Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

tiddiszagtor.exe / no internet [Solved]


  • This topic is locked This topic is locked

#1
ManFromEarth

ManFromEarth

    New Member

  • Member
  • Pip
  • 7 posts
Hello,

Opening windows this morning got hit straight with 2 weird errors, out of the blue.
Symantec "File system auto-protect is malfunctioning: File system auto-protect is not functioning correctly.
Your protection definitions may be damaged or your product installation may be corrupt."
Daemon Tools "Initialization error 0: This program requires at least Windows 2000 with SPTD 143 or higher.
Kernel debugger must be deactivated."

No internet connection, in safe-mode as well. Problem loading page, server not found. Other computers on the same modem have internet access.

Checked task manager and noticed a strange process - tiddiszagtor.exe
Then found this https://www.virustot...bea11/analysis/
Looks like a new thing, symantec nor malwarebytes found nothing. I have definitions from tuesday.

Thank you very much in advance!


OTL logfile created on: 9/13/2012 7:10:45 PM - Run 1
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Documents and Settings\Sander\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.22 Gb Available Physical Memory | 60.90% Memory free
4.85 Gb Paging File | 4.26 Gb Available in Paging File | 87.87% Paging File free
Paging file location(s): C:\pagefile.sys 3070 6140 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 8.39 Gb Free Space | 2.82% Space Free | Partition Type: NTFS
Drive D: | 1.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 7.52 Gb Total Space | 6.12 Gb Free Space | 81.35% Space Free | Partition Type: NTFS

Computer Name: REIN-3552E63F55 | User Name: Sander | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/13 19:08:47 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sander\Desktop\OTL.exe
PRC - [2012/09/12 21:02:39 | 000,108,544 | ---- | M] (Fusion-io) -- C:\Documents and Settings\Sander\tiddiszagtor.exe
PRC - [2012/05/24 21:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Sander\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/04/10 11:00:30 | 001,881,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2010/04/10 10:58:28 | 001,455,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2010/04/01 22:31:46 | 001,822,296 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010/01/25 15:35:56 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2010/01/25 15:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/07/07 09:15:18 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/20 16:35:40 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007/09/20 16:35:10 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2006/10/12 16:57:08 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe
PRC - [2006/01/09 05:43:42 | 000,053,340 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTSched.exe
PRC - [2005/10/31 10:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2005/01/25 20:44:50 | 000,426,496 | ---- | M] (Stardock Systems, Inc) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/03 18:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/02 09:10:38 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/07/05 00:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2009/11/03 16:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/09/20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2005/05/03 14:38:42 | 000,064,512 | ---- | M] () -- C:\WINDOWS\system32\P17.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\Sander\LOCALS~1\Temp\DAT6E.tmp.exe -- (kcqnmnferhhelt)
SRV - [2012/09/13 03:28:40 | 000,070,656 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\System32\drivers\ea4baa0544ac7f04.sys -- (ea4baa0544ac7f04)
SRV - [2012/09/08 01:03:24 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010/04/10 11:00:30 | 001,881,368 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/04/01 22:31:46 | 001,822,296 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010/04/01 20:47:08 | 000,349,512 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/02/17 10:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010/01/25 15:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/01/25 15:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/07/07 09:15:18 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007/10/13 03:10:31 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\se46unic.sys -- (se46unic)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\se46obex.sys -- (se46obex)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\se46nd5.sys -- (se46nd5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\se46mgmt.sys -- (se46mgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\se46bus.sys -- (se46bus)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nvnetbus.sys -- (nvnetbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\NVENETFD.sys -- (NVENETFD)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcd.sys -- (nmwcd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750obex.sys -- (k750obex)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750bus.sys -- (k750bus)
DRV - [2012/09/13 03:28:40 | 000,070,656 | ---- | M] () [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\System32\drivers\ea4baa0544ac7f04.sys -- (ea4baa0544ac7f04)
DRV - [2012/08/20 11:00:00 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120911.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/08/20 11:00:00 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120911.034\NAVENG.SYS -- (NAVENG)
DRV - [2012/08/08 11:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/08 11:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/07/08 16:44:14 | 000,167,936 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpshelper.sys -- (WpsHelper)
DRV - [2010/09/21 16:54:13 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/28 13:27:36 | 006,108,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/07/04 22:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/05/10 21:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/10 11:00:30 | 000,097,096 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SysPlant.sys -- (SysPlant)
DRV - [2010/04/10 10:59:16 | 000,043,336 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2010/03/08 12:59:14 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/03/08 12:59:14 | 000,283,184 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/03/08 12:59:14 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/02/17 21:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/28 12:42:26 | 000,067,472 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2009/12/18 15:42:12 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/12/02 16:02:10 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2009/11/19 16:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009/11/19 16:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009/11/19 16:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009/11/19 16:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009/11/19 16:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009/11/19 16:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009/11/19 16:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009/11/18 02:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 02:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/07 11:49:50 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 11:49:38 | 006,756,632 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009/10/07 11:47:55 | 000,266,008 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 11:46:12 | 000,114,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/10/06 09:45:12 | 000,011,168 | ---- | M] (Headsoft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vjoy.sys -- (vhidmini)
DRV - [2009/09/03 16:03:48 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2009/09/03 16:03:48 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/02/24 16:27:32 | 000,118,656 | R--- | M] (TRENDware International, Inc ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\changer.sys -- (Changer)
DRV - [2008/04/14 00:10:28 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2007/11/15 18:43:41 | 000,682,232 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2007/06/29 15:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/06/15 02:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/08/03 00:10:14 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2005/01/10 10:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 10:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...m/home?AF=66524
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...search&AF=66524
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google (Language: EE)"
FF - prefs.js..browser.startup.homepage: "www.google.ee"
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/08 01:03:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/08 01:03:18 | 000,000,000 | ---D | M]

[2009/02/12 01:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sander\Application Data\Mozilla\Extensions
[2009/02/12 01:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sander\Application Data\Mozilla\Extensions\[email protected]
[2012/08/25 18:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sander\Application Data\Mozilla\Firefox\Profiles\l3bo2ygi.default\extensions
[2012/06/27 20:45:11 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Sander\Application Data\Mozilla\Firefox\Profiles\l3bo2ygi.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/04/06 01:48:07 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\Sander\Application Data\Mozilla\Firefox\Profiles\l3bo2ygi.default\searchplugins\google-language-ee.xml
[2012/09/08 01:03:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/08 01:03:24 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/08 05:29:35 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/16 16:12:40 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/08/29 02:37:44 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/29 02:37:44 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2004/08/04 04:07:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKCU..\Run: [tiddiszagtor] C:\Documents and Settings\Sander\tiddiszagtor.exe (Fusion-io)
O4 - Startup: C:\Documents and Settings\Sander\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Sander\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Sander\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Sander\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ad...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{810F538A-3D25-48AA-95F7-8E45F3DFA25D}: NameServer = 194.126.115.18,194.126.101.34
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC52FE70-39CE-4A2A-AE09-7BA61CE38DCE}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\cryptnet32: DllName - (cryptnet32.dll) - File not found
O20 - Winlogon\Notify\WB: DllName - (C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll) - C:\Program Files\Stardock\Object Desktop\WindowBlinds\fastload.dll (Stardock)
O24 - Desktop WallPaper: C:\Documents and Settings\Sander\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sander\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/04/23 11:51:42 | 000,000,028 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{4550044c-19cd-11e1-9b57-0014d11c2d77}\Shell - "" = AutoRun
O33 - MountPoints2\{4550044c-19cd-11e1-9b57-0014d11c2d77}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5e974f36-7216-11dc-9e0e-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5e974f36-7216-11dc-9e0e-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5e974f36-7216-11dc-9e0e-806d6172696f}\Shell\AutoRun\command - "" = D:\setup.exe -- [2010/04/01 17:31:40 | 000,259,440 | R--- | M] (Symantec Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/13 19:10:19 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sander\Desktop\OTL.exe
[2012/09/13 17:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/09/13 17:18:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/09/08 01:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/09/05 03:01:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/09/05 03:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/08/23 17:52:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sander\Desktop\KIPS
[2012/08/14 20:01:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sander\Desktop\WHAT FILM
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/13 19:08:47 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sander\Desktop\OTL.exe
[2012/09/13 18:24:27 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/13 17:30:28 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/09/13 17:24:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/13 17:00:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2012/09/13 16:41:51 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/13 16:39:49 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/13 16:39:43 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2012/09/13 16:39:41 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2012/09/13 13:27:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/09/13 04:17:40 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Sander\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2012/09/13 04:08:24 | 000,116,224 | ---- | M] () -- C:\Documents and Settings\Sander\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/13 03:28:40 | 000,070,656 | ---- | M] () -- C:\WINDOWS\System32\drivers\ea4baa0544ac7f04.sys
[2012/09/13 03:05:16 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012/09/13 03:00:17 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2012/09/12 21:02:39 | 000,108,544 | ---- | M] () -- C:\Documents and Settings\Sander\tiddiszagtor.exe
[2012/09/11 13:26:44 | 000,000,070 | ---- | M] () -- C:\WINDOWS\sbwin.ini
[2012/09/11 11:43:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/09/06 18:16:30 | 000,314,930 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\tumblr_m9viw9ZoA31qdx146o1_1280.jpg
[2012/09/04 01:32:44 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\Heder1.png
[2012/09/02 22:51:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/08/29 01:12:07 | 000,007,171 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\Header01.png
[2012/08/28 18:46:12 | 000,007,225 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\wolf_paw_print_LG.png
[2012/08/28 18:20:08 | 000,009,312 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\hun.jpg
[2012/08/17 01:22:36 | 000,065,202 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\3479.jpg
[2012/08/16 03:32:22 | 002,064,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/16 03:14:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/13 17:19:03 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/13 17:19:03 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/13 03:28:40 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\ea4baa0544ac7f04.sys
[2012/09/12 21:03:00 | 000,108,544 | ---- | C] () -- C:\Documents and Settings\Sander\tiddiszagtor.exe
[2012/09/11 13:26:44 | 000,000,070 | ---- | C] () -- C:\WINDOWS\sbwin.ini
[2012/09/06 18:16:29 | 000,314,930 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\tumblr_m9viw9ZoA31qdx146o1_1280.jpg
[2012/09/04 01:32:44 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\Heder1.png
[2012/08/29 01:08:23 | 000,007,171 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\Header01.png
[2012/08/28 18:43:09 | 000,007,225 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\wolf_paw_print_LG.png
[2012/08/28 18:20:07 | 000,009,312 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\hun.jpg
[2012/08/17 01:22:33 | 000,065,202 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\3479.jpg
[2012/02/15 13:18:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/26 20:09:01 | 000,000,579 | ---- | C] () -- C:\WINDOWS\qtracker.INI
[2011/11/28 17:30:31 | 000,025,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039nd5.sys
[2011/11/28 17:30:30 | 000,124,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039mdm.sys
[2011/11/28 17:30:30 | 000,123,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039unic.sys
[2011/11/28 17:30:30 | 000,117,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039mgmt.sys
[2011/11/28 17:30:30 | 000,113,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039obex.sys
[2011/11/28 17:30:30 | 000,014,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039mdfl.sys
[2011/11/28 17:30:30 | 000,012,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039cmnt.sys
[2011/11/28 17:30:30 | 000,012,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039cm.sys
[2011/11/28 17:30:30 | 000,010,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039cr.sys
[2011/11/28 17:30:29 | 000,098,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039bus.sys
[2011/11/28 17:30:29 | 000,012,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039whnt.sys
[2011/11/28 17:30:29 | 000,012,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039wh.sys
[2011/03/01 20:46:50 | 000,011,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\vjoy.sys
[2011/02/11 04:00:42 | 002,026,496 | ---- | C] () -- C:\WINDOWS\System32\ntkrnlpa.exe
[2010/12/06 00:41:03 | 000,693,760 | ---- | C] () -- C:\Documents and Settings\Sander\j_update6.exe
[2010/10/12 18:27:42 | 000,116,224 | ---- | C] () -- C:\Documents and Settings\Sander\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/25 13:41:21 | 006,756,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvuvc.sys
[2010/09/25 13:40:49 | 000,266,008 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvrs.sys
[2010/09/25 13:40:49 | 000,114,712 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvpopflt.sys
[2010/09/25 13:40:28 | 000,023,832 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvuvcflt.sys
[2010/09/21 12:53:50 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/09/21 12:53:48 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/09/21 12:53:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/09/21 12:52:47 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/09/21 12:34:58 | 006,108,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2010/09/21 12:34:58 | 001,395,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\Monfilt.sys
[2010/09/21 12:13:29 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/09/21 10:14:09 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\irbus.sys
[2010/09/21 10:13:44 | 000,870,784 | ---- | C] () -- C:\WINDOWS\System32\ati3d1ag.dll
[2010/09/21 10:13:44 | 000,377,984 | ---- | C] () -- C:\WINDOWS\System32\ati2dvaa.dll
[2010/09/21 10:13:44 | 000,201,728 | ---- | C] () -- C:\WINDOWS\System32\ati2dvag.dll
[2010/09/21 10:13:43 | 001,888,992 | ---- | C] () -- C:\WINDOWS\System32\ati3duag.dll
[2010/09/21 10:13:43 | 000,516,768 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dll
[2010/09/21 10:13:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdpash.dll
[2010/09/21 10:13:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdnepr.dll
[2010/09/21 10:13:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdiultn.dll
[2010/09/21 10:13:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdbhc.dll
[2010/09/21 10:13:34 | 001,737,856 | ---- | C] () -- C:\WINDOWS\System32\mtxparhd.dll
[2010/09/21 10:13:32 | 000,397,056 | ---- | C] () -- C:\WINDOWS\System32\s3gnb.dll
[2010/09/21 10:09:19 | 001,041,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2010/09/21 10:09:19 | 000,685,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2010/09/21 10:09:19 | 000,220,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2010/09/21 10:09:19 | 000,019,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidir.sys
[2010/09/21 10:09:18 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010/09/21 10:09:18 | 000,126,686 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010/09/21 10:09:18 | 000,011,868 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdmxsdk.sys
[2010/09/21 10:09:17 | 000,452,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010/09/21 10:09:17 | 000,180,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010/09/21 10:09:17 | 000,166,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010/09/21 10:09:17 | 000,059,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2010/09/21 10:09:17 | 000,030,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010/09/21 10:09:17 | 000,013,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\recagent.sys
[2010/09/21 10:09:17 | 000,012,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010/09/21 10:09:16 | 000,404,990 | ---- | C] () -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010/09/21 10:09:16 | 000,129,535 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010/09/21 10:09:16 | 000,095,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010/09/21 10:09:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010/09/21 10:09:16 | 000,013,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010/09/21 10:09:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2010/09/21 10:09:16 | 000,005,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\smbali.sys
[2010/09/21 10:09:16 | 000,003,901 | ---- | C] () -- C:\WINDOWS\System32\drivers\siint5.dll
[2010/09/21 10:09:15 | 000,044,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\uagp35.sys
[2010/09/21 10:09:15 | 000,042,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\viaagp.sys
[2010/09/21 10:09:15 | 000,014,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\wacompen.sys
[2010/09/21 10:09:15 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2010/09/21 10:09:15 | 000,011,871 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010/09/21 10:09:15 | 000,011,807 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010/09/21 10:09:15 | 000,011,325 | ---- | C] () -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2010/09/21 10:09:15 | 000,011,295 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010/09/21 10:09:14 | 000,025,471 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010/09/21 10:09:14 | 000,022,271 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010/09/21 10:09:14 | 000,011,935 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010/09/15 14:46:57 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\modem.sys
[2010/09/15 14:46:56 | 000,011,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfloppy.sys
[2010/09/15 14:46:55 | 000,035,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\processr.sys
[2010/09/15 14:46:43 | 000,034,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010/09/15 14:46:41 | 000,008,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\i2omgmt.sys
[2009/11/04 22:22:36 | 000,020,531 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\T09F8
[2009/01/02 05:19:22 | 000,000,432 | ---- | C] () -- C:\Documents and Settings\Sander\Application Data\Poladroid prefs.plist
[2008/10/26 03:31:22 | 000,000,030 | ---- | C] () -- C:\Documents and Settings\Sander\jagex_runescape_preferences.dat
[2007/11/15 20:52:16 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Sander\Application Data\PnkBstrK.sys
[2005/04/08 05:16:43 | 000,029,671 | -H-- | C] () -- C:\Documents and Settings\Sander\Application Data\Sanderlog.dat

========== LOP Check ==========

[2009/04/05 16:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2010/03/23 14:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AA3DeployClient
[2010/09/14 15:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/05/05 18:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\America's Army Deploy Client
[2012/09/13 17:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/02/07 00:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2007/10/22 02:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2011/03/15 14:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments
[2012/05/31 03:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2012/09/12 21:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2009/03/12 14:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/06/04 15:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/22 14:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/03/15 14:24:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC13C66E-D01E-4443-A1D1-35EEDF3A964A}
[2011/03/15 14:23:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{C59C4281-5384-43B2-9E48-2FA6F8967AB1}
[2011/03/15 14:23:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
[2012/03/16 16:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Acapela Group
[2010/12/06 00:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Application Data
[2012/03/18 20:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\BabylonToolbar
[2007/10/16 17:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Blender Foundation
[2012/09/13 16:42:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Dropbox
[2008/12/04 15:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\EPSON
[2011/09/19 21:14:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\FileZilla
[2008/02/12 02:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\FlashFXP
[2008/04/20 22:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Flickr
[2012/08/06 19:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Lasersoft Imaging
[2008/10/15 09:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Leadertech
[2008/04/22 02:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\LimeWire
[2011/10/02 09:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\OpenOffice.org
[2010/08/29 14:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\PictoColor
[2008/03/04 04:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Processing
[2010/09/14 20:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\QuickScan
[2009/10/26 15:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Red Kawa
[2012/03/09 17:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Sports Interactive
[2012/02/29 21:40:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\SystemRequirementsLab
[2012/09/10 06:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\uTorrent
[2012/09/13 17:00:00 | 000,000,440 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2012/09/13 03:00:17 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there I cannot guarantee that I will be able to restore the internet connection, but lets have a go

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image

    :OTL
    SRV - File not found [Auto | Stopped] -- C:\DOCUME~1\Sander\LOCALS~1\Temp\DAT6E.tmp.exe -- (kcqnmnferhhelt)
    SRV - [2012/09/13 03:28:40 | 000,070,656 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\System32\drivers\ea4baa0544ac7f04.sys -- (ea4baa0544ac7f04)
    DRV - [2012/09/13 03:28:40 | 000,070,656 | ---- | M] () [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\System32\drivers\ea4baa0544ac7f04.sys -- (ea4baa0544ac7f04)
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...search&AF=66524
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No CLSID value found.
    O4 - HKCU..\Run: [tiddiszagtor] C:\Documents and Settings\Sander\tiddiszagtor.exe (Fusion-io)
    [2012/03/18 20:18:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\BabylonToolbar
    
    :Files
    ipconfig /flushdns /c
    netsh int ip reset c:\resetlog.txt  /c
    ipconfig /release /c
    ipconfig /renew /c
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [CREATERESTOREPOINT]
    [Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Download the tools needed to a flash drive or other removable media, and transfer them to the infected computer.

***************************************************

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------

With malware infections being as they are today, it's strongly recommended to have the Windows Recovery Console pre-installed on your machine before doing any malware removal.

The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.


Go to Microsoft's website => http://support.microsoft.com/kb/310994

Scroll down to Step 1, and select the download that's appropriate for your Operating System. Download the file & save it as it's originally named.

Note: If you have SP3, use the SP2 package.


---------------------------------------------------------------------

Transfer all files you just downloaded, to the desktop of the infected computer.

--------------------------------------------------------------------


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

Posted Image


  • Drag the setup package onto ComboFix.exe and drop it.

  • Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.


    Posted Image


  • At the next prompt, click 'Yes' to run the full ComboFix scan.

  • When the tool is finished, it will produce a report for you.
Please post the C:\ComboFix.txt in your next reply.
  • 0

#3
ManFromEarth

ManFromEarth

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
All right, I did the first part. Once on the second part, I disabled symantec via right mouse click on trey and dragged the recovery console over combofix.
Soon after, combofix gives an error saying symantec is still on. The [bleep] was still running so I quickly went to the admin tools and turned it off completely.
I hope it did not mess anything up.

A couple of weird things - Combofix seemingly deleted my whole Adobe folder (first folder in C:), IE.exe is on desktop.

Internet is back though, came back after the OTL fix.


OTL logfile created on: 9/14/2012 9:51:42 AM - Run 2
OTL by OldTimer - Version 3.2.61.3 Folder = C:\Documents and Settings\Sander\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.37 Gb Available Physical Memory | 68.49% Memory free
4.85 Gb Paging File | 4.36 Gb Available in Paging File | 90.04% Paging File free
Paging file location(s): C:\pagefile.sys 3070 6140 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 298.08 Gb Total Space | 11.37 Gb Free Space | 3.81% Space Free | Partition Type: NTFS
Drive D: | 1.15 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 7.52 Gb Total Space | 7.45 Gb Free Space | 99.04% Space Free | Partition Type: NTFS

Computer Name: REIN-3552E63F55 | User Name: Sander | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/13 19:08:47 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sander\Desktop\OTL.exe
PRC - [2012/05/24 21:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Sander\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2010/04/10 11:00:30 | 001,881,368 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
PRC - [2010/04/10 10:58:28 | 001,455,432 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
PRC - [2010/04/01 22:31:46 | 001,822,296 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
PRC - [2010/01/25 15:35:56 | 000,115,560 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccApp.exe
PRC - [2010/01/25 15:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
PRC - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2008/07/07 09:15:18 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008/04/14 05:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/09/20 16:35:40 | 001,410,344 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007/09/20 16:35:10 | 000,202,024 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
PRC - [2006/10/12 16:57:08 | 000,102,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe
PRC - [2006/01/09 05:43:42 | 000,053,340 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTSched.exe
PRC - [2005/10/31 10:51:52 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
PRC - [2005/01/25 20:44:50 | 000,426,496 | ---- | M] (Stardock Systems, Inc) -- C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/03 18:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/10/02 09:10:38 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2009/11/03 16:51:42 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009/10/14 13:36:56 | 002,793,304 | ---- | M] () -- C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
MOD - [2009/10/14 13:34:18 | 000,560,472 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2008/04/14 05:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 05:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/05/03 14:38:42 | 000,064,512 | ---- | M] () -- C:\WINDOWS\system32\P17.dll


========== Services (SafeList) ==========

SRV - [2012/09/13 03:28:40 | 000,070,656 | ---- | M] () [Unknown (-1) | Unknown] -- C:\WINDOWS\System32\drivers\ea4baa0544ac7f04.sys -- (ea4baa0544ac7f04)
SRV - [2012/09/08 01:03:24 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2010/04/10 11:00:30 | 001,881,368 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe -- (SmcService)
SRV - [2010/04/01 22:31:46 | 001,822,296 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe -- (Symantec AntiVirus)
SRV - [2010/04/01 20:47:08 | 000,349,512 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE -- (SNAC)
SRV - [2010/02/17 10:53:18 | 003,093,880 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE -- (LiveUpdate)
SRV - [2010/01/25 15:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2010/01/25 15:35:30 | 000,108,392 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/07/07 09:15:18 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2007/10/13 03:10:31 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\usbaapl.sys -- (USBAAPL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\se46unic.sys -- (se46unic)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\se46obex.sys -- (se46obex)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\se46nd5.sys -- (se46nd5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\se46mgmt.sys -- (se46mgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\se46bus.sys -- (se46bus)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nvnetbus.sys -- (nvnetbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\NVENETFD.sys -- (NVENETFD)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcd.sys -- (nmwcd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750obex.sys -- (k750obex)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\k750bus.sys -- (k750bus)
DRV - [2012/09/13 03:28:40 | 000,070,656 | ---- | M] () [Unknown (-1) | Unknown (-1) | Unknown] -- C:\WINDOWS\System32\drivers\ea4baa0544ac7f04.sys -- (ea4baa0544ac7f04)
DRV - [2012/08/20 11:00:00 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120911.034\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/08/20 11:00:00 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\VirusDefs\20120911.034\NAVENG.SYS -- (NAVENG)
DRV - [2012/08/08 11:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/08 11:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/07/08 16:44:14 | 000,167,936 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpshelper.sys -- (WpsHelper)
DRV - [2010/09/21 16:54:13 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2010/07/28 13:27:36 | 006,108,776 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/07/04 22:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/05/10 21:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/04/10 11:00:30 | 000,097,096 | ---- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\SysPlant.sys -- (SysPlant)
DRV - [2010/04/10 10:59:16 | 000,043,336 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\WPSDRVnt.sys -- (WPS)
DRV - [2010/03/08 12:59:14 | 000,320,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2010/03/08 12:59:14 | 000,283,184 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\srtsp.sys -- (SRTSP)
DRV - [2010/03/08 12:59:14 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2010/02/17 21:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/12/28 12:42:26 | 000,067,472 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Teefer2.sys -- (Teefer2)
DRV - [2009/12/18 15:42:12 | 000,421,424 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2009/12/02 16:02:10 | 000,023,888 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\COH_Mon.sys -- (COH_Mon)
DRV - [2009/11/19 16:06:46 | 000,098,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039bus.sys -- (s1039bus)
DRV - [2009/11/19 16:06:46 | 000,025,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039nd5.sys -- (s1039nd5)
DRV - [2009/11/19 16:06:45 | 000,124,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdm.sys -- (s1039mdm)
DRV - [2009/11/19 16:06:45 | 000,123,504 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039unic.sys -- (s1039unic)
DRV - [2009/11/19 16:06:45 | 000,117,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mgmt.sys -- (s1039mgmt)
DRV - [2009/11/19 16:06:45 | 000,113,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039obex.sys -- (s1039obex)
DRV - [2009/11/19 16:06:44 | 000,014,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1039mdfl.sys -- (s1039mdfl)
DRV - [2009/11/18 02:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 02:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/07 11:49:50 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2009/10/07 11:49:38 | 006,756,632 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2009/10/07 11:47:55 | 000,266,008 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2009/10/07 11:46:12 | 000,114,712 | R--- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/10/06 09:45:12 | 000,011,168 | ---- | M] (Headsoft) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vjoy.sys -- (vhidmini)
DRV - [2009/09/03 16:03:48 | 000,188,080 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2009/09/03 16:03:48 | 000,026,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2009/06/30 09:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/02/24 16:27:32 | 000,118,656 | R--- | M] (TRENDware International, Inc ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/14 00:11:00 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\changer.sys -- (Changer)
DRV - [2008/04/14 00:10:28 | 000,034,688 | ---- | M] (Toshiba Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\lbrtfdc.sys -- (lbrtfdc)
DRV - [2007/11/15 18:43:41 | 000,682,232 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2007/06/29 15:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/06/15 02:47:26 | 001,127,936 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\P17.sys -- (P17)
DRV - [2006/07/01 22:39:40 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/08/03 00:10:14 | 000,032,512 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2005/01/10 10:15:30 | 000,106,496 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2005/01/10 10:15:24 | 000,138,752 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2004/08/03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...m/home?AF=66524
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...Box&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google (Language: EE)"
FF - prefs.js..browser.startup.homepage: "www.google.ee"
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.89\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/08 01:03:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/08 01:03:18 | 000,000,000 | ---D | M]

[2009/02/12 01:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sander\Application Data\Mozilla\Extensions
[2009/02/12 01:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sander\Application Data\Mozilla\Extensions\[email protected]
[2012/08/25 18:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sander\Application Data\Mozilla\Firefox\Profiles\l3bo2ygi.default\extensions
[2012/06/27 20:45:11 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Documents and Settings\Sander\Application Data\Mozilla\Firefox\Profiles\l3bo2ygi.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2011/04/06 01:48:07 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\Sander\Application Data\Mozilla\Firefox\Profiles\l3bo2ygi.default\searchplugins\google-language-ee.xml
[2012/09/08 01:03:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/08 01:03:24 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/04/08 05:29:35 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/16 16:12:40 | 000,002,226 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/08/29 02:37:44 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/29 02:37:44 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/09/14 09:44:47 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Program Files\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [CreativeTaskScheduler] C:\Program Files\Creative\Shared Files\CTSched.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\epson\Creativity Suite\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe (HP)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [P17Helper] C:\WINDOWS\System32\P17.dll ()
O4 - HKLM..\Run: [UpdReg] C:\WINDOWS\Updreg.EXE (Creative Technology Ltd.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - Startup: C:\Documents and Settings\Sander\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Sander\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Sander\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Sander\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95 00 00 00 [binary data]
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.ad...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC52FE70-39CE-4A2A-AE09-7BA61CE38DCE}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (wbsys.dll) - C:\WINDOWS\System32\wbsys.dll (Stardock.Net, Inc)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\cryptnet32: DllName - (cryptnet32.dll) - File not found
O20 - Winlogon\Notify\WB: DllName - (C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll) - C:\Program Files\Stardock\Object Desktop\WindowBlinds\fastload.dll (Stardock)
O24 - Desktop WallPaper: C:\Documents and Settings\Sander\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Sander\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002/04/23 11:51:42 | 000,000,028 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{4550044c-19cd-11e1-9b57-0014d11c2d77}\Shell - "" = AutoRun
O33 - MountPoints2\{4550044c-19cd-11e1-9b57-0014d11c2d77}\Shell\AutoRun - "" = Auto&Play
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/14 09:44:40 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/14 09:42:23 | 004,749,794 | ---- | C] (Swearware) -- C:\Documents and Settings\Sander\Desktop\ComboFix.exe
[2012/09/14 09:42:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sander\Desktop\OTLIX
[2012/09/13 19:10:19 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Sander\Desktop\OTL.exe
[2012/09/13 17:18:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/09/13 17:18:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2012/09/08 01:03:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/09/05 03:01:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/09/05 03:01:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
[2012/08/23 17:52:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sander\Desktop\KIPS

========== Files - Modified Within 30 Days ==========

[2012/09/14 09:50:07 | 000,002,262 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/09/14 09:49:20 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/14 09:49:18 | 000,000,440 | ---- | M] () -- C:\WINDOWS\tasks\RegCure Program Check.job
[2012/09/14 09:48:11 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/09/14 09:48:04 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2012/09/14 09:48:02 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\logiflt.iad
[2012/09/14 09:35:27 | 004,749,794 | ---- | M] (Swearware) -- C:\Documents and Settings\Sander\Desktop\ComboFix.exe
[2012/09/14 09:24:20 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/14 09:15:07 | 000,002,155 | ---- | M] () -- C:\Documents and Settings\Sander\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2012/09/13 19:08:47 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sander\Desktop\OTL.exe
[2012/09/13 17:30:28 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/09/13 13:27:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/09/13 04:08:24 | 000,116,224 | ---- | M] () -- C:\Documents and Settings\Sander\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/13 03:28:40 | 000,070,656 | ---- | M] () -- C:\WINDOWS\System32\drivers\ea4baa0544ac7f04.sys
[2012/09/13 03:05:16 | 000,000,118 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2012/09/13 03:00:17 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\RegCure.job
[2012/09/12 21:02:39 | 000,108,544 | ---- | M] () -- C:\Documents and Settings\Sander\tiddiszagtor.exe
[2012/09/11 13:26:44 | 000,000,070 | ---- | M] () -- C:\WINDOWS\sbwin.ini
[2012/09/11 11:43:00 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/09/06 18:16:30 | 000,314,930 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\tumblr_m9viw9ZoA31qdx146o1_1280.jpg
[2012/09/04 01:32:44 | 000,000,591 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\Heder1.png
[2012/09/02 22:51:35 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/08/29 01:12:07 | 000,007,171 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\Header01.png
[2012/08/28 18:46:12 | 000,007,225 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\wolf_paw_print_LG.png
[2012/08/28 18:20:08 | 000,009,312 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\hun.jpg
[2012/08/17 01:22:36 | 000,065,202 | ---- | M] () -- C:\Documents and Settings\Sander\Desktop\3479.jpg
[2012/08/16 03:32:22 | 002,064,896 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/16 03:14:12 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK

========== Files Created - No Company Name ==========

[2012/09/13 17:19:03 | 000,000,886 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/13 17:19:03 | 000,000,882 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/13 03:28:40 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\drivers\ea4baa0544ac7f04.sys
[2012/09/12 21:03:00 | 000,108,544 | ---- | C] () -- C:\Documents and Settings\Sander\tiddiszagtor.exe
[2012/09/11 13:26:44 | 000,000,070 | ---- | C] () -- C:\WINDOWS\sbwin.ini
[2012/09/06 18:16:29 | 000,314,930 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\tumblr_m9viw9ZoA31qdx146o1_1280.jpg
[2012/09/04 01:32:44 | 000,000,591 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\Heder1.png
[2012/08/29 01:08:23 | 000,007,171 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\Header01.png
[2012/08/28 18:43:09 | 000,007,225 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\wolf_paw_print_LG.png
[2012/08/28 18:20:07 | 000,009,312 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\hun.jpg
[2012/08/17 01:22:33 | 000,065,202 | ---- | C] () -- C:\Documents and Settings\Sander\Desktop\3479.jpg
[2012/02/15 13:18:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/26 20:09:01 | 000,000,579 | ---- | C] () -- C:\WINDOWS\qtracker.INI
[2011/11/28 17:30:31 | 000,025,456 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039nd5.sys
[2011/11/28 17:30:30 | 000,124,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039mdm.sys
[2011/11/28 17:30:30 | 000,123,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039unic.sys
[2011/11/28 17:30:30 | 000,117,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039mgmt.sys
[2011/11/28 17:30:30 | 000,113,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039obex.sys
[2011/11/28 17:30:30 | 000,014,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039mdfl.sys
[2011/11/28 17:30:30 | 000,012,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039cmnt.sys
[2011/11/28 17:30:30 | 000,012,528 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039cm.sys
[2011/11/28 17:30:30 | 000,010,992 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039cr.sys
[2011/11/28 17:30:29 | 000,098,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039bus.sys
[2011/11/28 17:30:29 | 000,012,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039whnt.sys
[2011/11/28 17:30:29 | 000,012,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\s1039wh.sys
[2011/03/01 20:46:50 | 000,011,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\vjoy.sys
[2011/02/11 04:00:42 | 002,026,496 | ---- | C] () -- C:\WINDOWS\System32\ntkrnlpa.exe
[2010/12/06 00:41:03 | 000,693,760 | ---- | C] () -- C:\Documents and Settings\Sander\j_update6.exe
[2010/10/12 18:27:42 | 000,116,224 | ---- | C] () -- C:\Documents and Settings\Sander\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/25 13:41:21 | 006,756,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvuvc.sys
[2010/09/25 13:40:49 | 000,266,008 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvrs.sys
[2010/09/25 13:40:49 | 000,114,712 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvpopflt.sys
[2010/09/25 13:40:28 | 000,023,832 | R--- | C] () -- C:\WINDOWS\System32\drivers\lvuvcflt.sys
[2010/09/21 12:53:50 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2010/09/21 12:53:48 | 000,232,968 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2010/09/21 12:53:48 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2010/09/21 12:52:47 | 002,195,030 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2010/09/21 12:34:58 | 006,108,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\RtkHDAud.sys
[2010/09/21 12:34:58 | 001,395,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\Monfilt.sys
[2010/09/21 12:13:29 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/09/21 10:14:09 | 000,046,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\irbus.sys
[2010/09/21 10:13:44 | 000,870,784 | ---- | C] () -- C:\WINDOWS\System32\ati3d1ag.dll
[2010/09/21 10:13:44 | 000,377,984 | ---- | C] () -- C:\WINDOWS\System32\ati2dvaa.dll
[2010/09/21 10:13:44 | 000,201,728 | ---- | C] () -- C:\WINDOWS\System32\ati2dvag.dll
[2010/09/21 10:13:43 | 001,888,992 | ---- | C] () -- C:\WINDOWS\System32\ati3duag.dll
[2010/09/21 10:13:43 | 000,516,768 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dll
[2010/09/21 10:13:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdpash.dll
[2010/09/21 10:13:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdnepr.dll
[2010/09/21 10:13:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdiultn.dll
[2010/09/21 10:13:37 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\kbdbhc.dll
[2010/09/21 10:13:34 | 001,737,856 | ---- | C] () -- C:\WINDOWS\System32\mtxparhd.dll
[2010/09/21 10:13:32 | 000,397,056 | ---- | C] () -- C:\WINDOWS\System32\s3gnb.dll
[2010/09/21 10:09:21 | 000,101,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthpan.sys
[2010/09/21 10:09:21 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthmodem.sys
[2010/09/21 10:09:21 | 000,025,471 | ---- | C] () -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2010/09/21 10:09:21 | 000,017,279 | ---- | C] () -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2010/09/21 10:09:21 | 000,017,024 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthenum.sys
[2010/09/21 10:09:21 | 000,014,143 | ---- | C] () -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2010/09/21 10:09:20 | 000,144,384 | ---- | C] () -- C:\WINDOWS\System32\drivers\hdaudbus.sys
[2010/09/21 10:09:20 | 000,046,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\gagp30kx.sys
[2010/09/21 10:09:20 | 000,036,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthprint.sys
[2010/09/21 10:09:20 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidbth.sys
[2010/09/21 10:09:20 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\bthusb.sys
[2010/09/21 10:09:20 | 000,015,423 | ---- | C] () -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2010/09/21 10:09:19 | 001,041,536 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2010/09/21 10:09:19 | 000,685,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2010/09/21 10:09:19 | 000,220,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2010/09/21 10:09:19 | 000,019,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\hidir.sys
[2010/09/21 10:09:18 | 001,309,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2010/09/21 10:09:18 | 000,126,686 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2010/09/21 10:09:18 | 000,011,868 | ---- | C] () -- C:\WINDOWS\System32\drivers\mdmxsdk.sys
[2010/09/21 10:09:17 | 000,452,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2010/09/21 10:09:17 | 000,180,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2010/09/21 10:09:17 | 000,166,912 | ---- | C] () -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2010/09/21 10:09:17 | 000,059,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\rfcomm.sys
[2010/09/21 10:09:17 | 000,030,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2010/09/21 10:09:17 | 000,013,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\recagent.sys
[2010/09/21 10:09:17 | 000,012,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2010/09/21 10:09:16 | 000,404,990 | ---- | C] () -- C:\WINDOWS\System32\drivers\slntamr.sys
[2010/09/21 10:09:16 | 000,129,535 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2010/09/21 10:09:16 | 000,095,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\slnthal.sys
[2010/09/21 10:09:16 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\drivers\sisagp.sys
[2010/09/21 10:09:16 | 000,013,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2010/09/21 10:09:16 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\sffp_mmc.sys
[2010/09/21 10:09:16 | 000,005,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\smbali.sys
[2010/09/21 10:09:16 | 000,003,901 | ---- | C] () -- C:\WINDOWS\System32\drivers\siint5.dll
[2010/09/21 10:09:15 | 000,044,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\uagp35.sys
[2010/09/21 10:09:15 | 000,042,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\viaagp.sys
[2010/09/21 10:09:15 | 000,014,208 | ---- | C] () -- C:\WINDOWS\System32\drivers\wacompen.sys
[2010/09/21 10:09:15 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2010/09/21 10:09:15 | 000,011,871 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2010/09/21 10:09:15 | 000,011,807 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2010/09/21 10:09:15 | 000,011,325 | ---- | C] () -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2010/09/21 10:09:15 | 000,011,295 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2010/09/21 10:09:14 | 000,025,471 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2010/09/21 10:09:14 | 000,022,271 | ---- | C] () -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2010/09/21 10:09:14 | 000,011,935 | ---- | C] () -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2010/09/15 14:46:57 | 000,030,080 | ---- | C] () -- C:\WINDOWS\System32\drivers\modem.sys
[2010/09/15 14:46:56 | 000,011,392 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfloppy.sys
[2010/09/15 14:46:55 | 000,035,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\processr.sys
[2010/09/15 14:46:43 | 000,034,688 | ---- | C] () -- C:\WINDOWS\System32\drivers\lbrtfdc.sys
[2010/09/15 14:46:41 | 000,008,576 | ---- | C] () -- C:\WINDOWS\System32\drivers\i2omgmt.sys
[2010/09/15 14:46:38 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\drivers\changer.sys
[2010/09/15 14:46:35 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\flpydisk.sys
[2009/11/04 22:22:36 | 000,020,531 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\T09F8
[2009/01/02 05:19:22 | 000,000,432 | ---- | C] () -- C:\Documents and Settings\Sander\Application Data\Poladroid prefs.plist
[2008/10/26 03:31:22 | 000,000,030 | ---- | C] () -- C:\Documents and Settings\Sander\jagex_runescape_preferences.dat
[2007/11/15 20:52:16 | 000,139,152 | ---- | C] () -- C:\Documents and Settings\Sander\Application Data\PnkBstrK.sys
[2005/04/08 05:16:43 | 000,029,671 | -H-- | C] () -- C:\Documents and Settings\Sander\Application Data\Sanderlog.dat

========== LOP Check ==========

[2009/04/05 16:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy
[2010/03/23 14:29:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AA3DeployClient
[2010/09/14 15:41:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2009/05/05 18:55:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\America's Army Deploy Client
[2012/09/13 17:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2009/02/07 00:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FreeRIP
[2007/10/22 02:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Last.fm
[2011/03/15 14:23:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments
[2012/05/31 03:18:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegCure
[2012/09/12 21:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Soulseek
[2009/03/12 14:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2010/06/04 15:04:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/01/22 14:30:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/03/15 14:24:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{BC13C66E-D01E-4443-A1D1-35EEDF3A964A}
[2011/03/15 14:23:22 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{C59C4281-5384-43B2-9E48-2FA6F8967AB1}
[2011/03/15 14:23:09 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
[2012/03/16 16:12:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Acapela Group
[2010/12/06 00:41:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Application Data
[2012/09/14 09:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\BabylonToolbar
[2007/10/16 17:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Blender Foundation
[2012/09/14 09:50:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Dropbox
[2008/12/04 15:13:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\EPSON
[2011/09/19 21:14:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\FileZilla
[2008/02/12 02:16:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\FlashFXP
[2008/04/20 22:51:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Flickr
[2012/08/06 19:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Lasersoft Imaging
[2008/10/15 09:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Leadertech
[2008/04/22 02:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\LimeWire
[2011/10/02 09:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\OpenOffice.org
[2010/08/29 14:59:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\PictoColor
[2008/03/04 04:16:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Processing
[2010/09/14 20:34:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\QuickScan
[2009/10/26 15:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Red Kawa
[2012/03/09 17:45:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\Sports Interactive
[2012/02/29 21:40:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\SystemRequirementsLab
[2012/09/10 06:45:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sander\Application Data\uTorrent
[2012/09/14 09:49:18 | 000,000,440 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure Program Check.job
[2012/09/13 03:00:17 | 000,000,374 | ---- | M] () -- C:\WINDOWS\Tasks\RegCure.job

========== Purity Check ==========



< End of report >

Edited by ManFromEarth, 14 September 2012 - 02:07 AM.

  • 0

#4
ManFromEarth

ManFromEarth

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Combofix added as attachment.

Attached Files


Edited by ManFromEarth, 14 September 2012 - 01:47 AM.

  • 0

#5
ManFromEarth

ManFromEarth

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
I updated my Symantec definitions and ran a full system scan. Here's what it found.

APQ56.tmp risked as Bloodhound.maIPE from Symantec quarantine which it quarantined.
Found tiddiszagtor.exe.vir, tiddiszagtor.exe and _tiddiszagtor_.exe.zip from Combofix quarantine which it quarantined.
A0000796.exe risked as Trojan.Gen.2 from System Volume Information which it quarantined.
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I would like to check ot the MBR next as it looks a little iffy

Once this programme has run can you let me know what problems remain

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    Posted Image
  • Then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.
  • 0

#7
ManFromEarth

ManFromEarth

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
15:14:23.0015 3816 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
15:14:23.0156 3816 ============================================================
15:14:23.0156 3816 Current date / time: 2012/09/14 15:14:23.0156
15:14:23.0156 3816 SystemInfo:
15:14:23.0156 3816
15:14:23.0156 3816 OS Version: 5.1.2600 ServicePack: 3.0
15:14:23.0156 3816 Product type: Workstation
15:14:23.0156 3816 ComputerName: REIN-3552E63F55
15:14:23.0156 3816 UserName: Sander
15:14:23.0156 3816 Windows directory: C:\WINDOWS
15:14:23.0156 3816 System windows directory: C:\WINDOWS
15:14:23.0156 3816 Processor architecture: Intel x86
15:14:23.0156 3816 Number of processors: 2
15:14:23.0156 3816 Page size: 0x1000
15:14:23.0156 3816 Boot type: Normal boot
15:14:23.0156 3816 ============================================================
15:14:24.0093 3816 Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:14:24.0109 3816 ============================================================
15:14:24.0109 3816 \Device\Harddisk0\DR0:
15:14:24.0109 3816 MBR partitions:
15:14:24.0109 3816 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
15:14:24.0109 3816 ============================================================
15:14:24.0140 3816 C: <-> \Device\Harddisk0\DR0\Partition1
15:14:24.0140 3816 ============================================================
15:14:24.0140 3816 Initialize success
15:14:24.0140 3816 ============================================================
15:14:51.0515 2256 ============================================================
15:14:51.0515 2256 Scan started
15:14:51.0515 2256 Mode: Manual; TDLFS;
15:14:51.0515 2256 ============================================================
15:14:51.0875 2256 ================ Scan system memory ========================
15:14:53.0437 2256 System memory - ok
15:14:53.0437 2256 ================ Scan services =============================
15:14:53.0593 2256 [ 17067069B9A7865028C1F2E6971D0CCC ] aawservice C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
15:14:53.0593 2256 aawservice - ok
15:14:53.0718 2256 Abiosdsk - ok
15:14:53.0718 2256 abp480n5 - ok
15:14:53.0765 2256 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:14:53.0765 2256 ACPI - ok
15:14:53.0812 2256 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:14:53.0812 2256 ACPIEC - ok
15:14:53.0812 2256 adpu160m - ok
15:14:53.0859 2256 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:14:53.0859 2256 AFD - ok
15:14:53.0875 2256 Aha154x - ok
15:14:53.0875 2256 aic78u2 - ok
15:14:53.0875 2256 aic78xx - ok
15:14:53.0921 2256 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:14:53.0937 2256 Alerter - ok
15:14:53.0953 2256 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
15:14:53.0953 2256 ALG - ok
15:14:53.0968 2256 AliIde - ok
15:14:54.0031 2256 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
15:14:54.0281 2256 Ambfilt - ok
15:14:54.0312 2256 [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
15:14:54.0312 2256 AmdK8 - ok
15:14:54.0343 2256 [ AD8FA28D8ED0D0A689A0559085CE0F18 ] AmdLLD C:\WINDOWS\system32\DRIVERS\AmdLLD.sys
15:14:54.0343 2256 AmdLLD - ok
15:14:54.0359 2256 amsint - ok
15:14:54.0468 2256 [ D503DF3ABA595F551B98B9BAE017A271 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:14:54.0468 2256 Apple Mobile Device - ok
15:14:54.0515 2256 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
15:14:54.0515 2256 AppMgmt - ok
15:14:54.0562 2256 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:14:54.0578 2256 Arp1394 - ok
15:14:54.0578 2256 asc - ok
15:14:54.0578 2256 asc3350p - ok
15:14:54.0593 2256 asc3550 - ok
15:14:54.0671 2256 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:14:54.0718 2256 aspnet_state - ok
15:14:54.0750 2256 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:14:54.0750 2256 AsyncMac - ok
15:14:54.0765 2256 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:14:54.0765 2256 atapi - ok
15:14:54.0781 2256 Atdisk - ok
15:14:54.0781 2256 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:14:54.0796 2256 Atmarpc - ok
15:14:54.0843 2256 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:14:54.0843 2256 AudioSrv - ok
15:14:54.0875 2256 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:14:54.0875 2256 audstub - ok
15:14:54.0921 2256 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:14:54.0921 2256 Beep - ok
15:14:54.0968 2256 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
15:14:54.0984 2256 BITS - ok
15:14:55.0078 2256 [ EBAD0F51D8D4DADE7660B1851ADDBD07 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:14:55.0078 2256 Bonjour Service - ok
15:14:55.0125 2256 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
15:14:55.0125 2256 Browser - ok
15:14:55.0296 2256 catchme - ok
15:14:55.0328 2256 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:14:55.0343 2256 cbidf2k - ok
15:14:55.0390 2256 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:14:55.0406 2256 CCDECODE - ok
15:14:55.0468 2256 [ 260A069F403DA226D18C058AD14FD3A3 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:14:55.0484 2256 ccEvtMgr - ok
15:14:55.0484 2256 [ 260A069F403DA226D18C058AD14FD3A3 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:14:55.0484 2256 ccSetMgr - ok
15:14:55.0484 2256 cd20xrnt - ok
15:14:55.0515 2256 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:14:55.0515 2256 Cdaudio - ok
15:14:55.0546 2256 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:14:55.0546 2256 Cdfs - ok
15:14:55.0562 2256 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:14:55.0562 2256 Cdrom - ok
15:14:55.0593 2256 CFcatchme - ok
15:14:55.0609 2256 [ 2A5815CA6FFF24B688C01F828B96819C ] Changer C:\WINDOWS\system32\drivers\Changer.sys
15:14:55.0609 2256 Changer - ok
15:14:55.0656 2256 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
15:14:55.0671 2256 CiSvc - ok
15:14:55.0703 2256 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:14:55.0703 2256 ClipSrv - ok
15:14:55.0750 2256 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:14:55.0828 2256 clr_optimization_v2.0.50727_32 - ok
15:14:55.0828 2256 CmdIde - ok
15:14:55.0859 2256 [ DE88A385898F6D13026F94F749FBAED2 ] COH_Mon C:\WINDOWS\system32\Drivers\COH_Mon.sys
15:14:55.0859 2256 COH_Mon - ok
15:14:55.0875 2256 COMSysApp - ok
15:14:55.0875 2256 Cpqarray - ok
15:14:55.0921 2256 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:14:55.0921 2256 CryptSvc - ok
15:14:55.0968 2256 [ 8DB84DE3AAB34A8B4C2F644EFF41CD76 ] ctsfm2k C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
15:14:55.0968 2256 ctsfm2k - ok
15:14:55.0984 2256 dac2w2k - ok
15:14:55.0984 2256 dac960nt - ok
15:14:56.0046 2256 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:14:56.0046 2256 DcomLaunch - ok
15:14:56.0093 2256 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:14:56.0093 2256 Dhcp - ok
15:14:56.0140 2256 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:14:56.0140 2256 Disk - ok
15:14:56.0156 2256 dmadmin - ok
15:14:56.0187 2256 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:14:56.0250 2256 dmboot - ok
15:14:56.0265 2256 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:14:56.0265 2256 dmio - ok
15:14:56.0281 2256 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:14:56.0281 2256 dmload - ok
15:14:56.0296 2256 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:14:56.0296 2256 dmserver - ok
15:14:56.0312 2256 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:14:56.0312 2256 DMusic - ok
15:14:56.0359 2256 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:14:56.0359 2256 Dnscache - ok
15:14:56.0406 2256 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:14:56.0421 2256 Dot3svc - ok
15:14:56.0421 2256 dpti2o - ok
15:14:56.0453 2256 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:14:56.0453 2256 drmkaud - ok
15:14:56.0468 2256 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:14:56.0484 2256 EapHost - ok
15:14:56.0562 2256 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
15:14:56.0578 2256 eeCtrl - ok
15:14:56.0609 2256 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:14:56.0625 2256 EraserUtilRebootDrv - ok
15:14:56.0656 2256 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:14:56.0656 2256 ERSvc - ok
15:14:56.0687 2256 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
15:14:56.0687 2256 Eventlog - ok
15:14:56.0750 2256 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
15:14:56.0750 2256 EventSystem - ok
15:14:56.0796 2256 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:14:56.0843 2256 Fastfat - ok
15:14:56.0890 2256 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:14:56.0890 2256 FastUserSwitchingCompatibility - ok
15:14:56.0906 2256 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
15:14:56.0906 2256 Fdc - ok
15:14:56.0953 2256 [ B73EC688C29F81F9DA0FCF63682B3ECB ] FilterService C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
15:14:56.0953 2256 FilterService - ok
15:14:56.0984 2256 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:14:56.0984 2256 Fips - ok
15:14:57.0046 2256 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:14:57.0078 2256 FLEXnet Licensing Service - ok
15:14:57.0109 2256 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
15:14:57.0109 2256 Flpydisk - ok
15:14:57.0156 2256 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:14:57.0156 2256 FltMgr - ok
15:14:57.0265 2256 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:14:57.0265 2256 FontCache3.0.0.0 - ok
15:14:57.0312 2256 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:14:57.0312 2256 Fs_Rec - ok
15:14:57.0312 2256 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:14:57.0312 2256 Ftdisk - ok
15:14:57.0343 2256 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
15:14:57.0343 2256 GEARAspiWDM - ok
15:14:57.0359 2256 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:14:57.0359 2256 Gpc - ok
15:14:57.0484 2256 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:14:57.0484 2256 gupdate - ok
15:14:57.0500 2256 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:14:57.0500 2256 gupdatem - ok
15:14:57.0546 2256 [ 408DDD80EEDE47175F6844817B90213E ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:14:57.0562 2256 gusvc - ok
15:14:57.0578 2256 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:14:57.0578 2256 HDAudBus - ok
15:14:57.0671 2256 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:14:57.0671 2256 helpsvc - ok
15:14:57.0703 2256 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
15:14:57.0703 2256 HidServ - ok
15:14:57.0812 2256 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:14:57.0812 2256 HidUsb - ok
15:14:57.0859 2256 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:14:57.0859 2256 hkmsvc - ok
15:14:57.0875 2256 hpn - ok
15:14:57.0921 2256 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:14:57.0937 2256 HTTP - ok
15:14:57.0968 2256 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:14:57.0984 2256 HTTPFilter - ok
15:14:57.0984 2256 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
15:14:57.0984 2256 i2omgmt - ok
15:14:57.0984 2256 i2omp - ok
15:14:58.0015 2256 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:14:58.0015 2256 i8042prt - ok
15:14:58.0078 2256 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:14:58.0125 2256 idsvc - ok
15:14:58.0125 2256 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:14:58.0125 2256 Imapi - ok
15:14:58.0156 2256 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:14:58.0156 2256 ImapiService - ok
15:14:58.0171 2256 ini910u - ok
15:14:58.0359 2256 [ A109FE3CA1EE4E92292B349DE1B32F7B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:14:58.0531 2256 IntcAzAudAddService - ok
15:14:58.0531 2256 IntelIde - ok
15:14:58.0562 2256 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:14:58.0562 2256 Ip6Fw - ok
15:14:58.0593 2256 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:14:58.0609 2256 IpFilterDriver - ok
15:14:58.0625 2256 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:14:58.0625 2256 IpInIp - ok
15:14:58.0671 2256 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:14:58.0671 2256 IpNat - ok
15:14:58.0703 2256 [ 3C30491045DBBD44A42876B3D6F3917D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:14:58.0703 2256 iPod Service - ok
15:14:58.0734 2256 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:14:58.0734 2256 IPSec - ok
15:14:58.0750 2256 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:14:58.0765 2256 IRENUM - ok
15:14:58.0796 2256 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:14:58.0796 2256 isapnp - ok
15:14:58.0937 2256 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
15:14:58.0937 2256 JavaQuickStarterService - ok
15:14:58.0937 2256 k750bus - ok
15:14:58.0953 2256 k750obex - ok
15:14:58.0984 2256 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:14:58.0984 2256 Kbdclass - ok
15:14:59.0000 2256 kcqnmnferhhelt - ok
15:14:59.0015 2256 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:14:59.0015 2256 kmixer - ok
15:14:59.0031 2256 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:14:59.0046 2256 KSecDD - ok
15:14:59.0093 2256 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:14:59.0093 2256 lanmanserver - ok
15:14:59.0125 2256 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:14:59.0125 2256 lanmanworkstation - ok
15:14:59.0140 2256 [ 406598827A1B5F77954DE11DDE115CED ] lbrtfdc C:\WINDOWS\system32\drivers\lbrtfdc.sys
15:14:59.0156 2256 lbrtfdc - ok
15:14:59.0328 2256 [ 6105B28F5D03C4AFFA7197B228768849 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
15:14:59.0421 2256 LiveUpdate - ok
15:14:59.0468 2256 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:14:59.0468 2256 LmHosts - ok
15:14:59.0500 2256 [ 9FB982DE1C8DD769F8ED681DD878B12F ] lvpopflt C:\WINDOWS\system32\DRIVERS\lvpopflt.sys
15:14:59.0515 2256 lvpopflt - ok
15:14:59.0531 2256 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
15:14:59.0531 2256 LVPr2Mon - ok
15:14:59.0609 2256 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
15:14:59.0609 2256 LVPrcSrv - ok
15:14:59.0640 2256 [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
15:14:59.0640 2256 LVRS - ok
15:14:59.0812 2256 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
15:15:00.0000 2256 LVUVC - ok
15:15:00.0015 2256 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:15:00.0015 2256 Messenger - ok
15:15:00.0125 2256 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
15:15:00.0203 2256 Microsoft Office Groove Audit Service - ok
15:15:00.0250 2256 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:15:00.0250 2256 mnmdd - ok
15:15:00.0296 2256 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
15:15:00.0312 2256 mnmsrvc - ok
15:15:00.0343 2256 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:15:00.0421 2256 Modem - ok
15:15:00.0484 2256 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
15:15:00.0546 2256 Monfilt - ok
15:15:00.0562 2256 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:15:00.0562 2256 Mouclass - ok
15:15:00.0609 2256 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:15:00.0609 2256 mouhid - ok
15:15:00.0625 2256 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:15:00.0625 2256 MountMgr - ok
15:15:00.0703 2256 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:15:00.0750 2256 MozillaMaintenance - ok
15:15:00.0750 2256 mraid35x - ok
15:15:00.0781 2256 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:15:00.0781 2256 MRxDAV - ok
15:15:00.0843 2256 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:15:00.0843 2256 MRxSmb - ok
15:15:00.0890 2256 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
15:15:00.0906 2256 MSDTC - ok
15:15:00.0921 2256 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:15:00.0921 2256 Msfs - ok
15:15:00.0921 2256 MSIServer - ok
15:15:00.0968 2256 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:15:00.0984 2256 MSKSSRV - ok
15:15:01.0031 2256 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:15:01.0031 2256 MSPCLOCK - ok
15:15:01.0062 2256 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:15:01.0078 2256 MSPQM - ok
15:15:01.0125 2256 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:15:01.0125 2256 mssmbios - ok
15:15:01.0140 2256 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:15:01.0140 2256 MSTEE - ok
15:15:01.0171 2256 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:15:01.0171 2256 Mup - ok
15:15:01.0203 2256 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:15:01.0203 2256 NABTSFEC - ok
15:15:01.0250 2256 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:15:01.0265 2256 napagent - ok
15:15:01.0343 2256 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120913.035\NAVENG.SYS
15:15:01.0343 2256 NAVENG - ok
15:15:01.0406 2256 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20120913.035\NAVEX15.SYS
15:15:01.0484 2256 NAVEX15 - ok
15:15:01.0515 2256 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:15:01.0515 2256 NDIS - ok
15:15:01.0546 2256 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:15:01.0546 2256 NdisIP - ok
15:15:01.0593 2256 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:15:01.0593 2256 NdisTapi - ok
15:15:01.0609 2256 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:15:01.0609 2256 Ndisuio - ok
15:15:01.0625 2256 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:15:01.0625 2256 NdisWan - ok
15:15:01.0671 2256 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:15:01.0671 2256 NDProxy - ok
15:15:01.0796 2256 [ 6D4028D458EAAA1782099750790DC8C9 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
15:15:01.0812 2256 Nero BackItUp Scheduler 3 - ok
15:15:01.0828 2256 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:15:01.0828 2256 NetBIOS - ok
15:15:01.0843 2256 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:15:01.0843 2256 NetBT - ok
15:15:01.0890 2256 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
15:15:01.0968 2256 NetDDE - ok
15:15:01.0984 2256 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:15:01.0984 2256 NetDDEdsdm - ok
15:15:02.0015 2256 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:15:02.0015 2256 Netlogon - ok
15:15:02.0031 2256 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
15:15:02.0046 2256 Netman - ok
15:15:02.0078 2256 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:15:02.0109 2256 NetTcpPortSharing - ok
15:15:02.0140 2256 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:15:02.0140 2256 NIC1394 - ok
15:15:02.0156 2256 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
15:15:02.0171 2256 Nla - ok
15:15:02.0265 2256 [ 1BEF5464C06F4AF0C704378824C52ADB ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
15:15:02.0281 2256 NMIndexingService - ok
15:15:02.0281 2256 nmwcd - ok
15:15:02.0281 2256 nmwcdc - ok
15:15:02.0281 2256 nmwcdcj - ok
15:15:02.0328 2256 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:15:02.0328 2256 Npfs - ok
15:15:02.0343 2256 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:15:02.0359 2256 Ntfs - ok
15:15:02.0359 2256 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
15:15:02.0359 2256 NtLmSsp - ok
15:15:02.0406 2256 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:15:02.0406 2256 NtmsSvc - ok
15:15:02.0421 2256 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:15:02.0421 2256 Null - ok
15:15:02.0734 2256 [ ED9816DBAF6689542EA7D022631906A1 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:15:03.0000 2256 nv - ok
15:15:03.0015 2256 NVENETFD - ok
15:15:03.0015 2256 nvnetbus - ok
15:15:03.0046 2256 [ A2322C6207EBB0761A6C8CC9003EBACF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
15:15:03.0046 2256 NVSvc - ok
15:15:03.0093 2256 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:15:03.0093 2256 NwlnkFlt - ok
15:15:03.0125 2256 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:15:03.0140 2256 NwlnkFwd - ok
15:15:03.0281 2256 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:15:03.0343 2256 odserv - ok
15:15:03.0390 2256 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:15:03.0390 2256 ohci1394 - ok
15:15:03.0437 2256 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:15:03.0515 2256 ose - ok
15:15:03.0546 2256 [ 103A9B117A7D9903111955CDAFE65AC6 ] ossrv C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
15:15:03.0546 2256 ossrv - ok
15:15:03.0625 2256 [ DF886FFED69AEAD0CF608B89B18C3F6F ] P17 C:\WINDOWS\system32\drivers\P17.sys
15:15:03.0703 2256 P17 - ok
15:15:03.0734 2256 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:15:03.0734 2256 Parport - ok
15:15:03.0750 2256 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:15:03.0750 2256 PartMgr - ok
15:15:03.0781 2256 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:15:03.0796 2256 ParVdm - ok
15:15:03.0812 2256 [ 3ADB8BD6154A3EF87496E8FCE9C22493 ] pavboot C:\WINDOWS\system32\drivers\pavboot.sys
15:15:03.0812 2256 pavboot - ok
15:15:03.0828 2256 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:15:03.0828 2256 PCI - ok
15:15:03.0828 2256 PCIDump - ok
15:15:03.0843 2256 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:15:03.0843 2256 PCIIde - ok
15:15:03.0875 2256 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:15:03.0875 2256 Pcmcia - ok
15:15:03.0890 2256 PDCOMP - ok
15:15:03.0890 2256 PDFRAME - ok
15:15:03.0890 2256 PDRELI - ok
15:15:03.0906 2256 PDRFRAME - ok
15:15:03.0906 2256 perc2 - ok
15:15:03.0906 2256 perc2hib - ok
15:15:03.0953 2256 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
15:15:03.0953 2256 PlugPlay - ok
15:15:03.0984 2256 [ 1713D9DE407313138118D501B0E3C05B ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
15:15:03.0984 2256 PnkBstrA - ok
15:15:04.0000 2256 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:15:04.0000 2256 PolicyAgent - ok
15:15:04.0015 2256 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:15:04.0015 2256 PptpMiniport - ok
15:15:04.0031 2256 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
15:15:04.0031 2256 Processor - ok
15:15:04.0031 2256 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:15:04.0031 2256 ProtectedStorage - ok
15:15:04.0046 2256 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:15:04.0046 2256 PSched - ok
15:15:04.0062 2256 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:15:04.0062 2256 Ptilink - ok
15:15:04.0109 2256 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:15:04.0109 2256 PxHelp20 - ok
15:15:04.0109 2256 ql1080 - ok
15:15:04.0109 2256 Ql10wnt - ok
15:15:04.0125 2256 ql12160 - ok
15:15:04.0125 2256 ql1240 - ok
15:15:04.0125 2256 ql1280 - ok
15:15:04.0140 2256 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:15:04.0140 2256 RasAcd - ok
15:15:04.0187 2256 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:15:04.0187 2256 RasAuto - ok
15:15:04.0218 2256 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:15:04.0218 2256 Rasl2tp - ok
15:15:04.0265 2256 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:15:04.0281 2256 RasMan - ok
15:15:04.0281 2256 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:15:04.0281 2256 RasPppoe - ok
15:15:04.0296 2256 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:15:04.0296 2256 Raspti - ok
15:15:04.0328 2256 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:15:04.0343 2256 Rdbss - ok
15:15:04.0343 2256 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:15:04.0343 2256 RDPCDD - ok
15:15:04.0375 2256 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:15:04.0390 2256 rdpdr - ok
15:15:04.0437 2256 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:15:04.0437 2256 RDPWD - ok
15:15:04.0453 2256 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:15:04.0531 2256 RDSessMgr - ok
15:15:04.0562 2256 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:15:04.0562 2256 redbook - ok
15:15:04.0609 2256 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:15:04.0625 2256 RemoteAccess - ok
15:15:04.0687 2256 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
15:15:04.0687 2256 RemoteRegistry - ok
15:15:04.0734 2256 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
15:15:04.0750 2256 RpcLocator - ok
15:15:04.0796 2256 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
15:15:04.0796 2256 RpcSs - ok
15:15:04.0828 2256 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
15:15:04.0953 2256 RSVP - ok
15:15:05.0000 2256 [ B4A166449464A4BF4A8BA0CCC0C00E16 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
15:15:05.0000 2256 RTL8023xp - ok
15:15:05.0031 2256 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
15:15:05.0046 2256 rtl8139 - ok
15:15:05.0078 2256 [ 20EB79FD0A13A18B70B6731A1285CA94 ] s1039bus C:\WINDOWS\system32\DRIVERS\s1039bus.sys
15:15:05.0078 2256 s1039bus - ok
15:15:05.0093 2256 [ 58780C6C3AD51DA84B57D6AE42DC49CA ] s1039mdfl C:\WINDOWS\system32\DRIVERS\s1039mdfl.sys
15:15:05.0109 2256 s1039mdfl - ok
15:15:05.0140 2256 [ 1FF8B42D1346133A945B52876376ED40 ] s1039mdm C:\WINDOWS\system32\DRIVERS\s1039mdm.sys
15:15:05.0156 2256 s1039mdm - ok
15:15:05.0171 2256 [ F64C13C549CB4732FE99C771FA35D038 ] s1039mgmt C:\WINDOWS\system32\DRIVERS\s1039mgmt.sys
15:15:05.0187 2256 s1039mgmt - ok
15:15:05.0203 2256 [ EC22D9BAA464A892C0637982B67292E6 ] s1039nd5 C:\WINDOWS\system32\DRIVERS\s1039nd5.sys
15:15:05.0203 2256 s1039nd5 - ok
15:15:05.0250 2256 [ 69E9CE002E7249E61FF2EA1336C71D89 ] s1039obex C:\WINDOWS\system32\DRIVERS\s1039obex.sys
15:15:05.0250 2256 s1039obex - ok
15:15:05.0296 2256 [ 482DFB3721A0DE11CC22B439D17C348C ] s1039unic C:\WINDOWS\system32\DRIVERS\s1039unic.sys
15:15:05.0296 2256 s1039unic - ok
15:15:05.0328 2256 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
15:15:05.0343 2256 SamSs - ok
15:15:05.0406 2256 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:15:05.0421 2256 SASDIFSV - ok
15:15:05.0421 2256 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:15:05.0421 2256 SASKUTIL - ok
15:15:05.0468 2256 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:15:05.0515 2256 SCardSvr - ok
15:15:05.0562 2256 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:15:05.0578 2256 Schedule - ok
15:15:05.0578 2256 se46bus - ok
15:15:05.0578 2256 se46mgmt - ok
15:15:05.0593 2256 se46nd5 - ok
15:15:05.0593 2256 se46obex - ok
15:15:05.0593 2256 se46unic - ok
15:15:05.0640 2256 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:15:05.0640 2256 Secdrv - ok
15:15:05.0656 2256 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:15:05.0656 2256 seclogon - ok
15:15:05.0671 2256 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
15:15:05.0671 2256 SENS - ok
15:15:05.0703 2256 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
15:15:05.0703 2256 serenum - ok
15:15:05.0718 2256 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
15:15:05.0718 2256 Serial - ok
15:15:05.0750 2256 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:15:05.0750 2256 Sfloppy - ok
15:15:05.0812 2256 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
15:15:05.0828 2256 SharedAccess - ok
15:15:05.0875 2256 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:15:05.0875 2256 ShellHWDetection - ok
15:15:05.0875 2256 Simbad - ok
15:15:05.0937 2256 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:15:05.0953 2256 SkypeUpdate - ok
15:15:05.0968 2256 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:15:05.0968 2256 SLIP - ok
15:15:06.0109 2256 [ FBB0BAAC634FD95EDA136C4B2FEC76F6 ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
15:15:06.0125 2256 SmcService - ok
15:15:06.0140 2256 [ 65E1EBF379856B677979802C8D5BCD87 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
15:15:06.0203 2256 SNAC - ok
15:15:06.0234 2256 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
15:15:06.0250 2256 SONYPVU1 - ok
15:15:06.0250 2256 Sparrow - ok
15:15:06.0390 2256 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
15:15:06.0406 2256 SPBBCDrv - ok
15:15:06.0437 2256 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:15:06.0453 2256 splitter - ok
15:15:06.0500 2256 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:15:06.0500 2256 Spooler - ok
15:15:06.0562 2256 [ 4F576E516CC76EC50A244586BCFA1C78 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
15:15:06.0656 2256 sptd - ok
15:15:06.0671 2256 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
15:15:06.0687 2256 sr - ok
15:15:06.0718 2256 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
15:15:06.0718 2256 srservice - ok
15:15:06.0765 2256 [ 5A293729E1F9FCE3A2106D1F5DC5E98A ] SRTSP C:\WINDOWS\system32\Drivers\SRTSP.SYS
15:15:06.0765 2256 SRTSP - ok
15:15:06.0796 2256 [ 0DDB7FBA32BE09D8057063C0CEE24137 ] SRTSPL C:\WINDOWS\system32\Drivers\SRTSPL.SYS
15:15:06.0812 2256 SRTSPL - ok
15:15:06.0843 2256 [ A99719DFB61B61AA5026341BBB733C0A ] SRTSPX C:\WINDOWS\system32\Drivers\SRTSPX.SYS
15:15:06.0843 2256 SRTSPX - ok
15:15:06.0890 2256 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:15:06.0906 2256 Srv - ok
15:15:06.0921 2256 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:15:06.0921 2256 SSDPSRV - ok
15:15:06.0968 2256 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:15:06.0984 2256 stisvc - ok
15:15:07.0031 2256 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:15:07.0031 2256 streamip - ok
15:15:07.0046 2256 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:15:07.0046 2256 swenum - ok
15:15:07.0078 2256 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:15:07.0093 2256 swmidi - ok
15:15:07.0093 2256 SwPrv - ok
15:15:07.0171 2256 [ 05799A82B7A2714AE14EE17C4B660701 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
15:15:07.0187 2256 Symantec AntiVirus - ok
15:15:07.0187 2256 symc810 - ok
15:15:07.0203 2256 symc8xx - ok
15:15:07.0218 2256 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
15:15:07.0218 2256 SymEvent - ok
15:15:07.0265 2256 [ 394B2368212114D538316812AF60FDDD ] SYMREDRV C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
15:15:07.0296 2256 SYMREDRV - ok
15:15:07.0328 2256 [ D46676BB414C7531BDFFE637A33F5033 ] SYMTDI C:\WINDOWS\System32\Drivers\SYMTDI.SYS
15:15:07.0328 2256 SYMTDI - ok
15:15:07.0328 2256 sym_hi - ok
15:15:07.0343 2256 sym_u3 - ok
15:15:07.0375 2256 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:15:07.0375 2256 sysaudio - ok
15:15:07.0421 2256 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:15:07.0421 2256 SysmonLog - ok
15:15:07.0453 2256 [ C074793032757749ED7FA46469A66B17 ] SysPlant C:\WINDOWS\SYSTEM32\Drivers\SysPlant.sys
15:15:07.0468 2256 SysPlant - ok
15:15:07.0515 2256 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:15:07.0515 2256 TapiSrv - ok
15:15:07.0578 2256 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:15:07.0578 2256 Tcpip - ok
15:15:07.0609 2256 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:15:07.0625 2256 TDPIPE - ok
15:15:07.0656 2256 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:15:07.0656 2256 TDTCP - ok
15:15:07.0703 2256 [ 1D3C046A9106DE97DDC8276958700BF4 ] Teefer2 C:\WINDOWS\system32\DRIVERS\teefer2.sys
15:15:07.0703 2256 Teefer2 - ok
15:15:07.0703 2256 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:15:07.0703 2256 TermDD - ok
15:15:07.0750 2256 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
15:15:07.0765 2256 TermService - ok
15:15:07.0812 2256 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
15:15:07.0812 2256 Themes - ok
15:15:07.0843 2256 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
15:15:07.0906 2256 TlntSvr - ok
15:15:07.0906 2256 TosIde - ok
15:15:07.0937 2256 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:15:07.0937 2256 TrkWks - ok
15:15:07.0968 2256 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:15:07.0984 2256 Udfs - ok
15:15:07.0984 2256 ultra - ok
15:15:08.0031 2256 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
15:15:08.0031 2256 UMWdf - ok
15:15:08.0078 2256 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:15:08.0093 2256 Update - ok
15:15:08.0125 2256 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:15:08.0125 2256 upnphost - ok
15:15:08.0140 2256 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
15:15:08.0140 2256 UPS - ok
15:15:08.0156 2256 USBAAPL - ok
15:15:08.0203 2256 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:15:08.0203 2256 usbaudio - ok
15:15:08.0328 2256 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:15:08.0328 2256 usbccgp - ok
15:15:08.0343 2256 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:15:08.0343 2256 usbehci - ok
15:15:08.0359 2256 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:15:08.0359 2256 usbhub - ok
15:15:08.0390 2256 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:15:08.0390 2256 usbohci - ok
15:15:08.0406 2256 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:15:08.0421 2256 usbprint - ok
15:15:08.0453 2256 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:15:08.0453 2256 usbscan - ok
15:15:08.0453 2256 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:15:08.0468 2256 USBSTOR - ok
15:15:08.0500 2256 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
15:15:08.0515 2256 usbvideo - ok
15:15:08.0515 2256 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:15:08.0515 2256 VgaSave - ok
15:15:08.0562 2256 [ 7F62C4ADFBC6E653D740A5E93B0DC446 ] vhidmini C:\WINDOWS\system32\DRIVERS\vjoy.sys
15:15:08.0562 2256 vhidmini - ok
15:15:08.0562 2256 ViaIde - ok
15:15:08.0593 2256 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:15:08.0593 2256 VolSnap - ok
15:15:08.0640 2256 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
15:15:08.0656 2256 VSS - ok
15:15:08.0687 2256 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
15:15:08.0687 2256 W32Time - ok
15:15:08.0703 2256 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:15:08.0703 2256 Wanarp - ok
15:15:08.0703 2256 WDICA - ok
15:15:08.0750 2256 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:15:08.0750 2256 wdmaud - ok
15:15:08.0796 2256 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:15:08.0796 2256 WebClient - ok
15:15:08.0890 2256 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:15:08.0890 2256 winmgmt - ok
15:15:08.0937 2256 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
15:15:08.0937 2256 WmdmPmSN - ok
15:15:09.0000 2256 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
15:15:09.0015 2256 Wmi - ok
15:15:09.0062 2256 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:15:09.0078 2256 WmiApSrv - ok
15:15:09.0109 2256 [ 1385E5AA9C9821790D33A9563B8D2DD0 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
15:15:09.0125 2256 WpdUsb - ok
15:15:09.0140 2256 [ 4434525F44B84A97DECBFE032334F51B ] WPS C:\WINDOWS\system32\drivers\wpsdrvnt.sys
15:15:09.0140 2256 WPS - ok
15:15:09.0140 2256 [ FF983A25AE6F7D3F87F26BF51F02A201 ] WpsHelper C:\WINDOWS\system32\drivers\WpsHelper.sys
15:15:09.0140 2256 WpsHelper - ok
15:15:09.0203 2256 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:15:09.0203 2256 WS2IFSL - ok
15:15:09.0234 2256 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
15:15:09.0234 2256 wscsvc - ok
15:15:09.0281 2256 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:15:09.0296 2256 WSTCODEC - ok
15:15:09.0328 2256 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
15:15:09.0328 2256 wuauserv - ok
15:15:09.0375 2256 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:15:09.0390 2256 WZCSVC - ok
15:15:09.0421 2256 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:15:09.0421 2256 xmlprov - ok
15:15:09.0437 2256 ================ Scan global ===============================
15:15:09.0500 2256 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
15:15:09.0546 2256 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:15:09.0562 2256 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:15:09.0593 2256 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
15:15:09.0593 2256 [Global] - ok
15:15:09.0593 2256 ================ Scan MBR ==================================
15:15:09.0609 2256 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
15:15:09.0906 2256 \Device\Harddisk0\DR0 - ok
15:15:09.0906 2256 ================ Scan VBR ==================================
15:15:09.0906 2256 [ 31DDEED25D28F28453B4654AFD16F95E ] \Device\Harddisk0\DR0\Partition1
15:15:09.0906 2256 \Device\Harddisk0\DR0\Partition1 - ok
15:15:09.0906 2256 ============================================================
15:15:09.0906 2256 Scan finished
15:15:09.0906 2256 ============================================================
15:15:09.0937 1012 Detected object count: 0
15:15:09.0937 1012 Actual detected object count: 0
  • 0

#8
ManFromEarth

ManFromEarth

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
It seems to me no other problems persist except the Daemon error.
It gives an Initialization Error: 0 and doesn't run.
  • 0

#9
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
For the Daemon tools error I would recommend an uninstall followed by a re-install as it may be damaged

What other problems are you experiencing ?
  • 0

#10
ManFromEarth

ManFromEarth

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts
Right, did that. No more problems to note as of now.
It seems to me that did it, thank you so much for the help!
  • 0

#11
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK let me send you on your way :lol:

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [CLEARALLRESTOREPOINTS]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix
  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall
    (Notice the space between the "x" and "/")
    then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.

Posted Image Your Java is out of date.
Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version


Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP