Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

MBRoot Code @ sector 312496383 (been infected for months now)

Started by dragonstar11 , Mar 20 2012 07:38 AM

Please log in to reply

#16
myrti

Posted 31 March 2012 - 12:41 PM

Expert

Expert
2,580 posts

Hi,

Please download Farbar Service Scanner and run it on the computer with the issue.

Make sure the following options are checked:
- Internet Services
- Windows Firewall
- System Restore
- Security Center
- Windows Update
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

regards myrti

#17
dragonstar11

Posted 02 April 2012 - 03:53 AM

Member

Topic Starter
Member
18 posts

Hi ya, I managed to run RKU files tab when disabling AVG, I dont see anythin gto make me worry, let me know if you want me to post the log.

I found during this I still have a problem reconnecting the internet. When first infected it hijacked the connection and all I could do was disable from netwrok connections but couldnt reneable without a reboot, seems this problem is still there, but had no call to try it up until now.

The sound card is failing on each start up now, but was fine before.

For some reason the links direct in help no longer work either?

This morning when I switched on I got a grey window
smax4pnp.exe unable to locate component SMWDMIF.dll

This is a first, is it just damage left over from the infection?

I also remembered I think I installed graboid and then remembered that it infected me in the past so removed it straight away. Just wondered if that might be any help working out what happened?

I havent had a chance to reinstall AVG yet, but will get on to that later.

Anyway here's the log you asked for.

Hope you had a good weekend

Farbar Service Scanner Version: 01-03-2012
Ran by Jess (administrator) on 02-04-2012 at 10:45:20
Running from "C:\Documents and Settings\Jess\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0

System Restore:
============

System Restore Disabled Policy:
========================

Security Center:
============

Windows Update:
============

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys
[2004-08-12 14:55] - [2008-08-14 10:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2004-08-12 15:01] - [2004-08-12 15:01] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2004-08-12 15:07] - [2008-06-20 11:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2004-08-12 14:58] - [2004-08-12 14:58] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2004-08-12 14:56] - [2004-08-12 14:56] - 0045568 ____A (Microsoft Corporation) 7379DE06FD196E396A00AA97B990C00D

C:\WINDOWS\system32\ipnathlp.dll
[2004-08-12 14:58] - [2004-08-12 14:58] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2004-08-12 15:02] - [2004-08-12 15:02] - 0198144 ____A (Microsoft Corporation) DAB9E6C7105D2EF49876FE92C524F565

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2004-08-10 13:01] - [2004-08-12 15:10] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2004-08-10 13:02] - [2004-08-12 15:06] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2008-10-11 18:05] - [2004-08-12 15:06] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2004-08-12 15:10] - [2004-08-12 15:10] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2004-08-10 13:01] - [2004-08-12 15:10] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2004-08-10 13:02] - [2004-08-12 15:10] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2008-10-11 18:08] - [2004-08-12 15:03] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2004-08-12 14:57] - [2008-07-07 21:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2004-08-12 14:56] - [2004-08-12 14:56] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2004-08-12 15:06] - [2004-08-12 15:06] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2004-08-12 15:04] - [2009-02-09 11:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2004-08-12 15:05] - [2009-02-06 18:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE

Extra List:
=======
Avgfwfd(11) Avgtdix(12) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3) Tcpip6(8)
0x0C000000040000000100000002000000030000000A00000009000000080000000B0000000C000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

Edited by dragonstar11, 02 April 2012 - 03:56 AM.

#18
myrti

Posted 02 April 2012 - 05:39 AM

Expert

Expert
2,580 posts

Hi,

could you try to uninstall and reinstall Sound Max Control Panel?

Please also download a fresh copy of TDSSKiller and run it:
Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.
If TDSSKiller does not run, try renaming it.
To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
Click the Start Scan button.
Do not use the computer during the scan
If the scan completes with nothing found, click Close to exit.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
Copy and paste the contents of that file in your next reply.

Also run this fix with OTL:

Please reopen on your desktop.

Copy and Paste the following code into the Posted Image

textbox.

:otl
SRV - (787EC71B) -- C:\WINDOWS\system32\787EC71B.exe File not found
SRV - (586C0674) -- C:\WINDOWS\system32\586C0674.exe File not found
SRV - (LiveUpdate) -- File not found
SRV - (FB6F1D7F) -- C:\WINDOWS\system32\FB6F1D7F.exe File not found
SRV - (FA3AA403) -- C:\WINDOWS\system32\FA3AA403.exe File not found
SRV - (ED648A82) -- C:\WINDOWS\system32\ED648A82.exe File not found
SRV - (B14C7815) -- C:\WINDOWS\system32\B14C7815.exe File not found
DRV - (SysProtDrv.sys) -- C:\Documents and Settings\Jess\Desktop\SysProt\SysProt\SysProtDrv.sys File not found
DRV - (MRESP50) -- C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS File not found
DRV - (MRENDIS5) -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS File not found
DRV - (MREMPR5) -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS File not found
DRV - (MREMP50) -- C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS File not found
DRV - (MEMSWEEP2) -- C:\WINDOWS\system32\1D.tmp File not found
DRV - (msloop) -- system32\DRIVERS\loop.sys File not found       
FF - prefs.js..browser.search.defaultthis.engineName: "Sendspace Bar Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2795644&SearchSource=3&q={searchTerms}"

Push
OTL may ask to reboot the machine. Please do so if asked.
Click the OK button.
A report will open. Copy and Paste that report in your next reply.

#19
dragonstar11

Posted 03 April 2012 - 01:24 PM

Member

Topic Starter
Member
18 posts

Hi ya,

I cant find anything in the progs list for that? Nothing changes when I uninstall from system/hardware. It reinstalls when searched for or on reboot, but doesnt solve.

I ran the OTL fix and it froze after and wouldnt give up a log. I had to close it from the task manager, rebooted and ran the fix again.

Nothing on TDSS Killer (new d/l)

I have the torch also when opening control panel, my computer etc

Anyway, logs for both below, thanks again

========== OTL ==========
Error: No service named 787EC71B was found to stop!
Service\Driver key 787EC71B not found.
File C:\WINDOWS\system32\787EC71B.exe File not found not found.
Error: No service named 586C0674 was found to stop!
Service\Driver key 586C0674 not found.
File C:\WINDOWS\system32\586C0674.exe File not found not found.
Error: No service named LiveUpdate was found to stop!
Service\Driver key LiveUpdate not found.
File File not found not found.
Error: No service named FB6F1D7F was found to stop!
Service\Driver key FB6F1D7F not found.
File C:\WINDOWS\system32\FB6F1D7F.exe File not found not found.
Error: No service named FA3AA403 was found to stop!
Service\Driver key FA3AA403 not found.
File C:\WINDOWS\system32\FA3AA403.exe File not found not found.
Error: No service named ED648A82 was found to stop!
Service\Driver key ED648A82 not found.
File C:\WINDOWS\system32\ED648A82.exe File not found not found.
Error: No service named B14C7815 was found to stop!
Service\Driver key B14C7815 not found.
File C:\WINDOWS\system32\B14C7815.exe File not found not found.
Error: No service named SysProtDrv.sys was found to stop!
Service\Driver key SysProtDrv.sys not found.
File C:\Documents and Settings\Jess\Desktop\SysProt\SysProt\SysProtDrv.sys File not found not found.
Error: No service named MRESP50 was found to stop!
Service\Driver key MRESP50 not found.
File C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS File not found not found.
Error: No service named MRENDIS5 was found to stop!
Service\Driver key MRENDIS5 not found.
File C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS File not found not found.
Error: No service named MREMPR5 was found to stop!
Service\Driver key MREMPR5 not found.
File C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS File not found not found.
Error: No service named MREMP50 was found to stop!
Service\Driver key MREMP50 not found.
File C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS File not found not found.
Error: No service named MEMSWEEP2 was found to stop!
Service\Driver key MEMSWEEP2 not found.
File C:\WINDOWS\system32\1D.tmp File not found not found.
Error: No service named msloop was found to stop!
Service\Driver key msloop not found.
File system32\DRIVERS\loop.sys File not found not found.
Prefs.js: "Sendspace Bar Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "http://search.condui...={searchTerms}" removed from browser.search.defaulturl

OTL by OldTimer - Version 3.2.39.2 log created on 04032012_201727

20:01:13.0500 1736 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32
20:01:15.0500 1736 ============================================================
20:01:15.0500 1736 Current date / time: 2012/04/03 20:01:15.0500
20:01:15.0500 1736 SystemInfo:
20:01:15.0500 1736
20:01:15.0500 1736 OS Version: 5.1.2600 ServicePack: 2.0
20:01:15.0500 1736 Product type: Workstation
20:01:15.0500 1736 ComputerName: DJG5BP1J
20:01:15.0500 1736 UserName: Jess
20:01:15.0500 1736 Windows directory: C:\WINDOWS
20:01:15.0500 1736 System windows directory: C:\WINDOWS
20:01:15.0500 1736 Processor architecture: Intel x86
20:01:15.0500 1736 Number of processors: 2
20:01:15.0500 1736 Page size: 0x1000
20:01:15.0500 1736 Boot type: Normal boot
20:01:15.0500 1736 ============================================================
20:01:18.0734 1736 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:01:18.0828 1736 \Device\Harddisk0\DR0:
20:01:18.0828 1736 MBR used
20:01:18.0828 1736 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x1243A802
20:01:18.0890 1736 Initialize success
20:01:18.0890 1736 ============================================================
20:01:31.0265 2180 ============================================================
20:01:31.0265 2180 Scan started
20:01:31.0265 2180 Mode: Manual; SigCheck; TDLFS;
20:01:31.0265 2180 ============================================================
20:01:31.0734 2180 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:01:31.0812 2180 !SASCORE - ok
20:01:31.0875 2180 586C0674 - ok
20:01:31.0937 2180 6to4 (f4024a93b64309bb3e66448b0cd92beb) C:\WINDOWS\System32\6to4svc.dll
20:01:38.0468 2180 6to4 - ok
20:01:38.0593 2180 787EC71B - ok
20:01:38.0671 2180 Abiosdsk - ok
20:01:38.0750 2180 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:01:40.0953 2180 abp480n5 - ok
20:01:41.0093 2180 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:01:41.0343 2180 ACPI - ok
20:01:41.0406 2180 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:01:41.0593 2180 ACPIEC - ok
20:01:41.0703 2180 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:01:41.0859 2180 adpu160m - ok
20:01:41.0953 2180 aec (841f385c6cfaf66b58fbd898722bb4f0) C:\WINDOWS\system32\drivers\aec.sys
20:01:42.0156 2180 aec - ok
20:01:42.0234 2180 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
20:01:42.0296 2180 AFD - ok
20:01:42.0359 2180 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
20:01:42.0562 2180 agp440 - ok
20:01:42.0593 2180 agpCPQ (67288b07d6aba6c1267b626e67bc56fd) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:01:42.0781 2180 agpCPQ - ok
20:01:42.0875 2180 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:01:42.0953 2180 Aha154x - ok
20:01:43.0015 2180 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:01:43.0171 2180 aic78u2 - ok
20:01:43.0250 2180 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:01:43.0406 2180 aic78xx - ok
20:01:43.0468 2180 Alerter (c7ae0fd3867db0d42b03b73c18f3d671) C:\WINDOWS\system32\alrsvc.dll
20:01:43.0656 2180 Alerter - ok
20:01:43.0750 2180 ALG (f1958fbf86d5c004cf19a5951a9514b7) C:\WINDOWS\System32\alg.exe
20:01:43.0859 2180 ALG - ok
20:01:43.0937 2180 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
20:01:44.0109 2180 AliIde - ok
20:01:44.0187 2180 alim1541 (f312b7cef21eff52fa23056b9d815fad) C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:01:44.0421 2180 alim1541 - ok
20:01:44.0468 2180 amdagp (675c16a3c1f8482f85ee4a97fc0dde3d) C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:01:44.0625 2180 amdagp - ok
20:01:44.0718 2180 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
20:01:44.0828 2180 amsint - ok
20:01:44.0875 2180 AppMgmt - ok
20:01:44.0968 2180 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
20:01:45.0125 2180 asc - ok
20:01:45.0203 2180 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:01:45.0296 2180 asc3350p - ok
20:01:45.0359 2180 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:01:45.0515 2180 asc3550 - ok
20:01:45.0671 2180 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:01:45.0718 2180 aspnet_state - ok
20:01:45.0781 2180 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:01:45.0953 2180 AsyncMac - ok
20:01:46.0031 2180 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:01:46.0171 2180 atapi - ok
20:01:46.0203 2180 Atdisk - ok
20:01:46.0250 2180 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:01:46.0421 2180 Atmarpc - ok
20:01:46.0484 2180 AudioSrv (db66db626e4882ebef55f136f12c1829) C:\WINDOWS\System32\audiosrv.dll
20:01:46.0656 2180 AudioSrv - ok
20:01:46.0718 2180 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:01:46.0875 2180 audstub - ok
20:01:46.0937 2180 Avgfwdx (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
20:01:47.0015 2180 Avgfwdx - ok
20:01:47.0031 2180 Avgfwfd (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
20:01:47.0046 2180 Avgfwfd - ok
20:01:47.0171 2180 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files\AVG\AVG2012\avgfws.exe
20:01:47.0328 2180 avgfws - ok
20:01:47.0484 2180 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
20:01:47.0703 2180 AVGIDSAgent - ok
20:01:47.0875 2180 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
20:01:47.0890 2180 AVGIDSDriver - ok
20:01:47.0953 2180 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
20:01:47.0968 2180 AVGIDSEH - ok
20:01:48.0015 2180 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
20:01:48.0031 2180 AVGIDSFilter - ok
20:01:48.0078 2180 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
20:01:48.0093 2180 AVGIDSShim - ok
20:01:48.0156 2180 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
20:01:48.0187 2180 Avgldx86 - ok
20:01:48.0218 2180 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
20:01:48.0250 2180 Avgmfx86 - ok
20:01:48.0281 2180 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
20:01:48.0296 2180 Avgrkx86 - ok
20:01:48.0343 2180 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
20:01:48.0390 2180 Avgtdix - ok
20:01:48.0468 2180 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
20:01:48.0484 2180 avgwd - ok
20:01:48.0531 2180 B14C7815 - ok
20:01:48.0609 2180 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:01:48.0765 2180 Beep - ok
20:01:48.0875 2180 BITS (2c69ec7e5a311334d10dd95f338fccea) C:\WINDOWS\system32\qmgr.dll
20:01:49.0140 2180 BITS - ok
20:01:49.0218 2180 Brother XP spl Service (d3facb34fff5db91adb70987838f8ba7) C:\WINDOWS\system32\brsvc01a.exe
20:01:49.0359 2180 Brother XP spl Service - ok
20:01:49.0437 2180 Browser (e3cfccdda4edd1d0dc9168b2e18f27b8) C:\WINDOWS\System32\browser.dll
20:01:49.0593 2180 Browser - ok
20:01:49.0703 2180 BrScnUsb (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
20:01:49.0781 2180 BrScnUsb - ok
20:01:49.0796 2180 catchme - ok
20:01:49.0859 2180 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:01:50.0031 2180 cbidf - ok
20:01:50.0078 2180 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:01:50.0218 2180 cbidf2k - ok
20:01:50.0281 2180 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:01:50.0390 2180 cd20xrnt - ok
20:01:50.0453 2180 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:01:50.0671 2180 Cdaudio - ok
20:01:50.0750 2180 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
20:01:50.0921 2180 Cdfs - ok
20:01:51.0000 2180 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:01:51.0171 2180 Cdrom - ok
20:01:51.0203 2180 CE59D98C - ok
20:01:51.0250 2180 Changer - ok
20:01:51.0296 2180 cisvc (3192bd04d032a9c4a85a3278c268a13a) C:\WINDOWS\system32\cisvc.exe
20:01:51.0484 2180 cisvc - ok
20:01:51.0546 2180 ClipSrv (c8dec22c4137d7a90f8bdf41ca4b82ae) C:\WINDOWS\system32\clipsrv.exe
20:01:51.0718 2180 ClipSrv - ok
20:01:51.0875 2180 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:01:52.0015 2180 clr_optimization_v2.0.50727_32 - ok
20:01:52.0125 2180 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:01:52.0296 2180 CmdIde - ok
20:01:52.0343 2180 COMSysApp - ok
20:01:52.0375 2180 CO_Mon - ok
20:01:52.0421 2180 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:01:52.0609 2180 Cpqarray - ok
20:01:52.0687 2180 CryptSvc (10654f9ddcea9c46cfb77554231be73b) C:\WINDOWS\System32\cryptsvc.dll
20:01:52.0859 2180 CryptSvc - ok
20:01:52.0890 2180 CSHelper - ok
20:01:52.0906 2180 D560878A - ok
20:01:53.0015 2180 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:01:53.0187 2180 dac2w2k - ok
20:01:53.0234 2180 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:01:53.0390 2180 dac960nt - ok
20:01:53.0468 2180 DcomLaunch (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\system32\rpcss.dll
20:01:53.0578 2180 DcomLaunch - ok
20:01:53.0656 2180 Dhcp (cb6ca3e5261d65f6f809eed23bf167aa) C:\WINDOWS\System32\dhcpcsvc.dll
20:01:53.0828 2180 Dhcp - ok
20:01:53.0906 2180 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
20:01:54.0046 2180 Disk - ok
20:01:54.0078 2180 dmadmin - ok
20:01:54.0234 2180 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
20:01:54.0453 2180 dmboot - ok
20:01:54.0546 2180 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
20:01:54.0703 2180 dmio - ok
20:01:54.0781 2180 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:01:54.0953 2180 dmload - ok
20:01:55.0015 2180 dmserver (1639d9964c9e1b2ecca95c8217d3e70d) C:\WINDOWS\System32\dmserver.dll
20:01:55.0203 2180 dmserver - ok
20:01:55.0281 2180 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
20:01:55.0437 2180 DMusic - ok
20:01:55.0484 2180 Dnscache (7379de06fd196e396a00aa97b990c00d) C:\WINDOWS\System32\dnsrslvr.dll
20:01:55.0656 2180 Dnscache - ok
20:01:55.0703 2180 Dot3svc - ok
20:01:55.0765 2180 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:01:55.0921 2180 dpti2o - ok
20:01:55.0968 2180 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
20:01:56.0125 2180 drmkaud - ok
20:01:56.0187 2180 E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:01:56.0265 2180 E100B - ok
20:01:56.0281 2180 EapHost - ok
20:01:56.0312 2180 ED648A82 - ok
20:01:56.0375 2180 ERSvc (67dff7bbbd0e80aab7b3cf061448db8a) C:\WINDOWS\System32\ersvc.dll
20:01:56.0531 2180 ERSvc - ok
20:01:56.0609 2180 EUCR (dcd7599b0c52a3e59f3dbf540620a092) C:\WINDOWS\system32\DRIVERS\EUCR6SK.SYS
20:01:56.0687 2180 EUCR - ok
20:01:56.0765 2180 Eventlog (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
20:01:56.0875 2180 Eventlog - ok
20:01:56.0953 2180 EventSystem (60d1a6342238378bfb7545c81ee3606c) C:\WINDOWS\system32\es.dll
20:01:57.0015 2180 EventSystem - ok
20:01:57.0046 2180 FA3AA403 - ok
20:01:57.0109 2180 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
20:01:57.0328 2180 Fastfat - ok
20:01:57.0406 2180 FastUserSwitchingCompatibility (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
20:01:57.0562 2180 FastUserSwitchingCompatibility - ok
20:01:57.0593 2180 FB6F1D7F - ok
20:01:57.0703 2180 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:01:57.0859 2180 Fdc - ok
20:01:57.0906 2180 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
20:01:58.0062 2180 Fips - ok
20:01:58.0125 2180 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:01:58.0328 2180 Flpydisk - ok
20:01:58.0406 2180 FltMgr (157754f0df355a9e0a6f54721914f9c6) C:\WINDOWS\system32\drivers\fltmgr.sys
20:01:58.0562 2180 FltMgr - ok
20:01:58.0671 2180 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:01:58.0703 2180 FontCache3.0.0.0 - ok
20:01:58.0781 2180 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:01:58.0937 2180 Fs_Rec - ok
20:01:59.0000 2180 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:01:59.0171 2180 Ftdisk - ok
20:01:59.0234 2180 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:01:59.0406 2180 Gpc - ok
20:01:59.0531 2180 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:01:59.0546 2180 gupdate - ok
20:01:59.0546 2180 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
20:01:59.0562 2180 gupdatem - ok
20:01:59.0671 2180 helpsvc (8827911a8c37e40c027cbfc88e69d967) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:01:59.0843 2180 helpsvc - ok
20:01:59.0890 2180 HidServ (9376e6893e52b368abc6255bf54f0b28) C:\WINDOWS\System32\hidserv.dll
20:02:00.0046 2180 HidServ - ok
20:02:00.0140 2180 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:02:00.0328 2180 HidUsb - ok
20:02:00.0375 2180 hkmsvc - ok
20:02:00.0421 2180 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
20:02:00.0593 2180 hpn - ok
20:02:00.0671 2180 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
20:02:00.0734 2180 HTTP - ok
20:02:00.0796 2180 HTTPFilter (064d8581adf77c25133e7d751d917d83) C:\WINDOWS\System32\w3ssl.dll
20:02:01.0000 2180 HTTPFilter - ok
20:02:01.0078 2180 hwdatacard (07853191b1bdee5b39be4cfcfe3b9ad4) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
20:02:01.0234 2180 hwdatacard - ok
20:02:01.0312 2180 i2omgmt (8f09f91b5c91363b77bcd15599570f2c) C:\WINDOWS\system32\drivers\i2omgmt.sys
20:02:01.0484 2180 i2omgmt - ok
20:02:01.0531 2180 i2omp (ed6bf9e441fdea13292a6d30a64a24c3) C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:02:01.0687 2180 i2omp - ok
20:02:01.0765 2180 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:02:01.0937 2180 i8042prt - ok
20:02:02.0031 2180 ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:02:02.0250 2180 ialm - ok
20:02:02.0578 2180 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:02:02.0875 2180 idsvc - ok
20:02:03.0312 2180 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:02:03.0656 2180 Imapi - ok
20:02:04.0125 2180 ImapiService (fa788520bcac0f5d9d5cde5615c0d931) C:\WINDOWS\system32\imapi.exe
20:02:04.0437 2180 ImapiService - ok
20:02:04.0984 2180 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:02:05.0203 2180 ini910u - ok
20:02:05.0953 2180 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
20:02:06.0656 2180 IntelC51 - ok
20:02:07.0343 2180 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
20:02:07.0906 2180 IntelC52 - ok
20:02:08.0312 2180 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
20:02:08.0437 2180 IntelC53 - ok
20:02:08.0828 2180 IntelIde (2d722b2b54ab55b2fa475eb58d7b2aad) C:\WINDOWS\system32\DRIVERS\intelide.sys
20:02:09.0031 2180 IntelIde - ok
20:02:09.0484 2180 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:02:09.0656 2180 intelppm - ok
20:02:10.0140 2180 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
20:02:10.0328 2180 Ip6Fw - ok
20:02:10.0734 2180 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:02:10.0921 2180 IpFilterDriver - ok
20:02:11.0281 2180 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:02:11.0453 2180 IpInIp - ok
20:02:11.0937 2180 IpNat (b5a8e215ac29d24d60b4d1250ef05ace) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:02:12.0218 2180 IpNat - ok
20:02:12.0671 2180 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:02:12.0859 2180 IPSec - ok
20:02:13.0265 2180 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:02:13.0437 2180 IRENUM - ok
20:02:13.0812 2180 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:02:13.0984 2180 isapnp - ok
20:02:14.0312 2180 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe
20:02:14.0421 2180 JavaQuickStarterService - ok
20:02:14.0812 2180 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:02:15.0062 2180 Kbdclass - ok
20:02:15.0406 2180 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:02:15.0578 2180 kbdhid - ok
20:02:16.0015 2180 kmixer (d93cad07c5683db066b0b2d2d3790ead) C:\WINDOWS\system32\drivers\kmixer.sys
20:02:16.0265 2180 kmixer - ok
20:02:16.0828 2180 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
20:02:17.0093 2180 KSecDD - ok
20:02:18.0046 2180 KService (70ceefe43cb746dd04a884c84a7ebaa3) C:\Program Files\Kontiki\KService.exe
20:02:20.0125 2180 KService - ok
20:02:20.0437 2180 lanmanserver (93d32468d34e000cb3407947d1d6e22a) C:\WINDOWS\System32\srvsvc.dll
20:02:20.0625 2180 lanmanserver - ok
20:02:20.0906 2180 lanmanworkstation (e1f27cfcd114ec9f1e1f44674b2ff9f0) C:\WINDOWS\System32\wkssvc.dll
20:02:21.0000 2180 lanmanworkstation - ok
20:02:21.0312 2180 lbrtfdc - ok
20:02:21.0609 2180 LmHosts (b3eff6d938c572e90a07b3d87a3c7657) C:\WINDOWS\System32\lmhsvc.dll
20:02:21.0812 2180 LmHosts - ok
20:02:22.0156 2180 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
20:02:22.0203 2180 MBAMProtector - ok
20:02:22.0468 2180 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:02:22.0671 2180 MBAMService - ok
20:02:22.0937 2180 MEMSWEEP2 - ok
20:02:23.0218 2180 Messenger (95fd808e4ac22aba025a7b3eac0375d2) C:\WINDOWS\System32\msgsvc.dll
20:02:23.0437 2180 Messenger - ok
20:02:23.0875 2180 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
20:02:23.0906 2180 mferkdk - ok
20:02:24.0312 2180 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
20:02:24.0359 2180 mfesmfk - ok
20:02:24.0765 2180 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:02:24.0968 2180 mnmdd - ok
20:02:25.0250 2180 mnmsrvc (f6415361201915b9fe3896b0e4e724ff) C:\WINDOWS\system32\mnmsrvc.exe
20:02:25.0640 2180 mnmsrvc - ok
20:02:26.0046 2180 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
20:02:26.0234 2180 Modem - ok
20:02:26.0531 2180 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
20:02:26.0734 2180 MODEMCSA - ok
20:02:27.0031 2180 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
20:02:27.0125 2180 mohfilt - ok
20:02:27.0531 2180 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:02:27.0703 2180 Mouclass - ok
20:02:28.0125 2180 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:02:28.0343 2180 mouhid - ok
20:02:28.0765 2180 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
20:02:28.0953 2180 MountMgr - ok
20:02:29.0296 2180 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:02:29.0484 2180 mraid35x - ok
20:02:29.0593 2180 MREMP50 - ok
20:02:29.0656 2180 MREMPR5 - ok
20:02:29.0687 2180 MRENDIS5 - ok
20:02:29.0734 2180 MRESP50 - ok
20:02:30.0187 2180 MRxDAV (46edcc8f2db2f322c24f48785cb46366) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:02:30.0437 2180 MRxDAV - ok
20:02:30.0843 2180 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:02:31.0078 2180 MRxSmb - ok
20:02:31.0390 2180 MSDTC (c7c3d89eb0a6f3dba622ea737fa335b1) C:\WINDOWS\system32\msdtc.exe
20:02:31.0687 2180 MSDTC - ok
20:02:32.0125 2180 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
20:02:32.0312 2180 Msfs - ok
20:02:32.0546 2180 MSIServer - ok
20:02:32.0890 2180 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:02:33.0093 2180 MSKSSRV - ok
20:02:33.0437 2180 msloop - ok
20:02:33.0781 2180 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:02:33.0968 2180 MSPCLOCK - ok
20:02:34.0359 2180 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
20:02:34.0593 2180 MSPQM - ok
20:02:34.0796 2180 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:02:34.0937 2180 mssmbios - ok
20:02:35.0015 2180 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
20:02:35.0171 2180 Mup - ok
20:02:35.0203 2180 napagent - ok
20:02:35.0296 2180 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
20:02:35.0468 2180 NDIS - ok
20:02:35.0515 2180 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:02:35.0656 2180 NdisTapi - ok
20:02:35.0718 2180 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:02:35.0890 2180 Ndisuio - ok
20:02:35.0937 2180 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:02:36.0109 2180 NdisWan - ok
20:02:36.0187 2180 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
20:02:36.0328 2180 NDProxy - ok
20:02:36.0390 2180 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:02:36.0562 2180 NetBIOS - ok
20:02:36.0609 2180 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:02:36.0781 2180 NetBT - ok
20:02:36.0812 2180 NetDDE - ok
20:02:36.0843 2180 NetDDEdsdm - ok
20:02:36.0875 2180 Netlogon (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
20:02:37.0015 2180 Netlogon - ok
20:02:37.0078 2180 Netman (dab9e6c7105d2ef49876fe92c524f565) C:\WINDOWS\System32\netman.dll
20:02:37.0234 2180 Netman - ok
20:02:37.0406 2180 NetSvc - ok
20:02:37.0625 2180 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:02:37.0703 2180 NetTcpPortSharing - ok
20:02:38.0000 2180 Nla (097722f235a1fb698bf9234e01b52637) C:\WINDOWS\System32\mswsock.dll
20:02:38.0109 2180 Nla - ok
20:02:38.0359 2180 nmwcd (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
20:02:40.0015 2180 nmwcd - ok
20:02:40.0328 2180 nmwcdc (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
20:02:40.0437 2180 nmwcdc - ok
20:02:40.0687 2180 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\npf.sys
20:02:40.0703 2180 NPF - ok
20:02:40.0875 2180 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
20:02:41.0031 2180 Npfs - ok
20:02:41.0468 2180 Ntfs (b78be402c3f63dd55521f73876951cdd) C:\WINDOWS\system32\drivers\Ntfs.sys
20:02:41.0781 2180 Ntfs - ok
20:02:42.0125 2180 NtLmSsp (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
20:02:42.0250 2180 NtLmSsp - ok
20:02:42.0546 2180 NtmsSvc (b62f29c00ac55a761b2e45877d85ea0f) C:\WINDOWS\system32\ntmssvc.dll
20:02:42.0843 2180 NtmsSvc - ok
20:02:43.0187 2180 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:02:43.0484 2180 Null - ok
20:02:44.0375 2180 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:02:45.0625 2180 nv - ok
20:02:46.0453 2180 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:02:46.0625 2180 NwlnkFlt - ok
20:02:47.0156 2180 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:02:47.0453 2180 NwlnkFwd - ok
20:02:47.0671 2180 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:02:47.0734 2180 ose - ok
20:02:48.0140 2180 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
20:02:48.0375 2180 Parport - ok
20:02:49.0609 2180 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
20:02:49.0843 2180 PartMgr - ok
20:02:50.0171 2180 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
20:02:50.0375 2180 ParVdm - ok
20:02:50.0718 2180 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
20:02:50.0953 2180 pccsmcfd - ok
20:02:51.0328 2180 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
20:02:51.0515 2180 PCI - ok
20:02:51.0828 2180 PCIDump - ok
20:02:51.0968 2180 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:02:52.0140 2180 PCIIde - ok
20:02:52.0531 2180 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:02:52.0718 2180 Pcmcia - ok
20:02:52.0968 2180 PDCOMP - ok
20:02:53.0046 2180 PDFRAME - ok
20:02:53.0109 2180 PDRELI - ok
20:02:53.0234 2180 PDRFRAME - ok
20:02:53.0421 2180 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
20:02:53.0625 2180 perc2 - ok
20:02:54.0000 2180 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:02:54.0234 2180 perc2hib - ok
20:02:54.0515 2180 PlugPlay (37561f8d4160d62da86d24ae41fae8de) C:\WINDOWS\system32\services.exe
20:02:54.0640 2180 PlugPlay - ok
20:02:54.0781 2180 PolicyAgent (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
20:02:54.0921 2180 PolicyAgent - ok
20:02:55.0312 2180 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:02:55.0578 2180 PptpMiniport - ok
20:02:55.0843 2180 ProtectedStorage (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
20:02:56.0000 2180 ProtectedStorage - ok
20:02:56.0250 2180 ProtexisLicensing (f115af58abe5605d7d709cbfbd83f418) C:\WINDOWS\system32\PSIService.exe
20:02:56.0281 2180 ProtexisLicensing - ok
20:02:56.0500 2180 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
20:02:56.0671 2180 PSched - ok
20:02:56.0984 2180 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:02:57.0203 2180 Ptilink - ok
20:02:57.0546 2180 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:02:57.0578 2180 PxHelp20 - ok
20:02:57.0703 2180 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:02:57.0890 2180 ql1080 - ok
20:02:58.0203 2180 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:02:58.0468 2180 Ql10wnt - ok
20:02:58.0812 2180 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:02:59.0000 2180 ql12160 - ok
20:02:59.0359 2180 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:02:59.0562 2180 ql1240 - ok
20:02:59.0890 2180 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:03:00.0125 2180 ql1280 - ok
20:03:00.0406 2180 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:03:00.0578 2180 RasAcd - ok
20:03:00.0843 2180 RasAuto (44db7a9bdd2fb58747d123fbf1d35adb) C:\WINDOWS\System32\rasauto.dll
20:03:01.0078 2180 RasAuto - ok
20:03:01.0390 2180 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:03:01.0578 2180 Rasl2tp - ok
20:03:01.0921 2180 RasMan (41a3c11e3517c962c9b44893bcec3b34) C:\WINDOWS\System32\rasmans.dll
20:03:02.0093 2180 RasMan - ok
20:03:02.0406 2180 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:03:02.0625 2180 RasPppoe - ok
20:03:02.0968 2180 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:03:03.0171 2180 Raspti - ok
20:03:03.0515 2180 Rdbss (29d66245adba878fff574cd66abd2884) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:03:03.0718 2180 Rdbss - ok
20:03:04.0046 2180 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:03:04.0296 2180 RDPCDD - ok
20:03:04.0687 2180 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:03:04.0937 2180 rdpdr - ok
20:03:05.0406 2180 RDPWD (d4f5643d7714ef499ae9527fdcd50894) C:\WINDOWS\system32\drivers\RDPWD.sys
20:03:05.0609 2180 RDPWD - ok
20:03:05.0890 2180 RDSessMgr (729798e0933076b8fcfcd9934698f164) C:\WINDOWS\system32\sessmgr.exe
20:03:06.0125 2180 RDSessMgr - ok
20:03:06.0437 2180 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:03:06.0656 2180 redbook - ok
20:03:06.0953 2180 RemoteAccess (3046db917e3cfa040632799dd9b14865) C:\WINDOWS\System32\mprdim.dll
20:03:07.0203 2180 RemoteAccess - ok
20:03:07.0359 2180 rpcapd (a780d3eaa74582ea1deb6bd9c7a3d9c9) C:\Program Files\WinPcap\rpcapd.exe
20:03:07.0453 2180 rpcapd - ok
20:03:07.0828 2180 RpcLocator (793f04a09b15e7c6c11dbdffaf06c0ab) C:\WINDOWS\system32\locator.exe
20:03:08.0125 2180 RpcLocator - ok
20:03:08.0421 2180 RpcSs (01095febf33beea00c2a0730b9b3ec28) C:\WINDOWS\System32\rpcss.dll
20:03:08.0531 2180 RpcSs - ok
20:03:08.0781 2180 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
20:03:08.0937 2180 RSVP - ok
20:03:09.0187 2180 RUBotSrv (a0eea6f631349d0e0b7a6caa7e099cb0) C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
20:03:09.0265 2180 RUBotSrv - ok
20:03:09.0531 2180 SamSs (84885f9b82f4d55c6146ebf6065d75d2) C:\WINDOWS\system32\lsass.exe
20:03:09.0671 2180 SamSs - ok
20:03:09.0828 2180 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:03:10.0093 2180 SASDIFSV - ok
20:03:10.0218 2180 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:03:10.0500 2180 SASKUTIL - ok
20:03:10.0750 2180 SCardSvr (25d8de134df108e3dbc8d7d23b1aa58e) C:\WINDOWS\System32\SCardSvr.exe
20:03:10.0906 2180 SCardSvr - ok
20:03:11.0234 2180 Schedule (92360854316611f6cc471612213c3d92) C:\WINDOWS\system32\schedsvc.dll
20:03:11.0390 2180 Schedule - ok
20:03:11.0703 2180 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:03:11.0812 2180 Secdrv - ok
20:03:12.0093 2180 seclogon (b1e0ce09895376871746f36dc5773b4f) C:\WINDOWS\System32\seclogon.dll
20:03:12.0250 2180 seclogon - ok
20:03:12.0703 2180 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
20:03:12.0953 2180 senfilt - ok
20:03:13.0218 2180 SENS (dfd9870cf39c791d86c4c209da9fa919) C:\WINDOWS\system32\sens.dll
20:03:13.0406 2180 SENS - ok
20:03:13.0656 2180 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:03:13.0859 2180 serenum - ok
20:03:14.0187 2180 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
20:03:14.0359 2180 Serial - ok
20:03:14.0468 2180 ServiceLayer - ok
20:03:14.0843 2180 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:03:15.0109 2180 Sfloppy - ok
20:03:15.0437 2180 SharedAccess (36cc8c01b5e50163037bef56cb96deff) C:\WINDOWS\System32\ipnathlp.dll
20:03:15.0703 2180 SharedAccess - ok
20:03:15.0984 2180 ShellHWDetection (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
20:03:16.0156 2180 ShellHWDetection - ok
20:03:16.0390 2180 Simbad - ok
20:03:16.0515 2180 sisagp (732d859b286da692119f286b21a2a114) C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:03:16.0781 2180 sisagp - ok
20:03:17.0171 2180 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
20:03:17.0359 2180 smwdm - ok
20:03:17.0703 2180 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:03:17.0828 2180 Sparrow - ok
20:03:18.0125 2180 splitter (8e186b8f23295d1e42c573b82b80d548) C:\WINDOWS\system32\drivers\splitter.sys
20:03:18.0312 2180 splitter - ok
20:03:18.0515 2180 Spooler (7435b108b935e42ea92ca94f59c8e717) C:\WINDOWS\system32\spoolsv.exe
20:03:18.0718 2180 Spooler - ok
20:03:19.0000 2180 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
20:03:19.0156 2180 sr - ok
20:03:19.0437 2180 srservice (92bdf74f12d6cbec43c94d4b7f804838) C:\WINDOWS\system32\srsvc.dll
20:03:19.0578 2180 srservice - ok
20:03:19.0953 2180 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
20:03:20.0062 2180 Srv - ok
20:03:20.0343 2180 SSDPSRV (4b8d61792f7175bed48859cc18ce4e38) C:\WINDOWS\System32\ssdpsrv.dll
20:03:20.0468 2180 SSDPSRV - ok
20:03:20.0796 2180 stisvc (d9f6c4f6b1e188adafc42b561d9bc2e6) C:\WINDOWS\system32\wiaservc.dll
20:03:21.0031 2180 stisvc - ok
20:03:21.0359 2180 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:03:21.0578 2180 swenum - ok
20:03:21.0953 2180 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
20:03:22.0140 2180 swmidi - ok
20:03:22.0343 2180 SwPrv - ok
20:03:22.0531 2180 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
20:03:22.0750 2180 symc810 - ok
20:03:23.0093 2180 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:03:23.0265 2180 symc8xx - ok
20:03:23.0593 2180 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:03:23.0828 2180 sym_hi - ok
20:03:24.0125 2180 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:03:24.0296 2180 sym_u3 - ok
20:03:24.0640 2180 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
20:03:24.0796 2180 sysaudio - ok
20:03:25.0078 2180 SysmonLog (8b54aa346d1b1b113ffaa75501b8b1b2) C:\WINDOWS\system32\smlogsvc.exe
20:03:25.0375 2180 SysmonLog - ok
20:03:25.0546 2180 SysProtDrv.sys - ok
20:03:25.0828 2180 TapiSrv (eb4a4187d74a8efdcbea3ea2cb1bdfbd) C:\WINDOWS\System32\tapisrv.dll
20:03:26.0062 2180 TapiSrv - ok
20:03:26.0468 2180 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:03:26.0593 2180 Tcpip - ok
20:03:26.0968 2180 Tcpip6 (be4007ab8c9b62e3688fc2f469b98190) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
20:03:27.0062 2180 Tcpip6 - ok
20:03:27.0406 2180 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:03:27.0656 2180 TDPIPE - ok
20:03:28.0078 2180 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
20:03:28.0281 2180 TDTCP - ok
20:03:28.0671 2180 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:03:28.0953 2180 TermDD - ok
20:03:29.0187 2180 TermService (b60c877d16d9c880b952fda04adf16e6) C:\WINDOWS\System32\termsrv.dll
20:03:29.0390 2180 TermService - ok
20:03:29.0578 2180 Themes (e7518dc542d3ebdcb80edd98462c7821) C:\WINDOWS\System32\shsvcs.dll
20:03:29.0750 2180 Themes - ok
20:03:29.0937 2180 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
20:03:30.0156 2180 TosIde - ok
20:03:30.0234 2180 TrkWks (6d9ac544b30f96c57f8206566c1fb6a1) C:\WINDOWS\system32\trkwks.dll
20:03:30.0468 2180 TrkWks - ok
20:03:30.0531 2180 tunmp (87a0e9e18c10a9e454238e3330e2a26d) C:\WINDOWS\system32\DRIVERS\tunmp.sys
20:03:30.0687 2180 tunmp - ok
20:03:30.0921 2180 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
20:03:31.0140 2180 Udfs - ok
20:03:31.0203 2180 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
20:03:31.0343 2180 ultra - ok
20:03:31.0406 2180 UMWdf (ab0a7ca90d9e3d6a193905dc1715ded0) C:\WINDOWS\system32\wdfmgr.exe
20:03:31.0484 2180 UMWdf - ok
20:03:31.0531 2180 Update (aff2e5045961bbc0a602bb6f95eb1345) C:\WINDOWS\system32\DRIVERS\update.sys
20:03:31.0781 2180 Update - ok
20:03:31.0843 2180 upnphost (0546477bde979e33294fe97f6b3de84a) C:\WINDOWS\System32\upnphost.dll
20:03:31.0968 2180 upnphost - ok
20:03:32.0031 2180 upperdev (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
20:03:32.0171 2180 upperdev - ok
20:03:32.0203 2180 UPS (3f5df65b0758675f95a2d43918a740a3) C:\WINDOWS\System32\ups.exe
20:03:32.0406 2180 UPS - ok
20:03:32.0468 2180 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:03:32.0703 2180 usbccgp - ok
20:03:32.0734 2180 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:03:32.0984 2180 usbehci - ok
20:03:33.0031 2180 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:03:33.0250 2180 usbhub - ok
20:03:33.0296 2180 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:03:33.0515 2180 usbprint - ok
20:03:33.0578 2180 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:03:33.0765 2180 usbscan - ok
20:03:33.0796 2180 usbser (49106ee29074e6a3d3ac9e24c6d791d8) C:\WINDOWS\system32\drivers\usbser.sys
20:03:33.0984 2180 usbser - ok
20:03:34.0031 2180 UsbserFilt (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
20:03:34.0140 2180 UsbserFilt - ok
20:03:34.0187 2180 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:03:34.0359 2180 USBSTOR - ok
20:03:34.0406 2180 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:03:34.0578 2180 usbuhci - ok
20:03:34.0640 2180 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
20:03:34.0781 2180 VgaSave - ok
20:03:34.0828 2180 viaagp (d92e7c8a30cfd14d8e15b5f7f032151b) C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:03:34.0984 2180 viaagp - ok
20:03:35.0031 2180 ViaIde (59cb1338ad3654417bea49636457f65d) C:\WINDOWS\system32\DRIVERS\viaide.sys
20:03:35.0187 2180 ViaIde - ok
20:03:35.0234 2180 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
20:03:35.0421 2180 VolSnap - ok
20:03:35.0500 2180 VSS (3ee00364ae0fd8d604f46cbaf512838a) C:\WINDOWS\System32\vssvc.exe
20:03:35.0625 2180 VSS - ok
20:03:35.0765 2180 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
20:03:35.0828 2180 vToolbarUpdater10.2.0 - ok
20:03:35.0875 2180 w32time (2b281958f5d0cf99ed626e3ef39d5c8d) C:\WINDOWS\system32\w32time.dll
20:03:36.0046 2180 w32time - ok
20:03:36.0156 2180 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:03:36.0312 2180 Wanarp - ok
20:03:36.0343 2180 wceusbsh (b85b448fd2c398970382a28e47cf4bc6) C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
20:03:36.0531 2180 wceusbsh - ok
20:03:36.0609 2180 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
20:03:36.0687 2180 Wdf01000 - ok
20:03:36.0703 2180 WDICA - ok
20:03:36.0750 2180 wdmaud (2797f33ebf50466020c430ee4f037933) C:\WINDOWS\system32\drivers\wdmaud.sys
20:03:36.0906 2180 wdmaud - ok
20:03:36.0921 2180 WebClient (5d0a442864bfbf3b19dcca4cd29f6e99) C:\WINDOWS\System32\webclnt.dll
20:03:37.0093 2180 WebClient - ok
20:03:37.0171 2180 WinDefend (581061776e1b7c4c7771e97ae5eaf377) C:\Program Files\Windows Defender\MsMpEng.exe
20:03:37.0187 2180 WinDefend - ok
20:03:37.0281 2180 winmgmt (f399242a80c4066fd155efa4cf96658e) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:03:37.0453 2180 winmgmt - ok
20:03:37.0515 2180 WmdmPmSN (140ef97b64f560fd78643cae2cdad838) C:\WINDOWS\system32\mspmsnsv.dll
20:03:37.0578 2180 WmdmPmSN - ok
20:03:37.0656 2180 WmiApSrv (ba8cecc3e813e1f7c441b20393d4f86c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:03:37.0843 2180 WmiApSrv - ok
20:03:37.0875 2180 WMPNetworkSvc - ok
20:03:37.0968 2180 WpdUsb (1385e5aa9c9821790d33a9563b8d2dd0) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:03:37.0984 2180 WpdUsb - ok
20:03:38.0031 2180 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:03:38.0203 2180 WS2IFSL - ok
20:03:38.0265 2180 wscsvc (4d59daa66c60858cdf4f67a900f42d4a) C:\WINDOWS\system32\wscsvc.dll
20:03:38.0437 2180 wscsvc - ok
20:03:38.0484 2180 wuauserv (13d72740963cba12d9ff76a7f218bcd8) C:\WINDOWS\system32\wuauserv.dll
20:03:38.0671 2180 wuauserv - ok
20:03:38.0718 2180 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:03:38.0781 2180 WudfPf - ok
20:03:38.0828 2180 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:03:38.0937 2180 WudfRd - ok
20:03:38.0968 2180 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\WINDOWS\System32\WUDFSvc.dll
20:03:38.0984 2180 WudfSvc - ok
20:03:39.0046 2180 WZCSVC (5a91e6feab9f901302fa7ff768c0120f) C:\WINDOWS\System32\wzcsvc.dll
20:03:39.0218 2180 WZCSVC - ok
20:03:39.0281 2180 xmlprov (eef46dab68229a14da3d8e73c99e2959) C:\WINDOWS\System32\xmlprov.dll
20:03:39.0453 2180 xmlprov - ok
20:03:39.0500 2180 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
20:03:39.0812 2180 \Device\Harddisk0\DR0 - ok
20:03:39.0843 2180 Boot (0x1200) (a5c2a95c9aa9846ca014af598614d299) \Device\Harddisk0\DR0\Partition0
20:03:39.0843 2180 \Device\Harddisk0\DR0\Partition0 - ok
20:03:39.0843 2180 ============================================================
20:03:39.0843 2180 Scan finished
20:03:39.0843 2180 ============================================================
20:03:39.0953 2568 Detected object count: 0
20:03:39.0953 2568 Actual detected object count: 0
20:03:44.0843 2664 Deinitialize success

#20
myrti

Posted 03 April 2012 - 02:32 PM

Expert

Expert
2,580 posts

Hi,

can you please post a new log from OTL? We can disable the program on boot, but I'm not sure this will solve your driver issues.

regards myrti

#21
dragonstar11

Posted 06 April 2012 - 06:45 AM

Member

Topic Starter
Member
18 posts

Hi ya, full OTL for you. Thanks again
OTL logfile created on: 06/04/2012 13:13:04 - Run 3
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Documents and Settings\Jess\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

1021.98 Mb Total Physical Memory | 434.21 Mb Available Physical Memory | 42.49% Memory free
3.91 Gb Paging File | 3.30 Gb Available in Paging File | 84.61% Paging File free
Paging file location(s): c:\pagefile.sys 3072 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 146.11 Gb Total Space | 120.58 Gb Free Space | 82.53% Space Free | Partition Type: NTFS
Drive D: | 561.63 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: DJG5BP1J | User Name: Jess | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\E_FATIHLE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Documents and Settings\Jess\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe ()
PRC - C:\Program Files\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.)
PRC - C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
PRC - C:\WINDOWS\system32\PSIService.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

========== Modules (No Company Name) ==========

MOD - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe ()
MOD - C:\Program Files\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files\Trend Micro\RUBotted\hc_help.dll ()
MOD - C:\WINDOWS\system32\PSIService.exe ()

========== Win32 Services (SafeList) ==========

SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\WMPNetwk.exe File not found
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe File not found
SRV - (NetSvc) -- C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe File not found
SRV - (NetDDEdsdm) -- C:\WINDOWS\system32\netdde.exe File not found
SRV - (NetDDE) -- C:\WINDOWS\system32\netdde.exe File not found
SRV - (napagent) -- %SystemRoot%\System32\qagentrt.dll File not found
SRV - (hkmsvc) -- %SystemRoot%\System32\kmsvc.dll File not found
SRV - (EapHost) -- %SystemRoot%\System32\eapsvc.dll File not found
SRV - (Dot3svc) -- %SystemRoot%\System32\dot3svc.dll File not found
SRV - (D560878A) -- C:\WINDOWS\system32\D560878A.exe File not found
SRV - (CSHelper) -- C:\WINDOWS\system32\CSHelper.exe File not found
SRV - (CE59D98C) -- C:\WINDOWS\system32\CE59D98C.exe File not found
SRV - (Automatic LiveUpdate Scheduler) -- File not found
SRV - (AppMgmt) -- %SystemRoot%\System32\appmgmts.dll File not found
SRV - (vToolbarUpdater10.2.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe ()
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (avgfws) -- C:\Program Files\AVG\AVG2012\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (RUBotSrv) -- C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe (Trend Micro Inc.)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (KService) -- C:\Program Files\Kontiki\KService.exe (Kontiki Inc.)
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (CO_Mon) -- C:\WINDOWS\system32\Drivers\CO_Mon.sys File not found
DRV - (Changer) -- File not found
DRV - (catchme) -- C:\ComboFix\catchme.sys File not found
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Avgldx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSShim) -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgrkx86) -- C:\WINDOWS\system32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (Avgtdix) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSFilter) -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSEH) -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriver) -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgfwfd) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwdx) -- C:\WINDOWS\system32\drivers\avgfwdx.sys (AVG Technologies CZ, s.r.o.)
DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Nokia)
DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Nokia)
DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia)
DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (mfesmfk) -- C:\WINDOWS\system32\drivers\mfesmfk.sys (McAfee, Inc.)
DRV - (mferkdk) -- C:\WINDOWS\system32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia)
DRV - (hwdatacard) -- C:\WINDOWS\system32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (EUCR) -- C:\WINDOWS\system32\drivers\EUCR6SK.sys (ENE Technology Inc.)
DRV - (senfilt) -- C:\WINDOWS\system32\drivers\senfilt.sys (Creative Technology Ltd.)
DRV - (IntelC53) -- C:\WINDOWS\system32\drivers\IntelC53.sys (Intel Corporation)
DRV - (IntelC52) -- C:\WINDOWS\system32\drivers\IntelC52.sys (Intel Corporation)
DRV - (IntelC51) -- C:\WINDOWS\system32\drivers\IntelC51.sys (Intel Corporation)
DRV - (mohfilt) -- C:\WINDOWS\system32\drivers\mohfilt.sys (Intel Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://uk.red.client...fo/bt_side.html
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.condui...&ctid=CT2795644
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{309DFBEC-FD2D-406E-801B-1E695095D7EF}: "URL" = http://uk.search.yah...p={searchTerms}
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...pr&d=2012-01-09 21:05:05&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.condui...&ctid=CT2795644
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://isearch.avg.c...01-09 21:05:05"
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.8.1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.5.2
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.1
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.448: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@yverinfo.yahoo.com/YahooVersionInfoPlugin;version=1.0.0.1: C:\Program Files\Yahoo!\Shared\npYVerInfo.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2010/10/07 16:06:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/02/01 11:53:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\Documents and Settings\All Users\Application Data\AVG Secure Search\10.2.0.3\ [2012/03/13 10:40:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/31 16:21:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/03/31 16:21:54 | 000,000,000 | ---D | M]

[2009/03/19 01:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jess\Application Data\Mozilla\Extensions
[2012/04/01 12:06:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\b0kien93.default\extensions
[2012/03/06 22:18:01 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\b0kien93.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012/04/01 12:06:13 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\b0kien93.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/03/08 15:33:58 | 000,000,929 | ---- | M] () -- C:\Documents and Settings\Jess\Application Data\Mozilla\Firefox\Profiles\b0kien93.default\searchplugins\conduit.xml
[2012/03/31 16:21:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\DOCUMENTS AND SETTINGS\JESS\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\B0KIEN93.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2010/05/04 23:43:40 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/03/13 05:38:06 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/13 06:38:05 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/03/13 06:06:36 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/03/13 06:38:05 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/03/13 06:38:05 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/03/13 06:38:05 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

========== Chrome ==========

O1 HOSTS File: ([2012/03/21 23:47:42 | 000,610,001 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost #[IPv6]
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 abcstats.com
O1 - Hosts: 127.0.0.1 a.abv.bg
O1 - Hosts: 127.0.0.1 adserver.abv.bg
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 ca.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 www.accuserveadsystem.com
O1 - Hosts: 127.0.0.1 achmedia.com
O1 - Hosts: 127.0.0.1 aconti.net
O1 - Hosts: 127.0.0.1 secure.aconti.net
O1 - Hosts: 127.0.0.1 www.aconti.net #[Dialer.Aconti]
O1 - Hosts: 127.0.0.1 am1.activemeter.com
O1 - Hosts: 127.0.0.1 www.activemeter.com #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ads.activepower.net
O1 - Hosts: 127.0.0.1 stat.active24stats.nl #[Tracking.Cookie]
O1 - Hosts: 127.0.0.1 ad2games.com
O1 - Hosts: 16228 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\real\realplayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O2 - BHO: (SidebarAutoLaunch Class) - {F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D} - C:\Program Files\Yahoo!\browser\YSidebarIEBHO.dll File not found
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Trend Micro RUBotted V2.0 Beta] C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [EPSON SX235 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHLE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Jess\Application Data\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {07246F83-6D48-4559-81EC-117CBAE54F1B} http://workspace.off....RichUpload.cab (Reg Error: Value error.)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} http://security.syma...bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.syma...n/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.micro...gWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell....lSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A2A82943-BF7F-4896-B416-DA70EDB17529}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Documents and Settings\Jess\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Jess\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 13:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2004/08/12 15:12:03 | 000,000,110 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/03 20:05:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/04/03 20:01:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jess\Desktop\tdsskiller
[2012/03/30 20:57:20 | 000,135,168 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxres.dll
[2012/03/30 20:49:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012/03/30 20:44:15 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\write.exe
[2012/03/30 20:43:58 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2012/03/30 20:43:56 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2012/03/30 20:43:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2012/03/30 20:43:54 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2012/03/30 20:43:53 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2012/03/30 20:43:52 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2012/03/30 20:43:52 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winchat.exe
[2012/03/30 20:43:49 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2012/03/30 20:43:48 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2012/03/30 20:43:43 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2012/03/30 20:43:42 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2012/03/30 20:43:41 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2012/03/30 20:43:31 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2012/03/30 20:43:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2012/03/30 20:43:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2012/03/30 20:43:25 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2012/03/30 20:43:24 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2012/03/30 20:43:24 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2012/03/30 20:43:24 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2012/03/30 20:43:22 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2012/03/30 20:43:22 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2012/03/30 20:43:21 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2012/03/30 20:43:08 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2012/03/30 20:43:02 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/03/30 20:43:01 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2012/03/30 20:43:01 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2012/03/30 20:43:00 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2012/03/30 20:43:00 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2012/03/30 20:43:00 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2012/03/30 20:43:00 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2012/03/30 20:42:59 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2012/03/30 20:42:59 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2012/03/30 20:42:59 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2012/03/30 20:42:58 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2012/03/30 20:42:58 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndvol32.exe
[2012/03/30 20:42:58 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sndrec32.exe
[2012/03/30 20:42:57 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2012/03/30 20:42:56 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2012/03/30 20:42:56 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2012/03/30 20:42:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2012/03/30 20:42:56 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2012/03/30 20:42:55 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2012/03/30 20:42:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2012/03/30 20:42:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2012/03/30 20:42:55 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2012/03/30 20:42:54 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2012/03/30 20:42:54 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2012/03/30 20:42:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2012/03/30 20:42:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2012/03/30 20:42:54 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2012/03/30 20:42:53 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2012/03/30 20:42:53 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2012/03/30 20:42:53 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2012/03/30 20:42:53 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2012/03/30 20:42:39 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2012/03/30 20:42:38 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2012/03/30 20:42:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012/03/30 20:42:34 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012/03/30 20:42:34 | 000,026,624 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2012/03/30 20:42:34 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2012/03/30 20:42:29 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2012/03/30 20:42:26 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2012/03/30 20:42:26 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2012/03/30 20:42:18 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2012/03/30 20:42:17 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2012/03/30 20:42:17 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2012/03/30 20:42:17 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2012/03/30 20:42:10 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2012/03/30 20:42:10 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2012/03/30 20:42:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2012/03/30 20:42:09 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2012/03/30 20:42:09 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2012/03/30 20:42:08 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2012/03/30 20:42:08 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2012/03/30 20:42:07 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2012/03/30 20:42:03 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/03/30 20:42:03 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2012/03/30 20:42:03 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2012/03/30 20:42:03 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/03/30 20:41:48 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2012/03/30 20:41:41 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netdde.exe
[2012/03/30 20:41:37 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/03/30 20:41:36 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2012/03/30 20:41:27 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2012/03/30 20:41:23 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/03/30 20:41:23 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/03/30 20:41:08 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mplay32.exe
[2012/03/30 20:41:00 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2012/03/30 20:40:59 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2012/03/30 20:40:58 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2012/03/30 20:40:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2012/03/30 20:40:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2012/03/30 20:40:53 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2012/03/30 20:40:51 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2012/03/30 20:40:46 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/03/30 20:40:40 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/03/30 20:40:40 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/03/30 20:40:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/03/30 20:40:38 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2012/03/30 20:40:38 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2012/03/30 20:40:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2012/03/30 20:40:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2012/03/30 20:40:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2012/03/30 20:40:29 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2012/03/30 20:40:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/03/30 20:40:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2012/03/30 20:40:20 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/03/30 20:40:20 | 000,315,452 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2012/03/30 20:40:19 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2012/03/30 20:40:19 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/03/30 20:40:18 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2012/03/30 20:40:18 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2012/03/30 20:40:18 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/03/30 20:40:17 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2012/03/30 20:40:17 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2012/03/30 20:40:16 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2012/03/30 20:40:16 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2012/03/30 20:40:16 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2012/03/30 20:40:16 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2012/03/30 20:40:16 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/03/30 20:40:15 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2012/03/30 20:40:14 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2012/03/30 20:40:14 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2012/03/30 20:40:14 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/03/30 20:40:13 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2012/03/30 20:40:13 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/03/30 20:40:13 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2012/03/30 20:40:13 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2012/03/30 20:40:13 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/03/30 20:40:02 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/03/30 20:39:55 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/03/30 20:39:55 | 000,013,312 | ---- | C] (Hilgraeve, Inc.) -- C:\WINDOWS\System32\dllcache\htrn_jis.dll
[2012/03/30 20:39:53 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2012/03/30 20:39:50 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/03/30 20:39:47 | 000,605,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\getuname.dll
[2012/03/30 20:39:47 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2012/03/30 20:39:46 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2012/03/30 20:39:46 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2012/03/30 20:39:46 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2012/03/30 20:39:46 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2012/03/30 20:39:45 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2012/03/30 20:39:45 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2012/03/30 20:39:45 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2012/03/30 20:39:45 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2012/03/30 20:39:44 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2012/03/30 20:39:44 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2012/03/30 20:39:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2012/03/30 20:39:43 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2012/03/30 20:39:43 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2012/03/30 20:39:43 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2012/03/30 20:39:43 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2012/03/30 20:39:42 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2012/03/30 20:39:42 | 000,143,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2012/03/30 20:39:42 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2012/03/30 20:39:42 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2012/03/30 20:39:42 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2012/03/30 20:39:41 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2012/03/30 20:39:38 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2012/03/30 20:39:38 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2012/03/30 20:39:36 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2012/03/30 20:39:34 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2012/03/30 20:39:33 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2012/03/30 20:39:32 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2012/03/30 20:39:31 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2012/03/30 20:39:31 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2012/03/30 20:39:30 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2012/03/30 20:39:30 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2012/03/30 20:39:30 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2012/03/30 20:39:30 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2012/03/30 20:39:01 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2012/03/30 20:38:56 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2012/03/30 20:38:55 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2012/03/30 20:38:47 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\clipbrd.exe
[2012/03/30 20:38:46 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2012/03/30 20:38:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2012/03/30 20:38:45 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2012/03/30 20:38:44 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/03/30 20:38:44 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2012/03/30 20:38:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2012/03/30 20:38:43 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/03/30 20:38:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2012/03/30 20:38:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2012/03/30 20:38:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2012/03/30 20:38:41 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\charmap.exe
[2012/03/30 20:38:41 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2012/03/30 20:38:41 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2012/03/30 20:38:38 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\calc.exe
[2012/03/30 20:38:38 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012/03/30 20:38:37 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2012/03/30 20:38:37 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/03/30 20:38:19 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avwav.dll
[2012/03/30 20:38:18 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avtapi.dll
[2012/03/30 20:38:18 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avmeter.dll
[2012/03/30 20:38:04 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2012/03/30 20:38:04 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2012/03/30 20:38:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2012/03/30 20:38:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2012/03/30 20:38:00 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2012/03/30 20:37:59 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2012/03/30 20:37:55 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2012/03/30 20:37:53 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\accwiz.exe
[2012/03/30 20:37:53 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\access.cpl
[2012/03/30 20:30:07 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msdtc.exe
[2012/03/30 20:16:59 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2012/03/30 20:16:59 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2012/03/30 20:16:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2012/03/30 20:16:59 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2012/03/30 19:22:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmp
[2012/03/30 11:17:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot_bak
[2012/03/28 12:54:12 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Jess\Desktop\OTL.exe
[2012/03/28 12:54:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jess\My Documents\My downloads
[2012/03/27 10:43:05 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2012/03/27 10:42:52 | 000,454,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2012/03/27 10:41:54 | 002,181,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012/03/27 10:41:54 | 002,137,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012/03/27 10:41:52 | 002,016,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012/03/27 10:41:46 | 002,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012/03/23 22:49:54 | 002,180,992 | ---- | C] (Microsoft Corporation) -- C:\ntoskrnl.exe
[2012/03/23 22:48:48 | 000,098,992 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\35878316.sys
[2012/03/23 22:39:04 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/03/23 00:42:34 | 015,977,552 | ---- | C] (Mozilla) -- C:\Documents and Settings\Jess\Desktop\Firefox Setup 11.0.exe
[2012/03/22 00:01:17 | 000,149,272 | ---- | C] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2012/03/21 14:57:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jess\Local Settings\Application Data\NPE
[2012/03/20 23:22:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Jess\Desktop\cloud zapper
[2012/03/20 21:07:53 | 000,000,000 | -H-D | C] -- C:\Program Files\WindowsUpdate
[2012/03/20 21:07:29 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2012/03/20 21:06:55 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwdl.dll
[2012/03/20 21:06:54 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn1.exe
[2012/03/20 21:06:54 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icwconn2.exe
[2012/03/20 21:06:54 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetwiz.exe
[2012/03/20 21:05:58 | 000,000,000 | ---D | C] -- C:\Program Files\ComPlus Applications
[2012/03/20 20:39:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\dell
[2012/03/20 18:41:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trend Micro
[2012/03/20 18:01:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap
[2012/03/20 18:01:21 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2012/03/20 18:01:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Trend Micro RUBotted
[2012/03/20 18:01:06 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2012/03/19 13:32:44 | 000,000,000 | ---D | C] -- C:\ROOT
[2012/03/08 00:00:23 | 000,000,000 | ---D | C] -- C:\ERDNT
[2012/03/07 23:58:21 | 000,000,000 | ---D | C] -- C:\VB_winsock fix
[2012/03/07 22:37:48 | 000,000,000 | ---D | C] -- C:\Program Files\stinger
[2012/03/07 15:05:57 | 000,205,072 | ---- | C] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2012/03/07 13:39:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2012/03/07 13:39:32 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/03/07 13:39:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/04/06 13:06:39 | 093,978,413 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2012/04/06 13:01:01 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/06 13:00:57 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/05 22:50:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/05 18:00:03 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration.job
[2012/04/05 15:04:56 | 000,371,675 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2012/04/05 11:55:30 | 000,043,092 | ---- | M] () -- C:\Documents and Settings\Jess\Desktop\flowering beetle.jpg
[2012/04/04 19:04:43 | 000,623,705 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2012/04/03 20:00:24 | 002,052,880 | ---- | M] () -- C:\Documents and Settings\Jess\Desktop\tdsskiller.zip
[2012/04/01 21:35:44 | 000,125,467 | ---- | M] () -- C:\Documents and Settings\Jess\Desktop\uk-landmark-case-could-stymie-legal-system-queen-not-valid-monarch.html
[2012/04/01 13:35:41 | 000,459,416 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/04/01 13:35:41 | 000,076,156 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/04/01 12:15:59 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/03/31 19:39:05 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk
[2012/03/31 16:22:14 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Jess\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/03/31 16:22:13 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/03/30 23:56:31 | 000,046,599 | ---- | M] () -- C:\Documents and Settings\Jess\Desktop\Caddy 1989.htm
[2012/03/30 23:56:24 | 000,011,988 | ---- | M] () -- C:\Documents and Settings\Jess\Desktop\cadyy alternator.png
[2012/03/30 20:47:44 | 000,000,287 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012/03/30 20:36:29 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012/03/30 20:36:28 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012/03/30 20:36:28 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012/03/30 20:36:08 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012/03/30 20:31:38 | 000,022,816 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012/03/30 20:27:48 | 000,000,282 | -HS- | M] () -- C:\boot.ini
[2012/03/30 20:20:00 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2012/03/29 01:41:21 | 001,485,677 | ---- | M] () -- C:\Documents and Settings\Jess\Desktop\BrainwavemodelBevolutionGB.pdf
[2012/03/28 13:33:22 | 000,381,632 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/28 12:54:30 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Jess\Desktop\OTL.exe
[2012/03/27 12:03:10 | 050,165,342 | ---- | M] () -- C:\Documents and Settings\Jess\My Documents\Natural ways to kill parasites with common herbs.flv
[2012/03/27 10:30:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/27 00:01:13 | 000,139,776 | ---- | M] () -- C:\Documents and Settings\Jess\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/26 23:32:15 | 000,071,813 | ---- | M] () -- C:\Documents and Settings\Jess\Desktop\london.jpg
[2012/03/23 22:48:48 | 000,098,992 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\35878316.sys
[2012/03/23 00:43:20 | 015,977,552 | ---- | M] (Mozilla) -- C:\Documents and Settings\Jess\Desktop\Firefox Setup 11.0.exe
[2012/03/22 00:02:30 | 1071,726,592 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2012/03/22 00:01:11 | 000,149,272 | ---- | M] (Doctor Web, Ltd.) -- C:\WINDOWS\System32\drivers\dwprot.sys
[2012/03/21 23:47:42 | 000,610,001 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS
[2012/03/20 23:12:03 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/20 18:01:25 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\-1
[2012/03/20 17:58:02 | 000,000,015 | ---- | M] () -- C:\Documents and Settings\Jess\settings.dat
[2012/03/19 21:50:26 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Jess\defogger_reenable
[2012/03/19 13:00:23 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\Jess\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Office Outlook.lnk
[2012/03/14 03:06:06 | 000,000,414 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version2.job
[2012/03/07 23:57:09 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\HOSTS.MVP
[2012/03/07 15:05:50 | 000,205,072 | ---- | M] (Trend Micro Inc.) -- C:\WINDOWS\System32\drivers\tmcomm.sys
[2012/03/07 13:39:47 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Jess\Desktop\Spybot - Search & Destroy.lnk
[9 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/04/05 11:55:27 | 000,043,092 | ---- | C] () -- C:\Documents and Settings\Jess\Desktop\flowering beetle.jpg
[2012/04/03 20:00:23 | 002,052,880 | ---- | C] () -- C:\Documents and Settings\Jess\Desktop\tdsskiller.zip
[2012/04/01 21:35:32 | 000,125,467 | ---- | C] () -- C:\Documents and Settings\Jess\Desktop\uk-landmark-case-could-stymie-legal-system-queen-not-valid-monarch.html
[2012/03/31 16:22:13 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/03/30 23:56:28 | 000,046,599 | ---- | C] () -- C:\Documents and Settings\Jess\Desktop\Caddy 1989.htm
[2012/03/30 23:56:18 | 000,011,988 | ---- | C] () -- C:\Documents and Settings\Jess\Desktop\cadyy alternator.png
[2012/03/30 20:42:08 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012/03/30 20:40:46 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/03/30 20:40:19 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012/03/30 20:40:17 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012/03/30 20:40:13 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/03/30 20:39:58 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012/03/30 20:39:50 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/03/30 20:38:45 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012/03/30 20:16:43 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012/03/30 20:16:43 | 000,168,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\startoc.cat
[2012/03/30 20:16:43 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012/03/30 20:16:43 | 000,031,281 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2012/03/30 20:16:43 | 000,024,209 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2012/03/30 20:16:43 | 000,013,753 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2012/03/30 20:16:43 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012/03/30 20:16:43 | 000,011,651 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2012/03/30 20:16:43 | 000,009,581 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2012/03/30 20:16:43 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012/03/30 20:16:43 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012/03/30 20:16:43 | 000,007,245 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2012/03/30 20:16:42 | 002,012,670 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2012/03/30 20:16:42 | 001,042,903 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012/03/30 20:16:42 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012/03/30 20:16:42 | 000,382,952 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2012/03/29 01:41:21 | 001,485,677 | ---- | C] () -- C:\Documents and Settings\Jess\Desktop\BrainwavemodelBevolutionGB.pdf
[2012/03/27 12:02:27 | 050,165,342 | ---- | C] () -- C:\Documents and Settings\Jess\My Documents\Natural ways to kill parasites with common herbs.flv
[2012/03/26 23:32:10 | 000,071,813 | ---- | C] () -- C:\Documents and Settings\Jess\Desktop\london.jpg
[2012/03/20 22:15:04 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Jess\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/03/20 22:15:04 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/03/20 20:51:25 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012/03/20 20:39:03 | 1071,726,592 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2012/03/20 18:01:24 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\-1
[2012/03/19 21:50:26 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Jess\defogger_reenable
[2012/03/15 04:03:06 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/03/10 15:08:39 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\Jess\settings.dat
[2012/03/07 13:39:47 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Jess\Desktop\Spybot - Search & Destroy.lnk
[2012/02/15 11:26:57 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/06 02:32:26 | 000,077,312 | ---- | C] () -- C:\WINDOWS\WDSETUP.EXE
[2012/01/29 19:43:26 | 000,000,039 | ---- | C] () -- C:\WINDOWS\QCD.INI
[2012/01/29 19:43:17 | 000,000,054 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2012/01/14 18:45:20 | 000,767,952 | ---- | C] () -- C:\WINDOWS\BDTSupport.dll
[2011/11/24 23:04:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2011/04/01 20:50:30 | 000,002,878 | ---- | C] () -- C:\Documents and Settings\Jess\Application Data\FUIPRESETS.INI

< End of report >

#22
myrti

Posted 08 April 2012 - 04:21 PM

Expert

Expert
2,580 posts

Hi,

so did you disable the program yourself? It is no longer listed in the startup items. Have the error messages stopped?

regards myrti

#23
dragonstar11

Posted 09 April 2012 - 08:20 AM

Member

Topic Starter
Member
18 posts

Hi ya,
That day no error, but still had to reinstall.
Started doing that again the next day, however today no errors but speakers workling without having to uninstall and reinstall.

Is it the hardware failing do you think? Just seems a bit weird it was fine before this infection?

#24
myrti

Posted 10 April 2012 - 06:48 AM

Expert

Expert
2,580 posts

Hi,

it's unlikely, but not impossible. The hardware is as likely to die while you're infected as it is likely to die when you're not infected.

Does sound work normally in safe mode?

regards myrti

#25
dragonstar11

Posted 10 April 2012 - 11:55 AM

Member

Topic Starter
Member
18 posts

Hi ya, all fine again today.

I checked the rookits thru avg and nothing anymore coming up there.
Also ran a PC analyser and can see the smaz thing coming up in there under the registry errors report.
Dont wanna run PC Tune Up by them as last time I tried it I had so many problems after.

How about a cc clean instead?

Must check that internet thing too, but will do after this in case it needs a restart before it'll connect again. Some of me is wondering if its related to the new BT modem as it doesnt seem to work as well as the old thompson one we had before?

All the best to you Myrti, thanks for your help and any further light you may be able to shed

-------------------------

Ah ha the internet connection seems to be disabling and reenabling ok now.
WWDC doesnt report anything when opened but the netbios setting had changed since I last looked, so just going restart and put that right.

Think its just this latent start on AVG firwall now

Edited by dragonstar11, 10 April 2012 - 12:01 PM.