.0765 6068 AEAudio (e696e749bedcda8b23757b8b5ea93780) C:\WINDOWS\system32\drivers\AEAudio.sys12:46:35.0796 6068 AEAudio - ok12:46:35.0875 6068 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys12:46:36.0015 6068 aec - ok12:46:36.0125 6068 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys12:46:36.0140 6068 AFD - ok12:46:36.0218 6068 Aha154x - ok12:46:36.0265 6068 aic78u2 - ok12:46:36.0296 6068 aic78xx - ok12:46:36.0343 6068 AliIde - ok12:46:36.0390 6068 amsint - ok12:46:36.0453 6068 asc - ok12:46:36.0484 6068 asc3350p - ok12:46:36.0515 6068 asc3550 - ok12:46:36.0609 6068 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys12:46:36.0750 6068 AsyncMac - ok12:46:36.0828 6068 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys12:46:36.0968 6068 atapi - ok12:46:37.0031 6068 Atdisk - ok12:46:37.0109 6068 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys12:46:37.0265 6068 Atmarpc - ok12:46:37.0359 6068 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys12:46:37.0500 6068 audstub - ok12:46:37.0640 6068 b57w2k (3a3a82ffd268bcfb7ae6a48cecf00ad9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys12:46:37.0671 6068 b57w2k - ok12:46:37.0781 6068 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys12:46:37.0937 6068 Beep - ok12:46:38.0156 6068 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys12:46:38.0296 6068 cbidf2k - ok12:46:38.0375 6068 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys12:46:38.0531 6068 CCDECODE - ok12:46:38.0578 6068 cd20xrnt - ok12:46:38.0640 6068 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys12:46:38.0781 6068 Cdaudio - ok12:46:38.0859 6068 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys12:46:39.0000 6068 Cdfs - ok12:46:39.0093 6068 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys12:46:39.0234 6068 Cdrom - ok12:46:39.0312 6068 Changer - ok12:46:39.0406 6068 CmdIde - ok12:46:39.0500 6068 Cpqarray - ok12:46:39.0656 6068 dac2w2k - ok12:46:39.0687 6068 dac960nt - ok12:46:39.0765 6068 DCamUSBVeo532 (e3834cdc0ea44bdda7c54861a4c92d32) C:\WINDOWS\system32\Drivers\ubVeo532.sys12:46:39.0781 6068 DCamUSBVeo532 - ok12:46:39.0859 6068 Suspicious service (Hidden): dgapimon12:46:39.0937 6068 dgapimon (fbb1ac7d581fef4d942edb57dbc093f4) C:\WINDOWS\system32\drivers\dgapimon.sys12:46:39.0937 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgapimon.sys. md5: fbb1ac7d581fef4d942edb57dbc093f412:46:39.0937 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgapimon.sys. md5: fbb1ac7d581fef4d942edb57dbc093f412:46:39.0937 6068 dgapimon ( HiddenService.Multi.Generic ) - warning12:46:39.0937 6068 dgapimon - detected HiddenService.Multi.Generic (1)12:46:39.0953 6068 Suspicious service (Hidden): dgbusmon12:46:40.0031 6068 dgbusmon (7c03d2b114cae7563db80144954c10a0) C:\WINDOWS\system32\drivers\dgbusmon.sys12:46:40.0031 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgbusmon.sys. md5: 7c03d2b114cae7563db80144954c10a012:46:40.0031 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgbusmon.sys. md5: 7c03d2b114cae7563db80144954c10a012:46:40.0031 6068 dgbusmon ( HiddenService.Multi.Generic ) - warning12:46:40.0031 6068 dgbusmon - detected HiddenService.Multi.Generic (1)12:46:40.0046 6068 Suspicious service (Hidden): dgcotman12:46:40.0109 6068 dgcotman (ac5f71d2f15bfefd096dbe0d417c17df) C:\WINDOWS\system32\drivers\dgcotman.sys12:46:40.0109 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgcotman.sys. md5: ac5f71d2f15bfefd096dbe0d417c17df12:46:40.0109 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgcotman.sys. md5: ac5f71d2f15bfefd096dbe0d417c17df12:46:40.0109 6068 dgcotman ( HiddenService.Multi.Generic ) - warning12:46:40.0109 6068 dgcotman - detected HiddenService.Multi.Generic (1)12:46:40.0125 6068 Suspicious service (Hidden): DGDmk12:46:40.0203 6068 DGDmk (b1b46c375f43a5a03a62376cf6e0c1ab) C:\WINDOWS\system32\Drivers\DgDmk.sys12:46:40.0203 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDmk.sys. md5: b1b46c375f43a5a03a62376cf6e0c1ab12:46:40.0203 6068 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDmk.sys. md5: b1b46c375f43a5a03a62376cf6e0c1ab12:46:40.0203 6068 DGDmk ( HiddenService.Multi.Generic ) - warning12:46:40.0203 6068 DGDmk - detected HiddenService.Multi.Generic (1)12:46:40.0218 6068 Suspicious service (Hidden): DgDmkDisk12:46:40.0296 6068 DgDmkDisk (16d8515941afec346f351fbc043301a1) C:\WINDOWS\system32\Drivers\DgDmkDisk.sys12:46:40.0296 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDmkDisk.sys. md5: 16d8515941afec346f351fbc043301a112:46:40.0296 6068 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDmkDisk.sys. md5: 16d8515941afec346f351fbc043301a112:46:40.0296 6068 DgDmkDisk ( HiddenService.Multi.Generic ) - warning12:46:40.0296 6068 DgDmkDisk - detected HiddenService.Multi.Generic (1)12:46:40.0312 6068 Suspicious service (Hidden): DGDT12:46:40.0406 6068 DGDT (d8e440ce2be20121f9281ae88c34a032) C:\WINDOWS\system32\Drivers\DgDt.sys12:46:40.0406 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgDt.sys. md5: d8e440ce2be20121f9281ae88c34a03212:46:40.0406 6068 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgDt.sys. md5: d8e440ce2be20121f9281ae88c34a03212:46:40.0406 6068 DGDT ( HiddenService.Multi.Generic ) - warning12:46:40.0406 6068 DGDT - detected HiddenService.Multi.Generic (1)12:46:40.0421 6068 Suspicious service (Hidden): DgDtl12:46:40.0421 6068 Suspicious service (Hidden): DGFILTR12:46:40.0484 6068 DGFILTR ( HiddenService.Multi.Generic ) - warning12:46:40.0484 6068 DGFILTR - detected HiddenService.Multi.Generic (1)12:46:40.0500 6068 Suspicious service (Hidden): DGFS12:46:40.0546 6068 DGFS (c711dcb3ba4159280cddff170d43efb2) C:\WINDOWS\system32\Drivers\DgFs.sys12:46:40.0546 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgFs.sys. md5: c711dcb3ba4159280cddff170d43efb212:46:40.0546 6068 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgFs.sys. md5: c711dcb3ba4159280cddff170d43efb212:46:40.0546 6068 DGFS ( HiddenService.Multi.Generic ) - warning12:46:40.0546 6068 DGFS - detected HiddenService.Multi.Generic (1)12:46:40.0562 6068 Suspicious service (Hidden): dgfsmon12:46:40.0656 6068 dgfsmon (8f65427a48df7bb242b6122be52c3a8d) C:\WINDOWS\system32\drivers\dgfsmon.sys12:46:40.0656 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgfsmon.sys. md5: 8f65427a48df7bb242b6122be52c3a8d12:46:40.0656 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgfsmon.sys. md5: 8f65427a48df7bb242b6122be52c3a8d12:46:40.0656 6068 dgfsmon ( HiddenService.Multi.Generic ) - warning12:46:40.0656 6068 dgfsmon - detected HiddenService.Multi.Generic (1)12:46:40.0671 6068 Suspicious service (Hidden): dgkpmail12:46:40.0750 6068 dgkpmail (b26117b2c7acb401ad984bc36cd87849) C:\WINDOWS\system32\drivers\dgkpmail.sys12:46:40.0750 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgkpmail.sys. md5: b26117b2c7acb401ad984bc36cd8784912:46:40.0750 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgkpmail.sys. md5: b26117b2c7acb401ad984bc36cd8784912:46:40.0750 6068 dgkpmail ( HiddenService.Multi.Generic ) - warning12:46:40.0750 6068 dgkpmail - detected HiddenService.Multi.Generic (1)12:46:40.0765 6068 Suspicious service (Hidden): DGLFS12:46:40.0828 6068 DGLFS (c3c5c26aae25702473d5d49810267545) C:\WINDOWS\system32\Drivers\DgLfs.sys12:46:40.0828 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\DgLfs.sys. md5: c3c5c26aae25702473d5d4981026754512:46:40.0828 6068 Suspicious file (Hidden): C:\WINDOWS\system32\Drivers\DgLfs.sys. md5: c3c5c26aae25702473d5d4981026754512:46:40.0828 6068 DGLFS ( HiddenService.Multi.Generic ) - warning12:46:40.0828 6068 DGLFS - detected HiddenService.Multi.Generic (1)12:46:40.0843 6068 Suspicious service (Hidden): DGMASTER12:46:40.0921 6068 DGMASTER (a19df0e175210992cfaa13529c9e9815) C:\WINDOWS\system32\drivers\dgmaster.sys12:46:40.0921 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgmaster.sys. md5: a19df0e175210992cfaa13529c9e981512:46:40.0921 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgmaster.sys. md5: a19df0e175210992cfaa13529c9e981512:46:40.0937 6068 DGMASTER ( HiddenService.Multi.Generic ) - warning12:46:40.0937 6068 DGMASTER - detected HiddenService.Multi.Generic (1)12:46:40.0953 6068 Suspicious service (Hidden): DGREC12:46:40.0984 6068 DGREC ( HiddenService.Multi.Generic ) - warning12:46:40.0984 6068 DGREC - detected HiddenService.Multi.Generic (1)12:46:41.0000 6068 Suspicious service (Hidden): dgrule12:46:41.0046 6068 dgrule (eb39a30bc4873ffeeac6ec88f31cc3bf) C:\WINDOWS\system32\drivers\dgrule.sys12:46:41.0046 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgrule.sys. md5: eb39a30bc4873ffeeac6ec88f31cc3bf12:46:41.0046 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgrule.sys. md5: eb39a30bc4873ffeeac6ec88f31cc3bf12:46:41.0046 6068 dgrule ( HiddenService.Multi.Generic ) - warning12:46:41.0046 6068 dgrule - detected HiddenService.Multi.Generic (1)12:46:41.0062 6068 Suspicious service (Hidden): DGScan12:46:41.0062 6068 Suspicious service (Hidden): DGService12:46:41.0078 6068 Suspicious service (Hidden): dgtdimon12:46:41.0156 6068 dgtdimon (39b573b4db693522919cdc57a684d0ef) C:\WINDOWS\system32\drivers\dgtdimon.sys12:46:41.0156 6068 Suspicious file (NoAccess): C:\WINDOWS\system32\drivers\dgtdimon.sys. md5: 39b573b4db693522919cdc57a684d0ef12:46:41.0156 6068 Suspicious file (Hidden): C:\WINDOWS\system32\drivers\dgtdimon.sys. md5: 39b573b4db693522919cdc57a684d0ef12:46:41.0156 6068 dgtdimon ( HiddenService.Multi.Generic ) - warning12:46:41.0156 6068 dgtdimon - detected HiddenService.Multi.Generic (1)12:46:41.0250 6068 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys12:46:41.0390 6068 Disk - ok12:46:41.0546 6068 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys12:46:41.0718 6068 dmboot - ok12:46:41.0812 6068 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys12:46:41.0953 6068 dmio - ok12:46:42.0062 6068 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys12:46:42.0203 6068 dmload - ok12:46:42.0296 6068 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys12:46:42.0421 6068 DMusic - ok12:46:42.0546 6068 Dot4 (3e4b043f8bc6be1d4820cc6c9c500306) C:\WINDOWS\system32\DRIVERS\Dot4.sys12:46:42.0671 6068 Dot4 - ok12:46:42.0765 6068 Dot4Print (77ce63a8a34ae23d9fe4c7896d1debe7) C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys12:46:42.0906 6068 Dot4Print - ok12:46:43.0000 6068 dot4usb (6ec3af6bb5b30e488a0c559921f012e1) C:\WINDOWS\system32\DRIVERS\dot4usb.sys12:46:43.0140 6068 dot4usb - ok12:46:43.0187 6068 dpti2o - ok12:46:43.0265 6068 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys12:46:43.0390 6068 drmkaud - ok12:46:43.0500 6068 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\WINDOWS\system32\DRIVERS\e1e5132.sys12:46:43.0515 6068 e1express - ok12:46:43.0578 6068 easytether - ok12:46:43.0781 6068 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys12:46:43.0906 6068 Fastfat - ok12:46:44.0031 6068 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys12:46:44.0156 6068 Fdc - ok12:46:44.0265 6068 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys12:46:44.0421 6068 Fips - ok12:46:44.0500 6068 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys12:46:44.0640 6068 Flpydisk - ok12:46:44.0718 6068 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys12:46:44.0843 6068 FltMgr - ok12:46:44.0921 6068 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys12:46:45.0062 6068 Fs_Rec - ok12:46:45.0140 6068 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys12:46:45.0281 6068 Ftdisk - ok12:46:45.0359 6068 FTRUSB (cdcef7829f2ecc4af5531d781e6ebd62) C:\WINDOWS\system32\DRIVERS\FTRUSB.sys12:46:45.0390 6068 FTRUSB ( UnsignedFile.Multi.Generic ) - warning12:46:45.0390 6068 FTRUSB - detected UnsignedFile.Multi.Generic (1)12:46:45.0531 6068 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys12:46:45.0656 6068 Gpc - ok12:46:45.0734 6068 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys12:46:45.0875 6068 HDAudBus - ok12:46:45.0968 6068 HECI (d0fc694df051bc65946db616f20d1168) C:\WINDOWS\system32\DRIVERS\HECI.sys12:46:46.0000 6068 HECI - ok12:46:46.0109 6068 HPFXBULK (299683d4c8aaa3f6f5d5d226a1782a6e) C:\WINDOWS\system32\drivers\hpfxbulk.sys12:46:46.0125 6068 HPFXBULK - ok12:46:46.0156 6068 hpn - ok12:46:46.0281 6068 HTCAND32 (cbd09ed9cf6822177ee85aea4d8816a2) C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys12:46:46.0312 6068 HTCAND32 - ok12:46:46.0406 6068 htcnprot (04e3b3554076b8192a668efe88a682a1) C:\WINDOWS\system32\DRIVERS\htcnprot.sys12:46:46.0437 6068 htcnprot - ok12:46:46.0531 6068 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys12:46:46.0562 6068 HTTP - ok12:46:46.0640 6068 i2omgmt - ok12:46:46.0687 6068 i2omp - ok12:46:46.0734 6068 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys12:46:46.0875 6068 i8042prt - ok12:46:46.0984 6068 ialm (1432958dc80b7bbacf07377763d70e91) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys12:46:47.0046 6068 ialm - ok12:46:47.0203 6068 IFXTPM (2cdf483f8fc2bf3f7b93e3bdd734cfbd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS12:46:47.0234 6068 IFXTPM - ok12:46:47.0359 6068 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys12:46:47.0484 6068 Imapi - ok12:46:47.0578 6068 ini910u - ok12:46:47.0765 6068 IntcAzAudAddService (06b0e8d608ab69643b14a1f95f7feab3) C:\WINDOWS\system32\drivers\RtkHDAud.sys12:46:47.0968 6068 IntcAzAudAddService - ok12:46:48.0062 6068 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys12:46:48.0187 6068 IntelIde - ok12:46:48.0265 6068 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys12:46:48.0406 6068 intelppm - ok12:46:48.0531 6068 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys12:46:48.0656 6068 Ip6Fw - ok12:46:48.0734 6068 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys12:46:48.0875 6068 IpFilterDriver - ok12:46:48.0984 6068 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys12:46:49.0109 6068 IpInIp - ok12:46:49.0203 6068 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys12:46:49.0328 6068 IpNat - ok12:46:49.0421 6068 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys12:46:49.0546 6068 IPSec - ok12:46:49.0640 6068 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys12:46:49.0765 6068 IRENUM - ok12:46:49.0875 6068 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys12:46:50.0015 6068 isapnp - ok12:46:50.0171 6068 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys12:46:50.0296 6068 Kbdclass - ok12:46:50.0390 6068 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys12:46:50.0546 6068 kmixer - ok12:46:50.0656 6068 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys12:46:50.0687 6068 KSecDD - ok12:46:50.0781 6068 lbrtfdc - ok12:46:51.0265 6068 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys12:46:51.0406 6068 mnmdd - ok12:46:51.0500 6068 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys12:46:51.0625 6068 Modem - ok12:46:51.0718 6068 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys12:46:51.0843 6068 Mouclass - ok12:46:51.0937 6068 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys12:46:52.0078 6068 MountMgr - ok12:46:52.0156 6068 mraid35x - ok12:46:52.0234 6068 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys12:46:52.0375 6068 MRxDAV - ok12:46:52.0468 6068 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys12:46:52.0515 6068 MRxSmb - ok12:46:52.0640 6068 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys12:46:52.0765 6068 Msfs - ok12:46:52.0890 6068 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys12:46:53.0031 6068 MSKSSRV - ok12:46:53.0140 6068 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys12:46:53.0265 6068 MSPCLOCK - ok12:46:53.0375 6068 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys12:46:53.0515 6068 MSPQM - ok12:46:53.0609 6068 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys12:46:53.0734 6068 mssmbios - ok12:46:53.0906 6068 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys12:46:54.0062 6068 MSTEE - ok12:46:54.0171 6068 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys12:46:54.0203 6068 Mup - ok12:46:54.0312 6068 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys12:46:54.0453 6068 NABTSFEC - ok12:46:54.0546 6068 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys12:46:54.0687 6068 NDIS - ok12:46:54.0765 6068 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys12:46:54.0906 6068 NdisIP - ok12:46:55.0015 6068 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys12:46:55.0046 6068 NdisTapi - ok12:46:55.0140 6068 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys12:46:55.0281 6068 Ndisuio - ok12:46:55.0390 6068 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys12:46:55.0562 6068 NdisWan - ok12:46:55.0656 6068 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys12:46:55.0703 6068 NDProxy - ok12:46:55.0812 6068 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys12:46:55.0953 6068 NetBIOS - ok12:46:56.0062 6068 NetBT (0514772a3a60cb88971e4b363e13de5a) C:\WINDOWS\system32\DRIVERS\netbt.sys12:46:56.0078 6068 NetBT ( UnsignedFile.Multi.Generic ) - warning12:46:56.0078 6068 NetBT - detected UnsignedFile.Multi.Generic (1)12:46:56.0359 6068 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys12:46:56.0484 6068 Npfs - ok12:46:56.0625 6068 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys12:46:56.0781 6068 Ntfs - ok12:46:56.0953 6068 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys12:46:57.0093 6068 Null - ok12:46:57.0281 6068 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys12:46:57.0406 6068 NwlnkFlt - ok12:46:57.0484 6068 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys12:46:57.0625 6068 NwlnkFwd - ok12:46:58.0046 6068 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys12:46:58.0171 6068 Parport - ok12:46:58.0265 6068 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys12:46:58.0390 6068 PartMgr - ok12:46:58.0484 6068 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys12:46:58.0609 6068 ParVdm - ok12:46:58.0750 6068 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys12:46:58.0875 6068 PCI - ok12:46:58.0937 6068 PCIDump - ok12:46:59.0031 6068 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys12:46:59.0171 6068 PCIIde - ok12:46:59.0265 6068 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys12:46:59.0406 6068 Pcmcia - ok12:46:59.0500 6068 PDCOMP - ok12:46:59.0531 6068 PDFRAME - ok12:46:59.0625 6068 PDRELI - ok12:46:59.0656 6068 PDRFRAME - ok12:46:59.0703 6068 perc2 - ok12:46:59.0734 6068 perc2hib - ok12:47:00.0046 6068 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys12:47:00.0187 6068 PptpMiniport - ok12:47:00.0406 6068 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys12:47:00.0562 6068 PSched - ok12:47:00.0687 6068 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys12:47:00.0828 6068 Ptilink - ok12:47:00.0968 6068 ql1080 - ok12:47:01.0031 6068 Ql10wnt - ok12:47:01.0078 6068 ql12160 - ok12:47:01.0125 6068 ql1240 - ok12:47:01.0171 6068 ql1280 - ok12:47:01.0296 6068 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys12:47:01.0421 6068 RasAcd - ok12:47:01.0531 6068 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys12:47:01.0656 6068 Rasl2tp - ok12:47:01.0750 6068 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys12:47:01.0890 6068 RasPppoe - ok12:47:01.0968 6068 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys12:47:02.0125 6068 Raspti - ok12:47:02.0234 6068 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys12:47:02.0359 6068 Rdbss - ok12:47:02.0453 6068 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys12:47:02.0578 6068 RDPCDD - ok12:47:02.0687 6068 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys12:47:02.0828 6068 rdpdr - ok12:47:02.0937 6068 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys12:47:02.0984 6068 RDPWD - ok12:47:03.0093 6068 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys12:47:03.0234 6068 redbook - ok12:47:04.0062 6068 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys12:47:04.0218 6068 Secdrv - ok12:47:04.0328 6068 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys12:47:04.0453 6068 serenum - ok12:47:04.0531 6068 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys12:47:04.0671 6068 Serial - ok12:47:04.0890 6068 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys12:47:05.0031 6068 Sfloppy - ok12:47:05.0250 6068 Simbad - ok12:47:05.0437 6068 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys12:47:05.0562 6068 SLIP - ok12:47:05.0765 6068 smwdm (fa3368a7039f5abaa4b933703ac34763) C:\WINDOWS\system32\drivers\smwdm.sys12:47:05.0812 6068 smwdm - ok12:47:05.0968 6068 Sparrow - ok12:47:06.0062 6068 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys12:47:06.0187 6068 splitter - ok12:47:06.0437 6068 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys12:47:06.0562 6068 sr - ok12:47:06.0718 6068 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys12:47:06.0765 6068 Srv - ok12:47:07.0093 6068 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys12:47:07.0234 6068 streamip - ok12:47:07.0421 6068 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys12:47:07.0546 6068 swenum - ok12:47:07.0640 6068 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys12:47:07.0765 6068 swmidi - ok12:47:07.0890 6068 symc810 - ok12:47:07.0937 6068 symc8xx - ok12:47:08.0015 6068 sym_hi - ok12:47:08.0062 6068 sym_u3 - ok12:47:08.0125 6068 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys12:47:08.0250 6068 sysaudio - ok12:47:08.0453 6068 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys12:47:08.0515 6068 Tcpip - ok12:47:08.0640 6068 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys12:47:08.0781 6068 TDPIPE - ok12:47:08.0875 6068 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys12:47:09.0000 6068 TDTCP - ok12:47:09.0109 6068 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys12:47:09.0234 6068 TermDD - ok12:47:09.0531 6068 tmcfw (8d1900669f830178e60aca8b89f20ad4) C:\WINDOWS\system32\DRIVERS\TM_CFW.sys12:47:09.0546 6068 tmcfw - ok12:47:09.0640 6068 tmcomm (eb2283c0a4dfbd2e53d14f2c4d5a1e89) C:\WINDOWS\system32\drivers\tmcomm.sys12:47:09.0656 6068 tmcomm - ok12:47:09.0750 6068 TmFilter (717e406972bbc07f8fb2a989416cab73) C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys12:47:09.0781 6068 TmFilter - ok12:47:09.0890 6068 TmPreFilter (379c4f99994a56b66e11d1e32bb22a1c) C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys12:47:09.0906 6068 TmPreFilter - ok12:47:10.0000 6068 TosIde - ok12:47:10.0296 6068 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys12:47:10.0437 6068 Udfs - ok12:47:10.0562 6068 ultra - ok12:47:10.0640 6068 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys12:47:10.0796 6068 Update - ok12:47:11.0000 6068 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys12:47:11.0140 6068 usbccgp - ok12:47:11.0265 6068 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys12:47:11.0390 6068 usbehci - ok12:47:11.0484 6068 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys12:47:11.0625 6068 usbhub - ok12:47:11.0718 6068 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys12:47:11.0859 6068 usbprint - ok12:47:11.0984 6068 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS12:47:12.0109 6068 USBSTOR - ok12:47:12.0218 6068 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys12:47:12.0343 6068 usbuhci - ok12:47:12.0484 6068 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys12:47:12.0609 6068 usb_rndisx - ok12:47:12.0859 6068 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys12:47:13.0000 6068 VgaSave - ok12:47:13.0109 6068 ViaIde - ok12:47:13.0250 6068 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys12:47:13.0375 6068 VolSnap - ok12:47:13.0546 6068 VSApiNt (642eb152cb980ad9181b2161066be629) C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys12:47:13.0609 6068 VSApiNt - ok12:47:13.0875 6068 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys12:47:14.0000 6068 Wanarp - ok12:47:14.0234 6068 Wdf01000 (4769596d7cc0f5fa447d2babc239672a) C:\WINDOWS\system32\Drivers\wdf01000.sys12:47:14.0265 6068 Wdf01000 - ok12:47:14.0328 6068 WDICA - ok12:47:14.0406 6068 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys12:47:14.0546 6068 wdmaud - ok12:47:15.0078 6068 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys12:47:15.0187 6068 WmiAcpi - ok12:47:15.0500 6068 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS12:47:15.0625 6068 WSTCODEC - ok12:47:15.0750 6068 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys12:47:15.0796 6068 WudfPf - ok12:47:15.0890 6068 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys12:47:15.0921 6068 WudfRd - ok12:47:16.0468 6068 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR012:47:16.0640 6068 \Device\Harddisk0\DR0 - ok12:47:16.0640 6068 Boot (0x1200) (0554a279fb3046843f87e9234e1014a7) \Device\Harddisk0\DR0\Partition012:47:16.0640 6068 \Device\Harddisk0\DR0\Partition0 - ok12:47:16.0656 6068 ============================================================12:47:16.0656 6068 Scan finished12:47:16.0656 6068 ============================================================12:47:16.0671 6020 Detected object count: 1712:47:16.0671 6020 Actual detected object count: 1712:48:44.0718 6020 dgapimon ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0718 6020 dgapimon ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0718 6020 dgbusmon ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0718 6020 dgbusmon ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0718 6020 dgcotman ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0718 6020 dgcotman ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0718 6020 DGDmk ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 DGDmk ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0734 6020 DgDmkDisk ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 DgDmkDisk ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0734 6020 DGDT ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 DGDT ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0734 6020 DGFILTR ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 DGFILTR ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0734 6020 DGFS ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 DGFS ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0734 6020 dgfsmon ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 dgfsmon ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0734 6020 dgkpmail ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 dgkpmail ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0734 6020 DGLFS ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 DGLFS ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0734 6020 DGMASTER ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 DGMASTER ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0734 6020 DGREC ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 DGREC ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0734 6020 dgrule ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0734 6020 dgrule ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0750 6020 dgtdimon ( HiddenService.Multi.Generic ) - skipped by user12:48:44.0750 6020 dgtdimon ( HiddenService.Multi.Generic ) - User select action: Skip12:48:44.0750 6020 FTRUSB ( UnsignedFile.Multi.Generic ) - skipped by user12:48:44.0750 6020 FTRUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip12:48:44.0750 6020 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user12:48:44.0750 6020 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip12:48:53.0234 3696 Deinitialize success Link to post Share on other sites More sharing options...
MrCharlie Posted February 25, 2012 ID:530466 Share Posted February 25, 2012 Please download and run ComboFix.The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.Please visit this webpage for download links, and instructions for running ComboFixhttp://www.bleepingc...to-use-combofixEnsure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.Make sure you run ComboFix from your desktop. Please include the C:\ComboFix.txt in your next reply for further review.MrC Link to post Share on other sites More sharing options...
sol7789 Posted February 25, 2012 Author ID:530484 Share Posted February 25, 2012 ComboFix 12-02-25.01 - Administrator 02/25/2012 14:26:07.1.1 - x86Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.198 [GMT -5:00]Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exeAV: Trend Micro OfficeScan Antivirus *Disabled/Outdated* {D5676B8F-DAF6-4ECC-9766-1F2FAF02629C}FW: Trend Micro Personal Firewall *Disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6}..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\program files\DGAgent\plugins\09D849B6-32D3-4A40-85EE-6B84BA29E35B\ame_outlooksensor.dllc:\program files\DGAgent\plugins\09D849B6-32D3-4A40-85EE-6B84BA29E35B\ame_smtpsensor.dllc:\program files\DGAgent\plugins\8E4EA70A-6128-4B57-BD3F-8E9E0F0DA6BB\os_plugin.dllc:\windows\$NtUninstallKB48274$\386094190\@c:\windows\$NtUninstallKB48274$\386094190\L\pelbytiyc:\windows\$NtUninstallKB48274$\386094190\loader.tlbc:\windows\$NtUninstallKB48274$\386094190\U\@00000001c:\windows\$NtUninstallKB48274$\386094190\U\@000000c0c:\windows\$NtUninstallKB48274$\386094190\U\@000000cbc:\windows\$NtUninstallKB48274$\386094190\U\@000000cfc:\windows\$NtUninstallKB48274$\386094190\U\@80000000c:\windows\$NtUninstallKB48274$\386094190\U\@800000c0c:\windows\$NtUninstallKB48274$\386094190\U\@800000cbc:\windows\$NtUninstallKB48274$\386094190\U\@800000cfc:\windows\$NtUninstallKB48274$\618235046c:\windows\system32\SET12D.tmpc:\windows\system32\SET131.tmpc:\windows\system32\SET139.tmpc:\windows\unwise32.exec:\windows\$NtUninstallKB48274$ . . . . Failed to delete..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Legacy_DGMASTER-------\Legacy_USNJSVC-------\Service_DGMASTER-------\Service_usnjsvc..((((((((((((((((((((((((( Files Created from 2012-01-25 to 2012-02-25 )))))))))))))))))))))))))))))))..2012-02-23 19:52 . 2012-02-25 13:35 102400 ----a-w- c:\windows\RegBootClean.exe2012-02-23 19:48 . 2012-02-23 19:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes2012-02-23 19:48 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys2012-02-23 19:46 . 2012-02-23 19:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes2012-02-23 18:35 . 2012-02-23 18:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Search2012-02-23 18:33 . 2012-02-23 18:35 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory2012-02-23 15:09 . 2012-02-23 21:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe2012-02-23 15:06 . 2012-02-23 15:06 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities2012-02-22 18:57 . 2012-02-25 17:41 11264 ----a-w- c:\windows\DCEBoot.exe2012-02-21 20:52 . 2012-02-25 16:44 0 --sha-w- c:\windows\system32\dds_log_trash.cmd2012-02-21 20:48 . 2012-02-21 20:48 -------- d-sh--w- c:\documents and settings\Administrator\Local Settings\Application Data\1703546e2012-02-21 20:48 . 2012-02-21 20:48 25600 ----a-w- c:\windows\system32\OfpivkEbwagv.dll2012-02-18 20:46 . 2012-02-18 22:29 -------- d-----w- c:\program files\Acro Software2012-02-14 12:53 . 2012-02-14 12:53 -------- d-----w- c:\windows\Sun2012-02-09 14:34 . 2012-02-09 14:34 -------- d-----w- C:\Copy of HP_P2055_default_install_v6.1_ww...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-02-09 14:39 . 2012-02-09 14:39 65421473 ----a-w- C:\Copy of HP_P2055_default_install_v6.zip2011-12-21 18:56 . 2011-03-23 22:01 33638 ----a-w- c:\windows\system32\PDFCAWW6xxSM_Uninstall.exe2011-12-17 18:52 . 2011-12-17 18:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"OfficeScanNT Monitor"="c:\program files\Trend Micro\OfficeScan Client\pccntmon.exe" [2007-09-07 710000]"DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 69632]"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-19 155648]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-19 126976]"Persistence"="c:\windows\system32\igfxpers.exe" [2006-08-14 94208]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]"StatusClient"="c:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712].c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904].[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128].[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, OfpivkEbwagv.dll.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGAPIMon.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGBUSMon.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DgDmk.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGDT.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGFS.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGFSMon.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGKPMail.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGLFS.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGRule.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGService]@="Service".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProtectedStorage]@="Service".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnkbackup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnkStartup.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]2012-01-02 15:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]2012-01-04 03:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]2003-03-31 22:28 155648 -c--a-w- c:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]"DisableMonitoring"=dword:00000001.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0).[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"="c:\\Documents and Settings\\Administrator\\My Documents\\tri\\firefox.exe"="c:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe"="c:\\Documents and Settings\\Administrator\\My Documents\\tri\\Malwarebytes' Anti-Malware\\mbam.exe"=.R0 dgbusmon;DGBusMon;c:\windows\system32\drivers\DGBUSMon.sys [9/23/2010 4:46 PM 73928]R0 dgtdimon;DGTDIMon;c:\windows\system32\drivers\DGTDIMon.sys [9/23/2010 4:46 PM 57672]R2 DGService;Usage History Monitor;c:\program files\DGAgent\DgService.exe [9/23/2010 4:46 PM 412232]R2 TmFilter;Trend Micro Filter;c:\program files\Trend Micro\OfficeScan Client\tmxpflt.sys [9/6/2006 8:27 PM 262416]R2 TmPreFilter;Trend Micro PreFilter;c:\program files\Trend Micro\OfficeScan Client\tmpreflt.sys [9/6/2006 8:27 PM 36624]R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [11/5/2004 4:05 PM 307984]R3 TmPfw;OfficeScan NT Firewall;c:\program files\Trend Micro\OfficeScan Client\TmPfw.exe [5/18/2009 2:42 PM 943696]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe --> c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [?]S3 DCamUSBVeo532;Veo Stingray/Connect Web Camera;c:\windows\system32\drivers\ubVeo532.sys [7/1/2002 5:30 PM 95232]S3 dgapimon;DGAPIMon;c:\windows\system32\drivers\DGAPIMon.sys [9/23/2010 4:46 PM 160456]S3 DGDmk;DGDmk;c:\windows\system32\drivers\dgdmk.sys [9/23/2010 4:44 PM 381768]S3 DgDmkDisk;DgDmkDisk;c:\windows\system32\drivers\DgDmkDisk.sys [9/23/2010 4:45 PM 13640]S3 DGDT;DGDT;c:\windows\system32\drivers\dgdt.sys [9/23/2010 4:45 PM 175560]S3 DGFILTR;DGFILTR;c:\windows\system32\Drivers\DgFiltr.sys --> c:\windows\system32\Drivers\DgFiltr.sys [?]S3 DGFS;DGFS;c:\windows\system32\drivers\dgfs.sys [9/23/2010 4:44 PM 128200]S3 dgfsmon;DGFSMon;c:\windows\system32\drivers\dgfsmon.sys [9/23/2010 4:46 PM 124744]S3 dgkpmail;DGKPMail;c:\windows\system32\drivers\DGKPMail.sys [9/23/2010 4:45 PM 50888]S3 DGLFS;DGLFS;c:\windows\system32\drivers\dglfs.sys [9/23/2010 4:44 PM 191176]S3 DGREC;DGREC;c:\windows\system32\Drivers\DgRec.sys --> c:\windows\system32\Drivers\DgRec.sys [?]S3 dgrule;DGRule;c:\windows\system32\drivers\DGRule.sys [9/23/2010 4:44 PM 129480]S3 DGScan;Usage History Scanning Service;c:\program files\DGAgent\DgScan.exe [9/23/2010 4:46 PM 567880]S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys --> c:\windows\system32\DRIVERS\easytthr.sys [?]S3 FTRUSB;Futronic USB Fingerprint Scanner Device;c:\windows\system32\drivers\FTRUSB.sys [12/7/2005 7:05 AM 16256]S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [12/12/2011 3:03 PM 24576]S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [6/22/2010 6:01 PM 21248]S3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [1/28/2008 3:15 PM 36608]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 10:15 AM 31125880]S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2/28/2006 7:00 AM 14336]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]S4 dgcotman;dgcotman;c:\windows\system32\drivers\DGCotMan.sys [9/23/2010 4:45 PM 136008].--- Other Services/Drivers In Memory ---.*NewlyCreated* - WS2IFSL.[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12WINRM REG_MULTI_SZ WINRM.NETSVCS REQUIRES REPAIRS - current entries shown6to4AppMgmtAudioSrvBrowserCryptSvcDMServerDHCPERSvcEventSystemFastUserSwitchingCompatibilityHidServIasIpripIrmonLanmanServerLanmanWorkstationMessengerNetmanNlaNtmssvcNWCWorkstationNwsapagentRasautothpsrvaksusbdbustrcmvaiomediaplatform-mobile-gatewaymmc_2KwampmysqldwinmtsrvzdeviceserviceWmXlCorecercsr6ssdiagnwandrvNVXBARathrsbiesvccpucoolservermaxbackserviceintaswupdsvxusb21s125mdflqcdonnersp_clamsrvstylexphelperoracle_load_balancer_60_server-forms6ip14irmoncpqvcagentprotexislicensingLVPrcMonpdlncbasspcstbCdaC15BASQLAgent$MICROSOFTBCMageresoftmodemhpzid412pavfnsvrTuneUp.DefragUSBModemnetsvcec2007serviceJukeboxsnpstd2RadProbeptbsyncFETNDISsvcwmuSE2Ebuslogmeinpae_1394igfxabnetmonithsgtibmcicstransactiongatewayIJPLMSVCmstdceSettingsServicevmount2oracleorahometnslistenermstdfrgsibmasrexswupdtmrtifmcentennialiptransferagentahcix86srfcommwintab32atkdisplfGcKernelDLH5Xlvpr2mons217obexprocddVHidMinidrvpcx1nd5LPCFilteradmserviceqbfcservicectxhttpnvsmuusbvideowanusbvgaegathdrvnvmdMaxtorFrontPanel1lvhidsvcccpwdsvcaexnsclientpmj151lalivesrvNetwareWorkstationactserPXRDDriverCTMFLTnpkcmsvcZSMC303TPPWRIFscanexplicitlanusbbackupexecjobengineDM9102USB_NDIS_51sgectlpxhelp20MA8032UproxyhostdriveravipbbLPDSVCDKbFltrclr_optimization_v2.0.50215_32w300mdmsmbiosMREMP50a64blueletscoaudiodriverhardwarev2mcdbusthkeysbgs_sdserviceplsremotesvcsnareOEM02VfxSNTIEissmps2bcm43xxNWSNSoracleformsserver-forms60server-oraformsfrem01cdudf_xpco_monwap3gxwebsenseclientdeployserviceeuq_monitorCTEDSPSY.DLLCTAUDFX.DLLV0070VIDse58nd5smrtcailicmpci{95808DC4-FA4A-4c74-92FE-5B863F82066B}RalinkRegistryWritersleepypatrol_schedulerHSX_DPcmuda3SPLITCAMdsunidrvusb20ls217mgmtslavePhilCam8116BootScreendiskperfJGOGORR2CtrlPQNTDrvs616obexw810obexservidorWISTechVIDCAPAEADIFiltersmediamaxxlservicerimmptskAVerBDAsqlagent$soshome22cxlptp17iaimtv2PhilCam8116_XPPD0620VIDepsonstatusagent2AMDPCIevtengcommserverpfmodntpivotmourupsdNMSCFGprfldsvcdlcg_deviceoracleorahomeclientcachecdr4_xps3ssavageLXARScanmcstrmwinvncbtwaudion558ma_cmidi_installerserviceHWIONTovmsmaccessmanageroracleorahomehttpserverrp_fwsPAC7302bthservsvcwrsssdkvaiomediaplatform-integratedserver-appserverAIRPLUSSiSGbeXPtfsnopioU81xmdmAPLMp50getPlusHelperwlancfgnsm1busslimsvcexfats125mdmacsvcpdlnecfgnimcdfxkse2Cnd5ALYac_PZSrvNWFILTEROsaFsLocmvwebserverStarOpens616nd5amdk8netcfgsvrCdaD10BAuscbs108sifiltervrmonsvccics.region1qbreminderflashsoftfaxcaptureserviceAFGMp50symmpivusbbusKS0108ac97intcUWProSysvmauthdserviceSunkFiltflashcomadminhsf_msftwebsenserealtimeanalyzerWUSB54Gv4SVCNWDNSspsslmAffinegyServicedeltafwvetebootXyz777bmgabgexeslabseremclisrviaimfp0minilogbthidmgrTryAndDecideServiceeabfiltr3combootpCTDevice_SrvilicensesvcSGIRservicemgrcm102u32fcprintservicecusrvczumbuselservicetfsnifsMpFilterbtdriverccevtmgrErrDevPGPwdedpdlnctdlincdfsnim32SE2Dbusse2Eunicireikepcx1unicUSB11LDRUSBMN1X1alertservicemsfwsvcvet-recami0ntrppktgagp30kxtiumfwlwinpppoverethernetdlbx_deviceWSIMDpnkbstrkmwlsvc{a7447300-8075-4b0d-83f1-3d75c8ebc623}GMSIPCIanbmservicelogonsvcidhdaudaddservicembrn3900smservauthSMCB000CamAvmcproxyCX23880NICMhf30serviceslpmonxpilogsrvrtl8139PBADRVctprxy2kraidmagtVRcoredb2remotecmdSE2CmdflaswtdiquickbooksdbndiscmcebdaldrpelmouseqbposdbservicesgrmnusbctusfsynWinHttpAutoProxySvcprodrv06SE2CobexiAimFP6FirePMntchargeoutpostfirewallELacpihpqwmiexaniwzcsdservicetmxpfltwinproxyscreadspoolz525mdflsffdiskzpcollectornod32krnoraclewebassistantsysplantanydvdSMTPSVCInvokermsmpsvcavcgbflPTDCMdmrvsinstpav_securitympfpvcloneNETGEAR_MA111wpsdrvntspmgrwlankeeperha20x2ksbcssvcp2ksomashuttleenginesmservazbt3csernmcmudahprfdevvpn5000servicedm1serviceMagicTunetpkmpsvcWmVirHidET5DrvacshsvcmodbdselfprSE26mdmrichvideolxcf_devicepdlndldlcpuidlepUDFReadrSWNC8U51lvpopfltemu10k1dlaudfamDcLpspinnacleupdatesvciPassPziptoawebsensecamserverSrvcSSIOMngrTuneUp.ProgramStatisticsSvcpenclassissuserSGHIDIcwafnotesservicebtwmodemzpscbtwrchidnidomainservicezunenetworksvclckfldserviceBrScnUsbNxNetMonSbieDrvUSBCameradcstor32dnsexitrcaumwdfEvianGV600_4w550mdmGBFSHooksrvdpiati2mtagsffp_sdCVirtAMxlW2kw200mdmNWSIPX32adsexpbmssql$sqlexpresswebsensewfreportserverCnxtHdAudServicerimvserportpdlnacomMREMP50USB28xxBGAwg5nSE26busSaiU040Bsp_rssrvdjsnetcnpdlncfwkbtcsrusbobvioustmesrv3ss_mdmsnmptrapdserviceC-DillavulfntrsvhidminispbbcsvcFreedomatalkbthusbse44mdflstatusagent4mod7700pavsrvprohlp02purendispalmusbdmfeavfkalcxsenss125mgmtLCcfltrRR2MjpegstllssvrSiS300ialiadwdmgdrvageremodemaudiosskbfdrelationalAlpham2OneCareMPMA-620pavagenteavgcleansonicatheaterinstallerserviceiAimTV5win32slse44nd5ASMMAPs7oppitxbackupexecnamingservices716bustoshidptlyncusbservMegaSRW2acehidARCSOFTVIRTUALCAPTUREDniVadpuscsrvcZSMC301badaptecstoragemanageragentBlueSoleilCSlxce_deviceATKGFNEXSrvyukonwlhF700iswlgsnd_filterse59mgmtcq_memNEOFLTR_600_13319w800mgmtzebrsceadvserviceaeclienthostservicesnareiisbgsvcgenavinitntsisagpcimnotifyhpciadmjoyCam5603Ccics.region2w810mdmclisvcs117obexMaVctrlinotaskSWNC8U20p2pgasvcse59obexsteamdvrWLAN_USBnHancerUlSatakeymaestropatrolagentatfsdCYGF32XMA_CMIDIvncmirrorsfhlp01atmeltpmeelsserviceICAM5USBiaimtv3elbycdiovzfwPTproctASNDIS5rkhdrv31p1110vidalim1541SDdriveribmsmbusdb2das00array_utility_service4,0,1,3lxct_devicertmYahooAUServicemclogmanagerserviceSecureStorageServiceSTV680qkbfiltravpw550mgmts716unicvmx86mfesmfkIPSECSHMaswlsvcCSRBCntsecureRawwansmstsmgrL6PODEMSCRgmernmserviceWbuttons117unicaclientantivirserviceroxwatchincdrecLVCap138SABProcEnumhoudinilicenseserverTUWinStylerThemeSvcspupdsvcipassconnectenginev2imountovsecurityserverFTSER2KMQACP17xfisymfwvmodemsnoopfreezebrcebmonfiltCTAudSvcServiceumxfwhlpadminserveraxsnmsvcpcctlcomltxredroxwatch9speedfanatinrvxxmctskshd.exeipsecmonAeLookupSvcpwd_2Ksfng32kbfiltrmcmscsvcRR2IOModntpr_nic_service2s125busdot4ufdCAMCHALAaddfiltrnvenetfdoracle%oracle_home_service%clientcache80SMNDIS5roxupnpservertvtpktfilterSQLAgent$LG_LP2de_servpmshellsrvvtserverctsfm2knvedavtuagp35vcommmssqlserveracrsch2svcinorpcfirelm01tphkdrvslee_81_servicedf5serventechrassstpPctspkw810mgmtCXTUNEMR97310_USB_DUAL_CAMERADMICallpinetmgrutilmanSE27mdmnpapimondvd43llhdefragfsivschedulerss_busghoststartserviceosaiocacheserverrvsccwebrootenterpriseclientserviceelbycdflcvslockvproeventmonitorse59unicsuserviceE1000eloggersvc6pavprsrvoracleorahome90agentgv3autostorewinachsxmarvinbusPAR1284XAudiogoogledesktopmanagereelogsvcPSSdk21fsbwsysUBHelperswmsfltOracleOraHome92ClientCachesit_mdms616busUSBDeviceServiceUPATCnimxdfkcrystaloutputfileserverALABULKsis315ntuneservicese59bustng-dtmgtsmserviceepstnt01awhost32se58mdmEpfwndissurveyorwg6nbobooraclesnmppeermasteragentLHidFiltsfusvcsavrtHWSCtrlISAMSvcESMCRvet-filtmhnAN983jukebox3HidBthni_nicdb2governorhpqcxs08slabbusmfeapfkaolserviceWaveFDEStkAMiniincdsrvcdvpQWAVEtfsncofstcpip6stacsvszservermsi_wlan_servicensm1serdDell1100_FUServiceROOTUSBiksyssectaphssdlbt_deviceATMsgwmp54gssvcDfsUSBCCIDsr_watchdogDefrag32ssfs0509ROB_Az525obexbtwusbbc_ngnsonypvs1se44obexSfCtlComisamsmtEU3_USBstac97InterBaseServerKtpwindrvNTfingrd32NWUSBPortcatchmeg400macformatservicePSDFilterSE2Dmdmtpkdrnadiagnosticsservicemxserveravg7rswU2SPdsncservicenoipducservicetimounterroxmediadb9icam4usbtrioserviceneokdssABVPN2KvpnvaCcmExecLMSXUIFlxbt_deviceusbsermptparallelpsdistributionagenttfsnpoolnwrdrcrcdisk3dkeybdodysseyIM4atchksrvamfilterlxrjd31sfgdxbuselaunidrPDExchangepoint32cltnetcnservicew200mdflbltrustMRENDIS5DCamUSBSQTECHmssql$microsoftbcms616mdflW700mdmdrvnddmSiS7018rspndrodysseyIM3S3GIGPMSICPLaaksrvaegispmhndrvenodplGameConsoleServicebc_ip_fHPFECP20sonicstagemonitoringlmab_deviceSISNICXPMXOFXCoachAudsony_ssm.sysmgabgU81xmgmtma763004SECYPUSBappnnodecpqdfwicepackbackupexecrpcserviceGoProtoDynDNS_Updater_ServiceibmfilterispwdsvcUSBVCDnicconfigsvcbelgium_id_card_serviceSaiClasswinpowermanageruploadmgropenldap-slapdavfilters3twistrnmwcdcnmindexingserviceTablet2ksfcure01niorbknv4wfxsvcs117busCTSYNlvupdtiospcsutilityserviceovepstatusengineomniusbctxcpubalkserviceamonccispwdsvcMRV6X32PrpcnetlockmgrbthportmozybackupSymIMmwsejcapnetrcacmihcserviceSE2Emdflaswmon2k750obexCVPNDati2mtaaWINUSBzpjobqmpfserviceadobeactivefilemonitor5.0ngservermotmodemoracle_load_balancer_60_server-forms6iICAM3NT5fireportbcftdibc_filterZuneWlanCfgSvcUim_IMfaxidrivertMRESP50arp1394generichidservicevpcvmmasctrmSQLBrowsertmesbs32diskeeperbvrp_pciezplaylusbaudiotosrfndsIFP700wwsecsvcMobilityServiceknobservwmccdslsomnidrvnavapsvcFlexBiosimountsrvsysmgmthpagrsrvcesi3114rs3savagenbse44mdmavsincichaudiolo_srvtvichw32TMKEmuIntelC53smartlinkserviceportmappergovsrvdeventagentcs429xpktfilterWmaCDriverV32smartwiservicePCDCODECadiloadersisnicaksfridgeoraclesnmppeerencapsulatoriAimFP5ngdbservpdlnebasinfrastructureTdmServicestylexpserviceTestHandlermerakcontrolaolavupdstcagentavgtdiLVBulkPcatipdb2licdADIDTSFiltServiceSNCftsata2atkkeyboardservicewwnetddeacprfmgrsvclicensemirrorv3dsNcAdptse44busfreepopsrt2870arcltsrvSenFiltServicepdfcreatormessagesEMCFILTdnetcmrvw245s716mdfldatunidrwpshelpermvdcodecalertmanagermbackmonitorStreamDispatchervstor2aic116xpinnaclemarvinusbbdpredirk750mdmAmeLanPcbc_pat_fMcciCMServicertl8023hmonitorAKSIFDHpersonalsecuredriveservicefilterserviceSE2BbusviagfxnmwcdO2SCBUStosportese45unicUimBusse59nd5avcgbdrTSHWMDTCPmysqlinventimemozyFilterraysatxsi5_0server{85ccb53b-23d8-4e73-b1b7-9ddb71827d9b}netw4x32DCamUSBDXGTechemAudiopinnaclesys.mediaservertosrfecimagedrvnpkcsvcFET5X86VNPDriversyslogdAtlsAudRR2Vbimqdmmdmiaimtv4TMHIDSRVjconfigdw800busvaiomediaplatform-musicserver-appserverHssTrayServiceflashpntUSB28xxOEMSQLAgent$MICROSOFTSMLBIZHpqRemHiddvd-ram_serviceW55U01smartscapsbeatjammusicstreamingserverwebdriveservicekbdhidfsRamDskssrvcUSB_RNDISeventclientmultiplexerretrolauncherAVRecclnt_clientmaniaimtv1psaddCDRPDACCStkASSrvnvataufad-ws60tgsrvc_smartagentoracleorahomepagingserverPNRPSvctphdexlgsvctdsmapiepson_pm_rpcv2_02CoachUsblsdiorwBrUsbSerkonfigss_mdflASLDRServiceMSMQTriggersA88xEncifp800centennialclientagentvwkernele1000jobserver_reporttransarcafsdaemonbtarcmi-raysat_3dsMax2008_32wuolservicedlaboiomUVCFTRhttps-admserv61MailServiceEntDrv51se2BunicHabuFltrms_mpu401iaimfp2curtainssyssvcgenmcmnhcf_msftntsyslogwencrserviceEPSON_EB_RPCV4_01npkcusbthinkpadmodemserviceUSR1806Vmldservavgemsfixw810busx10netss116unicst330servicepwkntmonScanUSBEMPIASNDO763WGXRMSvcyats32nmwcdcjSRS_SSCFilterNWDHCPsdcplhofcpfwsvctifm21midisynser2plmsSntnlusbpcaNCPronpkcryptwg4nSE2DmdflliveupdateqbposdbextservicesSQTECH905CiolodmvATKFUSServiceQPCapSvcMachnm32Udfreadr_xpdigictrlbtkrnlSE2BmgmtELmonolregcapnuvvid2MTsensord-link_st3402usnsvcnvupsmonservicedmprimericlarityqosserviceAsDsmedspportnsvcipcmdmonVAIOMediaPlatform-MusicServer-HTTPctdvda2kirbusventuri2asusgsbaxsakiWscNetDrlvtunerAsuhfivrOomsadNOWMEMDFfilemon701nmwcdcmSaiNtBusGTWModemAVWLP_USBmks_scantng-dobaFTDIBUSSeaPortnvrd32s217nd5DSDrv4EACSysftpdszpjavatwdnstiwlnsvcmegamonitorsrvsagefserverbhmonitorservicemsgsrvservicelktimesyncU81xmdflsprtsvc_smartagentzmxpzipentertainmentroxliveshare9oracledbconsoleorclcachemgrinortpnkbstrahibernationz525mgmtRIOUNIVwinpowermonitorkerbkeyntiopnpNxSysMonFsVgaelosystemservicevsmonUpdateCenterServiceWmFiltercavasmsymredrvMS1000TIEHDUSBWUSB54GCSVCregmanservtoneshpqddsvccrystalinputfileserversymantecantibotwatcherVMAUDIOcom4qlbrt73AirgoBRCMDECOdlabmfsmtvtnetwkwebsenseuserserviceGoogleDesktopManager-010708-104812se59mdmcidaemonUsbDiagNeroMediaHomeService.4dsproctdeckzpsxvrfwsvcdlaudf_mcsctl50mgactrlF700iobrpaservicerazerusbbantextds1mscsptisrvpxfhserdiaimfp1tbhsdrootmodemmssqlserverolapservicepingerwhoisd32BCM42RLYissvcRIOXDRVrbfilteraslm75pav_serviceclcapsvcNWUSBModems217unicCnxTrLanpdschedulerpccsmcfdDcFpointtmactmonhidusbDFUBTUSBwebsenseusagemonitor{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}wastfsndrctX10UIFregmon701CTHWIUT.DLLAppnbdssnv_agpsdbustosrfbnpppmouclsELhidwinpowerrmiwebfilteracedrv07cmdagentbuslogicSE2Emdmremotelyanywheredwusbdntnvnforcesymidscoautomate5aswrdrtoddsrvSE2DobextapvpnissimonphnxvcdserviceWmHidLoRESMGRXilinxPC4DriverawlegacynetdeviotosrfbdInterBaseGuardianDN2AKNETtdcmdpstz800mdflgenregistrarlxdm_deviceSlNtHalSi3132nmsaccesspmemfetnd5bvwinssSE27mdflM3ADDMUSBUSBDCamdcfssvctavsvcZY202_XPxaudioserviceLwUsbHidcxusbPacketoracleorahomemanagementserverStkScanKMW_KBDsit_fltfuj02b1fallbackatimpabcachemanxpSus2plhotspotshieldservicevnxserviceepsonbidirectionalserviceusbscancitrixwmiserviceNETMDUSBamdagpmapserver6.3adobeactivefilemonitor4.0uhcdmouhidtrufosMSW_USBsscdmdflcqmgservs116busSaiNtSubeaps2kbdSRTSPviaagpslee_503_servicedmisrvprosync1USBAAPLventriloSQTECH9080tfsnudfase2Cuniccwbrxds24transhdthermalWavxDMgrWNCPKTmcontrolvetfddntwebupdateeectrls716nd5btwdndiscpntsrvlicensemanagersocketFireTDIsshrmdPTDCVspbackuplauncherikfilesecbtfirstBUFADPTkraidsvcprism_a02nwdlsati2mpaaalcaudslpclepcicwafeventrouterUSBDonglebglivesvcnvlddmkmcfgwzsvcvmnetdhcpkpfwsvcsdhelperretrowdsvcid2scapsacdpowerserviceMSSQL$AUTODESKVAULTsymdnsATMsrvcvetefileidisw2kmnicser_wmp11srtspxadpu320pdlnepktautocompleteagp440IWCAoracleorahome92pagingserverthotkeyiksysfltDCFS2KHFACSVCarrayssl_vpn_service3,0,1,9MSIRCOMMfasttx2kBsHelpCSDNEaxinstsvhsf_dpopcenumctxcpuschedmfcommssql$microsoftsmlbizmqdmbusNTSIMupnpnvrd64WUSB54GPV4SRVMA8032McwafrmiregistryCardexw200mgmtbwcsrviomegaaccessAVCSTRMsscdbhk5tosrfusbse44mgmtDeviceScannerHssSrvslssvcGernuwaDevUppercccredmgra016busxfiltinspects616mdmbtaudioBLKWGU(Belkin)odclientservicese58busSetupNTcqmghostnmapdigitizermsgameUSIUDFW700obexpxfhmdmmsk80serviceRecAgentshdservShockprfwebrootcommagentservicecompbattSprintRcAppSvcVAIOMediaPlatform-VideoServer-UPnPShockMgrs24eventmonitorClntMgmt.sysipssvcIntels51GBDevicepacsptisvrartourserviceclmtomcatstartersvcstunneldvpapiLUsbKbdSi3132r5dcpflicsDCamUSBMkeSQLWriterNITaggerServiceRTLE8023xpVrAcFilctljystkcmbattgtndis5xnaccmcpRasmanRemoteaccessScheduleSeclogonSENSSharedaccessSRServiceTapisrvThemesTrkWksW32TimeWZCSVCWmiWmdmPmSpwinmgmtwscsvcxmlprovBITSwuauservShellHWDetectionhelpsvcWmdmPmSNnapagenthkmsvc.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs...------- Supplementary Scan -------.uStart Page = https://www.prometric.com/Network/Login.aspuInternet Settings,ProxyOverride = <local>IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105Trusted Zone: 2test.comTrusted Zone: 2test.com\wwwTrusted Zone: prometric.com\ehelpTrusted Zone: prometric.com\polarisTrusted Zone: prometric.com\pulseTrusted Zone: prometric.com\wwwTrusted Zone: prometric.com\www.polarisTrusted Zone: yahoo.comTrusted Zone: microsoft.comTrusted Zone: prometric.comTrusted Zone: webex.comTCP: DhcpNameServer = 74.238.59.137TCP: Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6}: NameServer = 172.16.9.5TCP: Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC}: NameServer = 172.16.9.5TCP: Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35}: NameServer = 172.16.9.5TCP: Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772}: NameServer = 172.16.9.5TCP: Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C}: NameServer = 172.16.9.5TCP: Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358}: NameServer = 172.16.9.5Handler: RS - {DE475C95-5280-11D4-A475-0090278A19C8} - c:\utdsys\POLESS.dllFF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zg9mnrzg.default\.- - - - ORPHANS REMOVED - - - -.WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)HKLM-Run-HPLJ Config - c:\program files\Hewlett-Packard\hp LaserJet 1150_1300\SetConfig.exeSafeBoot-DGMaster.sysMSConfigStartUp-HTC Sync Loader - c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exeAddRemove-MSHowlerLatency_1,0,0,1 - f:\dts\Sys\MSHowlerLatency.EXEAddRemove-ZeonUTDPDF - f:\dts\SYS\ZeonUTDPDFInstall.exe...**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-02-25 14:49Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\fasttx2k]"ServiceDll"="".[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ONSIO]"ServiceDll"="".--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'explorer.exe'(3964)c:\windows\system32\WININET.dllc:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odfc:\progra~1\MICROS~3\Office14\1033\GrooveIntlResource.dllc:\windows\system32\IEFRAME.dllc:\windows\system32\WPDShServiceObj.dllc:\documents and settings\Administrator\My Documents\tri\WinSCP\DragExt.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.------------------------ Other Running Processes ------------------------.c:\program files\Java\jre6\bin\jqs.exec:\program files\Trend Micro\OfficeScan Client\ntrtscan.exec:\program files\Analog Devices\SoundMAX\SMAgent.exec:\program files\Trend Micro\OfficeScan Client\tmlisten.exec:\windows\system32\SearchIndexer.exec:\program files\DGAgent\dgprompt.exec:\windows\TEMP\HFD182.EXEc:\program files\Trend Micro\OfficeScan Client\CNTAoSMgr.exec:\program files\Trend Micro\OfficeScan Client\Misc\xpupg.exec:\program files\Trend Micro\OfficeScan Client\pccntupd.exe.**************************************************************************.Completion time: 2012-02-25 14:58:09 - machine was rebootedComboFix-quarantined-files.txt 2012-02-25 19:58.Pre-Run: 26,371,530,752 bytes freePost-Run: 26,366,226,432 bytes free.WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe[boot loader]timeout=2default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS[operating systems]c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdconsUnsupportedDebug="do not select this" /debugmulti(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect.- - End Of File - - EFA8DF4CFCAB3AC0372D21864DEC5535 Link to post Share on other sites More sharing options...
MrCharlie Posted February 25, 2012 ID:530489 Share Posted February 25, 2012 Enable Hidden files:http://www.howtogeek...-folders-in-xp/Please find this file and upload it to VirusTotal for a free scan, post back the results (the url)c:\windows\system32\OfpivkEbwagv.dllhttp://www.virustotal.com/--------------------also can you take a look at this folder and see what's inside and do you recognize it:c:\documents and settings\Administrator\Local Settings\Application Data\1703546eMrC Link to post Share on other sites More sharing options...
sol7789 Posted February 25, 2012 Author ID:530500 Share Posted February 25, 2012 Here is the URL:https://www.virustotal.com/file/3a26c1efa432d6d2c79cb64e3a3142f823aa41ff6ff552cccd59f86dfea80117/analysis/1330203309/Also, I looked inside that folder, but I do not recognize the contents. Please let me know if you need to see a listing of these contents. Link to post Share on other sites More sharing options...
MrCharlie Posted February 25, 2012 ID:530506 Share Posted February 25, 2012 That sure is malware!Please do this........1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Open notepad and copy/paste the text in the quotebox below into it:4. If ComboFix wants to update.....please allow it to.File::c:\windows\system32\OfpivkEbwagv.dllRegistry::[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"Save this as CFScript.txt, in the same location as ComboFix.exeRefering to the picture above, drag CFScript into ComboFix.exeCAUTION: Do not mouse-click ComboFix while it is running. It may cause it to stall.After reboot, (in case it asks to reboot)......Please provide the contents of the ComboFix log (C:\ComboFix.txt) in your next reply.MrC Link to post Share on other sites More sharing options...
MrCharlie Posted February 27, 2012 ID:530945 Share Posted February 27, 2012 How are we doing??Do you still need help or can I close this post??MrC Link to post Share on other sites More sharing options...
sol7789 Posted February 28, 2012 Author ID:531067 Share Posted February 28, 2012 Mr Charlie,Sorry I had to go out of town for work. Is it possible to keep this open until Wednesday?Thanks for all your help so far, you've been great! Link to post Share on other sites More sharing options...
MrCharlie Posted February 28, 2012 ID:531138 Share Posted February 28, 2012 Yes, just keep informed, MrC Link to post Share on other sites More sharing options...
sol7789 Posted February 29, 2012 Author ID:531623 Share Posted February 29, 2012 MrCharlie,Thanks for waiting for my reply, here is the log you requested.ComboFix 12-02-25.01 - Administrator 02/29/2012 11:37:46.2.1 - x86Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exeCommand switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txtAV: Trend Micro OfficeScan Antivirus *Disabled/Outdated* {D5676B8F-DAF6-4ECC-9766-1F2FAF02629C}FW: Trend Micro Personal Firewall *Disabled* {3E790E9E-6A5D-4303-A7F9-185EC20F3EB6} * Created a new restore point.FILE ::"c:\windows\system32\OfpivkEbwagv.dll"..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))...((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Legacy_Dgmaster-------\Service_Dgmaster..((((((((((((((((((((((((( Files Created from 2012-01-28 to 2012-02-29 )))))))))))))))))))))))))))))))..2012-02-27 14:21 . 2012-02-27 14:21 -------- d-----w- c:\program files\ETS2012-02-23 19:52 . 2012-02-25 13:35 102400 ----a-w- c:\windows\RegBootClean.exe2012-02-23 19:48 . 2012-02-23 19:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes2012-02-23 19:48 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys2012-02-23 19:46 . 2012-02-23 19:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes2012-02-23 18:35 . 2012-02-23 18:35 -------- d-----w- c:\documents and settings\Administrator\Application Data\Windows Search2012-02-23 18:33 . 2012-02-23 18:35 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\ApplicationHistory2012-02-23 15:09 . 2012-02-23 21:14 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Adobe2012-02-23 15:06 . 2012-02-23 15:06 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Identities2012-02-22 18:57 . 2012-02-25 17:41 11264 ----a-w- c:\windows\DCEBoot.exe2012-02-21 20:52 . 2012-02-25 16:44 0 --sha-w- c:\windows\system32\dds_log_trash.cmd2012-02-21 20:48 . 2012-02-21 20:48 -------- d-sh--w- c:\documents and settings\Administrator\Local Settings\Application Data\1703546e2012-02-21 20:48 . 2012-02-21 20:48 25600 ----a-w- c:\windows\system32\OfpivkEbwagv.dll2012-02-18 20:46 . 2012-02-18 22:29 -------- d-----w- c:\program files\Acro Software2012-02-14 12:53 . 2012-02-14 12:53 -------- d-----w- c:\windows\Sun2012-02-09 14:34 . 2012-02-09 14:34 -------- d-----w- C:\Copy of HP_P2055_default_install_v6.1_ww...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2012-02-09 14:39 . 2012-02-09 14:39 65421473 ----a-w- C:\Copy of HP_P2055_default_install_v6.zip2011-12-21 18:56 . 2011-03-23 22:01 33638 ----a-w- c:\windows\system32\PDFCAWW6xxSM_Uninstall.exe2011-12-17 18:52 . 2011-12-17 18:52 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl..((((((((((((((((((((((((((((( SnapShot@2012-02-25_19.49.05 ))))))))))))))))))))))))))))))))))))))))).+ 2012-02-29 16:51 . 2012-02-29 16:51 16384 c:\windows\Temp\Perflib_Perfdata_718.dat+ 2012-02-29 16:51 . 2007-09-07 01:45 300392 c:\windows\Temp\SF6A6A.EXE+ 2008-01-22 15:46 . 2012-02-27 15:45 333872 c:\windows\system32\FNTCACHE.DAT.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shownREGEDIT4.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"OfficeScanNT Monitor"="c:\program files\Trend Micro\OfficeScan Client\pccntmon.exe" [2007-09-07 710000]"DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2003-05-08 69632]"RTHDCPL"="RTHDCPL.EXE" [2008-06-13 16871936]"IgfxTray"="c:\windows\system32\igfxtray.exe" [2006-07-19 155648]"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2006-07-19 126976]"Persistence"="c:\windows\system32\igfxpers.exe" [2006-08-14 94208]"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-01-11 246504]"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]"StatusClient"="c:\program files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe" [2002-12-16 36864]"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712].c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904].[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128].[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGAPIMon.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGBUSMon.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DgDmk.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGDT.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGFS.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGFSMon.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGKPMail.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGLFS.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGRule.sys]@="Driver".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DGService]@="Service".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProtectedStorage]@="Service".[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]@="Driver".[HKLM\~\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk]path=c:\documents and settings\Administrator\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnkbackup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnkStartup.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]2012-01-02 15:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]2012-01-04 03:51 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe.[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomcatStartup]2003-03-31 22:28 155648 -c--a-w- c:\program files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus]"DisableMonitoring"=dword:00000001.[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall]"DisableMonitoring"=dword:00000001.[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0).[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe"="c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"="c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"="c:\\Documents and Settings\\Administrator\\My Documents\\tri\\firefox.exe"="c:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe"="c:\\Documents and Settings\\Administrator\\My Documents\\tri\\Malwarebytes' Anti-Malware\\mbam.exe"=.R0 dgbusmon;DGBusMon;c:\windows\system32\drivers\DGBUSMon.sys [9/23/2010 4:46 PM 73928]R0 dgtdimon;DGTDIMon;c:\windows\system32\drivers\DGTDIMon.sys [9/23/2010 4:46 PM 57672]R2 DGService;Usage History Monitor;c:\program files\DGAgent\DgService.exe [9/23/2010 4:46 PM 412232]R2 TmFilter;Trend Micro Filter;c:\program files\Trend Micro\OfficeScan Client\tmxpflt.sys [9/6/2006 8:27 PM 262416]R2 TmPreFilter;Trend Micro PreFilter;c:\program files\Trend Micro\OfficeScan Client\tmpreflt.sys [9/6/2006 8:27 PM 36624]R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [11/5/2004 4:05 PM 307984]R3 TmPfw;OfficeScan NT Firewall;c:\program files\Trend Micro\OfficeScan Client\TmPfw.exe [5/18/2009 2:42 PM 943696]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [3/18/2010 12:16 PM 130384]S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe --> c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [?]S3 DCamUSBVeo532;Veo Stingray/Connect Web Camera;c:\windows\system32\drivers\ubVeo532.sys [7/1/2002 5:30 PM 95232]S3 dgapimon;DGAPIMon;c:\windows\system32\drivers\DGAPIMon.sys [9/23/2010 4:46 PM 160456]S3 DGDmk;DGDmk;c:\windows\system32\drivers\dgdmk.sys [9/23/2010 4:44 PM 381768]S3 DgDmkDisk;DgDmkDisk;c:\windows\system32\drivers\DgDmkDisk.sys [9/23/2010 4:45 PM 13640]S3 DGDT;DGDT;c:\windows\system32\drivers\dgdt.sys [9/23/2010 4:45 PM 175560]S3 DGFILTR;DGFILTR;c:\windows\system32\Drivers\DgFiltr.sys --> c:\windows\system32\Drivers\DgFiltr.sys [?]S3 DGFS;DGFS;c:\windows\system32\drivers\dgfs.sys [9/23/2010 4:44 PM 128200]S3 dgfsmon;DGFSMon;c:\windows\system32\drivers\dgfsmon.sys [9/23/2010 4:46 PM 124744]S3 dgkpmail;DGKPMail;c:\windows\system32\drivers\DGKPMail.sys [9/23/2010 4:45 PM 50888]S3 DGLFS;DGLFS;c:\windows\system32\drivers\dglfs.sys [9/23/2010 4:44 PM 191176]S3 DGREC;DGREC;c:\windows\system32\Drivers\DgRec.sys --> c:\windows\system32\Drivers\DgRec.sys [?]S3 dgrule;DGRule;c:\windows\system32\drivers\DGRule.sys [9/23/2010 4:44 PM 129480]S3 DGScan;Usage History Scanning Service;c:\program files\DGAgent\DgScan.exe [9/23/2010 4:46 PM 567880]S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys --> c:\windows\system32\DRIVERS\easytthr.sys [?]S3 FTRUSB;Futronic USB Fingerprint Scanner Device;c:\windows\system32\drivers\FTRUSB.sys [12/7/2005 7:05 AM 16256]S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [12/12/2011 3:03 PM 24576]S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [6/22/2010 6:01 PM 21248]S3 IFXTPM;IFXTPM;c:\windows\system32\drivers\ifxtpm.sys [1/28/2008 3:15 PM 36608]S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [6/12/2011 10:15 AM 31125880]S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [1/9/2010 8:37 PM 4640000]S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2/28/2006 7:00 AM 14336]S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [3/18/2010 12:16 PM 753504]S4 dgcotman;dgcotman;c:\windows\system32\drivers\DGCotMan.sys [9/23/2010 4:45 PM 136008].[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12WINRM REG_MULTI_SZ WINRM.NETSVCS REQUIRES REPAIRS - current entries shown6to4AppMgmtAudioSrvBrowserCryptSvcDMServerDHCPERSvcEventSystemFastUserSwitchingCompatibilityHidServIasIpripIrmonLanmanServerLanmanWorkstationMessengerNetmanNlaNtmssvcNWCWorkstationNwsapagentRasautothpsrvaksusbdbustrcmvaiomediaplatform-mobile-gatewaymmc_2KwampmysqldwinmtsrvzdeviceserviceWmXlCorecercsr6ssdiagnwandrvNVXBARathrsbiesvccpucoolservermaxbackserviceintaswupdsvxusb21s125mdflqcdonnersp_clamsrvstylexphelperoracle_load_balancer_60_server-forms6ip14irmoncpqvcagentprotexislicensingLVPrcMonpdlncbasspcstbCdaC15BASQLAgent$MICROSOFTBCMageresoftmodemhpzid412pavfnsvrTuneUp.DefragUSBModemnetsvcec2007serviceJukeboxsnpstd2RadProbeptbsyncFETNDISsvcwmuSE2Ebuslogmeinpae_1394igfxabnetmonithsgtibmcicstransactiongatewayIJPLMSVCmstdceSettingsServicevmount2oracleorahometnslistenermstdfrgsibmasrexswupdtmrtifmcentennialiptransferagentahcix86srfcommwintab32atkdisplfGcKernelDLH5Xlvpr2mons217obexprocddVHidMinidrvpcx1nd5LPCFilteradmserviceqbfcservicectxhttpnvsmuusbvideowanusbvgaegathdrvnvmdMaxtorFrontPanel1lvhidsvcccpwdsvcaexnsclientpmj151lalivesrvNetwareWorkstationactserPXRDDriverCTMFLTnpkcmsvcZSMC303TPPWRIFscanexplicitlanusbbackupexecjobengineDM9102USB_NDIS_51sgectlpxhelp20MA8032UproxyhostdriveravipbbLPDSVCDKbFltrclr_optimization_v2.0.50215_32w300mdmsmbiosMREMP50a64blueletscoaudiodriverhardwarev2mcdbusthkeysbgs_sdserviceplsremotesvcsnareOEM02VfxSNTIEissmps2bcm43xxNWSNSoracleformsserver-forms60server-oraformsfrem01cdudf_xpco_monwap3gxwebsenseclientdeployserviceeuq_monitorCTEDSPSY.DLLCTAUDFX.DLLV0070VIDse58nd5smrtcailicmpci{95808DC4-FA4A-4c74-92FE-5B863F82066B}RalinkRegistryWritersleepypatrol_schedulerHSX_DPcmuda3SPLITCAMdsunidrvusb20ls217mgmtslavePhilCam8116BootScreendiskperfJGOGORR2CtrlPQNTDrvs616obexw810obexservidorWISTechVIDCAPAEADIFiltersmediamaxxlservicerimmptskAVerBDAsqlagent$soshome22cxlptp17iaimtv2PhilCam8116_XPPD0620VIDepsonstatusagent2AMDPCIevtengcommserverpfmodntpivotmourupsdNMSCFGprfldsvcdlcg_deviceoracleorahomeclientcachecdr4_xps3ssavageLXARScanmcstrmwinvncbtwaudion558ma_cmidi_installerserviceHWIONTovmsmaccessmanageroracleorahomehttpserverrp_fwsPAC7302bthservsvcwrsssdkvaiomediaplatform-integratedserver-appserverAIRPLUSSiSGbeXPtfsnopioU81xmdmAPLMp50getPlusHelperwlancfgnsm1busslimsvcexfats125mdmacsvcpdlnecfgnimcdfxkse2Cnd5ALYac_PZSrvNWFILTEROsaFsLocmvwebserverStarOpens616nd5amdk8netcfgsvrCdaD10BAuscbs108sifiltervrmonsvccics.region1qbreminderflashsoftfaxcaptureserviceAFGMp50symmpivusbbusKS0108ac97intcUWProSysvmauthdserviceSunkFiltflashcomadminhsf_msftwebsenserealtimeanalyzerWUSB54Gv4SVCNWDNSspsslmAffinegyServicedeltafwvetebootXyz777bmgabgexeslabseremclisrviaimfp0minilogbthidmgrTryAndDecideServiceeabfiltr3combootpCTDevice_SrvilicensesvcSGIRservicemgrcm102u32fcprintservicecusrvczumbuselservicetfsnifsMpFilterbtdriverccevtmgrErrDevPGPwdedpdlnctdlincdfsnim32SE2Dbusse2Eunicireikepcx1unicUSB11LDRUSBMN1X1alertservicemsfwsvcvet-recami0ntrppktgagp30kxtiumfwlwinpppoverethernetdlbx_deviceWSIMDpnkbstrkmwlsvc{a7447300-8075-4b0d-83f1-3d75c8ebc623}GMSIPCIanbmservicelogonsvcidhdaudaddservicembrn3900smservauthSMCB000CamAvmcproxyCX23880NICMhf30serviceslpmonxpilogsrvrtl8139PBADRVctprxy2kraidmagtVRcoredb2remotecmdSE2CmdflaswtdiquickbooksdbndiscmcebdaldrpelmouseqbposdbservicesgrmnusbctusfsynWinHttpAutoProxySvcprodrv06SE2CobexiAimFP6FirePMntchargeoutpostfirewallELacpihpqwmiexaniwzcsdservicetmxpfltwinproxyscreadspoolz525mdflsffdiskzpcollectornod32krnoraclewebassistantsysplantanydvdSMTPSVCInvokermsmpsvcavcgbflPTDCMdmrvsinstpav_securitympfpvcloneNETGEAR_MA111wpsdrvntspmgrwlankeeperha20x2ksbcssvcp2ksomashuttleenginesmservazbt3csernmcmudahprfdevvpn5000servicedm1serviceMagicTunetpkmpsvcWmVirHidET5DrvacshsvcmodbdselfprSE26mdmrichvideolxcf_devicepdlndldlcpuidlepUDFReadrSWNC8U51lvpopfltemu10k1dlaudfamDcLpspinnacleupdatesvciPassPziptoawebsensecamserverSrvcSSIOMngrTuneUp.ProgramStatisticsSvcpenclassissuserSGHIDIcwafnotesservicebtwmodemzpscbtwrchidnidomainservicezunenetworksvclckfldserviceBrScnUsbNxNetMonSbieDrvUSBCameradcstor32dnsexitrcaumwdfEvianGV600_4w550mdmGBFSHooksrvdpiati2mtagsffp_sdCVirtAMxlW2kw200mdmNWSIPX32adsexpbmssql$sqlexpresswebsensewfreportserverCnxtHdAudServicerimvserportpdlnacomMREMP50USB28xxBGAwg5nSE26busSaiU040Bsp_rssrvdjsnetcnpdlncfwkbtcsrusbobvioustmesrv3ss_mdmsnmptrapdserviceC-DillavulfntrsvhidminispbbcsvcFreedomatalkbthusbse44mdflstatusagent4mod7700pavsrvprohlp02purendispalmusbdmfeavfkalcxsenss125mgmtLCcfltrRR2MjpegstllssvrSiS300ialiadwdmgdrvageremodemaudiosskbfdrelationalAlpham2OneCareMPMA-620pavagenteavgcleansonicatheaterinstallerserviceiAimTV5win32slse44nd5ASMMAPs7oppitxbackupexecnamingservices716bustoshidptlyncusbservMegaSRW2acehidARCSOFTVIRTUALCAPTUREDniVadpuscsrvcZSMC301badaptecstoragemanageragentBlueSoleilCSlxce_deviceATKGFNEXSrvyukonwlhF700iswlgsnd_filterse59mgmtcq_memNEOFLTR_600_13319w800mgmtzebrsceadvserviceaeclienthostservicesnareiisbgsvcgenavinitntsisagpcimnotifyhpciadmjoyCam5603Ccics.region2w810mdmclisvcs117obexMaVctrlinotaskSWNC8U20p2pgasvcse59obexsteamdvrWLAN_USBnHancerUlSatakeymaestropatrolagentatfsdCYGF32XMA_CMIDIvncmirrorsfhlp01atmeltpmeelsserviceICAM5USBiaimtv3elbycdiovzfwPTproctASNDIS5rkhdrv31p1110vidalim1541SDdriveribmsmbusdb2das00array_utility_service4,0,1,3lxct_devicertmYahooAUServicemclogmanagerserviceSecureStorageServiceSTV680qkbfiltravpw550mgmts716unicvmx86mfesmfkIPSECSHMaswlsvcCSRBCntsecureRawwansmstsmgrL6PODEMSCRgmernmserviceWbuttons117unicaclientantivirserviceroxwatchincdrecLVCap138SABProcEnumhoudinilicenseserverTUWinStylerThemeSvcspupdsvcipassconnectenginev2imountovsecurityserverFTSER2KMQACP17xfisymfwvmodemsnoopfreezebrcebmonfiltCTAudSvcServiceumxfwhlpadminserveraxsnmsvcpcctlcomltxredroxwatch9speedfanatinrvxxmctskshd.exeipsecmonAeLookupSvcpwd_2Ksfng32kbfiltrmcmscsvcRR2IOModntpr_nic_service2s125busdot4ufdCAMCHALAaddfiltrnvenetfdoracle%oracle_home_service%clientcache80SMNDIS5roxupnpservertvtpktfilterSQLAgent$LG_LP2de_servpmshellsrvvtserverctsfm2knvedavtuagp35vcommmssqlserveracrsch2svcinorpcfirelm01tphkdrvslee_81_servicedf5serventechrassstpPctspkw810mgmtCXTUNEMR97310_USB_DUAL_CAMERADMICallpinetmgrutilmanSE27mdmnpapimondvd43llhdefragfsivschedulerss_busghoststartserviceosaiocacheserverrvsccwebrootenterpriseclientserviceelbycdflcvslockvproeventmonitorse59unicsuserviceE1000eloggersvc6pavprsrvoracleorahome90agentgv3autostorewinachsxmarvinbusPAR1284XAudiogoogledesktopmanagereelogsvcPSSdk21fsbwsysUBHelperswmsfltOracleOraHome92ClientCachesit_mdms616busUSBDeviceServiceUPATCnimxdfkcrystaloutputfileserverALABULKsis315ntuneservicese59bustng-dtmgtsmserviceepstnt01awhost32se58mdmEpfwndissurveyorwg6nbobooraclesnmppeermasteragentLHidFiltsfusvcsavrtHWSCtrlISAMSvcESMCRvet-filtmhnAN983jukebox3HidBthni_nicdb2governorhpqcxs08slabbusmfeapfkaolserviceWaveFDEStkAMiniincdsrvcdvpQWAVEtfsncofstcpip6stacsvszservermsi_wlan_servicensm1serdDell1100_FUServiceROOTUSBiksyssectaphssdlbt_deviceATMsgwmp54gssvcDfsUSBCCIDsr_watchdogDefrag32ssfs0509ROB_Az525obexbtwusbbc_ngnsonypvs1se44obexSfCtlComisamsmtEU3_USBstac97InterBaseServerKtpwindrvNTfingrd32NWUSBPortcatchmeg400macformatservicePSDFilterSE2Dmdmtpkdrnadiagnosticsservicemxserveravg7rswU2SPdsncservicenoipducservicetimounterroxmediadb9icam4usbtrioserviceneokdssABVPN2KvpnvaCcmExecLMSXUIFlxbt_deviceusbsermptparallelpsdistributionagenttfsnpoolnwrdrcrcdisk3dkeybdodysseyIM4atchksrvamfilterlxrjd31sfgdxbuselaunidrPDExchangepoint32cltnetcnservicew200mdflbltrustMRENDIS5DCamUSBSQTECHmssql$microsoftbcms616mdflW700mdmdrvnddmSiS7018rspndrodysseyIM3S3GIGPMSICPLaaksrvaegispmhndrvenodplGameConsoleServicebc_ip_fHPFECP20sonicstagemonitoringlmab_deviceSISNICXPMXOFXCoachAudsony_ssm.sysmgabgU81xmgmtma763004SECYPUSBappnnodecpqdfwicepackbackupexecrpcserviceGoProtoDynDNS_Updater_ServiceibmfilterispwdsvcUSBVCDnicconfigsvcbelgium_id_card_serviceSaiClasswinpowermanageruploadmgropenldap-slapdavfilters3twistrnmwcdcnmindexingserviceTablet2ksfcure01niorbknv4wfxsvcs117busCTSYNlvupdtiospcsutilityserviceovepstatusengineomniusbctxcpubalkserviceamonccispwdsvcMRV6X32PrpcnetlockmgrbthportmozybackupSymIMmwsejcapnetrcacmihcserviceSE2Emdflaswmon2k750obexCVPNDati2mtaaWINUSBzpjobqmpfserviceadobeactivefilemonitor5.0ngservermotmodemoracle_load_balancer_60_server-forms6iICAM3NT5fireportbcftdibc_filterZuneWlanCfgSvcUim_IMfaxidrivertMRESP50arp1394generichidservicevpcvmmasctrmSQLBrowsertmesbs32diskeeperbvrp_pciezplaylusbaudiotosrfndsIFP700wwsecsvcMobilityServiceknobservwmccdslsomnidrvnavapsvcFlexBiosimountsrvsysmgmthpagrsrvcesi3114rs3savagenbse44mdmavsincichaudiolo_srvtvichw32TMKEmuIntelC53smartlinkserviceportmappergovsrvdeventagentcs429xpktfilterWmaCDriverV32smartwiservicePCDCODECadiloadersisnicaksfridgeoraclesnmppeerencapsulatoriAimFP5ngdbservpdlnebasinfrastructureTdmServicestylexpserviceTestHandlermerakcontrolaolavupdstcagentavgtdiLVBulkPcatipdb2licdADIDTSFiltServiceSNCftsata2atkkeyboardservicewwnetddeacprfmgrsvclicensemirrorv3dsNcAdptse44busfreepopsrt2870arcltsrvSenFiltServicepdfcreatormessagesEMCFILTdnetcmrvw245s716mdfldatunidrwpshelpermvdcodecalertmanagermbackmonitorStreamDispatchervstor2aic116xpinnaclemarvinusbbdpredirk750mdmAmeLanPcbc_pat_fMcciCMServicertl8023hmonitorAKSIFDHpersonalsecuredriveservicefilterserviceSE2BbusviagfxnmwcdO2SCBUStosportese45unicUimBusse59nd5avcgbdrTSHWMDTCPmysqlinventimemozyFilterraysatxsi5_0server{85ccb53b-23d8-4e73-b1b7-9ddb71827d9b}netw4x32DCamUSBDXGTechemAudiopinnaclesys.mediaservertosrfecimagedrvnpkcsvcFET5X86VNPDriversyslogdAtlsAudRR2Vbimqdmmdmiaimtv4TMHIDSRVjconfigdw800busvaiomediaplatform-musicserver-appserverHssTrayServiceflashpntUSB28xxOEMSQLAgent$MICROSOFTSMLBIZHpqRemHiddvd-ram_serviceW55U01smartscapsbeatjammusicstreamingserverwebdriveservicekbdhidfsRamDskssrvcUSB_RNDISeventclientmultiplexerretrolauncherAVRecclnt_clientmaniaimtv1psaddCDRPDACCStkASSrvnvataufad-ws60tgsrvc_smartagentoracleorahomepagingserverPNRPSvctphdexlgsvctdsmapiepson_pm_rpcv2_02CoachUsblsdiorwBrUsbSerkonfigss_mdflASLDRServiceMSMQTriggersA88xEncifp800centennialclientagentvwkernele1000jobserver_reporttransarcafsdaemonbtarcmi-raysat_3dsMax2008_32wuolservicedlaboiomUVCFTRhttps-admserv61MailServiceEntDrv51se2BunicHabuFltrms_mpu401iaimfp2curtainssyssvcgenmcmnhcf_msftntsyslogwencrserviceEPSON_EB_RPCV4_01npkcusbthinkpadmodemserviceUSR1806Vmldservavgemsfixw810busx10netss116unicst330servicepwkntmonScanUSBEMPIASNDO763WGXRMSvcyats32nmwcdcjSRS_SSCFilterNWDHCPsdcplhofcpfwsvctifm21midisynser2plmsSntnlusbpcaNCPronpkcryptwg4nSE2DmdflliveupdateqbposdbextservicesSQTECH905CiolodmvATKFUSServiceQPCapSvcMachnm32Udfreadr_xpdigictrlbtkrnlSE2BmgmtELmonolregcapnuvvid2MTsensord-link_st3402usnsvcnvupsmonservicedmprimericlarityqosserviceAsDsmedspportnsvcipcmdmonVAIOMediaPlatform-MusicServer-HTTPctdvda2kirbusventuri2asusgsbaxsakiWscNetDrlvtunerAsuhfivrOomsadNOWMEMDFfilemon701nmwcdcmSaiNtBusGTWModemAVWLP_USBmks_scantng-dobaFTDIBUSSeaPortnvrd32s217nd5DSDrv4EACSysftpdszpjavatwdnstiwlnsvcmegamonitorsrvsagefserverbhmonitorservicemsgsrvservicelktimesyncU81xmdflsprtsvc_smartagentzmxpzipentertainmentroxliveshare9oracledbconsoleorclcachemgrinortpnkbstrahibernationz525mgmtRIOUNIVwinpowermonitorkerbkeyntiopnpNxSysMonFsVgaelosystemservicevsmonUpdateCenterServiceWmFiltercavasmsymredrvMS1000TIEHDUSBWUSB54GCSVCregmanservtoneshpqddsvccrystalinputfileserversymantecantibotwatcherVMAUDIOcom4qlbrt73AirgoBRCMDECOdlabmfsmtvtnetwkwebsenseuserserviceGoogleDesktopManager-010708-104812se59mdmcidaemonUsbDiagNeroMediaHomeService.4dsproctdeckzpsxvrfwsvcdlaudf_mcsctl50mgactrlF700iobrpaservicerazerusbbantextds1mscsptisrvpxfhserdiaimfp1tbhsdrootmodemmssqlserverolapservicepingerwhoisd32BCM42RLYissvcRIOXDRVrbfilteraslm75pav_serviceclcapsvcNWUSBModems217unicCnxTrLanpdschedulerpccsmcfdDcFpointtmactmonhidusbDFUBTUSBwebsenseusagemonitor{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}wastfsndrctX10UIFregmon701CTHWIUT.DLLAppnbdssnv_agpsdbustosrfbnpppmouclsELhidwinpowerrmiwebfilteracedrv07cmdagentbuslogicSE2Emdmremotelyanywheredwusbdntnvnforcesymidscoautomate5aswrdrtoddsrvSE2DobextapvpnissimonphnxvcdserviceWmHidLoRESMGRXilinxPC4DriverawlegacynetdeviotosrfbdInterBaseGuardianDN2AKNETtdcmdpstz800mdflgenregistrarlxdm_deviceSlNtHalSi3132nmsaccesspmemfetnd5bvwinssSE27mdflM3ADDMUSBUSBDCamdcfssvctavsvcZY202_XPxaudioserviceLwUsbHidcxusbPacketoracleorahomemanagementserverStkScanKMW_KBDsit_fltfuj02b1fallbackatimpabcachemanxpSus2plhotspotshieldservicevnxserviceepsonbidirectionalserviceusbscancitrixwmiserviceNETMDUSBamdagpmapserver6.3adobeactivefilemonitor4.0uhcdmouhidtrufosMSW_USBsscdmdflcqmgservs116busSaiNtSubeaps2kbdSRTSPviaagpslee_503_servicedmisrvprosync1USBAAPLventriloSQTECH9080tfsnudfase2Cuniccwbrxds24transhdthermalWavxDMgrWNCPKTmcontrolvetfddntwebupdateeectrls716nd5btwdndiscpntsrvlicensemanagersocketFireTDIsshrmdPTDCVspbackuplauncherikfilesecbtfirstBUFADPTkraidsvcprism_a02nwdlsati2mpaaalcaudslpclepcicwafeventrouterUSBDonglebglivesvcnvlddmkmcfgwzsvcvmnetdhcpkpfwsvcsdhelperretrowdsvcid2scapsacdpowerserviceMSSQL$AUTODESKVAULTsymdnsATMsrvcvetefileidisw2kmnicser_wmp11srtspxadpu320pdlnepktautocompleteagp440IWCAoracleorahome92pagingserverthotkeyiksysfltDCFS2KHFACSVCarrayssl_vpn_service3,0,1,9MSIRCOMMfasttx2kBsHelpCSDNEaxinstsvhsf_dpopcenumctxcpuschedmfcommssql$microsoftsmlbizmqdmbusNTSIMupnpnvrd64WUSB54GPV4SRVMA8032McwafrmiregistryCardexw200mgmtbwcsrviomegaaccessAVCSTRMsscdbhk5tosrfusbse44mgmtDeviceScannerHssSrvslssvcGernuwaDevUppercccredmgra016busxfiltinspects616mdmbtaudioBLKWGU(Belkin)odclientservicese58busSetupNTcqmghostnmapdigitizermsgameUSIUDFW700obexpxfhmdmmsk80serviceRecAgentshdservShockprfwebrootcommagentservicecompbattSprintRcAppSvcVAIOMediaPlatform-VideoServer-UPnPShockMgrs24eventmonitorClntMgmt.sysipssvcIntels51GBDevicepacsptisvrartourserviceclmtomcatstartersvcstunneldvpapiLUsbKbdSi3132r5dcpflicsDCamUSBMkeSQLWriterNITaggerServiceRTLE8023xpVrAcFilctljystkcmbattgtndis5xnaccmcpRasmanRemoteaccessScheduleSeclogonSENSSharedaccessSRServiceTapisrvThemesTrkWksW32TimeWZCSVCWmiWmdmPmSpwinmgmtwscsvcxmlprovBITSwuauservShellHWDetectionhelpsvcWmdmPmSNnapagenthkmsvc.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs...------- Supplementary Scan -------.uStart Page = https://www.prometric.com/Network/Login.aspuInternet Settings,ProxyOverride = <local>IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000IE: Se&nd to OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105Trusted Zone: 2test.comTrusted Zone: 2test.com\wwwTrusted Zone: prometric.com\ehelpTrusted Zone: prometric.com\polarisTrusted Zone: prometric.com\pulseTrusted Zone: prometric.com\wwwTrusted Zone: prometric.com\www.polarisTrusted Zone: yahoo.comTrusted Zone: microsoft.comTrusted Zone: prometric.comTrusted Zone: webex.comTCP: DhcpNameServer = 74.238.59.137TCP: Interfaces\{0AFA6EFD-CD29-41E3-B03C-F5F3FDBEE3C6}: NameServer = 172.16.9.5TCP: Interfaces\{39DE5698-AEB5-40CA-9CC9-31A7F8AEC8CC}: NameServer = 172.16.9.5TCP: Interfaces\{97FB5F84-09E3-48D4-8C35-A6C9014D1A35}: NameServer = 172.16.9.5TCP: Interfaces\{CAD422C1-3F04-4317-AB8E-D443117E3772}: NameServer = 172.16.9.5TCP: Interfaces\{D02C4BAE-0BD4-463A-9754-508D4CD4894C}: NameServer = 172.16.9.5TCP: Interfaces\{DD4A81D2-1702-451B-BC56-7E2F5BF67358}: NameServer = 172.16.9.5Handler: RS - {DE475C95-5280-11D4-A475-0090278A19C8} - c:\utdsys\POLESS.dllFF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\zg9mnrzg.default\..**************************************************************************.catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2012-02-29 11:57Windows 5.1.2600 Service Pack 3 NTFS.scanning hidden processes ... .scanning hidden autostart entries ....scanning hidden files ... .scan completed successfullyhidden files: 0.**************************************************************************.[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\fasttx2k]"ServiceDll"="".[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\ONSIO]"ServiceDll"="".--------------------- DLLs Loaded Under Running Processes ---------------------.- - - - - - - > 'explorer.exe'(484)c:\windows\system32\WININET.dllc:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odfc:\progra~1\MICROS~3\Office14\1033\GrooveIntlResource.dllc:\windows\system32\ieframe.dllc:\windows\system32\WPDShServiceObj.dllc:\documents and settings\Administrator\My Documents\tri\WinSCP\DragExt.dllc:\windows\system32\PortableDeviceTypes.dllc:\windows\system32\PortableDeviceApi.dll.------------------------ Other Running Processes ------------------------.c:\program files\Java\jre6\bin\jqs.exec:\program files\Trend Micro\OfficeScan Client\ntrtscan.exec:\program files\Analog Devices\SoundMAX\SMAgent.exec:\program files\Trend Micro\OfficeScan Client\tmlisten.exec:\windows\system32\SearchIndexer.exec:\windows\TEMP\SF6A6A.EXEc:\program files\Trend Micro\OfficeScan Client\CNTAoSMgr.exec:\program files\DGAgent\dgprompt.exec:\program files\Trend Micro\OfficeScan Client\Misc\xpupg.exec:\program files\Trend Micro\OfficeScan Client\pccntupd.exe.**************************************************************************.Completion time: 2012-02-29 12:03:39 - machine was rebootedComboFix-quarantined-files.txt 2012-02-29 17:03ComboFix2.txt 2012-02-25 19:58.Pre-Run: 26,118,524,928 bytes freePost-Run: 26,058,444,800 bytes free.- - End Of File - - FFDF2295063A0825F65430AC95308A2D Link to post Share on other sites More sharing options...
MrCharlie Posted February 29, 2012 ID:531636 Share Posted February 29, 2012 Please Update and run a Quick Scan with MBAM, post the report.Please let me know how it is, MrC Link to post Share on other sites More sharing options...
sol7789 Posted February 29, 2012 Author ID:531646 Share Posted February 29, 2012 Looks like its gone to me..Here is my log:Malwarebytes Anti-Malware 1.60.1.1000www.malwarebytes.orgDatabase version: v2012.02.23.03Windows XP Service Pack 3 x86 NTFSInternet Explorer 7.0.5730.11Administrator :: ADMIN1 [administrator]2/29/2012 1:05:10 PMmbam-log-2012-02-29 (13-05-10).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 223737Time elapsed: 10 minute(s), 14 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 0(No malicious items detected)(end) Link to post Share on other sites More sharing options...
MrCharlie Posted February 29, 2012 ID:531656 Share Posted February 29, 2012 Good A little clean-up to do.Please Uninstall ComboFix:Go to start > run and copy and paste next command in the field:ComboFix /uninstallMake sure there's a space between Combofix and /Then hit enter.This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point------------------------------Please download OTL from one of the links below:http://oldtimer.geekstogo.com/OTL.exehttp://oldtimer.geekstogo.com/OTL.comSave it to your desktop.Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)Any other programs or logs you can manually delete.--------------------------------Your Java is out of date, older versions are vulnerable to malware.Go to your control panels add/remove programs and uninstall Java™ 6 Update 18Then download and install the latest version Java™ 6 Update 31http://www.java.com/...load/manual.jsp <---latest versionhttp://www.java.com/...d/installed.jsp <---verify your Java-----------------------------Any questions...please post back.If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.Take a look at My Preventive Maintenance to avoid being infected again.Good Luck and Thanks for using the forum, MrC Link to post Share on other sites More sharing options...
sol7789 Posted February 29, 2012 Author ID:531669 Share Posted February 29, 2012 Thanks MrC, you're the man! Link to post Share on other sites More sharing options...
MrCharlie Posted February 29, 2012 ID:531673 Share Posted February 29, 2012 OK...Thanks Take Care....MrC Link to post Share on other sites More sharing options...
LDTate Posted March 5, 2012 ID:532830 Share Posted March 5, 2012 Glad we could help. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts