Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Have frequent Trojan.Gen.2 (and a few others) alerts in Symantec


  • This topic is locked This topic is locked
29 replies to this topic

#1 miss0033

miss0033

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 27 August 2012 - 09:48 AM

Originally had zeroaccess trojan, trojan.gen, and trojan.gen.2

now only getting the trojan.gen.2 alerts but a few other new ones - including bloodhound.MalPE..

Any help in removing these would be greatly appreciated.


DDS Log:

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_29
Run by Neil Missling at 22:33:51 on 2012-08-26
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://home.jzip.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [i8kfangui] c:\program files\i8kfangui\I8kfanGUI.exe /startup
uRun: [Akamai NetSession Interface] "c:\documents and settings\neil missling\local settings\application data\akamai\netsession_win.exe"
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
uRun: [EPSON WorkForce 610 Series] c:\windows\system32\spool\drivers\w32x86\3\e_fatifja.exe /fu "c:\windows\temp\E_S32.tmp" /EF "HKCU"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [vptray] c:\progra~1\symant~1\VPTray.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [LWS] c:\program files\logitech\lws\webcam software\LWS.exe -hide
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [HTC Sync Loader] "c:\program files\htc\htc sync 3.0\htcUPCTLoader.exe" -startup
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "c:\program files\common files\adobe\cs6servicemanager\CS6ServiceManager.exe" -launchedbylogin
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
StartupFolder: c:\docume~1\neilmi~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\neil missling\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-explorer: NoInstrumentation = 1 (0x1)
uPolicies-system: EnableProfileQuota = 1 (0x1)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
LSP: mswsock.dll
Trusted Zone: intuit.com\ttlc
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {32C3FEAE-0877-4767-8C20-62A5829A0945} - hxxp://static.ak.facebook.com/fbplugin/win32/axfbootloader.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265619376640
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1303249985015
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{6C60EF83-6A2C-4436-95C0-7490DA3AE23A} : DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{D04E97E9-F527-45EA-9CEE-31A0649F56CF} : NameServer = 128.107.241.185,192.135.250.69
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
Notify: NavLogon - c:\windows\system32\NavLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digiwet.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\neil missling\application data\mozilla\firefox\profiles\a8qruj9p.default\
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\neil missling\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\neil missling\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\neil missling\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\neil missling\application data\mozilla\plugins\npoctoshape.dll
FF - plugin: c:\documents and settings\neil missling\local settings\application data\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect32.dll
FF - plugin: c:\program files\common files\adobe\oobe\pdapp\ccm\utilities\npAdobeAAMDetect64.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_271.dll
.
---- FIREFOX POLICIES ----
# Mozilla User Preferences
.
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
.
FF - user.js: accessibility.typeaheadfind.flashBar - 0
FF - user.js: app.update.backgroundErrors - 1
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1345523094
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1345523214
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1345522968
FF - user.js: app.update.lastUpdateTime.microsummary-generator-update-timer - 1313709190
FF - user.js: app.update.lastUpdateTime.places-maintenance-timer - 1301118065
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1345500730
FF - user.js: browser.anchor_color - #0000FF
FF - user.js: browser.cache.disk.capacity - 1048576
FF - user.js: browser.cache.disk.smart_size.first_run - false
FF - user.js: browser.cache.disk.smart_size_cached_value - 337920
FF - user.js: browser.display.background_color - #C0C0C0
FF - user.js: browser.display.use_system_colors - true
FF - user.js: browser.download.lastDir - c:\\documents and settings\\neil missling\\desktop\\Solar Umbrella
FF - user.js: browser.download.manager.alertOnEXEOpen - true
FF - user.js: browser.formfill.enable - false
FF - user.js: browser.migration.version - 6
FF - user.js: browser.places.smartBookmarksVersion - 4
FF - user.js: browser.preferences.advanced.selectedTabIndex - 2
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.shell.checkDefaultBrowser - false
FF - user.js: browser.startup.homepage_override.buildID - 20120713134347
FF - user.js: browser.startup.homepage_override.mstone - 14.0.1
FF - user.js: browser.syncPromoViewsLeft - 0
FF - user.js: browser.tabs.warnOnClose - false
FF - user.js: browser.visited_color - #800080
FF - user.js: extensions.blocklist.pingCountTotal - 322
FF - user.js: extensions.blocklist.pingCountVersion - 13
FF - user.js: extensions.bootstrappedAddons - {}
FF - user.js: extensions.databaseSchema - 12
FF - user.js: extensions.enabledAddons - {480F3922-D619-11E1-8270-B8AC6F996F26}:2.0.14,{972ce4c6-7e08-4474-a285-3208198ce6fd}:14.0.1
FF - user.js: extensions.enabledItems - jqs@sun.com:1.0,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - user.js: extensions.hotfix.lastVersion - 20120430.01
FF - user.js: extensions.installCache - [{\name\:\winreg-app-global\,\addons\:{\{abde892b-13a8-4d1b-88e6-365a6e755758}\:{\descriptor\:\c:\\\\documents and settings\\\\all users\\\\application data\\\\real\\\\realplayer\\\\browserrecordplugin\\\\firefox\\\\ext\,\mtime\:1295230380609},\{20a82645-c095-46ed-80e3-08825760534b}\:{\descriptor\:\c:\\\\windows\\\\microsoft.net\\\\framework\\\\v3.5\\\\windows presentation foundation\\\\dotnetassistantextension\,\mtime\:1307672116031},\jqs@sun.com\:{\descriptor\:\c:\\\\program files\\\\java\\\\jre6\\\\lib\\\\deploy\\\\jqs\\\\ff\,\mtime\:1295303489156}}},{\name\:\app-global\,\addons\:{\{82af8dca-6de9-405d-bd5e-43525bdad38a}\:{\descriptor\:\c:\\\\program files\\\\mozilla firefox\\\\extensions\\\\{82af8dca-6de9-405d-bd5e-43525bdad38a}\,\mtime\:1310512937787},\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\c:\\\\program files\\\\mozilla firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1342968650390}}},{\name\:\winreg-app-user\,\addons\:{\{480f3922-d619-11e1-8270-b8ac6f996f26}\:{\descriptor\:\c:\\\\documents and settings\\\\neil missling\\\\local settings\\\\application data\\\\{480f3922-d619-11e1-8270-b8ac6f996f26}\,\mtime\:1343193991390}}}]
FF - user.js: extensions.lastAppVersion - 14.0.1
FF - user.js: extensions.lastPlatformVersion - 14.0.1
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.update.notifyUser - false
FF - user.js: gfx.blacklist.suggested-driver-version - 257.21
FF - user.js: idle.lastDailyNotification - 1345437845
FF - user.js: intl.accept_languages - en-us
FF - user.js: intl.charsetmenu.browser.cache - UTF-8, ISO-8859-1, windows-1251, windows-1252, windows-1250
FF - user.js: network.cookie.cookieBehavior - 1
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: network.proxy.no_proxies_on - *.local
FF - user.js: network.proxy.type - 0
FF - user.js: places.database.lastMaintenance - 1344834335
FF - user.js: places.history.expiration.transient_current_max_pages - 43571
FF - user.js: places.history.expiration.transient_optimal_database_size - 139504516
FF - user.js: places.last_vacuum - 1300765538
FF - user.js: print.print_printer - Send To OneNote 2010
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_bgcolor - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_bgimages - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_command -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_downloadfonts - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_bottom - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_left - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_right - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_top - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_evenpages - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_footercenter -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_footerleft - &PT
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_footerright - &D
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_headercenter -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_headerleft - &T
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_headerright - &U
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_in_color - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_bottom - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_left - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_right - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_top - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_oddpages - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_orientation - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_pagedelay - 500
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_data - 1
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_height - 11.00
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_size_type - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_size_unit - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_width - 8.50
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_reversed - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_scaling - 1.00
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_shrink_to_fit - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_to_file - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_to_filename -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_bottom - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_left - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_right - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_top - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_bgcolor - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_bgimages - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_command -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_downloadfonts - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_bottom - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_left - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_right - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_top - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_evenpages - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_footercenter -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_footerleft - &PT
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_footerright - &D
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_headercenter -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_headerleft - &T
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_headerright - &U
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_in_color - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_bottom - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_left - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_right - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_top - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_oddpages - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_orientation - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_page_delay - 50
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_data - 1
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_height - 11.00
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_size_type - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_size_unit - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_width - 8.50
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_reversed - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_scaling - 1.00
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_shrink_to_fit - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_to_file - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_to_filename -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_bottom - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_left - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_right - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_top - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_bgcolor - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_bgimages - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_command -
FF - user.js: print.printer_Send_To_OneNote_2010.print_downloadfonts - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_bottom - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_left - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_right - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_top - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_evenpages - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_footercenter -
FF - user.js: print.printer_Send_To_OneNote_2010.print_footerleft - &PT
FF - user.js: print.printer_Send_To_OneNote_2010.print_footerright - &D
FF - user.js: print.printer_Send_To_OneNote_2010.print_headercenter -
FF - user.js: print.printer_Send_To_OneNote_2010.print_headerleft - &T
FF - user.js: print.printer_Send_To_OneNote_2010.print_headerright - &U
FF - user.js: print.printer_Send_To_OneNote_2010.print_in_color - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_bottom - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_left - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_right - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_top - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_oddpages - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_orientation - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_page_delay - 50
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_data - 1
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_height - 11.00
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_size_type - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_size_unit - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_width - 8.50
FF - user.js: print.printer_Send_To_OneNote_2010.print_reversed - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_scaling - 1.00
FF - user.js: print.printer_Send_To_OneNote_2010.print_shrink_to_fit - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_to_file - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_to_filename -
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_bottom - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_left - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_right - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_top - 0
FF - user.js: print_printer - WorkForce 610(Network)
FF - user.js: printer_WorkForce_610(Network).print_bgcolor - false
FF - user.js: printer_WorkForce_610(Network).print_bgimages - false
FF - user.js: printer_WorkForce_610(Network).print_colorspace -
FF - user.js: printer_WorkForce_610(Network).print_command -
FF - user.js: printer_WorkForce_610(Network).print_downloadfonts - false
FF - user.js: printer_WorkForce_610(Network).print_edge_bottom - 0
FF - user.js: printer_WorkForce_610(Network).print_edge_left - 0
FF - user.js: printer_WorkForce_610(Network).print_edge_right - 0
FF - user.js: printer_WorkForce_610(Network).print_edge_top - 0
FF - user.js: printer_WorkForce_610(Network).print_evenpages - true
FF - user.js: printer_WorkForce_610(Network).print_footercenter -
FF - user.js: printer_WorkForce_610(Network).print_footerleft - &PT
FF - user.js: printer_WorkForce_610(Network).print_footerright - &D
FF - user.js: printer_WorkForce_610(Network).print_headercenter -
FF - user.js: printer_WorkForce_610(Network).print_headerleft - &T
FF - user.js: printer_WorkForce_610(Network).print_headerright - &U
FF - user.js: printer_WorkForce_610(Network).print_in_color - true
FF - user.js: printer_WorkForce_610(Network).print_margin_bottom - 0.5
FF - user.js: printer_WorkForce_610(Network).print_margin_left - 0.5
FF - user.js: printer_WorkForce_610(Network).print_margin_right - 0.5
FF - user.js: printer_WorkForce_610(Network).print_margin_top - 0.5
FF - user.js: printer_WorkForce_610(Network).print_oddpages - true
FF - user.js: printer_WorkForce_610(Network).print_orientation - 0
FF - user.js: printer_WorkForce_610(Network).print_page_delay - 50
FF - user.js: printer_WorkForce_610(Network).print_paper_data - 1
FF - user.js: printer_WorkForce_610(Network).print_paper_height - 11.00
FF - user.js: printer_WorkForce_610(Network).print_paper_name -
FF - user.js: printer_WorkForce_610(Network).print_paper_size_type - 0
FF - user.js: printer_WorkForce_610(Network).print_paper_size_unit - 0
FF - user.js: printer_WorkForce_610(Network).print_paper_width - 8.50
FF - user.js: printer_WorkForce_610(Network).print_plex_name -
FF - user.js: printer_WorkForce_610(Network).print_resolution_name -
FF - user.js: printer_WorkForce_610(Network).print_reversed - false
FF - user.js: printer_WorkForce_610(Network).print_scaling - 1.00
FF - user.js: printer_WorkForce_610(Network).print_shrink_to_fit - true
FF - user.js: printer_WorkForce_610(Network).print_to_file - false
FF - user.js: printer_WorkForce_610(Network).print_to_filename -
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_bottom - 0
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_left - 0
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_right - 0
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_top - 0
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: privacy.sanitize.timeSpan - 0
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: services.sync.clients.lastSync - 0
FF - user.js: services.sync.clients.lastSyncLocal - 0
FF - user.js: services.sync.migrated - true
FF - user.js: services.sync.tabs.lastSync - 0
FF - user.js: services.sync.tabs.lastSyncLocal - 0
FF - user.js: storage.vacuum.last.index - 1
FF - user.js: storage.vacuum.last.places.sqlite - 1344834335
FF - user.js: toolkit.startup.last_success - 1345525275
FF - user.js: toolkit.telemetry.prompted - 2
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1346050481
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.36 -
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
2012-08-26 04:33:06 356352 ----a-w- c:\windows\system32\nvudisp.exe
2012-08-26 04:32:12 356352 ----a-w- c:\windows\system32\NVUNINST.EXE
2012-08-26 00:14:32 -------- d-----w- c:\program files\ESET
2012-08-24 05:25:19 -------- d-----w- c:\documents and settings\all users\application data\SUPERSetup
2012-08-24 05:20:01 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-08-24 05:20:01 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2012-08-23 21:20:08 65816 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2012-08-18 03:26:16 -------- d-----w- c:\program files\MyPublisher
2012-08-18 03:26:16 -------- d-----w- c:\documents and settings\neil missling\application data\MyPublisher
.
==================== Find3M ====================
.
2012-08-17 00:25:37 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-17 00:25:33 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec
2012-06-25 21:04:24 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-06 13:49:52 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 20:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 20:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 20:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 20:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 20:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 20:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 20:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 20:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2009-06-19 20:41:04 422 ----a-w- c:\program files\mpc5.reg
2009-06-19 20:41:03 770 ----a-w- c:\program files\ffdssetts.reg
2009-06-19 20:41:03 33670 ----a-w- c:\program files\ffdsvsetts.reg
2009-06-19 20:41:03 1274 ----a-w- c:\program files\ffdsasetts.reg
.
============= FINISH: 22:35:29.88 ===============


GMER log:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-08-27 09:16:25
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 Hitachi_HTS721080G9SA00 rev.MC4OC10H
Running: zx8wh3dv.exe; Driver: C:\DOCUME~1\NEILMI~1\LOCALS~1\Temp\kfloqkoc.sys


---- System - GMER 1.0.15 ----

SSDT 8A7FBB80 ZwAlertResumeThread
SSDT 8A7F1A38 ZwAlertThread
SSDT 8A85D798 ZwAllocateVirtualMemory
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwAssignProcessToJobObject [0xB643F0DA]
SSDT 8A832320 ZwConnectPort
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwCreateFile [0xB643FCA6]
SSDT 8A7E7B40 ZwCreateMutant
SSDT 8A7D8288 ZwCreateThread
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwDeleteFile [0xB643FEB8]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwDeleteKey [0xB6443714]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwDeleteValueKey [0xB6443756]
SSDT 8A85D6D8 ZwFreeVirtualMemory
SSDT 8A7FBA00 ZwImpersonateAnonymousToken
SSDT 8A7FBAC0 ZwImpersonateThread
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwLoadKey [0xB64438FA]
SSDT 8A85B808 ZwMapViewOfSection
SSDT 8A7E7A80 ZwOpenEvent
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwOpenFile [0xB643FDCA]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwOpenProcess [0xB643F282]
SSDT 8A7EA2E0 ZwOpenProcessToken
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwOpenThread [0xB643F482]
SSDT 8A85DA30 ZwOpenThreadToken
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwProtectVirtualMemory [0xB643F5C2]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwQueryValueKey [0xB644385E]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwRenameKey [0xB64437A8]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwReplaceKey [0xB64437EA]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwRestoreKey [0xB6443824]
SSDT 8A7EB508 ZwResumeThread
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwSetContextThread [0xB643F068]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwSetInformationFile [0xB643FF6A]
SSDT 8A7F9AB0 ZwSetInformationProcess
SSDT 8A7F2AC0 ZwSetInformationThread
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwSetValueKey [0xB644369C]
SSDT 8A7EF5C0 ZwSuspendProcess
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwSuspendThread [0xB643EFE6]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwTerminateProcess [0xB643EEEE]
SSDT \??\C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys (RapportPG/Trusteer Ltd.) ZwTerminateThread [0xB643EF46]
SSDT 8A806CD8 ZwUnmapViewOfSection
SSDT 8A806D98 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB9189360, 0x30A247, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\program files\real\realplayer\update\realsched.exe[200] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1908] ntdll.dll!KiUserApcDispatcher 7C90E450 5 Bytes JMP 00414FF0 C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe (RapportMgmtService/Trusteer Ltd.)
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1908] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71A70001
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1908] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 71A10022
.text C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe[1908] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 71AE0022
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2496] ntdll.dll!KiUserApcDispatcher 7C90E450 5 Bytes JMP 0043AA00 C:\Program Files\Trusteer\Rapport\bin\RapportService.exe (RapportService/Trusteer Ltd.)
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2496] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71A80001
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2496] USER32.dll!GetGUIThreadInfo + FB 7E428023 6 Bytes JMP 71AE001E
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2496] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 719E0022
.text C:\Program Files\Trusteer\Rapport\bin\RapportService.exe[2496] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 71A20022
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2744] USER32.dll!GetWindowInfo 7E42C49C 5 Bytes JMP 1043BACC C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\plugin-container.exe[2744] USER32.dll!GetMenuContextHelpId + 1A 7E465319 7 Bytes JMP 1043C0F9 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] ntdll.dll!NtMapViewOfSection 7C90D51E 5 Bytes JMP 719F0022
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] ntdll.dll!_CIpow + 42B 7C90E44B 5 Bytes JMP 00A9E2A0 c:\program files\trusteer\rapport\bin\rooksdol.dll (Rooks/Dolomite/Trusteer Ltd.)
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] ntdll.dll!KiUserApcDispatcher + 5 7C90E455 2 Bytes [EB, F4] {JMP 0xfffffffffffffff6}
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] ntdll.dll!LdrLoadDll 7C91632D 5 Bytes JMP 01D5B52A C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 71A90001
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] kernel32.dll!lstrlenW + 43 7C809AEC 7 Bytes JMP 0200B6F5 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] kernel32.dll!MapViewOfFileEx + 6A 7C80B9A0 7 Bytes JMP 0200B6D2 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 6 Bytes PUSH 71A30022; RET
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] USER32.dll!DispatchMessageW 7E418A01 6 Bytes PUSH 716D0022; RET
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] USER32.dll!TranslateMessage 7E418BF6 6 Bytes PUSH 715B0022; RET
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] USER32.dll!GetMessageW 7E4191C6 6 Bytes PUSH 71650022; RET
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] USER32.dll!PeekMessageW 7E41929B 6 Bytes PUSH 719B0022; RET
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] USER32.dll!RegisterClassExW 7E41AF7F 6 Bytes PUSH 71AE0022; RET
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] USER32.dll!DdeInitializeW 7E4206D7 6 Bytes PUSH 71710022; RET
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] USER32.dll!GetWindowRect 7E4290B4 6 Bytes PUSH 71610022; RET
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] USER32.dll!CreateWindowExW 7E42D0A3 6 Bytes JMP 7196000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] USER32.dll!CreateWindowExA 7E42E4A9 6 Bytes JMP 7192000A
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] USER32.dll!GetClipboardData 7E430DBA 6 Bytes PUSH 71690022; RET
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] GDI32.dll!BitBlt 77F16F79 6 Bytes PUSH 71750022; RET
.text C:\Program Files\Mozilla Firefox\firefox.exe[5040] GDI32.dll!SetDIBitsToDevice + 20A 77F19E14 7 Bytes JMP 0200B653 C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs SYMEVENT.SYS (Symantec Event Library/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@ProtocolID 1
Reg HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@PrinterAddress EPDF38C6
Reg HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@QueueName ENPQueue
Reg HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@PrinterAddressType 4
Reg HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@IpAddress 192.168.0.6
Reg HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@SubnetMask
Reg HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@MacAddress 000048DF38C6
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001641cd8996
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001641cd8996@00125a69dfdd 0xD9 0x3E 0x14 0x46 ...
Reg HKLM\SYSTEM\ControlSet004\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@ProtocolID 1
Reg HKLM\SYSTEM\ControlSet004\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@PrinterAddress EPDF38C6
Reg HKLM\SYSTEM\ControlSet004\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@QueueName ENPQueue
Reg HKLM\SYSTEM\ControlSet004\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@PrinterAddressType 4
Reg HKLM\SYSTEM\ControlSet004\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@IpAddress 192.168.0.6
Reg HKLM\SYSTEM\ControlSet004\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@SubnetMask
Reg HKLM\SYSTEM\ControlSet004\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610@MacAddress 000048DF38C6
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001641cd8996 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\001641cd8996@00125a69dfdd 0xD9 0x3E 0x14 0x46 ...

---- EOF - GMER 1.0.15 ----



Thanks in advance!

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:13 AM

Posted 28 August 2012 - 08:26 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 miss0033

miss0033
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 29 August 2012 - 11:50 PM

Security check results:

Results of screen317's Security Check version 0.99.49
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
SUPERAntiSpyware
Malwarebytes Anti-Malware version 1.61.0.1400
Java™ 6 Update 29
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 11.3.300.271
Adobe Reader X (10.1.4)
Mozilla Firefox (14.0.1)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 20% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:13 AM

Posted 29 August 2012 - 11:57 PM

Thank you and I will be looking for the combofix report next


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 miss0033

miss0033
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 30 August 2012 - 12:36 AM

It seems I forgot to turn off Symantec Anti-Virus, sorry about that. Should I turn it off and run the program again?

After one of the restarts I got a message about windows firewall blocking "Akami Session Client" I don't know what this program is or if I should block it... I clicked ask me later.

Also, after the final restart I am getting an error from windows security center about not having an anti-virus program installed even though Symantec is currently running. Is this a concern?

Thanks

Here is the combofix log:



ComboFix 12-08-29.03 - Neil Missling 08/30/2012 0:04.1.2 - x86
Running from: c:\documents and settings\Neil Missling\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Neil Missling\Local Settings\Application Data\assembly\tmp
c:\documents and settings\Neil Missling\WINDOWS
c:\windows\system32\2618435816.dat
c:\windows\system32\SET80.tmp
c:\windows\system32\setb4.tmp
c:\windows\system32\tooldownloadreadme.htm
.
c:\windows\system32\proquota.exe was missing
Restored copy from - c:\windows\ServicePackFiles\i386\proquota.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-28 to 2012-08-30 )))))))))))))))))))))))))))))))
.
.
2012-08-30 05:11 . 2008-04-14 00:12 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
2012-08-30 05:11 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2012-08-26 04:33 . 2007-11-17 08:03 356352 ----a-w- c:\windows\system32\nvudisp.exe
2012-08-26 04:32 . 2007-11-16 19:37 356352 ----a-w- c:\windows\system32\NVUNINST.EXE
2012-08-26 04:18 . 2012-08-26 04:18 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2012-08-26 00:14 . 2012-08-26 00:14 -------- d-----w- c:\program files\ESET
2012-08-24 05:25 . 2012-08-24 05:25 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERSetup
2012-08-24 05:20 . 2012-08-24 05:25 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-08-24 05:20 . 2012-08-24 05:20 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-08-23 21:20 . 2012-08-23 21:20 65816 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2012-08-18 03:26 . 2012-08-18 03:26 -------- d-----w- c:\program files\MyPublisher
2012-08-18 03:26 . 2012-08-18 03:26 -------- d-----w- c:\documents and settings\Neil Missling\Application Data\MyPublisher
2012-08-16 05:59 . 2012-08-16 05:59 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-17 00:25 . 2012-04-03 01:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-17 00:25 . 2011-05-31 12:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2004-08-04 10:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2007-12-30 05:11 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:46 . 2010-03-10 21:06 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 13:40 . 2004-08-04 10:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49 . 2006-03-04 03:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49 . 2004-08-04 10:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-25 21:04 . 2012-06-25 21:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-06 13:49 . 2012-06-06 13:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50 . 2007-05-15 21:43 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-04 10:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-04 10:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 20:19 . 2007-07-31 01:18 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 20:19 . 2007-12-30 05:14 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 20:19 . 2007-12-30 05:14 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 20:19 . 2007-12-30 05:14 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 20:19 . 2007-07-31 01:19 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 20:19 . 2007-12-30 05:14 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 20:19 . 2007-12-30 05:14 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 20:19 . 2007-07-31 01:19 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 20:19 . 2007-07-31 01:19 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 20:19 . 2004-08-04 10:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 20:19 . 2007-07-31 01:18 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 20:19 . 2007-12-30 05:14 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 20:19 . 2007-12-30 05:14 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 20:18 . 2011-05-14 04:25 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 20:18 . 2011-05-14 04:25 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 20:18 . 2009-08-07 00:23 214256 ----a-w- c:\windows\system32\muweb.dll
2009-06-19 20:41 . 2009-06-19 20:41 422 ----a-w- c:\program files\mpc5.reg
2009-06-19 20:41 . 2009-06-19 20:41 770 ----a-w- c:\program files\ffdssetts.reg
2009-06-19 20:41 . 2009-06-19 20:41 33670 ----a-w- c:\program files\ffdsvsetts.reg
2009-06-19 20:41 . 2009-06-19 20:41 1274 ----a-w- c:\program files\ffdsasetts.reg
2012-07-22 14:50 . 2012-02-26 20:58 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"i8kfangui"="c:\program files\I8kfanGUI\I8kfanGUI.exe" [2006-11-30 847872]
"Akamai NetSession Interface"="c:\documents and settings\Neil Missling\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-08-10 4440896]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 288128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2009-10-07 2498560]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2007-03-15 125632]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"NVHotkey"="nvHotkey.dll" [2007-11-17 86016]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-02 190808]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 52840]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-05 1468256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-01 634880]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-01-17 274608]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-05-31 446392]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-17 8495104]
"nwiz"="nwiz.exe" [2007-11-17 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-17 81920]
.
c:\documents and settings\Neil Missling\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-11-18 1724416]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-12-28 24576]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^Neil Missling^Start Menu^Programs^Startup^NHL® 09 Registration.lnk]
backup=c:\windows\pss\NHL® 09 Registration.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Neil Missling^Start Menu^Programs^Startup^RollerCoaster Tycoon 3 Registration.lnk]
backup=c:\windows\pss\RollerCoaster Tycoon 3 Registration.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1062:TCP"= 1062:TCP:Akamai NetSession Interface
"5000:UDP"= 5000:UDP:Akamai NetSession Interface
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 RapportKELL;RapportKELL;c:\windows\system32\Drivers\RapportKELL.sys [x]
R3 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [x]
R3 SavRoam;SavRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [x]
S1 RapportCerberus_42020;RapportCerberus_42020;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_42020.sys [x]
S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]
S2 ASFIPmon;Broadcom ASF IP Monitor;c:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [x]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]
S2 mi-raysat_VIZ2008_32;mental ray 3.5 Satellite for Autodesk VIZ 2008;c:\program files\Autodesk\VIZ2008\mentalray\satellite\raysat_VIZ2008_32server.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 RapportIaso;RapportIaso;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - RAPPORTIASO
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-27 c:\windows\Tasks\AdobeAAMUpdater-1.0-DATALINK-330563-Neil Missling.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-05-31 11:08]
.
2012-08-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 17:34]
.
2012-08-30 c:\windows\Tasks\ASC5_AutoClean.job
- c:\program files\IObit\Advanced SystemCare 5\AutoSweep.exe [2012-02-21 15:45]
.
2012-08-28 c:\windows\Tasks\ASC5_AutoUpdate.job
- c:\program files\IObit\Advanced SystemCare 5\AutoUpdate.exe [2012-02-21 23:21]
.
2012-08-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-19 23:31]
.
2012-08-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd646689bf3024.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-10 00:09]
.
2012-08-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-179605362-725345543-1003Core1cc6e83a7c4f5a9.job
- c:\documents and settings\Neil Missling\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-21 19:37]
.
2011-06-23 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2009-11-05 20:35]
.
2012-08-30 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-861567501-179605362-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 17:33]
.
2012-08-29 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-861567501-179605362-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 17:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://home.jzip.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{D04E97E9-F527-45EA-9CEE-31A0649F56CF}: NameServer = 128.107.241.185,192.135.250.69
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
FF - ProfilePath - c:\documents and settings\Neil Missling\Application Data\Mozilla\Firefox\Profiles\a8qruj9p.default\
FF - prefs.js: network.proxy.type - 0
# Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
FF - user.js: accessibility.typeaheadfind.flashBar - 0
FF - user.js: app.update.backgroundErrors - 1
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1345523094
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1345523214
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1345522968
FF - user.js: app.update.lastUpdateTime.microsummary-generator-update-timer - 1313709190
FF - user.js: app.update.lastUpdateTime.places-maintenance-timer - 1301118065
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1345500730
FF - user.js: browser.anchor_color - #0000FF
FF - user.js: browser.cache.disk.capacity - 1048576
FF - user.js: browser.cache.disk.smart_size.first_run - false
FF - user.js: browser.cache.disk.smart_size_cached_value - 337920
FF - user.js: browser.display.background_color - #C0C0C0
FF - user.js: browser.display.use_system_colors - true
FF - user.js: browser.download.lastDir - c:\\Documents and Settings\\Neil Missling\\Desktop\\Solar Umbrella
FF - user.js: browser.download.manager.alertOnEXEOpen - true
FF - user.js: browser.formfill.enable - false
FF - user.js: browser.migration.version - 6
FF - user.js: browser.places.smartBookmarksVersion - 4
FF - user.js: browser.preferences.advanced.selectedTabIndex - 2
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.shell.checkDefaultBrowser - false
FF - user.js: browser.startup.homepage_override.buildID - 20120713134347
FF - user.js: browser.startup.homepage_override.mstone - 14.0.1
FF - user.js: browser.syncPromoViewsLeft - 0
FF - user.js: browser.tabs.warnOnClose - false
FF - user.js: browser.visited_color - #800080
FF - user.js: extensions.blocklist.pingCountTotal - 322
FF - user.js: extensions.blocklist.pingCountVersion - 13
FF - user.js: extensions.bootstrappedAddons - {}
FF - user.js: extensions.databaseSchema - 12
FF - user.js: extensions.enabledAddons - {480F3922-D619-11E1-8270-B8AC6F996F26}:2.0.14,{972ce4c6-7e08-4474-a285-3208198ce6fd}:14.0.1
FF - user.js: extensions.enabledItems - jqs@sun.com:1.0,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - user.js: extensions.hotfix.lastVersion - 20120430.01
FF - user.js: extensions.installCache - [{\name\:\winreg-app-global\,\addons\:{\{ABDE892B-13A8-4d1b-88E6-365A6E755758}\:{\descriptor\:\c:\\\\Documents and Settings\\\\All Users\\\\Application Data\\\\Real\\\\RealPlayer\\\\BrowserRecordPlugin\\\\Firefox\\\\Ext\,\mtime\:1295230380609},\{20a82645-c095-46ed-80e3-08825760534b}\:{\descriptor\:\c:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\,\mtime\:1307672116031},\jqs@sun.com\:{\descriptor\:\c:\\\\Program Files\\\\Java\\\\jre6\\\\lib\\\\deploy\\\\jqs\\\\ff\,\mtime\:1295303489156}}},{\name\:\app-global\,\addons\:{\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\:{\descriptor\:\c:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\,\mtime\:1310512937787},\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\c:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1342968650390}}},{\name\:\winreg-app-user\,\addons\:{\{480F3922-D619-11E1-8270-B8AC6F996F26}\:{\descriptor\:\c:\\\\Documents and Settings\\\\Neil Missling\\\\Local Settings\\\\Application Data\\\\{480F3922-D619-11E1-8270-B8AC6F996F26}\,\mtime\:1343193991390}}}]
FF - user.js: extensions.lastAppVersion - 14.0.1
FF - user.js: extensions.lastPlatformVersion - 14.0.1
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.update.notifyUser - false
FF - user.js: gfx.blacklist.suggested-driver-version - 257.21
FF - user.js: idle.lastDailyNotification - 1345437845
FF - user.js: intl.accept_languages - en-us
FF - user.js: intl.charsetmenu.browser.cache - UTF-8, ISO-8859-1, windows-1251, windows-1252, windows-1250
FF - user.js: network.cookie.cookieBehavior - 1
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: network.proxy.no_proxies_on - *.local
FF - user.js: network.proxy.type - 0
FF - user.js: places.database.lastMaintenance - 1344834335
FF - user.js: places.history.expiration.transient_current_max_pages - 43571
FF - user.js: places.history.expiration.transient_optimal_database_size - 139504516
FF - user.js: places.last_vacuum - 1300765538
FF - user.js: print.print_printer - Send To OneNote 2010
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_bgcolor - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_bgimages - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_command -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_downloadfonts - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_bottom - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_left - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_right - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_top - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_evenpages - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_footercenter -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_footerleft - &PT
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_footerright - &D
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_headercenter -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_headerleft - &T
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_headerright - &U
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_in_color - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_bottom - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_left - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_right - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_top - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_oddpages - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_orientation - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_pagedelay - 500
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_data - 1
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_height - 11.00
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_size_type - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_size_unit - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_width - 8.50
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_reversed - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_scaling - 1.00
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_shrink_to_fit - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_to_file - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_to_filename -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_bottom - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_left - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_right - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_top - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_bgcolor - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_bgimages - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_command -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_downloadfonts - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_bottom - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_left - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_right - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_top - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_evenpages - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_footercenter -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_footerleft - &PT
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_footerright - &D
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_headercenter -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_headerleft - &T
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_headerright - &U
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_in_color - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_bottom - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_left - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_right - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_top - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_oddpages - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_orientation - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_page_delay - 50
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_data - 1
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_height - 11.00
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_size_type - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_size_unit - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_width - 8.50
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_reversed - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_scaling - 1.00
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_shrink_to_fit - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_to_file - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_to_filename -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_bottom - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_left - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_right - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_top - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_bgcolor - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_bgimages - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_command -
FF - user.js: print.printer_Send_To_OneNote_2010.print_downloadfonts - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_bottom - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_left - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_right - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_top - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_evenpages - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_footercenter -
FF - user.js: print.printer_Send_To_OneNote_2010.print_footerleft - &PT
FF - user.js: print.printer_Send_To_OneNote_2010.print_footerright - &D
FF - user.js: print.printer_Send_To_OneNote_2010.print_headercenter -
FF - user.js: print.printer_Send_To_OneNote_2010.print_headerleft - &T
FF - user.js: print.printer_Send_To_OneNote_2010.print_headerright - &U
FF - user.js: print.printer_Send_To_OneNote_2010.print_in_color - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_bottom - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_left - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_right - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_top - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_oddpages - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_orientation - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_page_delay - 50
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_data - 1
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_height - 11.00
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_size_type - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_size_unit - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_width - 8.50
FF - user.js: print.printer_Send_To_OneNote_2010.print_reversed - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_scaling - 1.00
FF - user.js: print.printer_Send_To_OneNote_2010.print_shrink_to_fit - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_to_file - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_to_filename -
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_bottom - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_left - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_right - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_top - 0
FF - user.js: print_printer - WorkForce 610(Network)
FF - user.js: printer_WorkForce_610(Network).print_bgcolor - false
FF - user.js: printer_WorkForce_610(Network).print_bgimages - false
FF - user.js: printer_WorkForce_610(Network).print_colorspace -
FF - user.js: printer_WorkForce_610(Network).print_command -
FF - user.js: printer_WorkForce_610(Network).print_downloadfonts - false
FF - user.js: printer_WorkForce_610(Network).print_edge_bottom - 0
FF - user.js: printer_WorkForce_610(Network).print_edge_left - 0
FF - user.js: printer_WorkForce_610(Network).print_edge_right - 0
FF - user.js: printer_WorkForce_610(Network).print_edge_top - 0
FF - user.js: printer_WorkForce_610(Network).print_evenpages - true
FF - user.js: printer_WorkForce_610(Network).print_footercenter -
FF - user.js: printer_WorkForce_610(Network).print_footerleft - &PT
FF - user.js: printer_WorkForce_610(Network).print_footerright - &D
FF - user.js: printer_WorkForce_610(Network).print_headercenter -
FF - user.js: printer_WorkForce_610(Network).print_headerleft - &T
FF - user.js: printer_WorkForce_610(Network).print_headerright - &U
FF - user.js: printer_WorkForce_610(Network).print_in_color - true
FF - user.js: printer_WorkForce_610(Network).print_margin_bottom - 0.5
FF - user.js: printer_WorkForce_610(Network).print_margin_left - 0.5
FF - user.js: printer_WorkForce_610(Network).print_margin_right - 0.5
FF - user.js: printer_WorkForce_610(Network).print_margin_top - 0.5
FF - user.js: printer_WorkForce_610(Network).print_oddpages - true
FF - user.js: printer_WorkForce_610(Network).print_orientation - 0
FF - user.js: printer_WorkForce_610(Network).print_page_delay - 50
FF - user.js: printer_WorkForce_610(Network).print_paper_data - 1
FF - user.js: printer_WorkForce_610(Network).print_paper_height - 11.00
FF - user.js: printer_WorkForce_610(Network).print_paper_name -
FF - user.js: printer_WorkForce_610(Network).print_paper_size_type - 0
FF - user.js: printer_WorkForce_610(Network).print_paper_size_unit - 0
FF - user.js: printer_WorkForce_610(Network).print_paper_width - 8.50
FF - user.js: printer_WorkForce_610(Network).print_plex_name -
FF - user.js: printer_WorkForce_610(Network).print_resolution_name -
FF - user.js: printer_WorkForce_610(Network).print_reversed - false
FF - user.js: printer_WorkForce_610(Network).print_scaling - 1.00
FF - user.js: printer_WorkForce_610(Network).print_shrink_to_fit - true
FF - user.js: printer_WorkForce_610(Network).print_to_file - false
FF - user.js: printer_WorkForce_610(Network).print_to_filename -
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_bottom - 0
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_left - 0
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_right - 0
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_top - 0
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: privacy.sanitize.timeSpan - 0
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: services.sync.clients.lastSync - 0
FF - user.js: services.sync.clients.lastSyncLocal - 0
FF - user.js: services.sync.migrated - true
FF - user.js: services.sync.tabs.lastSync - 0
FF - user.js: services.sync.tabs.lastSyncLocal - 0
FF - user.js: storage.vacuum.last.index - 1
FF - user.js: storage.vacuum.last.places.sqlite - 1344834335
FF - user.js: toolkit.startup.last_success - 1345525275
FF - user.js: toolkit.telemetry.prompted - 2
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1346050481
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.36 -
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-Wdf01000.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-30 00:18
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-861567501-179605362-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:4c,3c,d5,2f,ec,50,98,9f,f6,fe,06,be,67,2f,56,9f,2b,85,fd,aa,4f,
ef,9e,80,c4,98,e2,69,bf,48,ff,62,11,b9,e0,38,1f,65,43,86,ad,fa,35,21,74,ba,\
"rkeysecu"=hex:52,5e,50,e5,d8,17,83,75,f1,b6,2e,20,29,a2,e7,b6
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610]
@DACL=(02 0000)
"ProtocolID"=dword:00000001
"PrinterAddress"="EPDF38C6"
"QueueName"="ENPQueue"
"PrinterAddressType"=dword:00000004
"IpAddress"="192.168.0.6"
"SubnetMask"=""
"MacAddress"="000048DF38C6"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1480)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
- - - - - - - > 'explorer.exe'(4276)
c:\windows\system32\WININET.dll
c:\program files\Trusteer\Rapport\bin\rooksbas.dll
c:\windows\system32\AcSignIcon.dll
c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\DropboxExt.14.dll
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\Symantec Shared\ccSetMgr.exe
c:\program files\Common Files\Symantec Shared\ccEvtMgr.exe
c:\program files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
c:\program files\Common Files\EPSON\EBAPI\eEBSVC.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Symantec AntiVirus\DefWatch.exe
c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\program files\Symantec AntiVirus\Rtvscan.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
c:\windows\system32\wscntfy.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
c:\program files\Trusteer\Rapport\bin\RapportService.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
.
**************************************************************************
.
Completion time: 2012-08-30 00:28:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-30 05:27
.
Pre-Run: 7,617,658,880 bytes free
Post-Run: 8,656,375,808 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 45D24583EA559C4F6E6D4FC0C19482ED

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:13 AM

Posted 30 August 2012 - 12:53 AM

Greetings

None of it sounds bad but lets check it out after the next couple of scans and see if things are better

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 miss0033

miss0033
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 31 August 2012 - 12:43 AM

TDSS Killer Log:

00:39:11.0531 4636 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
00:39:11.0906 4636 ============================================================
00:39:11.0906 4636 Current date / time: 2012/08/31 00:39:11.0906
00:39:11.0906 4636 SystemInfo:
00:39:11.0906 4636
00:39:11.0906 4636 OS Version: 5.1.2600 ServicePack: 3.0
00:39:11.0906 4636 Product type: Workstation
00:39:11.0906 4636 ComputerName: DATALINK-330563
00:39:11.0906 4636 UserName: Neil Missling
00:39:11.0906 4636 Windows directory: C:\WINDOWS
00:39:11.0906 4636 System windows directory: C:\WINDOWS
00:39:11.0906 4636 Processor architecture: Intel x86
00:39:11.0906 4636 Number of processors: 2
00:39:11.0906 4636 Page size: 0x1000
00:39:11.0906 4636 Boot type: Normal boot
00:39:11.0906 4636 ============================================================
00:39:14.0406 4636 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:39:14.0406 4636 ============================================================
00:39:14.0406 4636 \Device\Harddisk0\DR0:
00:39:14.0406 4636 MBR partitions:
00:39:14.0406 4636 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
00:39:14.0406 4636 ============================================================
00:39:14.0500 4636 C: <-> \Device\Harddisk0\DR0\Partition1
00:39:14.0500 4636 ============================================================
00:39:14.0500 4636 Initialize success
00:39:14.0500 4636 ============================================================
00:39:19.0875 6012 ============================================================
00:39:19.0875 6012 Scan started
00:39:19.0875 6012 Mode: Manual;
00:39:19.0875 6012 ============================================================
00:39:20.0703 6012 ================ Scan system memory ========================
00:39:24.0968 6012 System memory - ok
00:39:24.0968 6012 ================ Scan services =============================
00:39:25.0093 6012 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:39:25.0125 6012 !SASCORE - ok
00:39:25.0281 6012 Abiosdsk - ok
00:39:25.0296 6012 abp480n5 - ok
00:39:25.0328 6012 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:39:25.0390 6012 ACPI - ok
00:39:25.0437 6012 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:39:25.0453 6012 ACPIEC - ok
00:39:25.0453 6012 adpu160m - ok
00:39:25.0890 6012 [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
00:39:25.0984 6012 AdvancedSystemCareService5 - ok
00:39:26.0015 6012 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:39:26.0078 6012 aec - ok
00:39:26.0171 6012 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:39:26.0203 6012 AFD - ok
00:39:26.0203 6012 Aha154x - ok
00:39:26.0218 6012 aic78u2 - ok
00:39:26.0218 6012 aic78xx - ok
00:39:26.0234 6012 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:39:26.0250 6012 Alerter - ok
00:39:26.0281 6012 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
00:39:26.0296 6012 ALG - ok
00:39:26.0296 6012 AliIde - ok
00:39:26.0312 6012 amsint - ok
00:39:26.0437 6012 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:39:26.0453 6012 Apple Mobile Device - ok
00:39:26.0500 6012 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:39:26.0515 6012 AppMgmt - ok
00:39:26.0562 6012 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:39:26.0578 6012 Arp1394 - ok
00:39:26.0593 6012 asc - ok
00:39:26.0593 6012 asc3350p - ok
00:39:26.0593 6012 asc3550 - ok
00:39:26.0656 6012 [ A8FD25A183FAEDD810EFCDDB8118CA50 ] ASFIPmon C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
00:39:26.0671 6012 ASFIPmon - ok
00:39:26.0828 6012 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:39:27.0062 6012 aspnet_state - ok
00:39:27.0078 6012 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:39:27.0093 6012 AsyncMac - ok
00:39:27.0140 6012 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:39:27.0156 6012 atapi - ok
00:39:27.0156 6012 Atdisk - ok
00:39:27.0187 6012 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:39:27.0187 6012 Atmarpc - ok
00:39:27.0250 6012 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:39:27.0328 6012 AudioSrv - ok
00:39:27.0390 6012 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:39:27.0406 6012 audstub - ok
00:39:27.0484 6012 [ CDD20E2F35FFBFA3F31376D65BB9DD48 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
00:39:27.0500 6012 Autodesk Licensing Service - ok
00:39:27.0578 6012 [ C0ACD392ECE55784884CC208AAFA06CE ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
00:39:27.0578 6012 b57w2k - ok
00:39:27.0625 6012 [ 3D87B0484BE1093C6614062701F375C5 ] BASFND C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
00:39:27.0625 6012 BASFND - ok
00:39:27.0734 6012 [ 345D38F298368DD6B0DF5C4F37457A22 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
00:39:27.0796 6012 BCM43XX - ok
00:39:27.0843 6012 [ 40F8C4C10ED67B1DE44ABF82582BAC37 ] BCOREUSB C:\WINDOWS\system32\Drivers\BCOREUSB.sys
00:39:27.0859 6012 BCOREUSB - ok
00:39:27.0906 6012 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:39:27.0921 6012 Beep - ok
00:39:27.0984 6012 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
00:39:28.0125 6012 BITS - ok
00:39:28.0187 6012 [ B26E18ADAA16E507166E3B61E79A1E25 ] Bluetooth Hid Switch Service C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe
00:39:28.0218 6012 Bluetooth Hid Switch Service - ok
00:39:28.0312 6012 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:39:28.0375 6012 Bonjour Service - ok
00:39:28.0421 6012 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
00:39:28.0453 6012 Browser - ok
00:39:28.0484 6012 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
00:39:28.0500 6012 BthEnum - ok
00:39:28.0531 6012 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
00:39:28.0562 6012 BthPan - ok
00:39:28.0609 6012 [ 662BFD909447DD9CC15B1A1C366583B4 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
00:39:28.0640 6012 BTHPORT - ok
00:39:28.0687 6012 [ F4C43C66471B87996D95DB7A3A664A37 ] BthServ C:\WINDOWS\System32\bthserv.dll
00:39:28.0703 6012 BthServ - ok
00:39:28.0703 6012 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
00:39:28.0718 6012 BTHUSB - ok
00:39:28.0718 6012 catchme - ok
00:39:28.0750 6012 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:39:28.0765 6012 cbidf2k - ok
00:39:28.0812 6012 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:39:28.0828 6012 CCDECODE - ok
00:39:28.0875 6012 [ 04945313BC60488E0C14AD1167160659 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
00:39:28.0890 6012 ccEvtMgr - ok
00:39:28.0921 6012 [ 2203161EC24C210D51DB69C604F4A504 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
00:39:28.0937 6012 ccSetMgr - ok
00:39:28.0937 6012 cd20xrnt - ok
00:39:28.0968 6012 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:39:29.0000 6012 Cdaudio - ok
00:39:29.0031 6012 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:39:29.0046 6012 Cdfs - ok
00:39:29.0062 6012 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:39:29.0093 6012 Cdrom - ok
00:39:29.0125 6012 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
00:39:29.0140 6012 cercsr6 - ok
00:39:29.0140 6012 Changer - ok
00:39:29.0187 6012 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:39:29.0203 6012 CiSvc - ok
00:39:29.0234 6012 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:39:29.0250 6012 ClipSrv - ok
00:39:29.0343 6012 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:39:29.0500 6012 clr_optimization_v2.0.50727_32 - ok
00:39:29.0546 6012 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:39:29.0640 6012 clr_optimization_v4.0.30319_32 - ok
00:39:29.0671 6012 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:39:29.0687 6012 CmBatt - ok
00:39:29.0703 6012 CmdIde - ok
00:39:29.0718 6012 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:39:29.0734 6012 Compbatt - ok
00:39:29.0750 6012 COMSysApp - ok
00:39:29.0750 6012 Cpqarray - ok
00:39:29.0781 6012 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:39:29.0796 6012 CryptSvc - ok
00:39:29.0843 6012 [ 8E1945984E147562F9F08E1D344A69CC ] CSRBC C:\WINDOWS\system32\Drivers\csrbcxp.sys
00:39:29.0859 6012 CSRBC - ok
00:39:29.0859 6012 dac2w2k - ok
00:39:29.0875 6012 dac960nt - ok
00:39:29.0921 6012 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:39:29.0937 6012 DcomLaunch - ok
00:39:29.0984 6012 [ 9709D3D9E592D3217353F3FAFE29FAA3 ] DefWatch C:\Program Files\Symantec AntiVirus\DefWatch.exe
00:39:30.0015 6012 DefWatch - ok
00:39:30.0078 6012 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:39:30.0078 6012 Dhcp - ok
00:39:30.0093 6012 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:39:30.0109 6012 Disk - ok
00:39:30.0109 6012 dlcc_device - ok
00:39:30.0109 6012 dmadmin - ok
00:39:30.0187 6012 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:39:30.0343 6012 dmboot - ok
00:39:30.0375 6012 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:39:30.0406 6012 dmio - ok
00:39:30.0421 6012 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:39:30.0437 6012 dmload - ok
00:39:30.0484 6012 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:39:30.0515 6012 dmserver - ok
00:39:30.0531 6012 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:39:30.0562 6012 DMusic - ok
00:39:30.0609 6012 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:39:30.0640 6012 Dnscache - ok
00:39:30.0671 6012 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:39:30.0703 6012 Dot3svc - ok
00:39:30.0703 6012 dpti2o - ok
00:39:30.0750 6012 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:39:30.0750 6012 drmkaud - ok
00:39:30.0812 6012 [ B15F9E526BA511A48B1B1B8537815740 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
00:39:30.0859 6012 drvmcdb - ok
00:39:30.0875 6012 [ FA4670CAE95AE2BB857C68E535661145 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
00:39:30.0921 6012 drvnddm - ok
00:39:30.0937 6012 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:39:31.0031 6012 EapHost - ok
00:39:31.0093 6012 [ DF197FEB19746F8A6A310D32655814A0 ] easytether C:\WINDOWS\system32\DRIVERS\easytthr.sys
00:39:31.0125 6012 easytether - ok
00:39:31.0234 6012 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
00:39:31.0296 6012 eeCtrl - ok
00:39:31.0421 6012 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
00:39:31.0468 6012 EpsonBidirectionalService - ok
00:39:31.0515 6012 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:39:31.0859 6012 EraserUtilRebootDrv - ok
00:39:31.0921 6012 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:39:31.0937 6012 ERSvc - ok
00:39:31.0968 6012 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
00:39:32.0031 6012 Eventlog - ok
00:39:32.0078 6012 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
00:39:32.0109 6012 EventSystem - ok
00:39:32.0156 6012 [ 8B5C73DFB031D5D5112CD7BE5B0F85AD ] fanio C:\WINDOWS\system32\drivers\fanio.sys
00:39:32.0156 6012 fanio - ok
00:39:32.0218 6012 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:39:32.0234 6012 Fastfat - ok
00:39:32.0281 6012 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:39:32.0296 6012 FastUserSwitchingCompatibility - ok
00:39:32.0328 6012 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:39:32.0406 6012 Fdc - ok
00:39:32.0453 6012 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
00:39:32.0468 6012 FilterService - ok
00:39:32.0484 6012 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:39:32.0500 6012 Fips - ok
00:39:32.0562 6012 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:39:32.0609 6012 FLEXnet Licensing Service - ok
00:39:32.0656 6012 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:39:32.0671 6012 Flpydisk - ok
00:39:32.0734 6012 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:39:32.0781 6012 FltMgr - ok
00:39:32.0875 6012 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:39:32.0937 6012 FontCache3.0.0.0 - ok
00:39:32.0968 6012 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:39:32.0984 6012 Fs_Rec - ok
00:39:33.0015 6012 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:39:33.0046 6012 Ftdisk - ok
00:39:33.0078 6012 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
00:39:33.0093 6012 GEARAspiWDM - ok
00:39:33.0140 6012 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:39:33.0156 6012 Gpc - ok
00:39:33.0328 6012 [ C0BDAB85F3E8B2138C513255E2BCC4D8 ] guardian2 C:\WINDOWS\system32\Drivers\oz776.sys
00:39:33.0343 6012 guardian2 - ok
00:39:33.0453 6012 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:39:33.0453 6012 gupdate - ok
00:39:33.0453 6012 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:39:33.0453 6012 gupdatem - ok
00:39:33.0500 6012 [ 5467F1FF0AF264566740F67E8B810735 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:39:33.0531 6012 gusvc - ok
00:39:33.0593 6012 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:39:33.0609 6012 HDAudBus - ok
00:39:33.0656 6012 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:39:33.0671 6012 helpsvc - ok
00:39:33.0687 6012 [ 7BD2DE4C85EB4241EED57672B16A7D8D ] HidBth C:\WINDOWS\system32\DRIVERS\hidbth.sys
00:39:33.0703 6012 HidBth - ok
00:39:33.0750 6012 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:39:33.0750 6012 HidServ - ok
00:39:33.0812 6012 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:39:33.0812 6012 hidusb - ok
00:39:33.0890 6012 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:39:33.0906 6012 hkmsvc - ok
00:39:33.0906 6012 hpn - ok
00:39:34.0000 6012 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
00:39:34.0031 6012 HSF_DPV - ok
00:39:34.0078 6012 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
00:39:34.0093 6012 HSXHWAZL - ok
00:39:34.0140 6012 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
00:39:34.0140 6012 HTCAND32 - ok
00:39:34.0187 6012 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
00:39:34.0203 6012 htcnprot - ok
00:39:34.0250 6012 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:39:34.0265 6012 HTTP - ok
00:39:34.0296 6012 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:39:34.0328 6012 HTTPFilter - ok
00:39:34.0328 6012 i2omgmt - ok
00:39:34.0343 6012 i2omp - ok
00:39:34.0390 6012 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:39:34.0406 6012 i8042prt - ok
00:39:34.0500 6012 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:39:34.0515 6012 IDriverT - ok
00:39:34.0625 6012 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:39:34.0687 6012 idsvc - ok
00:39:34.0718 6012 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:39:34.0734 6012 Imapi - ok
00:39:34.0781 6012 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
00:39:34.0812 6012 ImapiService - ok
00:39:34.0812 6012 ini910u - ok
00:39:34.0812 6012 IntelIde - ok
00:39:34.0875 6012 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:39:34.0875 6012 intelppm - ok
00:39:34.0968 6012 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
00:39:34.0968 6012 IntuitUpdateService - ok
00:39:35.0062 6012 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
00:39:35.0062 6012 IntuitUpdateServiceV4 - ok
00:39:35.0109 6012 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:39:35.0109 6012 Ip6Fw - ok
00:39:35.0171 6012 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:39:35.0171 6012 IpFilterDriver - ok
00:39:35.0218 6012 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:39:35.0218 6012 IpInIp - ok
00:39:35.0265 6012 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:39:35.0296 6012 IpNat - ok
00:39:35.0359 6012 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:39:35.0406 6012 iPod Service - ok
00:39:35.0437 6012 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:39:35.0453 6012 IPSec - ok
00:39:35.0484 6012 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:39:35.0500 6012 IRENUM - ok
00:39:35.0531 6012 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:39:35.0546 6012 isapnp - ok
00:39:35.0656 6012 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
00:39:35.0687 6012 JavaQuickStarterService - ok
00:39:35.0734 6012 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:39:35.0734 6012 Kbdclass - ok
00:39:35.0765 6012 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:39:35.0781 6012 kmixer - ok
00:39:35.0796 6012 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:39:35.0796 6012 KSecDD - ok
00:39:35.0828 6012 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:39:35.0843 6012 lanmanserver - ok
00:39:35.0890 6012 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:39:35.0906 6012 lanmanworkstation - ok
00:39:35.0906 6012 lbrtfdc - ok
00:39:36.0062 6012 [ FB3A35318CA7F6A10FA3C3826A69AFFE ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
00:39:36.0140 6012 LiveUpdate - ok
00:39:36.0171 6012 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:39:36.0171 6012 LmHosts - ok
00:39:36.0234 6012 [ 9FB982DE1C8DD769F8ED681DD878B12F ] lvpopflt C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
00:39:36.0250 6012 lvpopflt - ok
00:39:36.0281 6012 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
00:39:36.0281 6012 LVPr2Mon - ok
00:39:36.0359 6012 [ B6E1CCD6572984ADCAE68439AFD07011 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
00:39:36.0375 6012 LVRS - ok
00:39:36.0578 6012 [ 6C42815DD57E397F0CD988304B5EB4B3 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
00:39:36.0765 6012 LVUVC - ok
00:39:36.0812 6012 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
00:39:36.0812 6012 mdmxsdk - ok
00:39:36.0843 6012 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:39:36.0859 6012 Messenger - ok
00:39:36.0953 6012 [ AA0C4A2C33CE075DF2C272D678734991 ] mi-raysat_VIZ2008_32 C:\Program Files\Autodesk\VIZ2008\mentalray\satellite\raysat_VIZ2008_32server.exe
00:39:36.0984 6012 mi-raysat_VIZ2008_32 - ok
00:39:37.0234 6012 Microsoft SharePoint Workspace Audit Service - ok
00:39:37.0281 6012 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:39:37.0281 6012 mnmdd - ok
00:39:37.0328 6012 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:39:37.0343 6012 mnmsrvc - ok
00:39:37.0390 6012 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:39:37.0406 6012 Modem - ok
00:39:37.0421 6012 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:39:37.0421 6012 Mouclass - ok
00:39:37.0453 6012 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:39:37.0468 6012 mouhid - ok
00:39:37.0484 6012 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:39:37.0500 6012 MountMgr - ok
00:39:37.0578 6012 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:39:37.0609 6012 MozillaMaintenance - ok
00:39:37.0625 6012 mraid35x - ok
00:39:37.0656 6012 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:39:37.0671 6012 MRxDAV - ok
00:39:37.0718 6012 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:39:37.0765 6012 MRxSmb - ok
00:39:37.0812 6012 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:39:37.0812 6012 MSDTC - ok
00:39:37.0843 6012 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:39:37.0859 6012 Msfs - ok
00:39:37.0859 6012 MSIServer - ok
00:39:37.0875 6012 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:39:37.0890 6012 MSKSSRV - ok
00:39:37.0921 6012 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:39:37.0937 6012 MSPCLOCK - ok
00:39:37.0937 6012 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:39:37.0953 6012 MSPQM - ok
00:39:38.0000 6012 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:39:38.0015 6012 mssmbios - ok
00:39:38.0140 6012 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:39:38.0156 6012 MSTEE - ok
00:39:38.0250 6012 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:39:38.0265 6012 Mup - ok
00:39:38.0296 6012 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:39:38.0312 6012 NABTSFEC - ok
00:39:38.0343 6012 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:39:38.0375 6012 napagent - ok
00:39:38.0531 6012 [ FA0B7D801E71CE79B915BAE5A90DE224 ] NAVENG C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120830.002\naveng.sys
00:39:38.0765 6012 NAVENG - ok
00:39:39.0328 6012 [ 80BB71A7D14CF14B54514A201BF5B985 ] NAVEX15 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120830.002\navex15.sys
00:39:39.0375 6012 NAVEX15 - ok
00:39:39.0515 6012 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:39:39.0531 6012 NDIS - ok
00:39:39.0578 6012 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:39:39.0593 6012 NdisIP - ok
00:39:39.0640 6012 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:39:39.0640 6012 NdisTapi - ok
00:39:39.0671 6012 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:39:39.0687 6012 Ndisuio - ok
00:39:39.0718 6012 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:39:39.0734 6012 NdisWan - ok
00:39:39.0765 6012 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:39:39.0781 6012 NDProxy - ok
00:39:39.0781 6012 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:39:39.0781 6012 NetBIOS - ok
00:39:39.0812 6012 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:39:39.0843 6012 NetBT - ok
00:39:39.0890 6012 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
00:39:40.0312 6012 NetDDE - ok
00:39:40.0359 6012 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:39:40.0359 6012 NetDDEdsdm - ok
00:39:40.0453 6012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:39:40.0531 6012 Netlogon - ok
00:39:40.0734 6012 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
00:39:40.0750 6012 Netman - ok
00:39:40.0796 6012 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:39:40.0812 6012 NetTcpPortSharing - ok
00:39:40.0843 6012 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:39:40.0859 6012 NIC1394 - ok
00:39:40.0875 6012 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
00:39:40.0875 6012 Nla - ok
00:39:40.0921 6012 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:39:40.0921 6012 Npfs - ok
00:39:40.0968 6012 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:39:41.0000 6012 Ntfs - ok
00:39:41.0015 6012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:39:41.0015 6012 NtLmSsp - ok
00:39:41.0062 6012 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:39:41.0093 6012 NtmsSvc - ok
00:39:41.0093 6012 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:39:41.0093 6012 Null - ok
00:39:41.0625 6012 [ 77F427E51479C66C09F967D15B639B37 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:39:42.0015 6012 nv - ok
00:39:42.0078 6012 [ 143F50273CFB6D970F06A1C2D7FBBF78 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
00:39:42.0156 6012 NVSvc - ok
00:39:42.0203 6012 [ 601DC32F8028315848304BFA47F4B5E5 ] NWADI C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
00:39:42.0218 6012 NWADI - ok
00:39:42.0265 6012 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:39:42.0281 6012 NwlnkFlt - ok
00:39:42.0312 6012 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:39:42.0328 6012 NwlnkFwd - ok
00:39:42.0375 6012 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:39:42.0406 6012 ohci1394 - ok
00:39:42.0468 6012 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:39:42.0546 6012 ose - ok
00:39:42.0796 6012 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:39:43.0062 6012 osppsvc - ok
00:39:43.0109 6012 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
00:39:43.0187 6012 Parport - ok
00:39:43.0234 6012 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:39:43.0250 6012 PartMgr - ok
00:39:43.0296 6012 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:39:43.0312 6012 ParVdm - ok
00:39:43.0406 6012 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
00:39:43.0437 6012 PassThru Service - ok
00:39:43.0453 6012 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:39:43.0468 6012 PCI - ok
00:39:43.0484 6012 PCIDump - ok
00:39:43.0515 6012 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:39:43.0531 6012 PCIIde - ok
00:39:43.0593 6012 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
00:39:43.0609 6012 Pcmcia - ok
00:39:43.0625 6012 PDCOMP - ok
00:39:43.0625 6012 PDFRAME - ok
00:39:43.0625 6012 PDRELI - ok
00:39:43.0640 6012 PDRFRAME - ok
00:39:43.0640 6012 perc2 - ok
00:39:43.0640 6012 perc2hib - ok
00:39:43.0671 6012 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
00:39:43.0687 6012 PlugPlay - ok
00:39:43.0734 6012 [ 2E3394C8EBF31A9B4F0A531EB5CC7BC7 ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
00:39:43.0750 6012 Point32 - ok
00:39:43.0765 6012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:39:43.0765 6012 PolicyAgent - ok
00:39:43.0812 6012 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:39:43.0828 6012 PptpMiniport - ok
00:39:43.0843 6012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:39:43.0843 6012 ProtectedStorage - ok
00:39:43.0859 6012 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:39:43.0875 6012 PSched - ok
00:39:43.0921 6012 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:39:43.0937 6012 Ptilink - ok
00:39:43.0984 6012 [ 30CBAE0A34359F1CD19D1576245149ED ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:39:44.0000 6012 PxHelp20 - ok
00:39:44.0015 6012 ql1080 - ok
00:39:44.0015 6012 Ql10wnt - ok
00:39:44.0015 6012 ql12160 - ok
00:39:44.0031 6012 ql1240 - ok
00:39:44.0031 6012 ql1280 - ok
00:39:44.0125 6012 [ 9054C4B91761773F0EFA59BED70C54B6 ] RapportCerberus_42020 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_42020.sys
00:39:44.0156 6012 RapportCerberus_42020 - ok
00:39:44.0296 6012 [ 2986121F03420EE5EE808B92CAC0E4AF ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
00:39:44.0312 6012 RapportEI - ok
00:39:44.0406 6012 [ 35199EC35EDC7DCBA71FDA711DFB05C0 ] RapportIaso c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys
00:39:44.0421 6012 RapportIaso - ok
00:39:44.0453 6012 [ C27596B51039A1DC4A572796E681B534 ] RapportKELL C:\WINDOWS\system32\Drivers\RapportKELL.sys
00:39:44.0468 6012 RapportKELL - ok
00:39:44.0515 6012 [ CED99B16C8C7ACB45BACE79B8B8E23AB ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
00:39:44.0609 6012 RapportMgmtService - ok
00:39:44.0656 6012 [ F7482C0AA64C2ADC3A96A643AA48E6D1 ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
00:39:44.0687 6012 RapportPG - ok
00:39:44.0718 6012 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:39:44.0734 6012 RasAcd - ok
00:39:44.0781 6012 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:39:44.0796 6012 RasAuto - ok
00:39:44.0828 6012 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:39:44.0859 6012 Rasl2tp - ok
00:39:44.0890 6012 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:39:44.0937 6012 RasMan - ok
00:39:44.0953 6012 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:39:44.0984 6012 RasPppoe - ok
00:39:45.0031 6012 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:39:45.0046 6012 Raspti - ok
00:39:45.0078 6012 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:39:45.0109 6012 Rdbss - ok
00:39:45.0125 6012 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:39:45.0140 6012 RDPCDD - ok
00:39:45.0171 6012 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:39:45.0203 6012 rdpdr - ok
00:39:45.0250 6012 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:39:45.0265 6012 RDPWD - ok
00:39:45.0312 6012 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:39:45.0359 6012 RDSessMgr - ok
00:39:45.0390 6012 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:39:45.0421 6012 redbook - ok
00:39:45.0453 6012 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:39:45.0468 6012 RemoteAccess - ok
00:39:45.0500 6012 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:39:45.0531 6012 RemoteRegistry - ok
00:39:45.0562 6012 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
00:39:45.0593 6012 RFCOMM - ok
00:39:45.0609 6012 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
00:39:45.0640 6012 RpcLocator - ok
00:39:45.0671 6012 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:39:45.0687 6012 RpcSs - ok
00:39:45.0734 6012 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:39:45.0781 6012 RSVP - ok
00:39:45.0796 6012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
00:39:45.0796 6012 SamSs - ok
00:39:45.0859 6012 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:39:45.0875 6012 SASDIFSV - ok
00:39:45.0890 6012 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:39:45.0906 6012 SASKUTIL - ok
00:39:45.0953 6012 [ 5387EAE86FB5F6B72052F5273BDD3E86 ] SavRoam C:\Program Files\Symantec AntiVirus\SavRoam.exe
00:39:46.0000 6012 SavRoam - ok
00:39:46.0031 6012 [ 12B6E269EF8AC8EA36122544C8A1B6D8 ] SAVRT C:\Program Files\Symantec AntiVirus\savrt.sys
00:39:46.0062 6012 SAVRT - ok
00:39:46.0093 6012 [ 97E5B6F3F95465E1F59360B59D8EC64E ] SAVRTPEL C:\Program Files\Symantec AntiVirus\Savrtpel.sys
00:39:46.0109 6012 SAVRTPEL - ok
00:39:46.0156 6012 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:39:46.0187 6012 SCardSvr - ok
00:39:46.0234 6012 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:39:46.0265 6012 Schedule - ok
00:39:46.0296 6012 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:39:46.0312 6012 Secdrv - ok
00:39:46.0343 6012 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:39:46.0359 6012 seclogon - ok
00:39:46.0375 6012 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
00:39:46.0375 6012 SENS - ok
00:39:46.0421 6012 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
00:39:46.0437 6012 serenum - ok
00:39:46.0468 6012 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
00:39:46.0484 6012 Serial - ok
00:39:46.0531 6012 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:39:46.0546 6012 Sfloppy - ok
00:39:46.0578 6012 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:39:46.0625 6012 SharedAccess - ok
00:39:46.0656 6012 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:39:46.0656 6012 ShellHWDetection - ok
00:39:46.0671 6012 Simbad - ok
00:39:46.0687 6012 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:39:46.0703 6012 SLIP - ok
00:39:46.0765 6012 [ A16722715D3206AB7E1A6463CE0B747E ] SNDSrvc C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
00:39:46.0812 6012 SNDSrvc - ok
00:39:46.0843 6012 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
00:39:46.0859 6012 SONYPVU1 - ok
00:39:46.0875 6012 Sparrow - ok
00:39:46.0937 6012 [ EF9760A364D836A0CE6149EBDF71524D ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
00:39:46.0968 6012 SPBBCDrv - ok
00:39:47.0046 6012 [ 0A6BCAB3BB4AD9D25E833FB3F840CAE0 ] SPBBCSvc C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
00:39:47.0125 6012 SPBBCSvc - ok
00:39:47.0156 6012 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:39:47.0171 6012 splitter - ok
00:39:47.0218 6012 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:39:47.0250 6012 Spooler - ok
00:39:47.0343 6012 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:39:47.0515 6012 sr - ok
00:39:47.0546 6012 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
00:39:47.0578 6012 srservice - ok
00:39:47.0625 6012 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:39:47.0656 6012 Srv - ok
00:39:47.0687 6012 [ D7968049BE0ADBB6A57CEE3960320911 ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
00:39:47.0703 6012 sscdbhk5 - ok
00:39:47.0718 6012 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:39:47.0750 6012 SSDPSRV - ok
00:39:47.0750 6012 [ C3FFD65ABFB6441E7606CF74F1155273 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
00:39:47.0781 6012 ssrtln - ok
00:39:47.0859 6012 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
00:39:47.0890 6012 STHDA - ok
00:39:47.0953 6012 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:39:47.0984 6012 stisvc - ok
00:39:48.0015 6012 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:39:48.0031 6012 streamip - ok
00:39:48.0062 6012 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:39:48.0078 6012 swenum - ok
00:39:48.0187 6012 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
00:39:48.0281 6012 SwitchBoard - ok
00:39:48.0312 6012 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:39:48.0328 6012 swmidi - ok
00:39:48.0343 6012 SwPrv - ok
00:39:48.0437 6012 [ 0023CC5610B9C48CF68571DEE4C686FC ] Symantec AntiVirus C:\Program Files\Symantec AntiVirus\Rtvscan.exe
00:39:48.0546 6012 Symantec AntiVirus - ok
00:39:48.0546 6012 symc810 - ok
00:39:48.0546 6012 symc8xx - ok
00:39:48.0578 6012 [ 49B20B430A4F219173F823536944474A ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
00:39:48.0609 6012 SymEvent - ok
00:39:48.0609 6012 [ 626F733BE7F951116C5C0804B068666C ] SYMREDRV C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
00:39:48.0640 6012 SYMREDRV - ok
00:39:48.0656 6012 [ CB7CC4DDBE09E224D4CD876760BA982C ] SYMTDI C:\WINDOWS\System32\Drivers\SYMTDI.SYS
00:39:48.0687 6012 SYMTDI - ok
00:39:48.0687 6012 sym_hi - ok
00:39:48.0703 6012 sym_u3 - ok
00:39:48.0734 6012 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:39:48.0750 6012 sysaudio - ok
00:39:48.0796 6012 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:39:48.0828 6012 SysmonLog - ok
00:39:48.0859 6012 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:39:48.0890 6012 TapiSrv - ok
00:39:48.0937 6012 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:39:48.0984 6012 Tcpip - ok
00:39:49.0015 6012 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:39:49.0046 6012 TDPIPE - ok
00:39:49.0046 6012 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:39:49.0062 6012 TDTCP - ok
00:39:49.0093 6012 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:39:49.0125 6012 TermDD - ok
00:39:49.0156 6012 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
00:39:49.0218 6012 TermService - ok
00:39:49.0281 6012 [ 1D265CD2FB1673A0873BF8CEC19DDC7F ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
00:39:49.0328 6012 tfsnboio - ok
00:39:49.0421 6012 [ 62E4901295E0467CAC78E5B4B131AE5C ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
00:39:49.0531 6012 tfsncofs - ok
00:39:49.0593 6012 [ A2F380F9252AB3464C859ADF91EEAD9C ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
00:39:49.0609 6012 tfsndrct - ok
00:39:49.0640 6012 [ EEE79BBEFE9C6A2A3CE6C8753CFEA950 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
00:39:49.0656 6012 tfsndres - ok
00:39:49.0687 6012 [ 9D644EB11FEC9487450C4CFCD63A5DF4 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
00:39:49.0718 6012 tfsnifs - ok
00:39:49.0734 6012 [ E656AF05C67EDB7C0E9230A5DF71ED1B ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
00:39:49.0750 6012 tfsnopio - ok
00:39:49.0765 6012 [ 64FCCB9CCE703CA507DFFC3CEBF6B2CB ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
00:39:49.0781 6012 tfsnpool - ok
00:39:49.0796 6012 [ 48BC9D8AB4E4B9BFF70FB18E55CEC3D6 ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
00:39:49.0812 6012 tfsnudf - ok
00:39:49.0859 6012 [ 79F60822224256B49BFC855DA8D651D5 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
00:39:49.0890 6012 tfsnudfa - ok
00:39:49.0906 6012 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
00:39:49.0906 6012 Themes - ok
00:39:49.0937 6012 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
00:39:49.0984 6012 TlntSvr - ok
00:39:50.0031 6012 [ E362D54FD394999C4178936396664E57 ] toshidpt C:\WINDOWS\system32\drivers\Toshidpt.sys
00:39:50.0046 6012 toshidpt - ok
00:39:50.0046 6012 TosIde - ok
00:39:50.0078 6012 [ 0470BF2D5F49FF98464AC2C838E6A080 ] tosporte C:\WINDOWS\system32\DRIVERS\tosporte.sys
00:39:50.0093 6012 tosporte - ok
00:39:50.0125 6012 [ 077869082A635E8FF2C205DC95C78775 ] Tosrfbd C:\WINDOWS\system32\Drivers\tosrfbd.sys
00:39:50.0156 6012 Tosrfbd - ok
00:39:50.0171 6012 [ 613E09572F4C5B92CA6BE8BDC4CC5B7D ] Tosrfbnp C:\WINDOWS\system32\Drivers\tosrfbnp.sys
00:39:50.0187 6012 Tosrfbnp - ok
00:39:50.0203 6012 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom C:\WINDOWS\system32\Drivers\tosrfcom.sys
00:39:50.0218 6012 Tosrfcom - ok
00:39:50.0250 6012 [ F4E4795528D17FF8D1D6D98EBBB92655 ] Tosrfhid C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
00:39:50.0265 6012 Tosrfhid - ok
00:39:50.0296 6012 [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
00:39:50.0312 6012 tosrfnds - ok
00:39:50.0343 6012 [ B5518ADB2B0029FF95D22E8E7336F49F ] TosRfSnd C:\WINDOWS\system32\drivers\TosRfSnd.sys
00:39:50.0359 6012 TosRfSnd - ok
00:39:50.0390 6012 [ AC2123E788230C712D0919ED0FEC9DDD ] Tosrfusb C:\WINDOWS\system32\Drivers\tosrfusb.sys
00:39:50.0406 6012 Tosrfusb - ok
00:39:50.0437 6012 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:39:50.0468 6012 TrkWks - ok
00:39:50.0515 6012 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:39:50.0531 6012 Udfs - ok
00:39:50.0531 6012 UIUSys - ok
00:39:50.0546 6012 ultra - ok
00:39:50.0656 6012 [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
00:39:50.0750 6012 UMVPFSrv - ok
00:39:50.0828 6012 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:39:50.0953 6012 Update - ok
00:39:51.0078 6012 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:39:51.0109 6012 upnphost - ok
00:39:51.0140 6012 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
00:39:51.0156 6012 UPS - ok
00:39:51.0234 6012 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:39:51.0250 6012 USBAAPL - ok
00:39:51.0296 6012 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:39:51.0343 6012 usbaudio - ok
00:39:51.0390 6012 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:39:51.0406 6012 usbccgp - ok
00:39:51.0437 6012 [ 6B5E4D5E6E5ECD6ACD14AED59768CE5C ] USBCCID C:\WINDOWS\system32\DRIVERS\usbccid.sys
00:39:51.0453 6012 USBCCID - ok
00:39:51.0531 6012 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:39:51.0546 6012 usbehci - ok
00:39:51.0593 6012 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:39:51.0625 6012 usbhub - ok
00:39:51.0671 6012 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:39:51.0687 6012 usbprint - ok
00:39:51.0703 6012 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:39:51.0718 6012 usbscan - ok
00:39:51.0750 6012 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:39:51.0781 6012 USBSTOR - ok
00:39:51.0796 6012 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:39:51.0812 6012 usbuhci - ok
00:39:51.0859 6012 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
00:39:51.0890 6012 usbvideo - ok
00:39:51.0906 6012 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
00:39:51.0937 6012 usb_rndisx - ok
00:39:51.0968 6012 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:39:51.0984 6012 VgaSave - ok
00:39:52.0000 6012 ViaIde - ok
00:39:52.0031 6012 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:39:52.0046 6012 VolSnap - ok
00:39:52.0109 6012 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
00:39:52.0140 6012 VSS - ok
00:39:52.0171 6012 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
00:39:52.0203 6012 W32Time - ok
00:39:52.0234 6012 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:39:52.0265 6012 Wanarp - ok
00:39:52.0312 6012 [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
00:39:52.0359 6012 Wdf01000 - ok
00:39:52.0359 6012 WDICA - ok
00:39:52.0375 6012 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:39:52.0406 6012 wdmaud - ok
00:39:52.0437 6012 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:39:52.0468 6012 WebClient - ok
00:39:52.0500 6012 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
00:39:52.0546 6012 winachsf - ok
00:39:52.0625 6012 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:39:52.0656 6012 winmgmt - ok
00:39:52.0734 6012 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
00:39:52.0812 6012 WinRM - ok
00:39:52.0828 6012 wltrysvc - ok
00:39:52.0859 6012 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
00:39:52.0890 6012 WmdmPmSN - ok
00:39:52.0937 6012 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:39:52.0953 6012 Wmi - ok
00:39:53.0000 6012 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
00:39:53.0015 6012 WmiAcpi - ok
00:39:53.0062 6012 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:39:53.0093 6012 WmiApSrv - ok
00:39:53.0187 6012 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
00:39:53.0265 6012 WMPNetworkSvc - ok
00:39:53.0328 6012 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
00:39:53.0343 6012 WpdUsb - ok
00:39:53.0515 6012 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:39:53.0609 6012 WPFFontCache_v0400 - ok
00:39:53.0640 6012 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:39:53.0656 6012 WS2IFSL - ok
00:39:53.0703 6012 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:39:53.0718 6012 wscsvc - ok
00:39:53.0750 6012 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:39:53.0765 6012 WSTCODEC - ok
00:39:53.0781 6012 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:39:53.0781 6012 wuauserv - ok
00:39:53.0828 6012 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:39:53.0828 6012 WudfPf - ok
00:39:53.0859 6012 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:39:53.0859 6012 WudfRd - ok
00:39:53.0875 6012 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:39:53.0937 6012 WudfSvc - ok
00:39:53.0968 6012 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:39:54.0000 6012 WZCSVC - ok
00:39:54.0015 6012 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:39:54.0031 6012 xmlprov - ok
00:39:54.0031 6012 ================ Scan global ===============================
00:39:54.0078 6012 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
00:39:54.0171 6012 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:39:54.0234 6012 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:39:54.0250 6012 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
00:39:54.0250 6012 [Global] - ok
00:39:54.0250 6012 ================ Scan MBR ==================================
00:39:54.0281 6012 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:39:54.0484 6012 \Device\Harddisk0\DR0 - ok
00:39:54.0484 6012 ================ Scan VBR ==================================
00:39:54.0484 6012 [ ED45FDC279782C87B9CFD06AD068EF6D ] \Device\Harddisk0\DR0\Partition1
00:39:54.0500 6012 \Device\Harddisk0\DR0\Partition1 - ok
00:39:54.0500 6012 ============================================================
00:39:54.0500 6012 Scan finished
00:39:54.0500 6012 ============================================================
00:39:54.0500 1888 Detected object count: 0
00:39:54.0500 1888 Actual detected object count: 0
00:42:49.0625 2616 ============================================================
00:42:49.0625 2616 Scan started
00:42:49.0625 2616 Mode: Manual;
00:42:49.0625 2616 ============================================================
00:42:49.0953 2616 ================ Scan system memory ========================
00:42:51.0187 2616 System memory - ok
00:42:51.0187 2616 ================ Scan services =============================
00:42:51.0312 2616 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:42:51.0312 2616 !SASCORE - ok
00:42:51.0453 2616 Abiosdsk - ok
00:42:51.0453 2616 abp480n5 - ok
00:42:51.0500 2616 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:42:51.0500 2616 ACPI - ok
00:42:51.0531 2616 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:42:51.0531 2616 ACPIEC - ok
00:42:51.0531 2616 adpu160m - ok
00:42:51.0640 2616 [ 96D6CDD0B32846E8CFBE592F4F32E608 ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
00:42:51.0640 2616 AdvancedSystemCareService5 - ok
00:42:51.0671 2616 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:42:51.0671 2616 aec - ok
00:42:51.0718 2616 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:42:51.0718 2616 AFD - ok
00:42:51.0718 2616 Aha154x - ok
00:42:51.0734 2616 aic78u2 - ok
00:42:51.0734 2616 aic78xx - ok
00:42:51.0765 2616 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:42:51.0765 2616 Alerter - ok
00:42:51.0781 2616 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
00:42:51.0781 2616 ALG - ok
00:42:51.0796 2616 AliIde - ok
00:42:51.0796 2616 amsint - ok
00:42:51.0921 2616 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:42:51.0921 2616 Apple Mobile Device - ok
00:42:51.0968 2616 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:42:51.0968 2616 AppMgmt - ok
00:42:52.0015 2616 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:42:52.0015 2616 Arp1394 - ok
00:42:52.0031 2616 asc - ok
00:42:52.0031 2616 asc3350p - ok
00:42:52.0031 2616 asc3550 - ok
00:42:52.0093 2616 [ A8FD25A183FAEDD810EFCDDB8118CA50 ] ASFIPmon C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
00:42:52.0093 2616 ASFIPmon - ok
00:42:52.0234 2616 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
00:42:52.0234 2616 aspnet_state - ok
00:42:52.0250 2616 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:42:52.0250 2616 AsyncMac - ok
00:42:52.0281 2616 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:42:52.0281 2616 atapi - ok
00:42:52.0281 2616 Atdisk - ok
00:42:52.0312 2616 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:42:52.0312 2616 Atmarpc - ok
00:42:52.0359 2616 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:42:52.0359 2616 AudioSrv - ok
00:42:52.0406 2616 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:42:52.0406 2616 audstub - ok
00:42:52.0468 2616 [ CDD20E2F35FFBFA3F31376D65BB9DD48 ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
00:42:52.0468 2616 Autodesk Licensing Service - ok
00:42:52.0531 2616 [ C0ACD392ECE55784884CC208AAFA06CE ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
00:42:52.0531 2616 b57w2k - ok
00:42:52.0578 2616 [ 3D87B0484BE1093C6614062701F375C5 ] BASFND C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
00:42:52.0578 2616 BASFND - ok
00:42:52.0703 2616 [ 345D38F298368DD6B0DF5C4F37457A22 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
00:42:52.0734 2616 BCM43XX - ok
00:42:52.0781 2616 [ 40F8C4C10ED67B1DE44ABF82582BAC37 ] BCOREUSB C:\WINDOWS\system32\Drivers\BCOREUSB.sys
00:42:52.0781 2616 BCOREUSB - ok
00:42:52.0828 2616 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:42:52.0828 2616 Beep - ok
00:42:52.0875 2616 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
00:42:52.0890 2616 BITS - ok
00:42:52.0953 2616 [ B26E18ADAA16E507166E3B61E79A1E25 ] Bluetooth Hid Switch Service C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe
00:42:52.0953 2616 Bluetooth Hid Switch Service - ok
00:42:53.0046 2616 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:42:53.0046 2616 Bonjour Service - ok
00:42:53.0125 2616 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
00:42:53.0125 2616 Browser - ok
00:42:53.0171 2616 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
00:42:53.0171 2616 BthEnum - ok
00:42:53.0187 2616 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
00:42:53.0203 2616 BthPan - ok
00:42:53.0250 2616 [ 662BFD909447DD9CC15B1A1C366583B4 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
00:42:53.0250 2616 BTHPORT - ok
00:42:53.0296 2616 [ F4C43C66471B87996D95DB7A3A664A37 ] BthServ C:\WINDOWS\System32\bthserv.dll
00:42:53.0296 2616 BthServ - ok
00:42:53.0312 2616 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
00:42:53.0312 2616 BTHUSB - ok
00:42:53.0312 2616 catchme - ok
00:42:53.0343 2616 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:42:53.0343 2616 cbidf2k - ok
00:42:53.0375 2616 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
00:42:53.0375 2616 CCDECODE - ok
00:42:53.0437 2616 [ 04945313BC60488E0C14AD1167160659 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
00:42:53.0437 2616 ccEvtMgr - ok
00:42:53.0484 2616 [ 2203161EC24C210D51DB69C604F4A504 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
00:42:53.0484 2616 ccSetMgr - ok
00:42:53.0500 2616 cd20xrnt - ok
00:42:53.0546 2616 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:42:53.0546 2616 Cdaudio - ok
00:42:53.0578 2616 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:42:53.0593 2616 Cdfs - ok
00:42:53.0593 2616 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:42:53.0593 2616 Cdrom - ok
00:42:53.0625 2616 [ 84853B3FD012251690570E9E7E43343F ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys
00:42:53.0625 2616 cercsr6 - ok
00:42:53.0625 2616 Changer - ok
00:42:53.0671 2616 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:42:53.0687 2616 CiSvc - ok
00:42:53.0703 2616 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:42:53.0718 2616 ClipSrv - ok
00:42:53.0796 2616 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:42:53.0796 2616 clr_optimization_v2.0.50727_32 - ok
00:42:53.0843 2616 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:42:53.0859 2616 clr_optimization_v4.0.30319_32 - ok
00:42:53.0890 2616 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:42:53.0890 2616 CmBatt - ok
00:42:53.0906 2616 CmdIde - ok
00:42:53.0937 2616 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:42:53.0937 2616 Compbatt - ok
00:42:53.0953 2616 COMSysApp - ok
00:42:53.0968 2616 Cpqarray - ok
00:42:53.0984 2616 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:42:54.0000 2616 CryptSvc - ok
00:42:54.0031 2616 [ 8E1945984E147562F9F08E1D344A69CC ] CSRBC C:\WINDOWS\system32\Drivers\csrbcxp.sys
00:42:54.0031 2616 CSRBC - ok
00:42:54.0046 2616 dac2w2k - ok
00:42:54.0046 2616 dac960nt - ok
00:42:54.0109 2616 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:42:54.0109 2616 DcomLaunch - ok
00:42:54.0187 2616 [ 9709D3D9E592D3217353F3FAFE29FAA3 ] DefWatch C:\Program Files\Symantec AntiVirus\DefWatch.exe
00:42:54.0187 2616 DefWatch - ok
00:42:54.0250 2616 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:42:54.0250 2616 Dhcp - ok
00:42:54.0250 2616 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:42:54.0250 2616 Disk - ok
00:42:54.0265 2616 dlcc_device - ok
00:42:54.0265 2616 dmadmin - ok
00:42:54.0328 2616 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:42:54.0328 2616 dmboot - ok
00:42:54.0359 2616 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:42:54.0359 2616 dmio - ok
00:42:54.0406 2616 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:42:54.0406 2616 dmload - ok
00:42:54.0437 2616 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
00:42:54.0453 2616 dmserver - ok
00:42:54.0453 2616 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:42:54.0468 2616 DMusic - ok
00:42:54.0500 2616 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:42:54.0500 2616 Dnscache - ok
00:42:54.0546 2616 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:42:54.0546 2616 Dot3svc - ok
00:42:54.0562 2616 dpti2o - ok
00:42:54.0609 2616 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:42:54.0609 2616 drmkaud - ok
00:42:54.0656 2616 [ B15F9E526BA511A48B1B1B8537815740 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
00:42:54.0656 2616 drvmcdb - ok
00:42:54.0656 2616 [ FA4670CAE95AE2BB857C68E535661145 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
00:42:54.0656 2616 drvnddm - ok
00:42:54.0687 2616 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:42:54.0687 2616 EapHost - ok
00:42:54.0718 2616 [ DF197FEB19746F8A6A310D32655814A0 ] easytether C:\WINDOWS\system32\DRIVERS\easytthr.sys
00:42:54.0718 2616 easytether - ok
00:42:54.0781 2616 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
00:42:54.0781 2616 eeCtrl - ok
00:42:54.0890 2616 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
00:42:54.0890 2616 EpsonBidirectionalService - ok
00:42:54.0921 2616 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
00:42:54.0937 2616 EraserUtilRebootDrv - ok
00:42:54.0968 2616 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:42:54.0968 2616 ERSvc - ok
00:42:55.0000 2616 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
00:42:55.0000 2616 Eventlog - ok
00:42:55.0062 2616 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
00:42:55.0062 2616 EventSystem - ok
00:42:55.0125 2616 [ 8B5C73DFB031D5D5112CD7BE5B0F85AD ] fanio C:\WINDOWS\system32\drivers\fanio.sys
00:42:55.0125 2616 fanio - ok
00:42:55.0171 2616 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:42:55.0171 2616 Fastfat - ok
00:42:55.0218 2616 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:42:55.0218 2616 FastUserSwitchingCompatibility - ok
00:42:55.0265 2616 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
00:42:55.0265 2616 Fdc - ok
00:42:55.0312 2616 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
00:42:55.0312 2616 FilterService - ok
00:42:55.0328 2616 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:42:55.0328 2616 Fips - ok
00:42:55.0390 2616 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:42:55.0406 2616 FLEXnet Licensing Service - ok
00:42:55.0437 2616 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
00:42:55.0437 2616 Flpydisk - ok
00:42:55.0484 2616 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:42:55.0484 2616 FltMgr - ok
00:42:55.0593 2616 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:42:55.0593 2616 FontCache3.0.0.0 - ok
00:42:55.0609 2616 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:42:55.0609 2616 Fs_Rec - ok
00:42:55.0609 2616 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:42:55.0609 2616 Ftdisk - ok
00:42:55.0656 2616 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
00:42:55.0656 2616 GEARAspiWDM - ok
00:42:55.0703 2616 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:42:55.0703 2616 Gpc - ok
00:42:55.0734 2616 [ C0BDAB85F3E8B2138C513255E2BCC4D8 ] guardian2 C:\WINDOWS\system32\Drivers\oz776.sys
00:42:55.0750 2616 guardian2 - ok
00:42:55.0843 2616 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:42:55.0843 2616 gupdate - ok
00:42:55.0843 2616 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:42:55.0859 2616 gupdatem - ok
00:42:55.0906 2616 [ 5467F1FF0AF264566740F67E8B810735 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
00:42:55.0906 2616 gusvc - ok
00:42:55.0968 2616 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:42:55.0968 2616 HDAudBus - ok
00:42:56.0015 2616 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:42:56.0015 2616 helpsvc - ok
00:42:56.0031 2616 [ 7BD2DE4C85EB4241EED57672B16A7D8D ] HidBth C:\WINDOWS\system32\DRIVERS\hidbth.sys
00:42:56.0031 2616 HidBth - ok
00:42:56.0078 2616 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:42:56.0078 2616 HidServ - ok
00:42:56.0109 2616 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:42:56.0125 2616 hidusb - ok
00:42:56.0156 2616 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:42:56.0156 2616 hkmsvc - ok
00:42:56.0171 2616 hpn - ok
00:42:56.0250 2616 [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
00:42:56.0265 2616 HSF_DPV - ok
00:42:56.0312 2616 [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
00:42:56.0312 2616 HSXHWAZL - ok
00:42:56.0359 2616 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys
00:42:56.0359 2616 HTCAND32 - ok
00:42:56.0406 2616 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
00:42:56.0406 2616 htcnprot - ok
00:42:56.0453 2616 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:42:56.0453 2616 HTTP - ok
00:42:56.0500 2616 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:42:56.0500 2616 HTTPFilter - ok
00:42:56.0500 2616 i2omgmt - ok
00:42:56.0515 2616 i2omp - ok
00:42:56.0578 2616 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:42:56.0578 2616 i8042prt - ok
00:42:56.0671 2616 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:42:56.0671 2616 IDriverT - ok
00:42:56.0765 2616 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:42:56.0781 2616 idsvc - ok
00:42:56.0812 2616 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:42:56.0812 2616 Imapi - ok
00:42:56.0843 2616 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
00:42:56.0843 2616 ImapiService - ok
00:42:56.0843 2616 ini910u - ok
00:42:56.0859 2616 IntelIde - ok
00:42:56.0890 2616 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:42:56.0890 2616 intelppm - ok
00:42:56.0968 2616 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
00:42:56.0968 2616 IntuitUpdateService - ok
00:42:57.0046 2616 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
00:42:57.0046 2616 IntuitUpdateServiceV4 - ok
00:42:57.0062 2616 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:42:57.0062 2616 Ip6Fw - ok
00:42:57.0109 2616 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:42:57.0109 2616 IpFilterDriver - ok
00:42:57.0156 2616 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:42:57.0156 2616 IpInIp - ok
00:42:57.0171 2616 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:42:57.0171 2616 IpNat - ok
00:42:57.0265 2616 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:42:57.0281 2616 iPod Service - ok
00:42:57.0296 2616 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:42:57.0296 2616 IPSec - ok
00:42:57.0312 2616 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:42:57.0312 2616 IRENUM - ok
00:42:57.0328 2616 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:42:57.0328 2616 isapnp - ok
00:42:57.0437 2616 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
00:42:57.0437 2616 JavaQuickStarterService - ok
00:42:57.0484 2616 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:42:57.0484 2616 Kbdclass - ok
00:42:57.0500 2616 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:42:57.0515 2616 kmixer - ok
00:42:57.0531 2616 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:42:57.0546 2616 KSecDD - ok
00:42:57.0593 2616 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:42:57.0593 2616 lanmanserver - ok
00:42:57.0656 2616 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:42:57.0671 2616 lanmanworkstation - ok
00:42:57.0671 2616 lbrtfdc - ok
00:42:57.0843 2616 [ FB3A35318CA7F6A10FA3C3826A69AFFE ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
00:42:57.0875 2616 LiveUpdate - ok
00:42:57.0906 2616 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:42:57.0906 2616 LmHosts - ok
00:42:57.0953 2616 [ 9FB982DE1C8DD769F8ED681DD878B12F ] lvpopflt C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
00:42:57.0953 2616 lvpopflt - ok
00:42:58.0000 2616 [ 8BE71D7EDB8C7494913722059F760DD0 ] LVPr2Mon C:\WINDOWS\system32\Drivers\LVPr2Mon.sys
00:42:58.0000 2616 LVPr2Mon - ok
00:42:58.0046 2616 [ B6E1CCD6572984ADCAE68439AFD07011 ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
00:42:58.0046 2616 LVRS - ok
00:42:58.0265 2616 [ 6C42815DD57E397F0CD988304B5EB4B3 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
00:42:58.0312 2616 LVUVC - ok
00:42:58.0359 2616 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
00:42:58.0359 2616 mdmxsdk - ok
00:42:58.0390 2616 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:42:58.0390 2616 Messenger - ok
00:42:58.0500 2616 [ AA0C4A2C33CE075DF2C272D678734991 ] mi-raysat_VIZ2008_32 C:\Program Files\Autodesk\VIZ2008\mentalray\satellite\raysat_VIZ2008_32server.exe
00:42:58.0500 2616 mi-raysat_VIZ2008_32 - ok
00:42:58.0593 2616 Microsoft SharePoint Workspace Audit Service - ok
00:42:58.0625 2616 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:42:58.0625 2616 mnmdd - ok
00:42:58.0671 2616 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:42:58.0671 2616 mnmsrvc - ok
00:42:58.0718 2616 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:42:58.0718 2616 Modem - ok
00:42:58.0734 2616 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:42:58.0734 2616 Mouclass - ok
00:42:58.0765 2616 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:42:58.0765 2616 mouhid - ok
00:42:58.0781 2616 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:42:58.0781 2616 MountMgr - ok
00:42:58.0859 2616 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:42:58.0875 2616 MozillaMaintenance - ok
00:42:58.0875 2616 mraid35x - ok
00:42:58.0906 2616 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:42:58.0906 2616 MRxDAV - ok
00:42:58.0953 2616 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:42:58.0968 2616 MRxSmb - ok
00:42:59.0000 2616 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:42:59.0000 2616 MSDTC - ok
00:42:59.0031 2616 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:42:59.0031 2616 Msfs - ok
00:42:59.0031 2616 MSIServer - ok
00:42:59.0062 2616 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:42:59.0062 2616 MSKSSRV - ok
00:42:59.0062 2616 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:42:59.0078 2616 MSPCLOCK - ok
00:42:59.0078 2616 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:42:59.0078 2616 MSPQM - ok
00:42:59.0109 2616 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:42:59.0109 2616 mssmbios - ok
00:42:59.0109 2616 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
00:42:59.0109 2616 MSTEE - ok
00:42:59.0125 2616 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:42:59.0140 2616 Mup - ok
00:42:59.0156 2616 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
00:42:59.0156 2616 NABTSFEC - ok
00:42:59.0203 2616 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:42:59.0218 2616 napagent - ok
00:42:59.0312 2616 [ FA0B7D801E71CE79B915BAE5A90DE224 ] NAVENG C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120830.002\naveng.sys
00:42:59.0328 2616 NAVENG - ok
00:42:59.0406 2616 [ 80BB71A7D14CF14B54514A201BF5B985 ] NAVEX15 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120830.002\navex15.sys
00:42:59.0421 2616 NAVEX15 - ok
00:42:59.0468 2616 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:42:59.0468 2616 NDIS - ok
00:42:59.0515 2616 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
00:42:59.0515 2616 NdisIP - ok
00:42:59.0562 2616 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:42:59.0562 2616 NdisTapi - ok
00:42:59.0578 2616 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:42:59.0578 2616 Ndisuio - ok
00:42:59.0593 2616 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:42:59.0593 2616 NdisWan - ok
00:42:59.0640 2616 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:42:59.0640 2616 NDProxy - ok
00:42:59.0640 2616 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:42:59.0640 2616 NetBIOS - ok
00:42:59.0656 2616 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:42:59.0656 2616 NetBT - ok
00:42:59.0703 2616 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
00:42:59.0703 2616 NetDDE - ok
00:42:59.0703 2616 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:42:59.0718 2616 NetDDEdsdm - ok
00:42:59.0750 2616 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:42:59.0750 2616 Netlogon - ok
00:42:59.0765 2616 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
00:42:59.0781 2616 Netman - ok
00:42:59.0812 2616 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:42:59.0828 2616 NetTcpPortSharing - ok
00:42:59.0875 2616 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:42:59.0875 2616 NIC1394 - ok
00:42:59.0906 2616 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
00:42:59.0906 2616 Nla - ok
00:42:59.0921 2616 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:42:59.0921 2616 Npfs - ok
00:42:59.0937 2616 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:42:59.0953 2616 Ntfs - ok
00:42:59.0968 2616 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:42:59.0968 2616 NtLmSsp - ok
00:43:00.0015 2616 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:43:00.0015 2616 NtmsSvc - ok
00:43:00.0031 2616 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:43:00.0031 2616 Null - ok
00:43:00.0375 2616 [ 77F427E51479C66C09F967D15B639B37 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:43:00.0453 2616 nv - ok
00:43:00.0531 2616 [ 143F50273CFB6D970F06A1C2D7FBBF78 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
00:43:00.0531 2616 NVSvc - ok
00:43:00.0578 2616 [ 601DC32F8028315848304BFA47F4B5E5 ] NWADI C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
00:43:00.0578 2616 NWADI - ok
00:43:00.0625 2616 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:43:00.0625 2616 NwlnkFlt - ok
00:43:00.0640 2616 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:43:00.0640 2616 NwlnkFwd - ok
00:43:00.0671 2616 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:43:00.0687 2616 ohci1394 - ok
00:43:00.0718 2616 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:43:00.0718 2616 ose - ok
00:43:00.0937 2616 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:43:00.0968 2616 osppsvc - ok
00:43:01.0015 2616 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
00:43:01.0015 2616 Parport - ok
00:43:01.0046 2616 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:43:01.0046 2616 PartMgr - ok
00:43:01.0093 2616 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:43:01.0093 2616 ParVdm - ok
00:43:01.0171 2616 [ 39B9DCD7040654C2E57D7396736C718E ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
00:43:01.0171 2616 PassThru Service - ok
00:43:01.0171 2616 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:43:01.0171 2616 PCI - ok
00:43:01.0187 2616 PCIDump - ok
00:43:01.0218 2616 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:43:01.0218 2616 PCIIde - ok
00:43:01.0250 2616 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
00:43:01.0250 2616 Pcmcia - ok
00:43:01.0250 2616 PDCOMP - ok
00:43:01.0265 2616 PDFRAME - ok
00:43:01.0265 2616 PDRELI - ok
00:43:01.0281 2616 PDRFRAME - ok
00:43:01.0296 2616 perc2 - ok
00:43:01.0296 2616 perc2hib - ok
00:43:01.0328 2616 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
00:43:01.0328 2616 PlugPlay - ok
00:43:01.0375 2616 [ 2E3394C8EBF31A9B4F0A531EB5CC7BC7 ] Point32 C:\WINDOWS\system32\DRIVERS\point32.sys
00:43:01.0375 2616 Point32 - ok
00:43:01.0390 2616 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:43:01.0390 2616 PolicyAgent - ok
00:43:01.0437 2616 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:43:01.0453 2616 PptpMiniport - ok
00:43:01.0453 2616 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:43:01.0453 2616 ProtectedStorage - ok
00:43:01.0468 2616 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:43:01.0468 2616 PSched - ok
00:43:01.0500 2616 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:43:01.0500 2616 Ptilink - ok
00:43:01.0546 2616 [ 30CBAE0A34359F1CD19D1576245149ED ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:43:01.0562 2616 PxHelp20 - ok
00:43:01.0562 2616 ql1080 - ok
00:43:01.0562 2616 Ql10wnt - ok
00:43:01.0578 2616 ql12160 - ok
00:43:01.0578 2616 ql1240 - ok
00:43:01.0578 2616 ql1280 - ok
00:43:01.0687 2616 [ 9054C4B91761773F0EFA59BED70C54B6 ] RapportCerberus_42020 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_42020.sys
00:43:01.0687 2616 RapportCerberus_42020 - ok
00:43:01.0796 2616 [ 2986121F03420EE5EE808B92CAC0E4AF ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
00:43:01.0812 2616 RapportEI - ok
00:43:01.0875 2616 [ 35199EC35EDC7DCBA71FDA711DFB05C0 ] RapportIaso c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys
00:43:01.0875 2616 RapportIaso - ok
00:43:01.0906 2616 [ C27596B51039A1DC4A572796E681B534 ] RapportKELL C:\WINDOWS\system32\Drivers\RapportKELL.sys
00:43:01.0906 2616 RapportKELL - ok
00:43:01.0953 2616 [ CED99B16C8C7ACB45BACE79B8B8E23AB ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
00:43:01.0968 2616 RapportMgmtService - ok
00:43:02.0015 2616 [ F7482C0AA64C2ADC3A96A643AA48E6D1 ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
00:43:02.0015 2616 RapportPG - ok
00:43:02.0078 2616 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:43:02.0078 2616 RasAcd - ok
00:43:02.0109 2616 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:43:02.0109 2616 RasAuto - ok
00:43:02.0156 2616 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:43:02.0156 2616 Rasl2tp - ok
00:43:02.0187 2616 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:43:02.0203 2616 RasMan - ok
00:43:02.0218 2616 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:43:02.0218 2616 RasPppoe - ok
00:43:02.0234 2616 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:43:02.0234 2616 Raspti - ok
00:43:02.0250 2616 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:43:02.0250 2616 Rdbss - ok
00:43:02.0265 2616 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:43:02.0265 2616 RDPCDD - ok
00:43:02.0281 2616 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:43:02.0281 2616 rdpdr - ok
00:43:02.0328 2616 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:43:02.0328 2616 RDPWD - ok
00:43:02.0375 2616 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:43:02.0375 2616 RDSessMgr - ok
00:43:02.0421 2616 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:43:02.0421 2616 redbook - ok
00:43:02.0453 2616 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:43:02.0468 2616 RemoteAccess - ok
00:43:02.0500 2616 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:43:02.0500 2616 RemoteRegistry - ok
00:43:02.0531 2616 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
00:43:02.0531 2616 RFCOMM - ok
00:43:02.0546 2616 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
00:43:02.0546 2616 RpcLocator - ok
00:43:02.0593 2616 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:43:02.0593 2616 RpcSs - ok
00:43:02.0640 2616 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:43:02.0656 2616 RSVP - ok
00:43:02.0656 2616 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
00:43:02.0671 2616 SamSs - ok
00:43:02.0734 2616 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:43:02.0734 2616 SASDIFSV - ok
00:43:02.0750 2616 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:43:02.0765 2616 SASKUTIL - ok
00:43:02.0796 2616 [ 5387EAE86FB5F6B72052F5273BDD3E86 ] SavRoam C:\Program Files\Symantec AntiVirus\SavRoam.exe
00:43:02.0796 2616 SavRoam - ok
00:43:02.0812 2616 [ 12B6E269EF8AC8EA36122544C8A1B6D8 ] SAVRT C:\Program Files\Symantec AntiVirus\savrt.sys
00:43:02.0828 2616 SAVRT - ok
00:43:02.0859 2616 [ 97E5B6F3F95465E1F59360B59D8EC64E ] SAVRTPEL C:\Program Files\Symantec AntiVirus\Savrtpel.sys
00:43:02.0859 2616 SAVRTPEL - ok
00:43:02.0890 2616 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:43:02.0906 2616 SCardSvr - ok
00:43:02.0953 2616 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:43:02.0953 2616 Schedule - ok
00:43:03.0000 2616 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:43:03.0000 2616 Secdrv - ok
00:43:03.0015 2616 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:43:03.0015 2616 seclogon - ok
00:43:03.0031 2616 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
00:43:03.0046 2616 SENS - ok
00:43:03.0078 2616 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
00:43:03.0078 2616 serenum - ok
00:43:03.0093 2616 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
00:43:03.0093 2616 Serial - ok
00:43:03.0125 2616 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:43:03.0125 2616 Sfloppy - ok
00:43:03.0171 2616 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:43:03.0171 2616 SharedAccess - ok
00:43:03.0187 2616 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:43:03.0203 2616 ShellHWDetection - ok
00:43:03.0203 2616 Simbad - ok
00:43:03.0218 2616 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
00:43:03.0218 2616 SLIP - ok
00:43:03.0265 2616 [ A16722715D3206AB7E1A6463CE0B747E ] SNDSrvc C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
00:43:03.0265 2616 SNDSrvc - ok
00:43:03.0312 2616 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
00:43:03.0312 2616 SONYPVU1 - ok
00:43:03.0312 2616 Sparrow - ok
00:43:03.0390 2616 [ EF9760A364D836A0CE6149EBDF71524D ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
00:43:03.0390 2616 SPBBCDrv - ok
00:43:03.0453 2616 [ 0A6BCAB3BB4AD9D25E833FB3F840CAE0 ] SPBBCSvc C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
00:43:03.0468 2616 SPBBCSvc - ok
00:43:03.0500 2616 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:43:03.0500 2616 splitter - ok
00:43:03.0546 2616 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:43:03.0546 2616 Spooler - ok
00:43:03.0593 2616 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:43:03.0593 2616 sr - ok
00:43:03.0640 2616 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
00:43:03.0640 2616 srservice - ok
00:43:03.0687 2616 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:43:03.0703 2616 Srv - ok
00:43:03.0734 2616 [ D7968049BE0ADBB6A57CEE3960320911 ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
00:43:03.0734 2616 sscdbhk5 - ok
00:43:03.0750 2616 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:43:03.0750 2616 SSDPSRV - ok
00:43:03.0765 2616 [ C3FFD65ABFB6441E7606CF74F1155273 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
00:43:03.0765 2616 ssrtln - ok
00:43:03.0843 2616 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
00:43:03.0859 2616 STHDA - ok
00:43:03.0906 2616 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:43:03.0921 2616 stisvc - ok
00:43:03.0937 2616 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
00:43:03.0937 2616 streamip - ok
00:43:03.0984 2616 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:43:03.0984 2616 swenum - ok
00:43:04.0093 2616 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
00:43:04.0093 2616 SwitchBoard - ok
00:43:04.0140 2616 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:43:04.0140 2616 swmidi - ok
00:43:04.0140 2616 SwPrv - ok
00:43:04.0250 2616 [ 0023CC5610B9C48CF68571DEE4C686FC ] Symantec AntiVirus C:\Program Files\Symantec AntiVirus\Rtvscan.exe
00:43:04.0265 2616 Symantec AntiVirus - ok
00:43:04.0281 2616 symc810 - ok
00:43:04.0281 2616 symc8xx - ok
00:43:04.0312 2616 [ 49B20B430A4F219173F823536944474A ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
00:43:04.0312 2616 SymEvent - ok
00:43:04.0328 2616 [ 626F733BE7F951116C5C0804B068666C ] SYMREDRV C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
00:43:04.0328 2616 SYMREDRV - ok
00:43:04.0375 2616 [ CB7CC4DDBE09E224D4CD876760BA982C ] SYMTDI C:\WINDOWS\System32\Drivers\SYMTDI.SYS
00:43:04.0375 2616 SYMTDI - ok
00:43:04.0390 2616 sym_hi - ok
00:43:04.0390 2616 sym_u3 - ok
00:43:04.0421 2616 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:43:04.0437 2616 sysaudio - ok
00:43:04.0484 2616 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:43:04.0484 2616 SysmonLog - ok
00:43:04.0515 2616 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:43:04.0515 2616 TapiSrv - ok
00:43:04.0562 2616 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:43:04.0578 2616 Tcpip - ok
00:43:04.0578 2616 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:43:04.0578 2616 TDPIPE - ok
00:43:04.0593 2616 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:43:04.0593 2616 TDTCP - ok
00:43:04.0609 2616 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:43:04.0625 2616 TermDD - ok
00:43:04.0640 2616 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
00:43:04.0656 2616 TermService - ok
00:43:04.0734 2616 [ 1D265CD2FB1673A0873BF8CEC19DDC7F ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
00:43:04.0734 2616 tfsnboio - ok
00:43:04.0750 2616 [ 62E4901295E0467CAC78E5B4B131AE5C ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
00:43:04.0750 2616 tfsncofs - ok
00:43:04.0750 2616 [ A2F380F9252AB3464C859ADF91EEAD9C ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
00:43:04.0750 2616 tfsndrct - ok
00:43:04.0765 2616 [ EEE79BBEFE9C6A2A3CE6C8753CFEA950 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
00:43:04.0765 2616 tfsndres - ok
00:43:04.0796 2616 [ 9D644EB11FEC9487450C4CFCD63A5DF4 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
00:43:04.0796 2616 tfsnifs - ok
00:43:04.0812 2616 [ E656AF05C67EDB7C0E9230A5DF71ED1B ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
00:43:04.0812 2616 tfsnopio - ok
00:43:04.0828 2616 [ 64FCCB9CCE703CA507DFFC3CEBF6B2CB ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
00:43:04.0828 2616 tfsnpool - ok
00:43:04.0828 2616 [ 48BC9D8AB4E4B9BFF70FB18E55CEC3D6 ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
00:43:04.0843 2616 tfsnudf - ok
00:43:04.0875 2616 [ 79F60822224256B49BFC855DA8D651D5 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
00:43:04.0875 2616 tfsnudfa - ok
00:43:04.0906 2616 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
00:43:04.0906 2616 Themes - ok
00:43:04.0953 2616 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
00:43:04.0968 2616 TlntSvr - ok
00:43:05.0000 2616 [ E362D54FD394999C4178936396664E57 ] toshidpt C:\WINDOWS\system32\drivers\Toshidpt.sys
00:43:05.0000 2616 toshidpt - ok
00:43:05.0015 2616 TosIde - ok
00:43:05.0031 2616 [ 0470BF2D5F49FF98464AC2C838E6A080 ] tosporte C:\WINDOWS\system32\DRIVERS\tosporte.sys
00:43:05.0031 2616 tosporte - ok
00:43:05.0046 2616 [ 077869082A635E8FF2C205DC95C78775 ] Tosrfbd C:\WINDOWS\system32\Drivers\tosrfbd.sys
00:43:05.0046 2616 Tosrfbd - ok
00:43:05.0062 2616 [ 613E09572F4C5B92CA6BE8BDC4CC5B7D ] Tosrfbnp C:\WINDOWS\system32\Drivers\tosrfbnp.sys
00:43:05.0062 2616 Tosrfbnp - ok
00:43:05.0078 2616 [ 5BA1CA3B3CDDB1DDC67DF473F05D1EC2 ] Tosrfcom C:\WINDOWS\system32\Drivers\tosrfcom.sys
00:43:05.0078 2616 Tosrfcom - ok
00:43:05.0093 2616 [ F4E4795528D17FF8D1D6D98EBBB92655 ] Tosrfhid C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
00:43:05.0093 2616 Tosrfhid - ok
00:43:05.0109 2616 [ C52FD27B9ADF3A1F22CB90E6BCF9B0CB ] tosrfnds C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
00:43:05.0109 2616 tosrfnds - ok
00:43:05.0125 2616 [ B5518ADB2B0029FF95D22E8E7336F49F ] TosRfSnd C:\WINDOWS\system32\drivers\TosRfSnd.sys
00:43:05.0125 2616 TosRfSnd - ok
00:43:05.0140 2616 [ AC2123E788230C712D0919ED0FEC9DDD ] Tosrfusb C:\WINDOWS\system32\Drivers\tosrfusb.sys
00:43:05.0140 2616 Tosrfusb - ok
00:43:05.0187 2616 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:43:05.0187 2616 TrkWks - ok
00:43:05.0234 2616 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:43:05.0234 2616 Udfs - ok
00:43:05.0250 2616 UIUSys - ok
00:43:05.0250 2616 ultra - ok
00:43:05.0343 2616 [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
00:43:05.0343 2616 UMVPFSrv - ok
00:43:05.0390 2616 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:43:05.0406 2616 Update - ok
00:43:05.0421 2616 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:43:05.0437 2616 upnphost - ok
00:43:05.0453 2616 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
00:43:05.0453 2616 UPS - ok
00:43:05.0500 2616 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:43:05.0500 2616 USBAAPL - ok
00:43:05.0546 2616 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
00:43:05.0546 2616 usbaudio - ok
00:43:05.0578 2616 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:43:05.0578 2616 usbccgp - ok
00:43:05.0625 2616 [ 6B5E4D5E6E5ECD6ACD14AED59768CE5C ] USBCCID C:\WINDOWS\system32\DRIVERS\usbccid.sys
00:43:05.0625 2616 USBCCID - ok
00:43:05.0640 2616 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:43:05.0640 2616 usbehci - ok
00:43:05.0687 2616 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:43:05.0687 2616 usbhub - ok
00:43:05.0718 2616 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:43:05.0718 2616 usbprint - ok
00:43:05.0734 2616 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:43:05.0734 2616 usbscan - ok
00:43:05.0750 2616 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:43:05.0750 2616 USBSTOR - ok
00:43:05.0765 2616 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:43:05.0765 2616 usbuhci - ok
00:43:05.0781 2616 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
00:43:05.0781 2616 usbvideo - ok
00:43:05.0796 2616 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
00:43:05.0796 2616 usb_rndisx - ok
00:43:05.0812 2616 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:43:05.0812 2616 VgaSave - ok
00:43:05.0812 2616 ViaIde - ok
00:43:05.0921 2616 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:43:05.0921 2616 VolSnap - ok
00:43:05.0968 2616 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
00:43:05.0984 2616 VSS - ok
00:43:06.0000 2616 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
00:43:06.0015 2616 W32Time - ok
00:43:06.0062 2616 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:43:06.0062 2616 Wanarp - ok
00:43:06.0125 2616 [ 4769596D7CC0F5FA447D2BABC239672A ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
00:43:06.0125 2616 Wdf01000 - ok
00:43:06.0125 2616 WDICA - ok
00:43:06.0156 2616 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:43:06.0156 2616 wdmaud - ok
00:43:06.0171 2616 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
00:43:06.0171 2616 WebClient - ok
00:43:06.0218 2616 [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
00:43:06.0218 2616 winachsf - ok
00:43:06.0296 2616 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:43:06.0312 2616 winmgmt - ok
00:43:06.0375 2616 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
00:43:06.0406 2616 WinRM - ok
00:43:06.0406 2616 wltrysvc - ok
00:43:06.0453 2616 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
00:43:06.0453 2616 WmdmPmSN - ok
00:43:06.0515 2616 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:43:06.0515 2616 Wmi - ok
00:43:06.0562 2616 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
00:43:06.0562 2616 WmiAcpi - ok
00:43:06.0609 2616 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:43:06.0609 2616 WmiApSrv - ok
00:43:06.0718 2616 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
00:43:06.0734 2616 WMPNetworkSvc - ok
00:43:06.0781 2616 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
00:43:06.0781 2616 WpdUsb - ok
00:43:06.0921 2616 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
00:43:06.0937 2616 WPFFontCache_v0400 - ok
00:43:06.0968 2616 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:43:06.0968 2616 WS2IFSL - ok
00:43:07.0000 2616 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:43:07.0015 2616 wscsvc - ok
00:43:07.0031 2616 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
00:43:07.0046 2616 WSTCODEC - ok
00:43:07.0046 2616 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:43:07.0062 2616 wuauserv - ok
00:43:07.0093 2616 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:43:07.0109 2616 WudfPf - ok
00:43:07.0125 2616 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:43:07.0125 2616 WudfRd - ok
00:43:07.0140 2616 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:43:07.0140 2616 WudfSvc - ok
00:43:07.0203 2616 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:43:07.0218 2616 WZCSVC - ok
00:43:07.0234 2616 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:43:07.0250 2616 xmlprov - ok
00:43:07.0265 2616 ================ Scan global ===============================
00:43:07.0296 2616 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
00:43:07.0359 2616 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:43:07.0375 2616 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
00:43:07.0390 2616 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
00:43:07.0390 2616 [Global] - ok
00:43:07.0390 2616 ================ Scan MBR ==================================
00:43:07.0421 2616 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:43:07.0671 2616 \Device\Harddisk0\DR0 - ok
00:43:07.0671 2616 ================ Scan VBR ==================================
00:43:07.0671 2616 [ ED45FDC279782C87B9CFD06AD068EF6D ] \Device\Harddisk0\DR0\Partition1
00:43:07.0671 2616 \Device\Harddisk0\DR0\Partition1 - ok
00:43:07.0671 2616 ============================================================
00:43:07.0671 2616 Scan finished
00:43:07.0671 2616 ============================================================
00:43:07.0687 4428 Detected object count: 0
00:43:07.0687 4428 Actual detected object count: 0

#8 miss0033

miss0033
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 31 August 2012 - 01:50 AM

aswMBR is currently running, but twice I have had a "Trojan.Gen.2" warning pop up in symantec while it was running. I am heading to bed and will post the 2nd log in the morning.

thanks

#9 miss0033

miss0033
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 31 August 2012 - 01:51 AM

haha, as i write that it finishes...

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-25 17:12:42
-----------------------------
17:12:42.296 OS Version: Windows 5.1.2600 Service Pack 3
17:12:42.296 Number of processors: 2 586 0xF06
17:12:42.296 ComputerName: DATALINK-330563 UserName: Neil Missling
17:12:43.343 Initialize success
17:15:50.093 AVAST engine defs: 12082501
17:16:10.015 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
17:16:10.015 Disk 0 Vendor: Hitachi_HTS721080G9SA00 MC4OC10H Size: 76319MB BusType: 3
17:16:10.046 Disk 0 MBR read successfully
17:16:10.062 Disk 0 MBR scan
17:16:10.125 Disk 0 Windows XP default MBR code
17:16:10.125 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 63
17:16:10.140 Disk 0 scanning sectors +156296385
17:16:10.218 Disk 0 scanning C:\WINDOWS\system32\drivers
17:16:33.109 Service scanning
17:17:24.515 Modules scanning
17:17:37.250 Disk 0 trace - called modules:
17:17:37.281 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
17:17:37.281 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ae06ab8]
17:17:37.296 3 CLASSPNP.SYS[ba118fd7] -> nt!IofCallDriver -> \Device\00000090[0x8ae50480]
17:17:37.296 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8ae0dd98]
17:17:38.046 AVAST engine scan C:\WINDOWS
17:17:46.906 AVAST engine scan C:\WINDOWS\system32
17:24:19.359 AVAST engine scan C:\WINDOWS\system32\drivers
17:24:44.781 AVAST engine scan C:\Documents and Settings\Neil Missling
17:32:59.328 File: C:\Documents and Settings\Neil Missling\Application Data\wunar.dll **INFECTED** Win32:Medfos [Trj]
17:39:01.250 File: C:\Documents and Settings\Neil Missling\Local Settings\Application Data\{258e84d6-d5ff-2e1a-e675-23f58559a827}\n **INFECTED** Win32:Sirefef-AIQ [Rtk]
17:45:41.015 AVAST engine scan C:\Documents and Settings\All Users
18:10:35.890 Scan finished successfully
19:13:07.593 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Neil Missling\Desktop\MBR.dat"
19:13:07.625 The log file has been saved successfully to "C:\Documents and Settings\Neil Missling\Desktop\aswMBR log.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-31 00:44:03
-----------------------------
00:44:03.000 OS Version: Windows 5.1.2600 Service Pack 3
00:44:03.000 Number of processors: 2 586 0xF06
00:44:03.015 ComputerName: DATALINK-330563 UserName: Neil Missling
00:44:04.125 Initialize success
00:51:21.421 AVAST engine defs: 12083001
00:51:36.062 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
00:51:36.062 Disk 0 Vendor: Hitachi_HTS721080G9SA00 MC4OC10H Size: 76319MB BusType: 3
00:51:36.093 Disk 0 MBR read successfully
00:51:36.093 Disk 0 MBR scan
00:51:36.140 Disk 0 Windows XP default MBR code
00:51:36.140 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76316 MB offset 63
00:51:36.156 Disk 0 scanning sectors +156296385
00:51:36.265 Disk 0 scanning C:\WINDOWS\system32\drivers
00:51:53.609 Service scanning
00:52:32.015 Modules scanning
00:52:44.812 Disk 0 trace - called modules:
00:52:44.828 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
00:52:44.828 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a4f6030]
00:52:45.171 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\00000092[0x8a4dbf18]
00:52:45.171 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a4fbd98]
00:52:45.937 AVAST engine scan C:\WINDOWS
00:53:00.593 AVAST engine scan C:\WINDOWS\system32
01:00:30.328 AVAST engine scan C:\WINDOWS\system32\drivers
01:00:56.437 AVAST engine scan C:\Documents and Settings\Neil Missling
01:23:09.625 AVAST engine scan C:\Documents and Settings\All Users
01:48:39.250 Scan finished successfully
01:51:08.765 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Neil Missling\Desktop\MBR.dat"
01:51:08.843 The log file has been saved successfully to "C:\Documents and Settings\Neil Missling\Desktop\aswMBR log.txt"

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:13 AM

Posted 31 August 2012 - 05:24 AM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Folder::
C:\Documents and Settings\Neil Missling\Local Settings\Application Data\{258e84d6-d5ff-2e1a-e675-23f58559a827}

File::
C:\Documents and Settings\Neil Missling\Application Data\wunar.dll

DDS::
uStart Page = hxxp://home.jzip.com

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 miss0033

miss0033
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 02 September 2012 - 10:21 AM

Here is the combo fix Log:

ComboFix 12-08-31.08 - Neil Missling 09/02/2012 1:17.2.2 - x86
Running from: c:\documents and settings\Neil Missling\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Neil Missling\Desktop\CFScript.txt
* Created a new restore point
.
FILE ::
"c:\documents and settings\Neil Missling\Application Data\wunar.dll"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Neil Missling\Local Settings\Application Data\{258e84d6-d5ff-2e1a-e675-23f58559a827}
c:\documents and settings\Neil Missling\Local Settings\Application Data\{258e84d6-d5ff-2e1a-e675-23f58559a827}\@
.
.
((((((((((((((((((((((((( Files Created from 2012-08-02 to 2012-09-02 )))))))))))))))))))))))))))))))
.
.
2012-08-31 06:04 . 2012-08-31 06:04 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE
2012-08-31 06:04 . 2012-08-31 06:04 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache
2012-08-31 06:04 . 2012-08-31 06:04 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Trusteer
2012-08-30 05:11 . 2008-04-14 00:12 50176 -c--a-w- c:\windows\system32\dllcache\proquota.exe
2012-08-30 05:11 . 2008-04-14 00:12 50176 ----a-w- c:\windows\system32\proquota.exe
2012-08-26 04:33 . 2007-11-17 08:03 356352 ----a-w- c:\windows\system32\nvudisp.exe
2012-08-26 04:32 . 2007-11-16 19:37 356352 ----a-w- c:\windows\system32\NVUNINST.EXE
2012-08-26 04:18 . 2012-08-26 04:18 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA
2012-08-26 00:14 . 2012-08-26 00:14 -------- d-----w- c:\program files\ESET
2012-08-24 05:25 . 2012-08-24 05:25 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERSetup
2012-08-24 05:20 . 2012-08-24 05:25 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-08-24 05:20 . 2012-08-24 05:20 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-08-23 21:20 . 2012-08-23 21:20 65816 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2012-08-18 03:26 . 2012-08-18 03:26 -------- d-----w- c:\program files\MyPublisher
2012-08-18 03:26 . 2012-08-18 03:26 -------- d-----w- c:\documents and settings\Neil Missling\Application Data\MyPublisher
2012-08-16 05:59 . 2012-08-16 05:59 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-17 00:25 . 2012-04-03 01:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-17 00:25 . 2011-05-31 12:41 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2004-08-04 10:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2007-12-30 05:11 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 18:46 . 2010-03-10 21:06 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 13:40 . 2004-08-04 10:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49 . 2006-03-04 03:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2004-08-04 10:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49 . 2004-08-04 10:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-04 10:00 385024 ----a-w- c:\windows\system32\html.iec
2012-06-25 21:04 . 2012-06-25 21:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-06 13:49 . 2012-06-06 13:49 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50 . 2007-05-15 21:43 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-04 10:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2009-06-19 20:41 . 2009-06-19 20:41 422 ----a-w- c:\program files\mpc5.reg
2009-06-19 20:41 . 2009-06-19 20:41 770 ----a-w- c:\program files\ffdssetts.reg
2009-06-19 20:41 . 2009-06-19 20:41 33670 ----a-w- c:\program files\ffdsvsetts.reg
2009-06-19 20:41 . 2009-06-19 20:41 1274 ----a-w- c:\program files\ffdsasetts.reg
2012-07-22 14:50 . 2012-02-26 20:58 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-30_05.16.45 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-31 03:01 . 2012-08-31 03:01 16384 c:\windows\Temp\Perflib_Perfdata_884.dat
+ 2012-08-30 05:58 . 2012-08-30 05:58 57344 c:\windows\Installer\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}\ARPPRODUCTICON.exe
+ 2012-08-30 05:58 . 2012-08-30 05:58 677888 c:\windows\Installer\2506bc.msi
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"i8kfangui"="c:\program files\I8kfanGUI\I8kfanGUI.exe" [2006-11-30 847872]
"Akamai NetSession Interface"="c:\documents and settings\Neil Missling\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-08-10 4440896]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2012-05-28 288128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2009-10-07 2498560]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"vptray"="c:\progra~1\SYMANT~1\VPTray.exe" [2007-03-15 125632]
"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]
"NVHotkey"="nvHotkey.dll" [2007-11-17 86016]
"LWS"="c:\program files\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-02 190808]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-08-13 122939]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-11-21 52840]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-11-05 1468256]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-01-17 274608]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-05-31 446392]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-11-17 8495104]
"nwiz"="nwiz.exe" [2007-11-17 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-11-17 81920]
"HTC Sync Loader"="c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" [2012-04-17 651264]
.
c:\documents and settings\Neil Missling\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Neil Missling\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2005-11-18 1724416]
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2008-12-28 24576]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^Neil Missling^Start Menu^Programs^Startup^NHL® 09 Registration.lnk]
backup=c:\windows\pss\NHL® 09 Registration.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Neil Missling^Start Menu^Programs^Startup^RollerCoaster Tycoon 3 Registration.lnk]
backup=c:\windows\pss\RollerCoaster Tycoon 3 Registration.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Documents and Settings\\Neil Missling\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 mi-raysat_VIZ2008_32;mental ray 3.5 Satellite for Autodesk VIZ 2008;c:\program files\Autodesk\VIZ2008\mentalray\satellite\raysat_VIZ2008_32server.exe [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 RapportKELL;RapportKELL;c:\windows\system32\Drivers\RapportKELL.sys [x]
R3 RapportPG;RapportPG;c:\program files\Trusteer\Rapport\bin\RapportPG.sys [x]
R3 SavRoam;SavRoam;c:\program files\Symantec AntiVirus\SavRoam.exe [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S1 fanio;FanIO driver;c:\windows\system32\drivers\fanio.sys [x]
S1 RapportCerberus_42020;RapportCerberus_42020;c:\documents and settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_42020.sys [x]
S1 RapportEI;RapportEI;c:\program files\Trusteer\Rapport\bin\RapportEI.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]
S2 ASFIPmon;Broadcom ASF IP Monitor;c:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [x]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 RapportMgmtService;Rapport Management Service;c:\program files\Trusteer\Rapport\bin\RapportMgmtService.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
S3 RapportIaso;RapportIaso;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\rapportiaso.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 03657254
*Deregistered* - 03657254
*Deregistered* - aswMBR
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-27 c:\windows\Tasks\AdobeAAMUpdater-1.0-DATALINK-330563-Neil Missling.job
- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-05-31 11:08]
.
2012-08-26 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 17:34]
.
2012-08-30 c:\windows\Tasks\ASC5_AutoClean.job
- c:\program files\IObit\Advanced SystemCare 5\AutoSweep.exe [2012-02-21 15:45]
.
2012-08-28 c:\windows\Tasks\ASC5_AutoUpdate.job
- c:\program files\IObit\Advanced SystemCare 5\AutoUpdate.exe [2012-02-21 23:21]
.
2012-09-02 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-19 23:31]
.
2012-08-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd646689bf3024.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-03-10 00:09]
.
2012-09-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-179605362-725345543-1003Core1cc6e83a7c4f5a9.job
- c:\documents and settings\Neil Missling\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2010-05-21 19:37]
.
2011-06-23 c:\windows\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job
- c:\program files\Microsoft IntelliPoint\ipoint.exe [2009-11-05 20:35]
.
2012-09-02 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-861567501-179605362-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 17:33]
.
2012-09-02 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-861567501-179605362-725345543-1003.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2010-11-05 17:33]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{D04E97E9-F527-45EA-9CEE-31A0649F56CF}: NameServer = 128.107.241.185,192.135.250.69
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
FF - ProfilePath - c:\documents and settings\Neil Missling\Application Data\Mozilla\Firefox\Profiles\a8qruj9p.default\
FF - prefs.js: network.proxy.type - 0
# Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/
FF - user.js: accessibility.typeaheadfind.flashBar - 0
FF - user.js: app.update.backgroundErrors - 1
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1345523094
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1345523214
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1345522968
FF - user.js: app.update.lastUpdateTime.microsummary-generator-update-timer - 1313709190
FF - user.js: app.update.lastUpdateTime.places-maintenance-timer - 1301118065
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1345500730
FF - user.js: browser.anchor_color - #0000FF
FF - user.js: browser.cache.disk.capacity - 1048576
FF - user.js: browser.cache.disk.smart_size.first_run - false
FF - user.js: browser.cache.disk.smart_size_cached_value - 337920
FF - user.js: browser.display.background_color - #C0C0C0
FF - user.js: browser.display.use_system_colors - true
FF - user.js: browser.download.lastDir - c:\\Documents and Settings\\Neil Missling\\Desktop\\Solar Umbrella
FF - user.js: browser.download.manager.alertOnEXEOpen - true
FF - user.js: browser.formfill.enable - false
FF - user.js: browser.migration.version - 6
FF - user.js: browser.places.smartBookmarksVersion - 4
FF - user.js: browser.preferences.advanced.selectedTabIndex - 2
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.shell.checkDefaultBrowser - false
FF - user.js: browser.startup.homepage_override.buildID - 20120713134347
FF - user.js: browser.startup.homepage_override.mstone - 14.0.1
FF - user.js: browser.syncPromoViewsLeft - 0
FF - user.js: browser.tabs.warnOnClose - false
FF - user.js: browser.visited_color - #800080
FF - user.js: extensions.blocklist.pingCountTotal - 322
FF - user.js: extensions.blocklist.pingCountVersion - 13
FF - user.js: extensions.bootstrappedAddons - {}
FF - user.js: extensions.databaseSchema - 12
FF - user.js: extensions.enabledAddons - {480F3922-D619-11E1-8270-B8AC6F996F26}:2.0.14,{972ce4c6-7e08-4474-a285-3208198ce6fd}:14.0.1
FF - user.js: extensions.enabledItems - jqs@sun.com:1.0,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16
FF - user.js: extensions.hotfix.lastVersion - 20120430.01
FF - user.js: extensions.installCache - [{\name\:\winreg-app-global\,\addons\:{\{ABDE892B-13A8-4d1b-88E6-365A6E755758}\:{\descriptor\:\c:\\\\Documents and Settings\\\\All Users\\\\Application Data\\\\Real\\\\RealPlayer\\\\BrowserRecordPlugin\\\\Firefox\\\\Ext\,\mtime\:1295230380609},\{20a82645-c095-46ed-80e3-08825760534b}\:{\descriptor\:\c:\\\\WINDOWS\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\Windows Presentation Foundation\\\\DotNetAssistantExtension\,\mtime\:1307672116031},\jqs@sun.com\:{\descriptor\:\c:\\\\Program Files\\\\Java\\\\jre6\\\\lib\\\\deploy\\\\jqs\\\\ff\,\mtime\:1295303489156}}},{\name\:\app-global\,\addons\:{\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\:{\descriptor\:\c:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\,\mtime\:1310512937787},\{972ce4c6-7e08-4474-a285-3208198ce6fd}\:{\descriptor\:\c:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\,\mtime\:1342968650390}}},{\name\:\winreg-app-user\,\addons\:{\{480F3922-D619-11E1-8270-B8AC6F996F26}\:{\descriptor\:\c:\\\\Documents and Settings\\\\Neil Missling\\\\Local Settings\\\\Application Data\\\\{480F3922-D619-11E1-8270-B8AC6F996F26}\,\mtime\:1343193991390}}}]
FF - user.js: extensions.lastAppVersion - 14.0.1
FF - user.js: extensions.lastPlatformVersion - 14.0.1
FF - user.js: extensions.pendingOperations - false
FF - user.js: extensions.shownSelectionUI - true
FF - user.js: extensions.update.notifyUser - false
FF - user.js: gfx.blacklist.suggested-driver-version - 257.21
FF - user.js: idle.lastDailyNotification - 1345437845
FF - user.js: intl.accept_languages - en-us
FF - user.js: intl.charsetmenu.browser.cache - UTF-8, ISO-8859-1, windows-1251, windows-1252, windows-1250
FF - user.js: network.cookie.cookieBehavior - 1
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: network.proxy.no_proxies_on - *.local
FF - user.js: network.proxy.type - 0
FF - user.js: places.database.lastMaintenance - 1344834335
FF - user.js: places.history.expiration.transient_current_max_pages - 43571
FF - user.js: places.history.expiration.transient_optimal_database_size - 139504516
FF - user.js: places.last_vacuum - 1300765538
FF - user.js: print.print_printer - Send To OneNote 2010
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_bgcolor - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_bgimages - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_command -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_downloadfonts - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_bottom - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_left - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_right - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_edge_top - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_evenpages - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_footercenter -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_footerleft - &PT
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_footerright - &D
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_headercenter -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_headerleft - &T
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_headerright - &U
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_in_color - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_bottom - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_left - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_right - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_margin_top - 0.5
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_oddpages - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_orientation - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_pagedelay - 500
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_data - 1
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_height - 11.00
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_size_type - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_size_unit - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_paper_width - 8.50
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_reversed - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_scaling - 1.00
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_shrink_to_fit - true
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_to_file - false
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_to_filename -
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_bottom - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_left - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_right - 0
FF - user.js: print.printer_Dell_Photo_AIO_Printer_924.print_unwriteable_margin_top - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_bgcolor - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_bgimages - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_command -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_downloadfonts - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_bottom - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_left - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_right - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_edge_top - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_evenpages - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_footercenter -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_footerleft - &PT
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_footerright - &D
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_headercenter -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_headerleft - &T
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_headerright - &U
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_in_color - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_bottom - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_left - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_right - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_margin_top - 0.5
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_oddpages - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_orientation - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_page_delay - 50
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_data - 1
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_height - 11.00
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_size_type - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_size_unit - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_paper_width - 8.50
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_reversed - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_scaling - 1.00
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_shrink_to_fit - true
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_to_file - false
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_to_filename -
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_bottom - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_left - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_right - 0
FF - user.js: print.printer_Microsoft_XPS_Document_Writer.print_unwriteable_margin_top - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_bgcolor - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_bgimages - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_command -
FF - user.js: print.printer_Send_To_OneNote_2010.print_downloadfonts - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_bottom - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_left - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_right - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_edge_top - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_evenpages - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_footercenter -
FF - user.js: print.printer_Send_To_OneNote_2010.print_footerleft - &PT
FF - user.js: print.printer_Send_To_OneNote_2010.print_footerright - &D
FF - user.js: print.printer_Send_To_OneNote_2010.print_headercenter -
FF - user.js: print.printer_Send_To_OneNote_2010.print_headerleft - &T
FF - user.js: print.printer_Send_To_OneNote_2010.print_headerright - &U
FF - user.js: print.printer_Send_To_OneNote_2010.print_in_color - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_bottom - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_left - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_right - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_margin_top - 0.5
FF - user.js: print.printer_Send_To_OneNote_2010.print_oddpages - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_orientation - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_page_delay - 50
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_data - 1
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_height - 11.00
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_size_type - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_size_unit - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_paper_width - 8.50
FF - user.js: print.printer_Send_To_OneNote_2010.print_reversed - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_scaling - 1.00
FF - user.js: print.printer_Send_To_OneNote_2010.print_shrink_to_fit - true
FF - user.js: print.printer_Send_To_OneNote_2010.print_to_file - false
FF - user.js: print.printer_Send_To_OneNote_2010.print_to_filename -
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_bottom - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_left - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_right - 0
FF - user.js: print.printer_Send_To_OneNote_2010.print_unwriteable_margin_top - 0
FF - user.js: print_printer - WorkForce 610(Network)
FF - user.js: printer_WorkForce_610(Network).print_bgcolor - false
FF - user.js: printer_WorkForce_610(Network).print_bgimages - false
FF - user.js: printer_WorkForce_610(Network).print_colorspace -
FF - user.js: printer_WorkForce_610(Network).print_command -
FF - user.js: printer_WorkForce_610(Network).print_downloadfonts - false
FF - user.js: printer_WorkForce_610(Network).print_edge_bottom - 0
FF - user.js: printer_WorkForce_610(Network).print_edge_left - 0
FF - user.js: printer_WorkForce_610(Network).print_edge_right - 0
FF - user.js: printer_WorkForce_610(Network).print_edge_top - 0
FF - user.js: printer_WorkForce_610(Network).print_evenpages - true
FF - user.js: printer_WorkForce_610(Network).print_footercenter -
FF - user.js: printer_WorkForce_610(Network).print_footerleft - &PT
FF - user.js: printer_WorkForce_610(Network).print_footerright - &D
FF - user.js: printer_WorkForce_610(Network).print_headercenter -
FF - user.js: printer_WorkForce_610(Network).print_headerleft - &T
FF - user.js: printer_WorkForce_610(Network).print_headerright - &U
FF - user.js: printer_WorkForce_610(Network).print_in_color - true
FF - user.js: printer_WorkForce_610(Network).print_margin_bottom - 0.5
FF - user.js: printer_WorkForce_610(Network).print_margin_left - 0.5
FF - user.js: printer_WorkForce_610(Network).print_margin_right - 0.5
FF - user.js: printer_WorkForce_610(Network).print_margin_top - 0.5
FF - user.js: printer_WorkForce_610(Network).print_oddpages - true
FF - user.js: printer_WorkForce_610(Network).print_orientation - 0
FF - user.js: printer_WorkForce_610(Network).print_page_delay - 50
FF - user.js: printer_WorkForce_610(Network).print_paper_data - 1
FF - user.js: printer_WorkForce_610(Network).print_paper_height - 11.00
FF - user.js: printer_WorkForce_610(Network).print_paper_name -
FF - user.js: printer_WorkForce_610(Network).print_paper_size_type - 0
FF - user.js: printer_WorkForce_610(Network).print_paper_size_unit - 0
FF - user.js: printer_WorkForce_610(Network).print_paper_width - 8.50
FF - user.js: printer_WorkForce_610(Network).print_plex_name -
FF - user.js: printer_WorkForce_610(Network).print_resolution_name -
FF - user.js: printer_WorkForce_610(Network).print_reversed - false
FF - user.js: printer_WorkForce_610(Network).print_scaling - 1.00
FF - user.js: printer_WorkForce_610(Network).print_shrink_to_fit - true
FF - user.js: printer_WorkForce_610(Network).print_to_file - false
FF - user.js: printer_WorkForce_610(Network).print_to_filename -
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_bottom - 0
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_left - 0
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_right - 0
FF - user.js: printer_WorkForce_610(Network).print_unwriteable_margin_top - 0
FF - user.js: privacy.sanitize.migrateFx3Prefs - true
FF - user.js: privacy.sanitize.timeSpan - 0
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: services.sync.clients.lastSync - 0
FF - user.js: services.sync.clients.lastSyncLocal - 0
FF - user.js: services.sync.migrated - true
FF - user.js: services.sync.tabs.lastSync - 0
FF - user.js: services.sync.tabs.lastSyncLocal - 0
FF - user.js: storage.vacuum.last.index - 1
FF - user.js: storage.vacuum.last.places.sqlite - 1344834335
FF - user.js: toolkit.startup.last_success - 1345525275
FF - user.js: toolkit.telemetry.prompted - 2
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1346050481
FF - user.js: xpinstall.whitelist.add -
FF - user.js: xpinstall.whitelist.add.36 -
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-02 01:29
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-861567501-179605362-725345543-1003\Software\SecuROM\License information*]
"datasecu"=hex:4c,3c,d5,2f,ec,50,98,9f,f6,fe,06,be,67,2f,56,9f,2b,85,fd,aa,4f,
ef,9e,80,c4,98,e2,69,bf,48,ff,62,11,b9,e0,38,1f,65,43,86,ad,fa,35,21,74,ba,\
"rkeysecu"=hex:52,5e,50,e5,d8,17,83,75,f1,b6,2e,20,29,a2,e7,b6
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Print\Monitors\EpsonNet Print Port\Ports\EPDF38C6:WORKFORCE 610]
@DACL=(02 0000)
"ProtocolID"=dword:00000001
"PrinterAddress"="EPDF38C6"
"QueueName"="ENPQueue"
"PrinterAddressType"=dword:00000004
"IpAddress"="192.168.0.6"
"SubnetMask"=""
"MacAddress"="000048DF38C6"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1488)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
c:\windows\System32\BCMLogon.dll
c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80.DLL
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
.
Completion time: 2012-09-02 01:33:39
ComboFix-quarantined-files.txt 2012-09-02 06:33
ComboFix2.txt 2012-08-30 05:28
.
Pre-Run: 8,164,851,712 bytes free
Post-Run: 8,372,629,504 bytes free
.
- - End Of File - - ACB910D5BC71F532C5285A17E7791E1C

the computer seems to be running a touch slow, but not terrible. Also the Windows Security Center keeps popping up that I dont have any anti-vrius installed, when My symantec is installed and running... Not sure why it doesnt recognize it.

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:13 AM

Posted 02 September 2012 - 06:08 PM

Hello

I would like to see a report that combofix makes.

extra combofix report

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok

copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 miss0033

miss0033
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 02 September 2012 - 10:31 PM

Here is that report:

High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB960043)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
I8kfanGUI V3.0
Impatica for PowerPoint 4.0.2
iTunes
Java Auto Updater
Java™ 6 Update 29
jZip
LiveUpdate 3.1 (Symantec Corporation)
Logitech Webcam Software
Logitech Webcam Software Driver Package
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 7.1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 14
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MobileMe Control Panel
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSN
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6.0 Parser (KB933579)
NVIDIA Drivers
Octoshape Streaming Services
OZ776 SCR CardBus Windows Driver
OZ776 SCR Driver V1.1.4.202
PDF Combine
PDF Settings
PDF Settings CS6
Picasa 3
PowerDVD 5.1
QuickTime
Rapport
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Revit Architecture 2008
RollerCoaster Tycoon 3
Safari
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SigmaTel Audio
SimCity 4 Deluxe
Skype Toolbars
Skype™ 5.3
Sonic DLA
Sonic RecordNow! Plus
Sonic Update Manager
Spybot - Search & Destroy
SU2KT
SUPERAntiSpyware
swMSM
Symantec AntiVirus
System Requirements Lab
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wksiper
TurboTax 2010 wmeiper
TurboTax 2010 wmniper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wmniper
TurboTax 2011 wrapper
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Vault 2008 Plug-In for Autodesk VIZ 2008
Vault 5 Plug-In for Autodesk VIZ 2008
VBA (2627.01)
Videora iPod Converter 3.07
VideoZip Pro 2.6.0
VLC media player 1.1.11
WebFldrs XP
Windows 7 Upgrade Advisor
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows XP Service Pack 3
WinRAR archiver
WinZip 14.5
Xvid 1.1.3 final uninstall

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:05:13 AM

Posted 02 September 2012 - 10:41 PM

greetings


That only looks like half the report (it is starting at H instead of A)


can you resend it to me



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 miss0033

miss0033
  • Topic Starter

  • Members
  • 25 posts
  • OFFLINE
  •  
  • Local time:04:13 AM

Posted 02 September 2012 - 11:25 PM

You are correct, my apologies:
The first program on the list is only used to download episodes of a show called TopGear, I know of no other way to get the show...


µTorrent
Acrobat.com
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Download Assistant
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Manager
Adobe Help Viewer CS3
Adobe InDesign CS6
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader X (10.1.4)
Adobe Setup
Adobe Shockwave Player 11.6
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced SystemCare 5
Akamai NetSession Interface
AoA DVD Ripper
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AutoCAD Architecture 2009
AutoCAD Hatch Patterns
Autodesk DWF Viewer 7
Autodesk VIZ 2008
AviSynth 2.5
Backburner
Bluetooth Stack for Windows by Toshiba
Blurb Template Creator CS6 v1.1.0.1d5
Bonjour
Broadcom Advanced Control Suite
Broadcom ASF Management Applications
Broadcom Gigabit Integrated Controller
Broadcom TPM Driver Installer
CameraHelperMsi
CNET TechTracker
Combined Community Codec Pack 2008-09-21 16:18
Compatibility Pack for the 2007 Office system
Conexant HDA D110 MDC V.92 Modem
Critical Update for Windows Media Player 11 (KB959772)
Dassault Systemes Software Prerequisites x86
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Mobile Broadband Card Utility
Dell Photo AIO Printer 924
Dell Resource CD
Digital Line Detect
Dropbox
DVD Flick 1.3.0.7
DW WLAN Card Utility
DWG TrueView 2012
EasyTether
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 610 Series Printer Uninstall
EpsonNet Print
EpsonNet Setup
erLT
ESET Online Scanner v3
Facebook Plug-In
FBX Plugin 2006.11.1 for Viz 2008
Google Calendar Sync
Google Chrome
Google Earth
Google SketchUp 6
Google SketchUp 6 Exporters
Google SketchUp 8
Google SketchUp LayOut 6
Google SketchUp Pro 6
Google Talk Plugin
Google Update Helper
Google Updater
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB960043)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HTC BMP USB Driver
HTC Driver Installer
HTC Sync
I8kfanGUI V3.0
Impatica for PowerPoint 4.0.2
iTunes
Java Auto Updater
Java™ 6 Update 29
jZip
LiveUpdate 3.1 (Symantec Corporation)
Logitech Webcam Software
Logitech Webcam Software Driver Package
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Malwarebytes Anti-Malware version 1.61.0.1400
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 7.1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 14
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MobileMe Control Panel
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSN
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
MSXML 6.0 Parser (KB933579)
NVIDIA Drivers
Octoshape Streaming Services
OZ776 SCR CardBus Windows Driver
OZ776 SCR Driver V1.1.4.202
PDF Combine
PDF Settings
PDF Settings CS6
Picasa 3
PowerDVD 5.1
QuickTime
Rapport
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Revit Architecture 2008
RollerCoaster Tycoon 3
Safari
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
SigmaTel Audio
SimCity 4 Deluxe
Skype Toolbars
Skype™ 5.3
Sonic DLA
Sonic RecordNow! Plus
Sonic Update Manager
Spybot - Search & Destroy
SU2KT
SUPERAntiSpyware
swMSM
Symantec AntiVirus
System Requirements Lab
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wksiper
TurboTax 2010 wmeiper
TurboTax 2010 wmniper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wmniper
TurboTax 2011 wrapper
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Vault 2008 Plug-In for Autodesk VIZ 2008
Vault 5 Plug-In for Autodesk VIZ 2008
VBA (2627.01)
Videora iPod Converter 3.07
VideoZip Pro 2.6.0
VLC media player 1.1.11
WebFldrs XP
Windows 7 Upgrade Advisor
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Resource Kit Tools - SubInAcl.exe
Windows XP Service Pack 3
WinRAR archiver
WinZip 14.5
Xvid 1.1.3 final uninstall




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users