Jump to content

Blocked outgoing IP to 5.45.6x.xx with various ports


Recommended Posts

I have run Malwarebytes, MBAR, Avast (in both OS and Boot version) and eliminated many pups, trojans, virus and rootkits on this VERY sick Vista SP2 desktop. However there is still something hanging around that causes Malwarebytes to block outgoing IP addresses to various ports at the following addresses: 5.45.6x.xx, all owned by the same vendor. Examples: ruggersner8.net at 5.45.69.131, rummerstain2.com at 5.45.66.208 and there are about 10 or so similar and all using slightly different ports. Process is generic MS svchost.exe but started by something bad.

 

DDS.txt:

2014/02/16 11:10:12 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.68.199 (Type: outgoing, Port: 49203, Process: svchost.exe)
2014/02/16 11:10:36 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.64.145 (Type: outgoing, Port: 49204, Process: svchost.exe)
2014/02/16 11:10:52 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.67.216 (Type: outgoing, Port: 49205, Process: svchost.exe)
2014/02/16 11:11:00 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.68.199 (Type: outgoing, Port: 49206, Process: svchost.exe)
2014/02/16 11:11:08 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49207, Process: svchost.exe)
2014/02/16 11:11:16 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49208, Process: svchost.exe)
2014/02/16 11:11:32 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49219, Process: svchost.exe)
2014/02/16 11:11:40 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.68.199 (Type: outgoing, Port: 49220, Process: svchost.exe)
2014/02/16 11:11:48 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.69.131 (Type: outgoing, Port: 49221, Process: svchost.exe)
2014/02/16 11:11:56 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.69.131 (Type: outgoing, Port: 49222, Process: svchost.exe)
2014/02/16 11:12:12 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49223, Process: svchost.exe)
2014/02/16 11:12:20 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49224, Process: svchost.exe)
2014/02/16 11:12:28 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49225, Process: svchost.exe)
2014/02/16 11:12:36 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49226, Process: svchost.exe)
2014/02/16 11:12:53 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.69.131 (Type: outgoing, Port: 49227, Process: svchost.exe)
2014/02/16 11:13:01 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49229, Process: svchost.exe)
2014/02/16 11:13:09 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49230, Process: svchost.exe)
2014/02/16 11:13:17 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.64.145 (Type: outgoing, Port: 49231, Process: svchost.exe)
2014/02/16 11:13:33 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49232, Process: svchost.exe)
2014/02/16 11:13:42 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.68.199 (Type: outgoing, Port: 49233, Process: svchost.exe)
2014/02/16 11:13:50 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49234, Process: svchost.exe)
2014/02/16 11:13:58 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.67.216 (Type: outgoing, Port: 49235, Process: svchost.exe)
2014/02/16 11:14:06 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49236, Process: svchost.exe)
2014/02/16 11:14:23 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49237, Process: svchost.exe)
2014/02/16 11:14:31 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49238, Process: svchost.exe)
2014/02/16 11:14:39 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.64.145 (Type: outgoing, Port: 49249, Process: svchost.exe)
2014/02/16 11:14:47 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49251, Process: svchost.exe)
2014/02/16 11:15:03 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.69.131 (Type: outgoing, Port: 49252, Process: svchost.exe)
2014/02/16 11:15:12 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49253, Process: svchost.exe)
2014/02/16 11:15:20 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.64.145 (Type: outgoing, Port: 49254, Process: svchost.exe)
2014/02/16 11:15:28 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49255, Process: svchost.exe)
2014/02/16 11:15:44 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49256, Process: svchost.exe)
2014/02/16 11:15:53 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.67.216 (Type: outgoing, Port: 49257, Process: svchost.exe)
2014/02/16 11:16:01 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49258, Process: svchost.exe)
2014/02/16 11:16:09 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49259, Process: svchost.exe)
2014/02/16 11:16:25 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.67.216 (Type: outgoing, Port: 49260, Process: svchost.exe)
2014/02/16 11:16:33 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.69.131 (Type: outgoing, Port: 49261, Process: svchost.exe)
2014/02/16 11:16:41 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.68.199 (Type: outgoing, Port: 49262, Process: svchost.exe)
2014/02/16 11:16:49 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.67.216 (Type: outgoing, Port: 49263, Process: svchost.exe)
2014/02/16 11:17:06 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.65.190 (Type: outgoing, Port: 49264, Process: svchost.exe)
2014/02/16 11:17:14 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.66.208 (Type: outgoing, Port: 49265, Process: svchost.exe)
2014/02/16 11:17:22 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.67.216 (Type: outgoing, Port: 49266, Process: svchost.exe)
2014/02/16 11:17:30 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.67.216 (Type: outgoing, Port: 49267, Process: svchost.exe)
2014/02/16 11:17:46 -0500 HOMEPC JOSEPH IP-BLOCK 5.45.68.199 (Type: outgoing, Port: 49268, Process: svchost.exe)
 
Attach.txt:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 12/10/2007 7:19:38 AM
System Uptime: 2/16/2014 11:07:49 AM (2 hours ago)
.
Motherboard: Acer                 |  | F690GVM             
Processor: AMD Athlon 64 X2 Dual Core Processor 5000+ | Socket AM2  | 2400/199mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 144 GiB total, 109.081 GiB free.
D: is FIXED (NTFS) - 144 GiB total, 143.62 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0001
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #2
PNP Device ID: ROOT\*6TO4MP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0002
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #3
PNP Device ID: ROOT\*6TO4MP\0002
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0003
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #4
PNP Device ID: ROOT\*6TO4MP\0003
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #2
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0002
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #3
PNP Device ID: ROOT\*ISATAP\0002
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0003
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #4
PNP Device ID: ROOT\*ISATAP\0003
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0004
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #5
PNP Device ID: ROOT\*ISATAP\0004
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0005
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #6
PNP Device ID: ROOT\*ISATAP\0005
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0006
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #7
PNP Device ID: ROOT\*ISATAP\0006
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0007
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #8
PNP Device ID: ROOT\*ISATAP\0007
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0008
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #9
PNP Device ID: ROOT\*ISATAP\0008
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0009
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #10
PNP Device ID: ROOT\*ISATAP\0009
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0010
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #11
PNP Device ID: ROOT\*ISATAP\0010
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0011
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #12
PNP Device ID: ROOT\*ISATAP\0011
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0012
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #13
PNP Device ID: ROOT\*ISATAP\0012
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0013
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #14
PNP Device ID: ROOT\*ISATAP\0013
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0014
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #15
PNP Device ID: ROOT\*ISATAP\0014
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0015
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #16
PNP Device ID: ROOT\*ISATAP\0015
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0016
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #17
PNP Device ID: ROOT\*ISATAP\0016
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0017
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #18
PNP Device ID: ROOT\*ISATAP\0017
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0018
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #19
PNP Device ID: ROOT\*ISATAP\0018
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0019
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #20
PNP Device ID: ROOT\*ISATAP\0019
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0020
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #21
PNP Device ID: ROOT\*ISATAP\0020
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0021
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #22
PNP Device ID: ROOT\*ISATAP\0021
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0022
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #23
PNP Device ID: ROOT\*ISATAP\0022
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0023
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #24
PNP Device ID: ROOT\*ISATAP\0023
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0024
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #25
PNP Device ID: ROOT\*ISATAP\0024
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0025
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #26
PNP Device ID: ROOT\*ISATAP\0025
Service: tunnel
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\3&18D45AA6&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\3&18D45AA6&0
Service: i8042prt
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Patriot Memory  
Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_PATRIOT_MEMORY&REV_PMAP#07AA1701196346C7&0#
Manufacturer:         
Name: Patriot Memory  
PNP Device ID: WPDBUSENUMROOT\UMB\2&37C186B&0&STORAGE#VOLUME#1&19F7E59C&0&_??_USBSTOR#DISK&VEN_&PROD_PATRIOT_MEMORY&REV_PMAP#07AA1701196346C7&0#
Service: WUDFRd
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
1000 Solitaire Games
Acer Arcade Live Main Page
Acer Assist
Acer DV Magician
Acer DVDivine
Acer HomeMedia
Acer HomeMedia Connect
Acer SlideShow DVD
Acer VideoMagician
Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 12 ActiveX
Adobe Reader 7.0
AtHomeConnect version 1.0.1.0
ATI Catalyst Install Manager
ATI Uninstaller
Atlantis Double Pack – 2 in 1
Bejeweled 3
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Desert Nights Casino
FlashGames
Free FreeCell Solitaire 2012 v2.1
Google Chrome
H&R Block Deluxe + Efile + State 2009
H&R Block Deluxe + Efile + State 2011
H&R Block Deluxe + Efile + State 2012
H&R Block Michigan 2009
H&R Block Michigan 2010
H&R Block Michigan 2011
H&R Block Michigan 2012
H&R Block Premium + Efile + State 2010
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hoyle Casino Games
Hoyle Slots
Hoyle Swashbucklin Slots
Jewel of Atlantis 1.91
Juno Internet
Lexmark 4300 Series
Lexmark Fax Solutions
LightScribe  1.4.142.1
Malwarebytes Anti-Malware version 1.75.0.1300
Masque IGT Slots Lucky Larry's Lobstermania
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
Microsoft Works
Millionaire Casino
Motorola SM56 Speakerphone Modem
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
Pdf995 (installed by TaxCut)
PdfEdit995 (installed by TaxCut)
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Skins
TaxCut Michigan 2007
TaxCut Premium + State + Efile 2008
TaxCut Premium + State 2007
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
.
==== Event Viewer Messages From Past Week ========
.
2/16/2014 11:11:36 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x8007045b: Windows Update Aux.
2/16/2014 11:09:50 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  iSafeNetFilter netfilter
2/15/2014 8:32:30 PM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x800f020b: Acer Incorporated - Display - Acer LCD Monitor P191W.
2/15/2014 3:48:00 PM, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 10.0.0.2 for the Network Card with network address 001C25507C4C has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
2/15/2014 3:42:26 PM, Error: EventLog [6008]  - The previous system shutdown at 3:40:58 PM on 2/15/2014 was unexpected.
2/15/2014 10:56:29 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswRvrt aswSnx aswSP aswTdi aswVmm i8042prt iSafeNetFilter netfilter spldr Wanarpv6
2/15/2014 10:56:29 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
2/15/2014 10:55:30 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/15/2014 10:55:15 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/15/2014 10:55:07 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/15/2014 10:54:58 PM, Error: EventLog [6008]  - The previous system shutdown at 10:50:59 PM on 2/15/2014 was unexpected.
2/15/2014 10:48:39 PM, Error: Service Control Manager [7043]  - The Windows Update service did not shut down properly after receiving a preshutdown control.
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-tw-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-hk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-cn-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-uk-ua-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-th-th-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sr-latn-cs-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sl-si-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sk-sk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ru-ru-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ro-ro-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-pt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-br-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ps-ps-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pl-pl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nl-nl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-Neutral from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nb-no-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lv-lv-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lt-lt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ko-kr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ja-jp-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-it-it-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hu-hu-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-he-il-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fi-fi-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-et-ee-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-es-es-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP(Feature Pack) into Staged(Staged) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-el-gr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-de-de-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-da-dk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-cs-cz-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-bg-bg-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ar-sa-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) into Staged(Staged) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into Staged(Staged) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4385]  - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested(Install Requested) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Update) into Install Requested(Install Requested) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested(Install Requested) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested(Install Requested) state
2/15/2014 10:18:19 PM, Error: Microsoft-Windows-Servicing [4375]  - Windows Servicing failed to complete the process of setting package KBWUClient-SelfUpdate-Aux (Feature Pack) into Install Requested(Install Requested) state
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Hi and Welcome!!   

 

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

 

  • The fixes are specific to your problem and should only be used for the issues on this machine.

It's often worth reading through these instructions and printing them for ease of reference.

If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.

Please reply to this thread. Do not start a new topic.

If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.

Please be sure to subscribe to the topic if you have not already done so.


IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

 

Having said that....   YBCQLm4.gif   Let's get going!!  

----------
Link to post
Share on other sites

Seems that you have ran DDS??  Could you post DDS.txt please?   :)
 
-------------------
 
weVCzW0.jpg Please download TDSSKiller

  • Double click TDSSKiller.exe
  • Press Start Scan but do nothing else as we are just looking for what is there.
  • If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------

Link to post
Share on other sites

Jeff,

Thanks for responding!

DDS.txt is already posted at the top of my first post. (it lists all the IP addresses stopped.)

 

I had already run TDSSkiller with no errors, but I ran it again for you. Here is the report listed below for you:

 

20:59:17.0573 0x0980  TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
20:59:26.0647 0x0980  ============================================================
20:59:26.0647 0x0980  Current date / time: 2014/02/16 20:59:26.0647
20:59:26.0647 0x0980  SystemInfo:
20:59:26.0647 0x0980  
20:59:26.0647 0x0980  OS Version: 6.0.6002 ServicePack: 2.0
20:59:26.0647 0x0980  Product type: Workstation
20:59:26.0647 0x0980  ComputerName: HOMEPC
20:59:26.0648 0x0980  UserName: JOSEPH
20:59:26.0648 0x0980  Windows directory: C:\Windows
20:59:26.0648 0x0980  System windows directory: C:\Windows
20:59:26.0648 0x0980  Processor architecture: Intel x86
20:59:26.0648 0x0980  Number of processors: 2
20:59:26.0648 0x0980  Page size: 0x1000
20:59:26.0648 0x0980  Boot type: Normal boot
20:59:26.0648 0x0980  ============================================================
20:59:28.0969 0x0980  KLMD registered as C:\Windows\system32\drivers\34925392.sys
20:59:29.0543 0x0980  System UUID: {4B551664-DF67-7313-4C53-78D216BC7FF1}
20:59:30.0768 0x0980  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:59:30.0874 0x0980  ============================================================
20:59:30.0874 0x0980  \Device\Harddisk0\DR0:
20:59:30.0874 0x0980  MBR partitions:
20:59:30.0874 0x0980  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x6, StartLBA 0x1384C7A, BlocksNum 0x12098F55
20:59:30.0874 0x0980  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1341DBCF, BlocksNum 0x1200FAF2
20:59:30.0874 0x0980  ============================================================
20:59:30.0896 0x0980  C: <-> \Device\Harddisk0\DR0\Partition1
20:59:30.0934 0x0980  D: <-> \Device\Harddisk0\DR0\Partition2
20:59:30.0934 0x0980  ============================================================
20:59:30.0935 0x0980  Initialize success
20:59:30.0935 0x0980  ============================================================
20:59:33.0366 0x0b30  ============================================================
20:59:33.0367 0x0b30  Scan started
20:59:33.0367 0x0b30  Mode: Manual; 
20:59:33.0367 0x0b30  ============================================================
20:59:33.0367 0x0b30  KSN ping started
20:59:44.0628 0x0b30  KSN ping finished: true
20:59:45.0787 0x0b30  ================ Scan system memory ========================
20:59:45.0787 0x0b30  System memory - ok
20:59:45.0787 0x0b30  ================ Scan services =============================
20:59:46.0247 0x0b30  [ A5F948A07B69401683BD809EEA3DC34B, ECBC4783919C2B4F2C24DB45B5799A95A19622FBB6B39C6CB6FE75BD779A9BD0 ] Acer HomeMedia Connect Service C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
20:59:46.0255 0x0b30  Acer HomeMedia Connect Service - ok
20:59:46.0560 0x0b30  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:59:46.0572 0x0b30  ACPI - ok
20:59:46.0652 0x0b30  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:59:46.0665 0x0b30  AdobeFlashPlayerUpdateSvc - ok
20:59:46.0719 0x0b30  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:59:46.0736 0x0b30  adp94xx - ok
20:59:46.0771 0x0b30  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:59:46.0780 0x0b30  adpahci - ok
20:59:46.0803 0x0b30  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:59:46.0808 0x0b30  adpu160m - ok
20:59:46.0830 0x0b30  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:59:46.0835 0x0b30  adpu320 - ok
20:59:46.0876 0x0b30  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:59:46.0878 0x0b30  AeLookupSvc - ok
20:59:46.0965 0x0b30  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
20:59:46.0966 0x0b30  AFD - ok
20:59:46.0999 0x0b30  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:59:47.0004 0x0b30  agp440 - ok
20:59:47.0029 0x0b30  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:59:47.0033 0x0b30  aic78xx - ok
20:59:47.0057 0x0b30  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
20:59:47.0061 0x0b30  ALG - ok
20:59:47.0081 0x0b30  [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:59:47.0083 0x0b30  aliide - ok
20:59:47.0107 0x0b30  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:59:47.0111 0x0b30  amdagp - ok
20:59:47.0132 0x0b30  [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:59:47.0134 0x0b30  amdide - ok
20:59:47.0155 0x0b30  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:59:47.0158 0x0b30  AmdK7 - ok
20:59:47.0211 0x0b30  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:59:47.0227 0x0b30  AmdK8 - ok
20:59:47.0259 0x0b30  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
20:59:47.0261 0x0b30  Appinfo - ok
20:59:47.0321 0x0b30  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
20:59:47.0336 0x0b30  arc - ok
20:59:47.0368 0x0b30  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:59:47.0373 0x0b30  arcsas - ok
20:59:47.0438 0x0b30  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:59:47.0439 0x0b30  AsyncMac - ok
20:59:47.0483 0x0b30  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
20:59:47.0484 0x0b30  atapi - ok
20:59:47.0600 0x0b30  [ 8EB7658B655713347C0127526E8F7941, D8EB639798291445EDF5D3790DA75754910CC137713C26E88E429BBE65C6EFE9 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
20:59:47.0633 0x0b30  Ati External Event Utility - ok
20:59:48.0163 0x0b30  [ 3F785FE4B890EBC17E1F4DF684DA060D, 7A1C3C8C8D9434453BC0FC960965B564F2B32A50C1340303FFEF7027F41134D6 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:59:48.0275 0x0b30  atikmdag - ok
20:59:48.0308 0x0b30  [ A356E45E8432432C06981EA63A1E0FE8, 98F3BE1023678173B1F2E5788E03F012BD31FE204EABBD7C19AF34620CCEB423 ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
20:59:48.0309 0x0b30  AtiPcie - ok
20:59:48.0370 0x0b30  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:59:48.0378 0x0b30  AudioEndpointBuilder - ok
20:59:48.0392 0x0b30  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:59:48.0400 0x0b30  Audiosrv - ok
20:59:48.0437 0x0b30  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:59:48.0437 0x0b30  Beep - ok
20:59:48.0484 0x0b30  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
20:59:48.0493 0x0b30  BFE - ok
20:59:48.0547 0x0b30  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
20:59:48.0573 0x0b30  BITS - ok
20:59:48.0583 0x0b30  blbdrive - ok
20:59:48.0621 0x0b30  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:59:48.0623 0x0b30  bowser - ok
20:59:48.0663 0x0b30  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:59:48.0665 0x0b30  BrFiltLo - ok
20:59:48.0682 0x0b30  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:59:48.0683 0x0b30  BrFiltUp - ok
20:59:48.0711 0x0b30  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
20:59:48.0715 0x0b30  Browser - ok
20:59:48.0734 0x0b30  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:59:48.0737 0x0b30  Brserid - ok
20:59:48.0757 0x0b30  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:59:48.0760 0x0b30  BrSerWdm - ok
20:59:48.0778 0x0b30  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:59:48.0779 0x0b30  BrUsbMdm - ok
20:59:48.0794 0x0b30  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:59:48.0795 0x0b30  BrUsbSer - ok
20:59:48.0824 0x0b30  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:59:48.0827 0x0b30  BTHMODEM - ok
20:59:48.0868 0x0b30  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:59:48.0871 0x0b30  cdfs - ok
20:59:48.0925 0x0b30  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:59:48.0927 0x0b30  cdrom - ok
20:59:48.0975 0x0b30  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
20:59:48.0978 0x0b30  CertPropSvc - ok
20:59:49.0028 0x0b30  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:59:49.0028 0x0b30  circlass - ok
20:59:49.0060 0x0b30  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
20:59:49.0060 0x0b30  CLFS - ok
20:59:49.0168 0x0b30  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:59:49.0171 0x0b30  clr_optimization_v2.0.50727_32 - ok
20:59:49.0222 0x0b30  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:59:49.0227 0x0b30  clr_optimization_v4.0.30319_32 - ok
20:59:49.0240 0x0b30  [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:59:49.0242 0x0b30  cmdide - ok
20:59:49.0255 0x0b30  [ 82B8C91D327CFECF76CB58716F7D4997, 6F06A4BC44B170BB28BF464E9BB5216D39D11CB8D442570B575A741B032EAEE6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:59:49.0258 0x0b30  Compbatt - ok
20:59:49.0265 0x0b30  COMSysApp - ok
20:59:49.0289 0x0b30  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:59:49.0290 0x0b30  crcdisk - ok
20:59:49.0314 0x0b30  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:59:49.0316 0x0b30  Crusoe - ok
20:59:49.0375 0x0b30  [ FB27772BEAF8E1D28CCD825C09DA939B, D074A314FB3E6B2248F2DB0A734B98A110F618804449E055B4178BF414826982 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:59:49.0387 0x0b30  CryptSvc - ok
20:59:49.0494 0x0b30  [ D28B8812F406A851C5CD09A6952F1968, FFC7828399DDA1A8FD4C58702C408719D1560DCCED5B41A8346CA7F3E0111423 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:59:49.0512 0x0b30  DcomLaunch - ok
20:59:49.0551 0x0b30  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:59:49.0560 0x0b30  DfsC - ok
20:59:49.0776 0x0b30  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
20:59:49.0842 0x0b30  DFSR - ok
20:59:49.0908 0x0b30  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:59:49.0918 0x0b30  Dhcp - ok
20:59:49.0955 0x0b30  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
20:59:49.0956 0x0b30  disk - ok
20:59:50.0003 0x0b30  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:59:50.0009 0x0b30  Dnscache - ok
20:59:50.0062 0x0b30  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
20:59:50.0062 0x0b30  dot3svc - ok
20:59:50.0094 0x0b30  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
20:59:50.0095 0x0b30  DPS - ok
20:59:50.0129 0x0b30  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:59:50.0129 0x0b30  drmkaud - ok
20:59:50.0193 0x0b30  [ FB85F7F69E9B109820409243F578CC4D, FBE0426E51B83DD973EC08ABA4E69E99F54B1C44995E0FD42B68A07549D52D7F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:59:50.0213 0x0b30  DXGKrnl - ok
20:59:50.0254 0x0b30  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:59:50.0257 0x0b30  E1G60 - ok
20:59:50.0311 0x0b30  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
20:59:50.0315 0x0b30  EapHost - ok
20:59:50.0383 0x0b30  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:59:50.0388 0x0b30  Ecache - ok
20:59:50.0450 0x0b30  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:59:50.0460 0x0b30  ehRecvr - ok
20:59:50.0485 0x0b30  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
20:59:50.0491 0x0b30  ehSched - ok
20:59:50.0506 0x0b30  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
20:59:50.0510 0x0b30  ehstart - ok
20:59:50.0549 0x0b30  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:59:50.0560 0x0b30  elxstor - ok
20:59:50.0661 0x0b30  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:59:50.0681 0x0b30  EMDMgmt - ok
20:59:50.0747 0x0b30  [ A2580C15D2664D18C3E140C7F98B366C, 4FA1B41E670A31397235D862BE6A68E91127EA7A36E3A42A427E34597A1C994B ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
20:59:50.0758 0x0b30  eRecoveryService - ok
20:59:50.0830 0x0b30  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
20:59:50.0840 0x0b30  EventSystem - ok
20:59:50.0889 0x0b30  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:59:50.0893 0x0b30  exfat - ok
20:59:50.0968 0x0b30  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:59:50.0999 0x0b30  fastfat - ok
20:59:51.0027 0x0b30  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:59:51.0029 0x0b30  fdc - ok
20:59:51.0060 0x0b30  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
20:59:51.0063 0x0b30  fdPHost - ok
20:59:51.0076 0x0b30  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:59:51.0080 0x0b30  FDResPub - ok
20:59:51.0133 0x0b30  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:59:51.0149 0x0b30  FileInfo - ok
20:59:51.0150 0x0b30  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:59:51.0157 0x0b30  Filetrace - ok
20:59:51.0188 0x0b30  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:59:51.0190 0x0b30  flpydisk - ok
20:59:51.0231 0x0b30  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:59:51.0239 0x0b30  FltMgr - ok
20:59:51.0294 0x0b30  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:59:51.0297 0x0b30  FontCache3.0.0.0 - ok
20:59:51.0329 0x0b30  [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:59:51.0331 0x0b30  Fs_Rec - ok
20:59:51.0397 0x0b30  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:59:51.0402 0x0b30  gagp30kx - ok
20:59:51.0483 0x0b30  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
20:59:51.0506 0x0b30  gpsvc - ok
20:59:51.0556 0x0b30  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:59:51.0569 0x0b30  HdAudAddService - ok
20:59:51.0631 0x0b30  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:59:51.0660 0x0b30  HDAudBus - ok
20:59:51.0694 0x0b30  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:59:51.0696 0x0b30  HidBth - ok
20:59:51.0722 0x0b30  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:59:51.0738 0x0b30  HidIr - ok
20:59:51.0771 0x0b30  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
20:59:51.0786 0x0b30  hidserv - ok
20:59:51.0818 0x0b30  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:59:51.0819 0x0b30  HidUsb - ok
20:59:51.0847 0x0b30  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:59:51.0856 0x0b30  hkmsvc - ok
20:59:51.0884 0x0b30  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:59:51.0890 0x0b30  HpCISSs - ok
20:59:51.0950 0x0b30  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:59:51.0966 0x0b30  HTTP - ok
20:59:51.0996 0x0b30  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:59:52.0010 0x0b30  i2omp - ok
20:59:52.0057 0x0b30  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:59:52.0061 0x0b30  i8042prt - ok
20:59:52.0105 0x0b30  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:59:52.0115 0x0b30  iaStorV - ok
20:59:52.0319 0x0b30  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:59:52.0357 0x0b30  idsvc - ok
20:59:52.0385 0x0b30  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:59:52.0388 0x0b30  iirsp - ok
20:59:52.0463 0x0b30  [ 9908D8A397B76CD8D31D0D383C5773C9, FFA6996BE9F11A81CB63C849C2400EB44A07706D1EEB7A3502D4110DAC3684A2 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:59:52.0480 0x0b30  IKEEXT - ok
20:59:52.0513 0x0b30  [ 9D64201C9E5AC8D1F088762BA00FF3AB, 1F83B0C828654B8C195A33CA4424AD9F9CFE411D503BB79986D7396DB9BBC994 ] int15           C:\Acer\Empowering Technology\eRecovery\int15.sys
20:59:52.0525 0x0b30  int15 - ok
20:59:52.0923 0x0b30  [ 2BD6633DB50A98534AA3262E0F9F5A14, B4A34FF0814E98098D4591A977DEF5C3F415CD71EE51B0E5D832E7AF92E3B8E5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:59:53.0014 0x0b30  IntcAzAudAddService - ok
20:59:53.0054 0x0b30  [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:59:53.0056 0x0b30  intelide - ok
20:59:53.0083 0x0b30  [ CE44CC04262F28216DD4341E9E36A16F, 2B316C4124DCFEAD7838B3D8FB8DBEC3F3B1EA8EA612AABB05B1275D0B230CCD ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:59:53.0085 0x0b30  intelppm - ok
20:59:53.0112 0x0b30  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:59:53.0116 0x0b30  IPBusEnum - ok
20:59:53.0147 0x0b30  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:59:53.0148 0x0b30  IpFilterDriver - ok
20:59:53.0243 0x0b30  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:59:53.0245 0x0b30  iphlpsvc - ok
20:59:53.0253 0x0b30  IpInIp - ok
20:59:53.0295 0x0b30  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:59:53.0312 0x0b30  IPMIDRV - ok
20:59:53.0354 0x0b30  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:59:53.0357 0x0b30  IPNAT - ok
20:59:53.0391 0x0b30  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:59:53.0392 0x0b30  IRENUM - ok
20:59:53.0405 0x0b30  iSafeNetFilter - ok
20:59:53.0431 0x0b30  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:59:53.0433 0x0b30  isapnp - ok
20:59:53.0506 0x0b30  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:59:53.0517 0x0b30  iScsiPrt - ok
20:59:53.0541 0x0b30  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:59:53.0544 0x0b30  iteatapi - ok
20:59:53.0578 0x0b30  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:59:53.0580 0x0b30  iteraid - ok
20:59:53.0636 0x0b30  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:59:53.0637 0x0b30  kbdclass - ok
20:59:53.0677 0x0b30  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:59:53.0678 0x0b30  kbdhid - ok
20:59:53.0730 0x0b30  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] KeyIso          C:\Windows\system32\lsass.exe
20:59:53.0733 0x0b30  KeyIso - ok
20:59:53.0861 0x0b30  [ 86165728AF9BF72D6442A894FDFB4F8B, 97A95C1856C761C93F43B177995749E45FA066C7FF6E93E6C3F34C1593ED2FB7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:59:53.0877 0x0b30  KSecDD - ok
20:59:53.0929 0x0b30  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:59:53.0943 0x0b30  KtmRm - ok
20:59:53.0972 0x0b30  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:59:53.0988 0x0b30  LanmanServer - ok
20:59:54.0032 0x0b30  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:59:54.0041 0x0b30  LanmanWorkstation - ok
20:59:54.0096 0x0b30  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
20:59:54.0110 0x0b30  LightScribeService - ok
20:59:54.0137 0x0b30  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:59:54.0139 0x0b30  lltdio - ok
20:59:54.0174 0x0b30  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:59:54.0185 0x0b30  lltdsvc - ok
20:59:54.0219 0x0b30  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:59:54.0222 0x0b30  lmhosts - ok
20:59:54.0299 0x0b30  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:59:54.0299 0x0b30  LSI_FC - ok
20:59:54.0323 0x0b30  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:59:54.0327 0x0b30  LSI_SAS - ok
20:59:54.0341 0x0b30  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:59:54.0345 0x0b30  LSI_SCSI - ok
20:59:54.0380 0x0b30  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:59:54.0383 0x0b30  luafv - ok
20:59:54.0394 0x0b30  lxce_device - ok
20:59:54.0570 0x0b30  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:59:54.0573 0x0b30  MBAMProtector - ok
20:59:54.0640 0x0b30  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:59:54.0655 0x0b30  MBAMScheduler - ok
20:59:54.0710 0x0b30  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:59:54.0732 0x0b30  MBAMService - ok
20:59:54.0798 0x0b30  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:59:54.0816 0x0b30  Mcx2Svc - ok
20:59:54.0851 0x0b30  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:59:54.0852 0x0b30  megasas - ok
20:59:54.0874 0x0b30  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
20:59:54.0877 0x0b30  MMCSS - ok
20:59:54.0904 0x0b30  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
20:59:54.0906 0x0b30  Modem - ok
20:59:54.0952 0x0b30  [ CBB59C41F19EFEA1A000793E08070A62, 4C3C01210DF9D00C05FA14FF5CEFB60C444CAEBFF3F49409EDE434D63F19B9F2 ] MODEMCSA        C:\Windows\system32\drivers\MODEMCSA.sys
20:59:54.0954 0x0b30  MODEMCSA - ok
20:59:54.0998 0x0b30  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:59:55.0000 0x0b30  monitor - ok
20:59:55.0024 0x0b30  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:59:55.0025 0x0b30  mouclass - ok
20:59:55.0051 0x0b30  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:59:55.0066 0x0b30  mouhid - ok
20:59:55.0093 0x0b30  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:59:55.0095 0x0b30  MountMgr - ok
20:59:55.0146 0x0b30  [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
20:59:55.0157 0x0b30  MpFilter - ok
20:59:55.0205 0x0b30  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:59:55.0208 0x0b30  mpio - ok
20:59:55.0395 0x0b30  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl9beb6285   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{242C4D77-2912-43B4-9E81-2A06A18268FE}\MpKsl9beb6285.sys
20:59:55.0411 0x0b30  MpKsl9beb6285 - ok
20:59:55.0466 0x0b30  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:59:55.0469 0x0b30  mpsdrv - ok
20:59:55.0543 0x0b30  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:59:55.0560 0x0b30  MpsSvc - ok
20:59:55.0582 0x0b30  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:59:55.0585 0x0b30  Mraid35x - ok
20:59:55.0614 0x0b30  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:59:55.0618 0x0b30  MRxDAV - ok
20:59:55.0655 0x0b30  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:59:55.0659 0x0b30  mrxsmb - ok
20:59:55.0681 0x0b30  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:59:55.0696 0x0b30  mrxsmb10 - ok
20:59:55.0720 0x0b30  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:59:55.0723 0x0b30  mrxsmb20 - ok
20:59:55.0767 0x0b30  [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:59:55.0768 0x0b30  msahci - ok
20:59:55.0812 0x0b30  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:59:55.0815 0x0b30  msdsm - ok
20:59:55.0872 0x0b30  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
20:59:55.0897 0x0b30  MSDTC - ok
20:59:55.0934 0x0b30  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:59:55.0935 0x0b30  Msfs - ok
20:59:55.0976 0x0b30  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:59:55.0977 0x0b30  msisadrv - ok
20:59:56.0016 0x0b30  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:59:56.0031 0x0b30  MSiSCSI - ok
20:59:56.0038 0x0b30  msiserver - ok
20:59:56.0066 0x0b30  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:59:56.0068 0x0b30  MSKSSRV - ok
20:59:56.0125 0x0b30  [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:59:56.0126 0x0b30  MsMpSvc - ok
20:59:56.0151 0x0b30  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:59:56.0152 0x0b30  MSPCLOCK - ok
20:59:56.0172 0x0b30  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:59:56.0173 0x0b30  MSPQM - ok
20:59:56.0205 0x0b30  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:59:56.0216 0x0b30  MsRPC - ok
20:59:56.0254 0x0b30  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:59:56.0267 0x0b30  mssmbios - ok
20:59:56.0301 0x0b30  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:59:56.0302 0x0b30  MSTEE - ok
20:59:56.0325 0x0b30  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:59:56.0327 0x0b30  Mup - ok
20:59:56.0381 0x0b30  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
20:59:56.0414 0x0b30  napagent - ok
20:59:56.0471 0x0b30  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:59:56.0475 0x0b30  NativeWifiP - ok
20:59:56.0531 0x0b30  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:59:56.0549 0x0b30  NDIS - ok
20:59:56.0572 0x0b30  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:59:56.0573 0x0b30  NdisTapi - ok
20:59:56.0625 0x0b30  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:59:56.0626 0x0b30  Ndisuio - ok
20:59:56.0674 0x0b30  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:59:56.0693 0x0b30  NdisWan - ok
20:59:56.0731 0x0b30  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:59:56.0733 0x0b30  NDProxy - ok
20:59:56.0766 0x0b30  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:59:56.0768 0x0b30  NetBIOS - ok
20:59:56.0844 0x0b30  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:59:56.0875 0x0b30  netbt - ok
20:59:56.0897 0x0b30  netfilter - ok
20:59:56.0922 0x0b30  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] Netlogon        C:\Windows\system32\lsass.exe
20:59:56.0925 0x0b30  Netlogon - ok
20:59:56.0994 0x0b30  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
20:59:57.0017 0x0b30  Netman - ok
20:59:57.0053 0x0b30  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
20:59:57.0065 0x0b30  netprofm - ok
20:59:57.0091 0x0b30  [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:59:57.0099 0x0b30  NetTcpPortSharing - ok
20:59:57.0120 0x0b30  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:59:57.0125 0x0b30  nfrd960 - ok
20:59:57.0148 0x0b30  [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:59:57.0153 0x0b30  NisDrv - ok
20:59:57.0198 0x0b30  [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
20:59:57.0211 0x0b30  NisSrv - ok
20:59:57.0249 0x0b30  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:59:57.0266 0x0b30  NlaSvc - ok
20:59:57.0297 0x0b30  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:59:57.0299 0x0b30  Npfs - ok
20:59:57.0322 0x0b30  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
20:59:57.0326 0x0b30  nsi - ok
20:59:57.0356 0x0b30  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:59:57.0358 0x0b30  nsiproxy - ok
20:59:57.0453 0x0b30  [ 6A4A98CEE84CF9E99564510DDA4BAA47, 18C3D8C0F12761D3B7FC43D9413CF4C4CEBF8CA9BEC521381F40D241B35EA779 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:59:57.0530 0x0b30  Ntfs - ok
20:59:57.0565 0x0b30  [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
20:59:57.0641 0x0b30  NTIDrvr - ok
20:59:57.0663 0x0b30  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:59:57.0665 0x0b30  ntrigdigi - ok
20:59:57.0683 0x0b30  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
20:59:57.0699 0x0b30  Null - ok
20:59:57.0718 0x0b30  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:59:57.0721 0x0b30  nvraid - ok
20:59:57.0757 0x0b30  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:59:57.0772 0x0b30  nvstor - ok
20:59:57.0793 0x0b30  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:59:57.0796 0x0b30  nv_agp - ok
20:59:57.0804 0x0b30  NwlnkFlt - ok
20:59:57.0812 0x0b30  NwlnkFwd - ok
20:59:57.0868 0x0b30  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:59:57.0878 0x0b30  ohci1394 - ok
20:59:57.0950 0x0b30  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:59:57.0954 0x0b30  ose - ok
20:59:58.0089 0x0b30  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:59:58.0116 0x0b30  p2pimsvc - ok
20:59:58.0145 0x0b30  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:59:58.0165 0x0b30  p2psvc - ok
20:59:58.0199 0x0b30  [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:59:58.0202 0x0b30  Parport - ok
20:59:58.0228 0x0b30  [ 57389FA59A36D96B3EB09D0CB91E9CDC, 05A3E2B155789990517CCFDC57FC3D1E9A596E4F31D86350B8BF0C043DE5EE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:59:58.0231 0x0b30  partmgr - ok
20:59:58.0253 0x0b30  [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
20:59:58.0270 0x0b30  Parvdm - ok
20:59:58.0306 0x0b30  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:59:58.0310 0x0b30  PcaSvc - ok
20:59:58.0357 0x0b30  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
20:59:58.0362 0x0b30  pci - ok
20:59:58.0398 0x0b30  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
20:59:58.0399 0x0b30  pciide - ok
20:59:58.0442 0x0b30  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:59:58.0457 0x0b30  pcmcia - ok
20:59:58.0482 0x0b30  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:59:58.0513 0x0b30  PEAUTH - ok
20:59:58.0961 0x0b30  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
20:59:59.0048 0x0b30  pla - ok
20:59:59.0080 0x0b30  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:59:59.0090 0x0b30  PlugPlay - ok
20:59:59.0128 0x0b30  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:59:59.0146 0x0b30  PNRPAutoReg - ok
20:59:59.0176 0x0b30  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:59:59.0194 0x0b30  PNRPsvc - ok
20:59:59.0230 0x0b30  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:59:59.0239 0x0b30  PolicyAgent - ok
20:59:59.0271 0x0b30  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:59:59.0274 0x0b30  PptpMiniport - ok
20:59:59.0305 0x0b30  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
20:59:59.0306 0x0b30  Processor - ok
20:59:59.0345 0x0b30  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
20:59:59.0352 0x0b30  ProfSvc - ok
20:59:59.0371 0x0b30  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:59:59.0374 0x0b30  ProtectedStorage - ok
20:59:59.0408 0x0b30  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:59:59.0411 0x0b30  PSched - ok
20:59:59.0492 0x0b30  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:59:59.0507 0x0b30  ql2300 - ok
20:59:59.0524 0x0b30  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:59:59.0524 0x0b30  ql40xx - ok
20:59:59.0554 0x0b30  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
20:59:59.0564 0x0b30  QWAVE - ok
20:59:59.0581 0x0b30  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:59:59.0583 0x0b30  QWAVEdrv - ok
20:59:59.0609 0x0b30  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:59:59.0612 0x0b30  RasAcd - ok
20:59:59.0636 0x0b30  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
20:59:59.0642 0x0b30  RasAuto - ok
20:59:59.0672 0x0b30  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:59:59.0676 0x0b30  Rasl2tp - ok
20:59:59.0714 0x0b30  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
20:59:59.0725 0x0b30  RasMan - ok
20:59:59.0752 0x0b30  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:59:59.0754 0x0b30  RasPppoe - ok
20:59:59.0783 0x0b30  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:59:59.0787 0x0b30  RasSstp - ok
20:59:59.0818 0x0b30  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:59:59.0825 0x0b30  rdbss - ok
20:59:59.0852 0x0b30  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:59:59.0853 0x0b30  RDPCDD - ok
20:59:59.0901 0x0b30  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:59:59.0908 0x0b30  rdpdr - ok
20:59:59.0924 0x0b30  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:59:59.0926 0x0b30  RDPENCDD - ok
20:59:59.0964 0x0b30  [ 30BFBDFB7F95559EDE971F9DDB9A00BA, 1BDD3FD0ABCF5EA2C4D2618E76AC782894E5A7132700BA4C4226E1F9C7CE547B ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:59:59.0971 0x0b30  RDPWD - ok
21:00:00.0018 0x0b30  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:00:00.0023 0x0b30  RemoteAccess - ok
21:00:00.0062 0x0b30  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:00:00.0068 0x0b30  RemoteRegistry - ok
21:00:00.0107 0x0b30  [ A76CDDB6D1F25797843E2557A2118E2E, A018DAC943937056E3A4FD1C1A770B61D835CB4B92447C7FCC064516ED78E6C1 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
21:00:00.0113 0x0b30  RichVideo - ok
21:00:00.0143 0x0b30  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
21:00:00.0146 0x0b30  RpcLocator - ok
21:00:00.0187 0x0b30  [ D28B8812F406A851C5CD09A6952F1968, FFC7828399DDA1A8FD4C58702C408719D1560DCCED5B41A8346CA7F3E0111423 ] RpcSs           C:\Windows\system32\rpcss.dll
21:00:00.0205 0x0b30  RpcSs - ok
21:00:00.0235 0x0b30  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:00:00.0238 0x0b30  rspndr - ok
21:00:00.0255 0x0b30  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] SamSs           C:\Windows\system32\lsass.exe
21:00:00.0257 0x0b30  SamSs - ok
21:00:00.0276 0x0b30  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:00:00.0280 0x0b30  sbp2port - ok
21:00:00.0334 0x0b30  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:00:00.0340 0x0b30  SCardSvr - ok
21:00:00.0391 0x0b30  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
21:00:00.0415 0x0b30  Schedule - ok
21:00:00.0440 0x0b30  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:00:00.0442 0x0b30  SCPolicySvc - ok
21:00:00.0479 0x0b30  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:00:00.0485 0x0b30  SDRSVC - ok
21:00:00.0530 0x0b30  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:00:00.0530 0x0b30  secdrv - ok
21:00:00.0561 0x0b30  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
21:00:00.0561 0x0b30  seclogon - ok
21:00:00.0561 0x0b30  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
21:00:00.0562 0x0b30  SENS - ok
21:00:00.0576 0x0b30  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:00:00.0578 0x0b30  Serenum - ok
21:00:00.0608 0x0b30  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:00:00.0611 0x0b30  Serial - ok
21:00:00.0636 0x0b30  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:00:00.0638 0x0b30  sermouse - ok
21:00:00.0685 0x0b30  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:00:00.0690 0x0b30  SessionEnv - ok
21:00:00.0716 0x0b30  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:00:00.0717 0x0b30  sffdisk - ok
21:00:00.0726 0x0b30  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:00:00.0727 0x0b30  sffp_mmc - ok
21:00:00.0743 0x0b30  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:00:00.0744 0x0b30  sffp_sd - ok
21:00:00.0765 0x0b30  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:00:00.0766 0x0b30  sfloppy - ok
21:00:00.0794 0x0b30  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:00:00.0804 0x0b30  SharedAccess - ok
21:00:00.0837 0x0b30  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:00:00.0846 0x0b30  ShellHWDetection - ok
21:00:00.0864 0x0b30  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:00:00.0867 0x0b30  sisagp - ok
21:00:00.0887 0x0b30  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
21:00:00.0889 0x0b30  SiSRaid2 - ok
21:00:00.0915 0x0b30  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:00:00.0918 0x0b30  SiSRaid4 - ok
21:00:01.0072 0x0b30  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
21:00:01.0177 0x0b30  slsvc - ok
21:00:01.0230 0x0b30  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
21:00:01.0235 0x0b30  SLUINotify - ok
21:00:01.0265 0x0b30  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:00:01.0268 0x0b30  Smb - ok
21:00:01.0346 0x0b30  [ 859E3ADC59D1C89A66AA6492C14D379E, 392F0AC179294F8416B2937EE149DE9C1062A757F6686B4AF3F3984A68D2929D ] smserial        C:\Windows\system32\DRIVERS\smserial.sys
21:00:01.0382 0x0b30  smserial - ok
21:00:01.0421 0x0b30  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:00:01.0426 0x0b30  SNMPTRAP - ok
21:00:01.0453 0x0b30  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:00:01.0457 0x0b30  spldr - ok
21:00:01.0489 0x0b30  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
21:00:01.0499 0x0b30  Spooler - ok
21:00:01.0545 0x0b30  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:00:01.0555 0x0b30  srv - ok
21:00:01.0622 0x0b30  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:00:01.0622 0x0b30  srv2 - ok
21:00:01.0623 0x0b30  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:00:01.0624 0x0b30  srvnet - ok
21:00:01.0657 0x0b30  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:00:01.0666 0x0b30  SSDPSRV - ok
21:00:01.0725 0x0b30  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:00:01.0732 0x0b30  SstpSvc - ok
21:00:01.0788 0x0b30  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
21:00:01.0809 0x0b30  stisvc - ok
21:00:01.0825 0x0b30  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:00:01.0827 0x0b30  swenum - ok
21:00:01.0870 0x0b30  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
21:00:01.0885 0x0b30  swprv - ok
21:00:01.0921 0x0b30  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
21:00:01.0924 0x0b30  Symc8xx - ok
21:00:01.0937 0x0b30  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
21:00:01.0940 0x0b30  Sym_hi - ok
21:00:01.0960 0x0b30  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
21:00:01.0963 0x0b30  Sym_u3 - ok
21:00:02.0020 0x0b30  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
21:00:02.0044 0x0b30  SysMain - ok
21:00:02.0075 0x0b30  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:00:02.0081 0x0b30  TabletInputService - ok
21:00:02.0114 0x0b30  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:00:02.0126 0x0b30  TapiSrv - ok
21:00:02.0157 0x0b30  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
21:00:02.0165 0x0b30  TBS - ok
21:00:02.0227 0x0b30  [ 6A10AFCE0B38371064BE41C1FBFD3C6B, 20FDB47DCF54B857B09C2753B49737F5B2D2D9ED7942C4DB0BFDEDC7811D02E1 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:00:02.0262 0x0b30  Tcpip - ok
21:00:02.0308 0x0b30  [ 6A10AFCE0B38371064BE41C1FBFD3C6B, 20FDB47DCF54B857B09C2753B49737F5B2D2D9ED7942C4DB0BFDEDC7811D02E1 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
21:00:02.0336 0x0b30  Tcpip6 - ok
21:00:02.0359 0x0b30  [ 9BF343F4C878D6AD6922B2C5A4FEFE0D, D3A8E2BC16A998D28228E7931624AF52C991E1D7959B8679F0867BA8241935D4 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:00:02.0360 0x0b30  tcpipreg - ok
21:00:02.0387 0x0b30  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:00:02.0388 0x0b30  TDPIPE - ok
21:00:02.0421 0x0b30  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:00:02.0424 0x0b30  TDTCP - ok
21:00:02.0464 0x0b30  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:00:02.0469 0x0b30  tdx - ok
21:00:02.0499 0x0b30  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:00:02.0502 0x0b30  TermDD - ok
21:00:02.0552 0x0b30  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
21:00:02.0573 0x0b30  TermService - ok
21:00:02.0606 0x0b30  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
21:00:02.0617 0x0b30  Themes - ok
21:00:02.0665 0x0b30  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
21:00:02.0665 0x0b30  THREADORDER - ok
21:00:02.0681 0x0b30  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
21:00:02.0681 0x0b30  TrkWks - ok
21:00:02.0713 0x0b30  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:00:02.0715 0x0b30  TrustedInstaller - ok
21:00:02.0750 0x0b30  [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:00:02.0752 0x0b30  tssecsrv - ok
21:00:02.0790 0x0b30  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
21:00:02.0791 0x0b30  tunmp - ok
21:00:02.0812 0x0b30  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:00:02.0814 0x0b30  tunnel - ok
21:00:02.0849 0x0b30  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:00:02.0852 0x0b30  uagp35 - ok
21:00:02.0887 0x0b30  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:00:02.0895 0x0b30  udfs - ok
21:00:02.0929 0x0b30  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:00:02.0935 0x0b30  UI0Detect - ok
21:00:02.0954 0x0b30  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:00:02.0969 0x0b30  uliagpkx - ok
21:00:03.0037 0x0b30  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
21:00:03.0057 0x0b30  uliahci - ok
21:00:03.0105 0x0b30  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
21:00:03.0109 0x0b30  UlSata - ok
21:00:03.0128 0x0b30  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
21:00:03.0134 0x0b30  ulsata2 - ok
21:00:03.0161 0x0b30  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:00:03.0165 0x0b30  umbus - ok
21:00:03.0192 0x0b30  UpdateServiceTool - ok
21:00:03.0237 0x0b30  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
21:00:03.0251 0x0b30  upnphost - ok
21:00:03.0295 0x0b30  [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:00:03.0300 0x0b30  usbccgp - ok
21:00:03.0332 0x0b30  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:00:03.0335 0x0b30  usbcir - ok
21:00:03.0370 0x0b30  [ 79E96C23A97CE7B8F14D310DA2DB0C9B, EB441D3B93965CD927E0C181031AD1082F59F9885BF35CABFDCA08C6C76B0DAF ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:00:03.0373 0x0b30  usbehci - ok
21:00:03.0402 0x0b30  [ 4673BBCB006AF60E7ABDDBE7A130BA42, 0B7DED0D887A3530AA5497FDBCB69389486FB9E2B6FAE3163E33713256D575BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:00:03.0411 0x0b30  usbhub - ok
21:00:03.0432 0x0b30  [ CE697FEE0D479290D89BEC80DFE793B7, D10F6BAD0467672CCE4F97C7F2E13437CE89AC754C895EAE05F0726B6DC617B1 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:00:03.0435 0x0b30  usbohci - ok
21:00:03.0466 0x0b30  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:00:03.0468 0x0b30  usbprint - ok
21:00:03.0508 0x0b30  [ A508C9BD8724980512136B039BBA65E9, B39B72471C468AC997AEC528599EDC98A031F5A7EB91C4F9471402D48D2D4E3E ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:00:03.0510 0x0b30  usbscan - ok
21:00:03.0530 0x0b30  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:00:03.0533 0x0b30  USBSTOR - ok
21:00:03.0559 0x0b30  [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:00:03.0561 0x0b30  usbuhci - ok
21:00:03.0586 0x0b30  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
21:00:03.0591 0x0b30  UxSms - ok
21:00:03.0633 0x0b30  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
21:00:03.0652 0x0b30  vds - ok
21:00:03.0672 0x0b30  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:00:03.0674 0x0b30  vga - ok
21:00:03.0724 0x0b30  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:00:03.0724 0x0b30  VgaSave - ok
21:00:03.0740 0x0b30  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:00:03.0741 0x0b30  viaagp - ok
21:00:03.0752 0x0b30  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:00:03.0755 0x0b30  ViaC7 - ok
21:00:03.0775 0x0b30  [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:00:03.0777 0x0b30  viaide - ok
21:00:03.0800 0x0b30  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:00:03.0803 0x0b30  volmgr - ok
21:00:03.0845 0x0b30  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:00:03.0855 0x0b30  volmgrx - ok
21:00:03.0896 0x0b30  [ 147281C01FCB1DF9252DE2A10D5E7093, DF5DCF6FD472F21863DC10B62F7647420B9686607857D08286B618D585E50219 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:00:03.0905 0x0b30  volsnap - ok
21:00:03.0941 0x0b30  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:00:03.0946 0x0b30  vsmraid - ok
21:00:04.0012 0x0b30  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
21:00:04.0055 0x0b30  VSS - ok
21:00:04.0100 0x0b30  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
21:00:04.0115 0x0b30  W32Time - ok
21:00:04.0141 0x0b30  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:00:04.0143 0x0b30  WacomPen - ok
21:00:04.0167 0x0b30  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:00:04.0169 0x0b30  Wanarp - ok
21:00:04.0180 0x0b30  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:00:04.0183 0x0b30  Wanarpv6 - ok
21:00:04.0222 0x0b30  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:00:04.0242 0x0b30  wcncsvc - ok
21:00:04.0274 0x0b30  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:00:04.0280 0x0b30  WcsPlugInService - ok
21:00:04.0306 0x0b30  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
21:00:04.0309 0x0b30  Wd - ok
21:00:04.0359 0x0b30  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:00:04.0379 0x0b30  Wdf01000 - ok
21:00:04.0405 0x0b30  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:00:04.0413 0x0b30  WdiServiceHost - ok
21:00:04.0421 0x0b30  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:00:04.0428 0x0b30  WdiSystemHost - ok
21:00:04.0463 0x0b30  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
21:00:04.0474 0x0b30  WebClient - ok
21:00:04.0506 0x0b30  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:00:04.0515 0x0b30  Wecsvc - ok
21:00:04.0541 0x0b30  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:00:04.0548 0x0b30  wercplsupport - ok
21:00:04.0586 0x0b30  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:00:04.0594 0x0b30  WerSvc - ok
21:00:04.0650 0x0b30  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:00:04.0661 0x0b30  WinDefend - ok
21:00:04.0677 0x0b30  WinHttpAutoProxySvc - ok
21:00:04.0747 0x0b30  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:00:04.0747 0x0b30  Winmgmt - ok
21:00:04.0814 0x0b30  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:00:04.0862 0x0b30  WinRM - ok
21:00:04.0937 0x0b30  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:00:04.0960 0x0b30  Wlansvc - ok
21:00:04.0986 0x0b30  [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:00:04.0988 0x0b30  WmiAcpi - ok
21:00:05.0014 0x0b30  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:00:05.0019 0x0b30  wmiApSrv - ok
21:00:05.0082 0x0b30  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:00:05.0107 0x0b30  WMPNetworkSvc - ok
21:00:05.0135 0x0b30  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:00:05.0142 0x0b30  WPCSvc - ok
21:00:05.0165 0x0b30  [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:00:05.0171 0x0b30  WPDBusEnum - ok
21:00:05.0266 0x0b30  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:00:05.0289 0x0b30  WPFFontCache_v0400 - ok
21:00:05.0326 0x0b30  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:00:05.0328 0x0b30  ws2ifsl - ok
21:00:05.0350 0x0b30  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
21:00:05.0355 0x0b30  wscsvc - ok
21:00:05.0362 0x0b30  WSearch - ok
21:00:05.0480 0x0b30  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:00:05.0539 0x0b30  wuauserv - ok
21:00:05.0582 0x0b30  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:00:05.0588 0x0b30  wudfsvc - ok
21:00:05.0657 0x0b30  [ 04E268ADFC81964C49DC0C082D520F7E, 7D2574E366636AB1D59A08FE3038268095D627C39636C6ED6BCE1D5ACB44A179 ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
21:00:05.0668 0x0b30  yukonwlh - ok
21:00:05.0675 0x0b30  ================ Scan global ===============================
21:00:05.0710 0x0b30  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
21:00:05.0749 0x0b30  [ 5DF01708D214FDC0075AD197F1889557, 7E9ABB5C1F873AD3CE4FDB66CA6E2278F966F238CB4E78994D6A2014B10BCAC4 ] C:\Windows\system32\winsrv.dll
21:00:05.0799 0x0b30  [ 5DF01708D214FDC0075AD197F1889557, 7E9ABB5C1F873AD3CE4FDB66CA6E2278F966F238CB4E78994D6A2014B10BCAC4 ] C:\Windows\system32\winsrv.dll
21:00:05.0828 0x0b30  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
21:00:05.0839 0x0b30  [ Global ] - ok
21:00:05.0839 0x0b30  ================ Scan MBR ==================================
21:00:05.0854 0x0b30  [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk0\DR0
21:00:08.0369 0x0b30  \Device\Harddisk0\DR0 - ok
21:00:08.0370 0x0b30  ================ Scan VBR ==================================
21:00:08.0373 0x0b30  [ 173487ED389BF750D051CB107E2DF754 ] \Device\Harddisk0\DR0\Partition1
21:00:08.0395 0x0b30  \Device\Harddisk0\DR0\Partition1 - ok
21:00:08.0399 0x0b30  [ 382B663FA0388265342E2A4498F1E6AF ] \Device\Harddisk0\DR0\Partition2
21:00:08.0426 0x0b30  \Device\Harddisk0\DR0\Partition2 - ok
21:00:08.0426 0x0b30  Waiting for KSN requests completion. In queue: 13
21:00:09.0468 0x0b30  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61000 ( enabled : updated )
21:00:09.0478 0x0b30  Win FW state via NFP2: enabled
21:00:09.0698 0x0b30  ============================================================
21:00:09.0698 0x0b30  Scan finished
21:00:09.0698 0x0b30  ============================================================
21:00:09.0715 0x08e8  Detected object count: 0
21:00:09.0715 0x08e8  Actual detected object count: 0
Link to post
Share on other sites

Jeff,

Sorry but what I thought was dds.txt was only part of the Malwarebytes log.

 

Here is DDS.txt:

 

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.19088
Run by JOSEPH at 13:52:22 on 2014-02-16
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.1791.843 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\JOSEPH\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JOSEPH\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JOSEPH\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\JOSEPH\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uProxyOverride = searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;cf.netzero.net;qs.netzero.net;*.quicken.com;feed.untd.com;*.pogo.com;*.mail.yahoo.com;*.aolcdn.com;*.yimg.com;<local>
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - <orphaned>
BHO: Pop-up Blocker: {52706EF7-D7A2-49AD-A615-E903858CF284} - c:\program files\juno\qsacc\X1IEBHO.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - 
BHO: Juno Toolbar Helper: {FE3098B1-04A3-41fd-8CA9-BEA39CB14C87} - c:\program files\juno\UCReg.dll
TB: JunoBar: {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - c:\program files\juno\Toolbar.dll
TB: JunoBar: {5854FAC4-5BF0-47DD-B5A9-A5EA8CFF3CF4} - c:\program files\juno\Toolbar.dll
uRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
uRun: [Juno_uoltray] c:\program files\juno\exec.exe regrun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Google Update] "c:\users\joseph\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [sMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe
mRun: [Acer Assist Launcher] c:\program files\acer assist\launcher.exe
mRun: [eRecoveryService] <no file>
dRun: [startCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe
dRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe
StartupFolder: c:\users\joseph\appdata\roaming\microsoft\windows\start menu\programs\startup\OneNote Table Of Contents.onetoc2
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\athome~1.lnk - c:\program files\athomeconnect\AtHomeConnect.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\pcmmed~1.lnk - c:\program files\acer arcade live\acer homemedia connect\kernel\dms\PCMMediaSharing.exe
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: juno.com
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{366830F1-CAE0-4ECD-9A59-E8D08B99F40A} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{4021DADA-6A1A-4FCC-871F-10252A1AE5D3} : NameServer = 64.136.52.73 64.136.44.73
Handler: junomsg - {C4D10830-379D-11d4-9B2D-00C04F1579A5} - 
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
.
============= SERVICES / DRIVERS ===============
.
R2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\acer arcade live\acer homemedia connect\kernel\dms\CLMSServer.exe [2007-4-16 266343]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2014-2-13 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2014-2-13 701512]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-2-13 22856]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-2-15 40776]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 UpdateServiceTool;UpdateSoftware;c:\program files\bin\updatetool\updatertoolservice.exe --> c:\program files\bin\updatetool\UpdaterToolService.exe [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2014-02-16 03:19:06 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-02-16 03:17:11 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-02-16 03:16:29 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-02-16 03:16:29 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-02-16 02:55:24 -------- d-----w- c:\windows\system32\eu-ES
2014-02-16 02:55:24 -------- d-----w- c:\windows\system32\ca-ES
2014-02-16 02:55:23 -------- d-----w- c:\windows\system32\vi-VN
2014-02-16 01:42:11 -------- d-----w- C:\ATI
2014-02-16 01:24:50 0 ----a-w- c:\windows\ativpsrm.bin
2014-02-16 00:21:54 40776 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-02-16 00:21:11 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-02-15 23:29:45 62576 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0c525b88-7e75-46a5-96a2-7820403ecda6}\offreg.dll
2014-02-14 23:03:15 7760024 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{0c525b88-7e75-46a5-96a2-7820403ecda6}\mpengine.dll
2014-02-13 20:51:19 -------- d-----w- c:\programdata\AVAST Software
2014-02-13 20:12:41 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-02-13 20:07:40 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2014-02-13 19:23:04 -------- d-----w- c:\users\joseph\appdata\roaming\Malwarebytes
2014-02-13 19:22:57 -------- d-----w- c:\programdata\Malwarebytes
2014-02-13 19:22:56 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-13 19:22:56 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-07 03:51:12 -------- d-----w- c:\program files\iSafe
2014-02-03 03:50:32 -------- d-----w- c:\users\joseph\.android
2014-02-03 03:50:28 -------- d-----w- c:\users\joseph\appdata\local\cache
2014-02-03 03:50:07 -------- d-----w- c:\users\joseph\appdata\local\genienext
2014-02-03 03:50:05 -------- d-----w- c:\users\joseph\appdata\local\Mobogenie
2014-02-03 03:47:36 -------- d--h--w- c:\programdata\Common Files
2014-02-03 03:46:58 -------- d-----w- c:\programdata\VisualBee
2014-02-03 03:46:56 -------- d-----w- c:\users\joseph\appdata\local\emaze
2014-02-03 00:42:21 -------- d-----w- c:\program files\TempInstaller
2014-02-03 00:42:01 -------- d-----w- c:\users\joseph\appdata\roaming\iSafe
2014-02-03 00:41:55 -------- d-----w- C:\Facebook_Pictures
2014-02-02 05:43:52 -------- d-----w- c:\programdata\TreeCardGames
2014-02-02 05:40:57 -------- d-----w- c:\users\joseph\appdata\roaming\TreeCardGames
2014-02-02 05:40:38 -------- d-----w- c:\program files\Free FreeCell Solitaire
2014-02-02 05:36:41 -------- d-----w- c:\users\joseph\appdata\roaming\systweak
2014-02-02 05:36:34 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-02 05:36:34 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-02 05:35:49 -------- d-----w- c:\program files\Level Quality Watcher
2014-02-02 05:22:05 -------- d-----w- c:\users\joseph\appdata\local\SwvUpdater
2014-02-02 05:14:54 -------- d-----w- c:\program files\FlashGames
.
==================== Find3M  ====================
.
.
============= FINISH: 13:53:38.09 ===============
Link to post
Share on other sites

Thanks!   :)
 
ComboFix
 
Download Combofix from either of the links below, and save it to your desktop.  
Link 1
Link 2
 
**Note:  It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.


 
--------------------------------------------------------------------
 
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
 
--------------------------------------------------------------------
 
Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.
Link to post
Share on other sites

Jeff,

Combo fix was run as you requested. Here is the post for combofix.txt:

 

ComboFix 14-02-16.01 - JOSEPH 02/18/2014   8:43.1.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.1791.763 [GMT -5:00]
Running from: c:\users\JOSEPH\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-18 to 2014-02-18  )))))))))))))))))))))))))))))))
.
.
2014-02-18 13:51 . 2014-02-18 13:52 -------- d-----w- c:\users\JOSEPH\AppData\Local\temp
2014-02-18 13:51 . 2014-02-18 13:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-18 11:32 . 2014-02-16 19:45 719224 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-18 11:32 . 2014-02-16 19:45 719224 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{86C057A5-8988-411A-82B8-BD4260B113F5}\gapaengine.dll
2014-02-18 11:31 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0B71D4B7-C22A-42A2-B0A3-C6D3FEF987F4}\mpengine.dll
2014-02-17 21:07 . 2013-08-27 01:52 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-17 21:07 . 2013-08-27 01:50 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2014-02-17 21:07 . 2013-08-27 02:47 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-02-17 21:07 . 2013-08-27 02:47 189952 ----a-w- c:\windows\system32\d3d10core.dll
2014-02-17 21:07 . 2013-08-27 02:47 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2014-02-17 21:07 . 2013-08-27 02:47 1029120 ----a-w- c:\windows\system32\d3d10.dll
2014-02-17 21:07 . 2013-08-27 01:32 683008 ----a-w- c:\windows\system32\d2d1.dll
2014-02-17 21:07 . 2013-08-27 01:28 1069056 ----a-w- c:\windows\system32\DWrite.dll
2014-02-17 21:07 . 2013-08-27 01:28 798208 ----a-w- c:\windows\system32\FntCache.dll
2014-02-17 21:07 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2014-02-17 13:23 . 2014-02-17 13:23 -------- d-----w- c:\program files\Common Files\Adobe
2014-02-17 12:31 . 2014-02-17 12:31 -------- d-----w- c:\program files\Windows Portable Devices
2014-02-17 11:56 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2014-02-17 11:56 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2014-02-17 11:56 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2014-02-17 11:33 . 2014-02-17 11:33 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2014-02-17 11:32 . 2014-02-17 11:32 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2014-02-17 11:32 . 2014-02-17 11:32 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2014-02-17 11:32 . 2014-02-17 11:32 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-17 11:32 . 2014-02-17 11:32 519680 ----a-w- c:\windows\system32\d3d11.dll
2014-02-17 11:32 . 2014-02-17 11:32 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2014-02-17 11:32 . 2014-02-17 11:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2014-02-17 11:32 . 2014-02-17 11:32 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-02-17 11:10 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-02-17 11:10 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-02-17 11:10 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-02-17 11:10 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-02-17 11:10 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-02-17 11:10 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2014-02-17 11:10 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-02-17 11:10 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-02-17 11:10 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-02-17 11:10 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-02-16 19:45 . 2013-12-03 23:57 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-16 19:44 . 2014-02-16 19:44 -------- d-----w- c:\program files\Microsoft Security Client
2014-02-16 16:35 . 2013-08-01 02:49 37376 ----a-w- c:\windows\system32\cdd.dll
2014-02-16 16:35 . 2013-08-01 03:16 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-02-16 16:35 . 2013-07-05 03:20 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-02-16 16:35 . 2013-07-05 01:43 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2014-02-16 16:35 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2014-02-16 16:35 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2014-02-16 16:35 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2014-02-16 16:35 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2014-02-16 16:35 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2014-02-16 16:34 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-02-16 16:34 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2014-02-16 16:34 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2014-02-16 16:34 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2014-02-16 16:32 . 2013-07-04 04:21 532480 ----a-w- c:\windows\system32\comctl32.dll
2014-02-16 16:32 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll
2014-02-16 16:32 . 2013-04-24 04:00 41984 ----a-w- c:\windows\system32\certenc.dll
2014-02-16 16:32 . 2013-04-24 01:46 812544 ----a-w- c:\windows\system32\certutil.exe
2014-02-16 16:32 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2014-02-16 16:32 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2014-02-16 16:30 . 2013-05-02 04:04 443904 ----a-w- c:\windows\system32\win32spl.dll
2014-02-16 16:19 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2014-02-16 03:19 . 2014-02-16 16:00 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-02-16 03:17 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-02-16 03:17 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-02-16 03:17 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-02-16 03:17 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-02-16 03:16 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-02-16 03:16 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-02-16 03:16 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-02-16 03:16 . 2012-06-02 20:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-02-16 03:16 . 2012-06-02 20:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-02-16 02:55 . 2014-02-16 02:55 -------- d-----w- c:\windows\system32\ca-ES
2014-02-16 02:55 . 2014-02-16 02:55 -------- d-----w- c:\windows\system32\eu-ES
2014-02-16 02:55 . 2014-02-16 02:55 -------- d-----w- c:\windows\system32\vi-VN
2014-02-16 01:42 . 2014-02-16 01:42 -------- d-----w- C:\ATI
2014-02-16 01:24 . 2014-02-16 01:24 0 ----a-w- c:\windows\ativpsrm.bin
2014-02-16 00:21 . 2014-02-16 03:55 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-02-15 23:29 . 2014-02-15 23:29 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C525B88-7E75-46A5-96A2-7820403ECDA6}\offreg.dll
2014-02-14 23:03 . 2013-12-16 06:54 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C525B88-7E75-46A5-96A2-7820403ECDA6}\mpengine.dll
2014-02-13 20:51 . 2014-02-16 16:08 -------- d-----w- c:\programdata\AVAST Software
2014-02-13 20:12 . 2013-12-18 11:13 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-02-13 20:07 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2014-02-13 19:23 . 2014-02-13 19:23 -------- d-----w- c:\users\JOSEPH\AppData\Roaming\Malwarebytes
2014-02-13 19:22 . 2014-02-13 19:22 -------- d-----w- c:\programdata\Malwarebytes
2014-02-13 19:22 . 2014-02-13 19:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-13 19:22 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-03 03:50 . 2014-02-03 03:50 -------- d-----w- c:\users\JOSEPH\.android
2014-02-03 03:50 . 2014-02-03 04:02 -------- d-----w- c:\users\JOSEPH\AppData\Local\cache
2014-02-03 03:50 . 2014-02-13 19:50 -------- d-----w- c:\users\JOSEPH\AppData\Local\genienext
2014-02-03 03:50 . 2014-02-15 18:33 -------- d-----w- c:\users\JOSEPH\AppData\Local\Mobogenie
2014-02-03 03:47 . 2014-02-03 03:47 -------- d--h--w- c:\programdata\Common Files
2014-02-03 03:46 . 2014-02-03 03:47 -------- d-----w- c:\programdata\VisualBee
2014-02-03 03:46 . 2014-02-03 03:46 -------- d-----w- c:\users\JOSEPH\AppData\Local\emaze
2014-02-03 00:42 . 2014-02-03 00:42 -------- d-----w- c:\program files\TempInstaller
2014-02-03 00:42 . 2014-02-07 21:57 -------- d-----w- c:\users\JOSEPH\AppData\Roaming\iSafe
2014-02-03 00:41 . 2014-02-03 00:41 -------- d-----w- C:\Facebook_Pictures
2014-02-02 05:43 . 2014-02-02 05:43 -------- d-----w- c:\programdata\TreeCardGames
2014-02-02 05:40 . 2014-02-02 05:40 -------- d-----w- c:\users\JOSEPH\AppData\Roaming\TreeCardGames
2014-02-02 05:40 . 2014-02-02 05:40 -------- d-----w- c:\program files\Free FreeCell Solitaire
2014-02-02 05:36 . 2014-02-06 19:33 -------- d-----w- c:\users\JOSEPH\AppData\Roaming\systweak
2014-02-02 05:36 . 2014-02-15 18:37 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-02 05:36 . 2014-02-15 18:37 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-02 05:22 . 2014-02-13 18:23 -------- d-----w- c:\users\JOSEPH\AppData\Local\SwvUpdater
2014-02-02 05:14 . 2014-02-02 05:14 -------- d-----w- c:\program files\FlashGames
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-17 11:32 . 2014-02-17 11:32 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2009-04-11 . D28B8812F406A851C5CD09A6952F1968 . 551424 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll
[-] 2009-04-11 . D28B8812F406A851C5CD09A6952F1968 . 551424 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[7] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[7] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[7] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[7] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
[7] 2008-01-19 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
[7] 2006-11-02 . B46D8EA6DD30BAA49F674DACDC4C491F . 545792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16386_none_67941a0040f4ed68\rpcss.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Juno_uoltray"="c:\program files\Juno\exec.exe" [2010-06-29 1776640]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 4423680]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-10-26 1458176]
"Acer Assist Launcher"="c:\program files\Acer Assist\launcher.exe" [2007-02-02 1261568]
"Skytel"="Skytel.exe" [2007-03-16 1822720]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
.
c:\users\JOSEPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote Table Of Contents.onetoc2 [2011-12-23 3656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AtHomeConnect.lnk - c:\program files\AtHomeConnect\AtHomeConnect.exe -auto [2013-2-1 9939936]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe 9999 [2007-4-16 528384]
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-4-16 200812]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXCECATS]
2005-07-20 13:46 73728 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\lxcetime.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-05 266343]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ   FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-02 18:37]
.
2014-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219208688-2836946838-1854743693-1000Core.job
- c:\users\JOSEPH\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 19:10]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219208688-2836946838-1854743693-1000UA.job
- c:\users\JOSEPH\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 19:10]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;cf.netzero.net;qs.netzero.net;*.quicken.com;feed.untd.com;*.pogo.com;*.mail.yahoo.com;*.aolcdn.com;*.yimg.com;<local>
Trusted Zone: juno.com
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{4021DADA-6A1A-4FCC-871F-10252A1AE5D3}: NameServer = 64.136.52.73 64.136.44.73
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{22E03916-85C5-44B0-8DC9-1830C11238D9} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKCU-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe
HKLM-Run-eRecoveryService - (no file)
HKLM-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe
HKLM-Run-Apanel - c:\acersw\config\NewSetApanel.cmd
HKU-Default-Run-Acer Tour Reminder - c:\acer\AcerTour\Reminder.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-18 08:52
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2014-02-18  08:55:20
ComboFix-quarantined-files.txt  2014-02-18 13:55
.
Pre-Run: 117,067,902,976 bytes free
Post-Run: 117,933,703,168 bytes free
.
- - End Of File - - 7752B91A77796793FB7DE1CD5D6871FE
A863475757CC50891AA8458C415E4B25
Link to post
Share on other sites

ComboFix

  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    ClearJavaCache::
     
    FCopy::
    c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll | c:\windows\System32\rpcss.dll
     
    DDS::
    uInternet Settings,ProxyOverride = searchap.untd.com;127.0.0.1;localhost;*microsoft.com;*windowsupdate.com;*wustat.windows.com;*test-speed.com;liveupdate.symantecliveupdate.com;*symantec.com;*.nai.com;*.networkassociates.com;cf.netzero.net;qs.netzero.net;*.quicken.com;feed.untd.com;*.pogo.com;*.mail.yahoo.com;*.aolcdn.com;*.yimg.com;<local>
    Trusted Zone: juno.com
     
    Folder::
    c:\users\JOSEPH\AppData\Local\Mobogenie

  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.
     
    CFScriptB-4.gif
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix may request an update; please allow it.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.
----------

 

Post the new ComboFix log and let me know how your system is running now.  :)

Link to post
Share on other sites

Jeff,

 

File was too big to paste so I attached the file as log.txt.
 
IP blocking seems to have stopped.
 
There were a ton of mobogenie files deleted in the user appdata\local directory.
 
I will reboot and see if the computer seems clean again.
 
Thank you very much for your help! You are greatly appreciated!
 
RetiredTech
Link to post
Share on other sites

Computer is running fine with no problems.

Thanks very much for your help!

Time to close this one out.

I will paste again with most of the deleted Mobogenie files left out so you can see the beginning and end of Combofix.

 

ComboFix 14-02-18.01 - JOSEPH 02/18/2014  21:13:25.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.1791.1098 [GMT -5:00]
Running from: c:\users\JOSEPH\Desktop\ComboFix.exe
Command switches used :: c:\users\JOSEPH\Desktop\cfscript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\JOSEPH\AppData\Local\Mobogenie
c:\users\JOSEPH\AppData\Local\Mobogenie\adb.black_devices
c:\users\JOSEPH\AppData\Local\Mobogenie\adb.write_devices
c:\users\JOSEPH\AppData\Local\Mobogenie\client.time
c:\users\JOSEPH\AppData\Local\Mobogenie\damo.time
c:\users\JOSEPH\AppData\Local\Mobogenie\Data\mobogenie_u_user_dl.mg
c:\users\JOSEPH\AppData\Local\Mobogenie\mobo.uuid
c:\users\JOSEPH\AppData\Local\Mobogenie\Source.mu
c:\users\JOSEPH\AppData\Local\Mobogenie\updatepop.time
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\CacheVersion\release-update.xml
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\aapt.exe
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\AdbWinApi.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\AdbWinUsbApi.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\AutoItX3.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\AutoItX3_x64.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\busybox
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\configure.mu
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\CrashReport.exe
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\CrashRpt.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DCR.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\devcon_x64.exe
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\devcon_x86.exe
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Device.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DriverInstall_x64.exe
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DriverInstall_x86.exe
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\imageformats\qgif4.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\imageformats\qico4.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\imageformats\qjpeg4.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\imageformats\qmng4.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\imageformats\qsvg4.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\imageformats\qtga4.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\imageformats\qtiff4.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\lang.mu
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\libeay32.dll
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\log\2014-01-26.log
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\app.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\bootstrap-typeahead.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\common.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\default-color.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\grid.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\image.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\jquery.autocomplete.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\main.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\message.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\prettyPhoto.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\send.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\skin1.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\skin2.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\skindialog.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\style.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\css\vedio.css
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\add_web.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\backup_all.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\backup_status.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\backupAll.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\backupAll2.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\binding.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\close.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\collect_data.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\dialog.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\dialog_close.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\dm_backup.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\dm_installapp.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\download.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\download_center.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\driver_loading.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\errorlay.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\exporting.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\an.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\animation_cicle.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\animation_flower.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\back.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\bd_phone.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\hx.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\images_156X167_1.jpg
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\images_156X167_151.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\images_156X167_2.jpg
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\images_156X167_3.jpg
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\play.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\pop1_11.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\pop2_03.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\pop3_07.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\simg.jpg
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\Thumbs.db
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\ui-left-images.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\images\ui-right-images.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\import_from_file.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\import_from_file_v2.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\importing.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\install.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\install_failed.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\install_help.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\installing.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\#U8bed#U8a00#U540d#U79f0.txt
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\arabic\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\chinese\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\english\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\indonesian\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\strings.xml
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\italian\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\language.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\poland\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\portuguese\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\russian\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\spanish\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\thai\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\barball.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\js_\i18n\vietna\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\loading.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\manual-update.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\newsms.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\nomem.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\promote_active.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\recommend.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\recommend2.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\restore_all.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\restore_status.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\restoreAll.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\settings.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\skin-dialog.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\skindialog.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\speed.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\sys_restore.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\unfinished_task.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\update_app.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\upgrade.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\usb.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\usb2.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\dialog\video_select.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\footer.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\app.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\barball.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\contact.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\download.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\download_center.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\driver.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\footer.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\good.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\message.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\music.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\picture.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\pop.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\vedio.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\welcome.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\htmlTemp\welcome_ok.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe\appIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe\barballframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe\bd_barballframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe\gameIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe\homeIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe\imagesIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe\musicIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe\tempframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe\topIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\iframe\videoIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\1.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\111.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\2.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\an.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\AngryBirdsStarWarsIIFree.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\app-default-small.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\app_update_img.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\backup_complete.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\backup_default_app.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\backup_default_content.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\backup_default_image.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\backup_default_msg.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\backup_default_music.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\backup_default_video.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\backup_li_bg.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\backup_loading.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\BarbaraPalvinVictorias.jpg
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\battery-bg.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\BBM.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\bd_phone.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\bd_right.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\bizhi.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\Camera360.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\CandyCrushSaga.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\CarAbstract.jpg
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\cate-icon.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\category-bg.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\caution.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\charge_finish.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\check_usb_debug.jpg
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\Chrome.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\CLauncher.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\CleanMasterFREE.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\close-client.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\close-client2.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\complete.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\connceting.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\connect-error.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\connect_gif.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\connected.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\connecting.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\connecting.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\connecting_default.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\connection-error.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\connection-guide-bg-300X300.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\connection-no.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\contact-default-large.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\contact-default-small.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\contact_icon.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\content_mask_1X35.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\dc_icon_03.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\dc_icon_06.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\dc_icon_07.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\dc_icon_09.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\dc_icon_11.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\dc_weak.gif
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\deamon_process_close.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\1.1.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\1.2.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\1.3.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\1.4.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\1.5.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\1.6.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\2.1.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\2.2.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\2.3.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\2.4.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\2.5.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\2.6.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\2.7.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\3.1.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\3.2.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\3.3.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\3.4.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\3.5.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\3.6.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\3.7.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\3.8.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\3.9.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\next.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\nexth.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\prev.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\prevh.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\debug\Thumbs.db
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\default-skin.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\default_image.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\default_small_app.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\default_small_images.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\default_small_music.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\default_small_vedio.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\default_video.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\dialog.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\dialog1.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\diwali-special.jpg
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\down-anima-bg-16X32.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\download_icon.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\download_progress.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\download_progress_inner.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\drive-arrows.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\driver-no-link.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\driver_bottom_hx.png
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\images\driver_download.png
OSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\vietna\iframe.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\vietna\message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\vietna\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\vietna\picture.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\vietna\video.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\vietna\welcome.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\i18n\vietna\window.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\interface\interface_app.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\interface\interface_contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\interface\interface_download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\interface\interface_downloadCenter.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\interface\interface_image.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\interface\interface_message.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\interface\interface_vedio.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\interface\moduleInteface.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\backbone.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\bootstrap-typeahead.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\doT.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\ejs.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\eventProxy.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\jcarousellite.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\jquery-1.8.3.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\jquery.jtips.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\jquery.prettyPhoto.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\require.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\lib\undercore.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\main.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app\app_common.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app\app_main.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app\app_nav.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app\app_right.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app\app_temp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app\local_main.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app\system_main.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app\update_main.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\app\update_model.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\contact\contact.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\contact\contact_letter.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\contact\contact_temp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download\download_common.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download\download_dialog_common.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download\download_dialog_main.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download\download_dialog_nav.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download\download_main.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download\download_nav.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download\download_temp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download\TaskItem.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download\TaskManager.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\download\TaskToolbarEvent.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\driver\driver.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\driver\PicSlider.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\image\image_common.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\image\image_main.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\image\image_nav.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\image\image_temp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\message_common.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\message_main.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\message_main_uc.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\message_main_weinan.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\message_nav.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\message_nav_uc.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\MESSAGE_NEW.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\message_right.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\message_right_uc.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\message_send.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\message_temp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\message\messageDialog.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\music.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\subject\subject.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\subject\subject_temp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\ui\dialog.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\ui\ifr.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\ui\menu.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\ui\super_grid.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\ui\test.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\vedio\vedio_common.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\vedio\vedio_main.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\vedio\vedio_nav.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\vedio\vedio_temp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\module\vedio\video_temp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\moduletemp\appTemp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\moduletemp\contactTemp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\moduletemp\downloadTemp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\moduletemp\imageTemp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\moduletemp\messageTemp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\moduletemp\musicTemp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\moduletemp\vedioTemp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\moduletemp\videoTemp.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\pb\config.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\skin\changeSkin.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\skin\skin-common.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\skin\skindialog.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\TEMPHTML.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\addweb.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\app.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\app_local.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\app_system.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\app_update.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\appIframe.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\appIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\contact.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\Disclaimer.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\download_animate.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\download_center.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\download_center.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\download_center_installed.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\driver_loading.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\gameIframe.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\gameIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\genieIframe.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\homeContentPage.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\homeIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\imageIframe.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\imageIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\import.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\message.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\musicIframe.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\musicIframe.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\photo.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\PrivacyPolicy.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\recommend.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\recommendNewUser.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\sys-uninstall-restore.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\ui.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\usbDebugging.ejs
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\tpls\video.html
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\DB.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\DeviceUtil.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\dialog.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\dialog_pop.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\domain_config.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\EventProxyCenter.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\I18nUtil.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\log.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\module.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\navigation.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\prograss.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\PropertyUtil.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\search.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\skin.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\util\util.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\welcome\sysCallback.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_\welcome\welcome_ok.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\dialog\backup_all.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\dialog\restore_all.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\category_switch.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\ClientInfo.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\download_animate.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\iframe_download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\loading.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\lottery.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\recommed.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\recommend2.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\recommend3.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\recommendForNew.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\appTab.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\gameTab.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\genieTab.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\homeTab.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\imageTab.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\musicTab.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\phoneTab.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\tempTab.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\iframe\tab_switch\vedioTab.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\connect\connect.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\download\download.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\download\download_collection.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\download\download_model.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\download\download_view.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\notice\notice.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\templates\web\js_static\info\webnotify.js
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\uninst.exe
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\updateConfigure.mu
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\UpdateLogFile.dat
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\websites.mu
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\websites_cn.mu
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\websites_traditional.mu
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\websites_vie.mu
c:\users\JOSEPH\AppData\Local\Mobogenie\Version\OldVersion\release-update.xml
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll --> c:\windows\System32\rpcss.dll
.
(((((((((((((((((((((((((   Files Created from 2014-01-19 to 2014-02-19  )))))))))))))))))))))))))))))))
.
.
2014-02-19 02:23 . 2014-02-19 02:23 -------- d-----w- c:\users\JOSEPH\AppData\Local\temp
2014-02-19 02:23 . 2014-02-19 02:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-18 22:16 . 2014-02-18 22:16 -------- d-----w- c:\programdata\Auslogics
2014-02-18 22:16 . 2014-02-18 22:16 -------- d-----w- c:\program files\Auslogics
2014-02-18 22:12 . 2014-02-18 22:12 -------- d-----w- c:\users\JOSEPH\AppData\Roaming\Eusing
2014-02-18 22:12 . 2014-02-18 22:12 -------- d-----w- c:\program files\Eusing Free Registry Cleaner
2014-02-18 13:56 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F9884051-92F9-422E-8918-DB28AAEEF856}\mpengine.dll
2014-02-18 11:32 . 2014-02-16 19:45 719224 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-18 11:32 . 2014-02-16 19:45 719224 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{86C057A5-8988-411A-82B8-BD4260B113F5}\gapaengine.dll
2014-02-17 21:07 . 2013-08-27 01:52 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-17 21:07 . 2013-08-27 01:50 486400 ----a-w- c:\windows\system32\d3d10level9.dll
2014-02-17 21:07 . 2013-08-27 02:47 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2014-02-17 21:07 . 2013-08-27 02:47 189952 ----a-w- c:\windows\system32\d3d10core.dll
2014-02-17 21:07 . 2013-08-27 02:47 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2014-02-17 21:07 . 2013-08-27 02:47 1029120 ----a-w- c:\windows\system32\d3d10.dll
2014-02-17 21:07 . 2013-08-27 01:32 683008 ----a-w- c:\windows\system32\d2d1.dll
2014-02-17 21:07 . 2013-08-27 01:28 1069056 ----a-w- c:\windows\system32\DWrite.dll
2014-02-17 21:07 . 2013-08-27 01:28 798208 ----a-w- c:\windows\system32\FntCache.dll
2014-02-17 21:07 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2014-02-17 13:23 . 2014-02-17 13:23 -------- d-----w- c:\program files\Common Files\Adobe
2014-02-17 12:31 . 2014-02-17 12:31 -------- d-----w- c:\program files\Windows Portable Devices
2014-02-17 11:56 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2014-02-17 11:56 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2014-02-17 11:56 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2014-02-17 11:33 . 2014-02-17 11:33 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2014-02-17 11:32 . 2014-02-17 11:32 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2014-02-17 11:32 . 2014-02-17 11:32 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2014-02-17 11:32 . 2014-02-17 11:32 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-17 11:32 . 2014-02-17 11:32 519680 ----a-w- c:\windows\system32\d3d11.dll
2014-02-17 11:32 . 2014-02-17 11:32 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2014-02-17 11:32 . 2014-02-17 11:32 252928 ----a-w- c:\windows\system32\dxdiag.exe
2014-02-17 11:32 . 2014-02-17 11:32 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2014-02-17 11:10 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2014-02-17 11:10 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-02-17 11:10 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-02-17 11:10 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-02-17 11:10 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-02-17 11:10 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2014-02-17 11:10 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2014-02-17 11:10 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2014-02-17 11:10 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-02-17 11:10 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2014-02-16 19:45 . 2013-12-03 23:57 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-02-16 19:44 . 2014-02-16 19:44 -------- d-----w- c:\program files\Microsoft Security Client
2014-02-16 16:35 . 2013-08-01 02:49 37376 ----a-w- c:\windows\system32\cdd.dll
2014-02-16 16:35 . 2013-08-01 03:16 638400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2014-02-16 16:35 . 2013-07-05 03:20 914880 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-02-16 16:35 . 2013-07-05 01:43 31232 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2014-02-16 16:35 . 2010-05-04 19:13 231424 ----a-w- c:\windows\system32\msshsq.dll
2014-02-16 16:35 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2014-02-16 16:35 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2014-02-16 16:35 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2014-02-16 16:35 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2014-02-16 16:34 . 2011-02-22 14:13 288768 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2014-02-16 16:34 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2014-02-16 16:34 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2014-02-16 16:34 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2014-02-16 16:32 . 2013-07-04 04:21 532480 ----a-w- c:\windows\system32\comctl32.dll
2014-02-16 16:32 . 2013-10-03 12:45 993792 ----a-w- c:\windows\system32\crypt32.dll
2014-02-16 16:32 . 2013-04-24 04:00 41984 ----a-w- c:\windows\system32\certenc.dll
2014-02-16 16:32 . 2013-04-24 01:46 812544 ----a-w- c:\windows\system32\certutil.exe
2014-02-16 16:32 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2014-02-16 16:32 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2014-02-16 16:30 . 2013-05-02 04:04 443904 ----a-w- c:\windows\system32\win32spl.dll
2014-02-16 16:19 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2014-02-16 03:19 . 2014-02-16 16:00 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-02-16 03:17 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-02-16 03:17 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-02-16 03:17 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-02-16 03:17 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-02-16 03:16 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-02-16 03:16 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-02-16 03:16 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-02-16 03:16 . 2012-06-02 20:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-02-16 03:16 . 2012-06-02 20:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-02-16 02:55 . 2014-02-16 02:55 -------- d-----w- c:\windows\system32\ca-ES
2014-02-16 02:55 . 2014-02-16 02:55 -------- d-----w- c:\windows\system32\eu-ES
2014-02-16 02:55 . 2014-02-16 02:55 -------- d-----w- c:\windows\system32\vi-VN
2014-02-16 01:42 . 2014-02-16 01:42 -------- d-----w- C:\ATI
2014-02-16 01:24 . 2014-02-16 01:24 0 ----a-w- c:\windows\ativpsrm.bin
2014-02-16 00:21 . 2014-02-16 03:55 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-02-15 23:29 . 2014-02-15 23:29 62576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C525B88-7E75-46A5-96A2-7820403ECDA6}\offreg.dll
2014-02-14 23:03 . 2013-12-16 06:54 7760024 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0C525B88-7E75-46A5-96A2-7820403ECDA6}\mpengine.dll
2014-02-13 20:51 . 2014-02-16 16:08 -------- d-----w- c:\programdata\AVAST Software
2014-02-13 20:12 . 2013-12-18 11:13 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-02-13 20:07 . 2010-04-05 20:00 221568 ----a-w- c:\windows\system32\drivers\netio.sys
2014-02-13 19:23 . 2014-02-13 19:23 -------- d-----w- c:\users\JOSEPH\AppData\Roaming\Malwarebytes
2014-02-13 19:22 . 2014-02-13 19:22 -------- d-----w- c:\programdata\Malwarebytes
2014-02-13 19:22 . 2014-02-13 19:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-02-13 19:22 . 2013-04-04 19:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-02-03 03:50 . 2014-02-03 03:50 -------- d-----w- c:\users\JOSEPH\.android
2014-02-03 03:50 . 2014-02-03 04:02 -------- d-----w- c:\users\JOSEPH\AppData\Local\cache
2014-02-03 03:50 . 2014-02-13 19:50 -------- d-----w- c:\users\JOSEPH\AppData\Local\genienext
2014-02-03 03:47 . 2014-02-03 03:47 -------- d--h--w- c:\programdata\Common Files
2014-02-03 03:46 . 2014-02-03 03:47 -------- d-----w- c:\programdata\VisualBee
2014-02-03 03:46 . 2014-02-03 03:46 -------- d-----w- c:\users\JOSEPH\AppData\Local\emaze
2014-02-03 00:42 . 2014-02-03 00:42 -------- d-----w- c:\program files\TempInstaller
2014-02-03 00:42 . 2014-02-07 21:57 -------- d-----w- c:\users\JOSEPH\AppData\Roaming\iSafe
2014-02-03 00:41 . 2014-02-03 00:41 -------- d-----w- C:\Facebook_Pictures
2014-02-02 05:43 . 2014-02-02 05:43 -------- d-----w- c:\programdata\TreeCardGames
2014-02-02 05:40 . 2014-02-02 05:40 -------- d-----w- c:\users\JOSEPH\AppData\Roaming\TreeCardGames
2014-02-02 05:40 . 2014-02-02 05:40 -------- d-----w- c:\program files\Free FreeCell Solitaire
2014-02-02 05:36 . 2014-02-06 19:33 -------- d-----w- c:\users\JOSEPH\AppData\Roaming\systweak
2014-02-02 05:36 . 2014-02-15 18:37 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-02 05:36 . 2014-02-15 18:37 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-02 05:22 . 2014-02-13 18:23 -------- d-----w- c:\users\JOSEPH\AppData\Local\SwvUpdater
2014-02-02 05:14 . 2014-02-02 05:14 -------- d-----w- c:\program files\FlashGames
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-17 11:32 . 2014-02-17 11:32 4096 ----a-w- c:\windows\system32\drivers\en-US\dxgkrnl.sys.mui
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Juno_uoltray"="c:\program files\Juno\exec.exe" [2010-06-29 1776640]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 4423680]
"SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-10-26 1458176]
"Acer Assist Launcher"="c:\program files\Acer Assist\launcher.exe" [2007-02-02 1261568]
"Skytel"="Skytel.exe" [2007-03-16 1822720]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
.
c:\users\JOSEPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote Table Of Contents.onetoc2 [2011-12-23 3656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AtHomeConnect.lnk - c:\program files\AtHomeConnect\AtHomeConnect.exe -auto [2013-2-1 9939936]
Empowering Technology Launcher.lnk - c:\acer\Empowering Technology\eAPLauncher.exe 9999 [2007-4-16 528384]
PCM Media Sharing.lnk - c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [2007-4-16 200812]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LXCECATS]
2005-07-20 13:46 73728 ----a-w- c:\windows\System32\spool\drivers\w32x86\3\lxcetime.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
S2 Acer HomeMedia Connect Service;Acer HomeMedia Connect Service;c:\program files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [2007-04-05 266343]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ   FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-02 18:37]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219208688-2836946838-1854743693-1000Core.job
- c:\users\JOSEPH\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 19:10]
.
2014-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3219208688-2836946838-1854743693-1000UA.job
- c:\users\JOSEPH\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-11 19:10]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{4021DADA-6A1A-4FCC-871F-10252A1AE5D3}: NameServer = 64.136.52.73 64.136.44.73
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-02-18 21:23
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_44_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
Completion time: 2014-02-18  21:25:59
ComboFix-quarantined-files.txt  2014-02-19 02:25
ComboFix2.txt  2014-02-18 13:55
.
Pre-Run: 117,952,634,880 bytes free
Post-Run: 117,951,152,128 bytes free
.
- - End Of File - - FCE59567461A8DAF8354E09562CBE3F7
A863475757CC50891AA8458C415E4B25
Link to post
Share on other sites

Hi,
 
Well done!   :)
 
Let's be sure nothing is still hiding in there before you go.  
 
GUZVCQN.jpgMalwarebytes
 
Please open Malwarebytes, update it and then run a Quick Scan.  Save the log that is created for your next reply.
----------
 

ESET Online Scanner
 
Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.

----------

Link to post
Share on other sites

Jeff,

Everything is working great now. I did this repair for a friend in a retirement park in Florida and he is very happy to get his computer back in good working order again. Thanks again for your help in this matter. He now has Malwarebytes Pro (as well as his antivirus program) purchased and running to keep some of the bad things out .

 

Feel free to close this thread.

 

Thanks again.

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.