Jump to content


Photo
- - - - -

i'm getting firefox redirects

infected virus malwarebytes

  • This topic is locked This topic is locked
16 replies to this topic

#1 chewbaccaneedsamedal

chewbaccaneedsamedal

    New Member

  • Members
  • Pip
  • 10 posts

Posted 07 May 2012 - 06:48 PM

I think my computer is infected. I keep getting redirects when I use Firefox and it takes forever to load now. I have run the Malwarebytes scan numereous times and it keeps finding infected objects every time. I am desperate to get my computer back to normal. I am pasting the dds reports. Thank you in advance.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20
Run by Randy Green at 16:39:59 on 2012-05-07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.223 [GMT -7:00]
.
.
============== Running Processes ===============
.
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciServiceHost.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\ATT-SST\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
\\.\globalroot\SystemRoot\system32\svchost.exe -k netsvcs
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\EHOME\EHTRAY.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRAM FILES\DIGITAL LINE DETECT\DLG.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\DISTILLR\ACROTRAY.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\SYSTEM32\taskmgr.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uWindow Title = Windows Internet Explorer provided by Yahoo!
mDefault_Page_URL = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [ATT-SST_McciTrayApp] "c:\program files\att-sst\McciTrayApp.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/w...0"&"ver=9.0.894
mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\documents and settings\all users\application data\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScript
StartupFolder: c:\docume~1\randyg~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\randy green\application data\dropbox\bin\Dropbox.exe
uPolicies-explorer: NoInstrumentation = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: mswsock.dll
Trusted Zone: $talisma_url$
Trusted Zone: microsoft.com\office
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{4DA633FF-39E9-441F-B26F-36BFB2971788} : DhcpNameServer = 192.168.1.254
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\randy green\application data\mozilla\firefox\profiles\picgvapf.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en#t_0
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2012-4-5 913752]
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2005-8-16 14336]
R2 McciServiceHost;McciServiceHost;c:\program files\common files\motive\McciServiceHost.exe [2011-9-26 315392]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R3 lknuhst;Linksys Network USB Host Controller;c:\windows\system32\drivers\lknuhst.sys [2008-6-11 11136]
R3 LKNUHUB;Linksys Network USB Root Hub;c:\windows\system32\drivers\lknuhub.sys [2008-6-11 37248]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]
S2 Ias;Windows Team Tools;c:\windows\system32\svchost.exe -k netsvcs [2005-8-16 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-28 257696]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]
S3 LKNUCMP;Linksys Network USB Composite Device;c:\windows\system32\drivers\lknucmp.sys [2008-6-11 11648]
.
=============== Created Last 30 ================
.
2012-05-07 21:13:59 388096 ----a-r- c:\documents and settings\randy green\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-05-07 21:13:55 -------- d-----w- c:\program files\Trend Micro
2012-05-07 21:08:21 54016 ----a-w- c:\windows\system32\drivers\iavbfqt.sys
2012-05-07 16:23:53 0 --sha-w- c:\windows\system32\papycpu2.dll
2012-04-30 18:02:57 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-04-25 21:47:55 -------- d-----w- c:\program files\iPod
2012-04-25 21:42:27 -------- d-----w- c:\program files\Bonjour
2012-04-19 04:22:11 21336 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2012-04-19 02:59:04 -------- d-----w- c:\documents and settings\randy green\application data\Intelli-studio
2012-04-19 02:58:59 -------- d-----w- c:\program files\Samsung
2012-04-14 05:31:29 -------- d-----w- c:\documents and settings\randy green\application data\MrSmooth.1F1C2CE6230412E7752D206B573506D8446D8E6A.1
2012-04-14 05:30:46 -------- d-----w- c:\program files\MrSmooth
2012-04-14 05:29:16 -------- d-----w- c:\program files\Mr Smooth
2012-04-14 01:25:09 4140192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
.
==================== Find3M ====================
.
2012-05-06 15:25:40 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-06 15:25:39 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-04 22:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll
2012-02-15 18:01:50 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll
2012-02-15 18:01:50 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys
.
============= FINISH: 16:41:20.73 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 6/5/2006 8:33:52 PM
System Uptime: 5/7/2012 10:41:13 AM (6 hours ago)
.
Motherboard: Dell Inc. | | 0KD882
Processor: Genuine Intel® CPU T2300 @ 1.66GHz | Microprocessor | 1662/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 37 GiB total, 2.031 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 5.589 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Microsoft Tun Miniport Adapter
Device ID: ROOT\*TUNMP\0001
Manufacturer: Microsoft
Name: Microsoft Tun Miniport Adapter #2
PNP Device ID: ROOT\*TUNMP\0001
Service: tunmp
.
==== System Restore Points ===================
.
RP1420: 2/6/2012 1:08:04 PM - System Checkpoint
RP1421: 2/7/2012 1:44:05 PM - System Checkpoint
RP1422: 2/8/2012 7:30:51 PM - System Checkpoint
RP1423: 2/10/2012 10:43:46 AM - System Checkpoint
RP1424: 2/13/2012 8:12:37 AM - System Checkpoint
RP1425: 2/14/2012 11:59:36 AM - System Checkpoint
RP1426: 2/15/2012 7:17:05 AM - Software Distribution Service 3.0
RP1427: 2/17/2012 8:58:57 AM - System Checkpoint
RP1428: 2/21/2012 10:37:53 AM - System Checkpoint
RP1429: 2/22/2012 5:54:12 PM - System Checkpoint
RP1430: 2/24/2012 9:17:58 PM - System Checkpoint
RP1431: 2/28/2012 3:59:26 PM - System Checkpoint
RP1432: 3/7/2012 5:08:27 PM - Installed Windows Internet Explorer 8.
RP1433: 3/7/2012 5:11:24 PM - Software Distribution Service 3.0
RP1434: 3/11/2012 9:03:41 PM - Software Distribution Service 3.0
RP1435: 3/13/2012 9:37:25 AM - System Checkpoint
RP1436: 3/14/2012 3:31:59 PM - Software Distribution Service 3.0
RP1437: 3/16/2012 7:56:38 PM - System Checkpoint
RP1438: 3/23/2012 12:20:59 PM - System Checkpoint
RP1439: 3/25/2012 11:10:53 AM - System Checkpoint
RP1440: 3/27/2012 9:06:44 PM - System Checkpoint
RP1441: 4/2/2012 1:54:58 PM - System Checkpoint
RP1442: 4/3/2012 4:51:57 PM - System Checkpoint
RP1443: 4/11/2012 3:38:29 PM - System Checkpoint
RP1444: 4/12/2012 9:45:55 AM - Software Distribution Service 3.0
RP1445: 4/13/2012 3:37:11 PM - System Checkpoint
RP1446: 4/15/2012 11:43:38 AM - System Checkpoint
RP1447: 4/16/2012 11:52:46 AM - System Checkpoint
RP1448: 4/18/2012 9:03:55 PM - System Checkpoint
RP1449: 4/20/2012 5:08:22 AM - System Checkpoint
RP1450: 4/21/2012 5:17:20 AM - System Checkpoint
RP1451: 4/23/2012 11:43:31 AM - System Checkpoint
RP1452: 4/25/2012 2:31:28 PM - Installed Apple Software Update
RP1453: 4/25/2012 5:31:00 PM - Software Distribution Service 3.0
RP1454: 5/1/2012 10:04:32 AM - System Checkpoint
RP1455: 5/2/2012 12:13:20 PM - System Checkpoint
RP1456: 5/7/2012 2:13:51 PM - Installed HiJackThis
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe Acrobat 5.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.3.1
Advanced SystemCare 5
AiO_Scan
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AT&T Troubleshoot & Resolve Tool
Belkin F8E825-USB MiniWireless Optical Mouse
Bluetooth Stack for Windows by Toshiba
Bonjour
BPD_Scan
Broadcom Management Programs
Canon Camera Access Library
Canon Camera Support Core Library
Canon Camera Window DC_DV 5 for ZoomBrowser EX
Canon Camera Window DC_DV 6 for ZoomBrowser EX
Canon Camera Window MC 6 for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities ZoomBrowser EX
Compatibility Pack for the 2007 Office system
Conexant HDA D110 MDC V.92 Modem
Critical Update for Windows Media Player 11 (KB959772)
Dell Digital Jukebox Driver
Dell System Restore
Digital Content Portal
Digital Line Detect
DivX Web Player
Documentation & Support Launcher
Dropbox
FLV Player 2.0, build 24
Games, Music, & Photos Launcher
Google Desktop
Google Earth Plug-in
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Image Zone 4.2
HP Officejet All-In-One Series
HP PSC & OfficeJet 4.2
HP Software Update
HPODiscovery
Intel® Graphics Media Accelerator Driver
Intel® PROSet/Wireless Software
IrfanView (remove only)
iTunes
Java 2 Runtime Environment, SE v1.4.2_03
Java™ 6 Update 20
Lexmark X1100 Series
Malwarebytes Anti-Malware version 1.61.0.1400
mCore
MCU
mDriver
mDrWiFi
mGina
mHlpDell
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft ActiveSync
Microsoft Automated Troubleshooting Services Shim
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft IntelliPoint 6.1
Microsoft IntelliType Pro 6.1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Converter Pack
Microsoft Office XP Professional with FrontPage
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
mIWA
mLogView
mMHouse
Mobile Broadband Drivers
MobileMe Control Panel
Modem Helper
Mozilla Firefox 5.0 (x86 en-US)
mPfMgr
mPfWiz
mProSafe
Mr Smooth v1.0
MrSmooth
mSSO
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB954459)
mToolkit
Musicmatch for Windows Media Player
mWlsSafe
mWMI
mXML
mZConfig
Netflix Movie Viewer
overland
PowerDVD 5.7
QFolder
QuickSet
QuickTime
RealPlayer Basic
Scan
Search Assist
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB2416400)
Security Update for Windows Internet Explorer 7 (KB2482017)
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sonic DLA
Sonic Encoders
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows PowerShell™ 1.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WordPerfect Office 12
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
5/7/2012 8:51:58 AM, error: Service Control Manager [7023] - The Tmesrv3 service terminated with the following error: %1 is not a valid Win32 application.
5/7/2012 10:16:23 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
5/4/2012 9:49:34 AM, error: Service Control Manager [7023] - The Fallback service terminated with the following error: The specified module could not be found.
5/4/2012 9:49:34 AM, error: Service Control Manager [7023] - The Awservice service terminated with the following error: The specified module could not be found.
5/4/2012 9:49:34 AM, error: Service Control Manager [7023] - The Alcxwdm service terminated with the following error: The specified module could not be found.
5/3/2012 12:29:09 PM, error: Service Control Manager [7023] - The Zdeviceservice service terminated with the following error: The specified module could not be found.
5/2/2012 7:17:49 PM, error: Service Control Manager [7023] - The Zntport service terminated with the following error: The specified module could not be found.
5/2/2012 7:17:49 PM, error: Service Control Manager [7023] - The Sr_watchdog service terminated with the following error: The specified module could not be found.
5/2/2012 7:17:49 PM, error: Service Control Manager [7023] - The Sagefserver service terminated with the following error: The specified module could not be found.
5/2/2012 7:17:49 PM, error: Service Control Manager [7023] - The PTproct service terminated with the following error: The specified module could not be found.
5/2/2012 7:17:49 PM, error: Service Control Manager [7023] - The Mpfservice service terminated with the following error: The specified module could not be found.
5/2/2012 3:39:13 PM, error: Service Control Manager [7023] - The Naiavfilter1 service terminated with the following error: The specified module could not be found.
5/2/2012 3:39:13 PM, error: Service Control Manager [7023] - The Elosystemservice service terminated with the following error: The specified module could not be found.
5/2/2012 2:35:20 PM, error: Service Control Manager [7023] - The WinDriver6 service terminated with the following error: The specified module could not be found.
5/2/2012 2:35:20 PM, error: Service Control Manager [7023] - The Windows Team Tools service terminated with the following error: The specified module could not be found.
5/2/2012 12:37:01 PM, error: Service Control Manager [7023] - The Mcvsrte service terminated with the following error: The specified module could not be found.
5/1/2012 9:48:01 AM, error: Service Control Manager [7023] - The USB Device Service service terminated with the following error: The specified module could not be found.
5/1/2012 9:48:01 AM, error: Service Control Manager [7023] - The NtMtlFax service terminated with the following error: The specified module could not be found.
5/1/2012 9:48:01 AM, error: Service Control Manager [7023] - The {e2b953a6-195a-44f9-9ba3-3d5f4e32bb55} service terminated with the following error: The specified module could not be found.
5/1/2012 9:26:20 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000043' while processing the file 'i8042prt.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
5/1/2012 8:09:51 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'i8042prt.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
5/1/2012 11:21:40 AM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
4/30/2012 4:12:44 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/30/2012 3:49:57 PM, error: Service Control Manager [7034] - The System Restore Service service terminated unexpectedly. It has done this 1 time(s).
4/30/2012 3:49:57 PM, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s).
4/30/2012 3:49:57 PM, error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/30/2012 3:49:57 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPDRV Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip Tcpip6 Tosrfcom WS2IFSL
4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The Simple TCP/IP Services service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The IPv6 Helper Service service depends on the Microsoft IPv6 Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The Fax service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start.
4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/30/2012 3:49:15 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
.
==== End Of File ===========================

#2 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,551 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 07 May 2012 - 07:03 PM

Hello chew.................... and welcome.

Start with the following, and make no changes or adds to your system without checking with me first. i.e., kindly only follow my guidance

Step 1
1. Go >> Here << and download ERUNT
(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
2. Install ERUNT by following the prompts
(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
3. Start ERUNT
(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
4. Choose a location for the backup
(the default location is C:\WINDOWS\ERDNT which is acceptable).
5. Make sure that at least the first two check boxes are ticked
6. Press OK
7. Press YES to create the folder.

Step 2
Set Windows to show all files and all folders.
On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.
Next, un-check Hide extensions for known file types.
Next un-check Hide protected operating system files.

Step 3
Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4
Download Security Check by screen317 and save it to your Desktop: here or here
  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Close all open browsers at this point.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com

and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.

Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button

Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.

The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.

Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.

Step 6
  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Click on Scan.
  • Click on Report and copy/paste the content of the notepad into your next reply.


Step 7
RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.
Use separate replies as needed if logs do not fit into one reply box.
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#3 chewbaccaneedsamedal

chewbaccaneedsamedal

    New Member

  • Members
  • Pip
  • 10 posts

Posted 07 May 2012 - 07:55 PM

Ok. Here goes. I lost the info.text file from RSIT and when I re ran it only the log.txt file comes up. Here are the other logs.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Randy Green at 2012-05-07 17:50:14
Microsoft Windows XP Professional Service Pack 3
System drive C: has 2 GB (5%) free of 38 GB
Total RAM: 1014 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:50:24 PM, on 5/7/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17108)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Program Files\Common Files\Motive\McciServiceHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\ATT-SST\McciTrayApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\SYSTEM32\IGFXPERS.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\EHOME\EHTRAY.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRAM FILES\DIGITAL LINE DETECT\DLG.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\DISTILLR\ACROTRAY.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
\.\globalroot\C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Randy Green\Desktop\RSIT.exe
C:\Program Files\trend micro\Randy Green.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\McciTrayApp.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/w...0"&"ver=9.0.894
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [Corel Photo Album] rundll32.exe "C:\Documents and Settings\Randy Green\Local Settings\Application Data\Help\Corel Photo Album\ihkpbqo.dll",DllRegisterServer (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Corel Photo Album] rundll32.exe "C:\Documents and Settings\Randy Green\Local Settings\Application Data\Help\Corel Photo Album\ihkpbqo.dll",DllRegisterServer (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bit...m/qsax/qsax.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1....loadManager.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\SYSTEM32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\SYSTEM32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: McciServiceHost - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciServiceHost.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Dkeysync (s116nd5) - Unknown owner - \\.\globalrootC:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 13342 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Randy Green\Application Data\Mozilla\Firefox\Profiles\picgvapf.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "http://www.google.co...m/ig?hl=en#t_0"
prefs.js - "extensions.enabledItems" - "{3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872, avg@igeared:6.103.018.001, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {95893C46-6679-4483-811A-B294C6556DE3}:1.9.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.yahoo....type=685749&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"{95893C46-6679-4483-811A-B294C6556DE3}"=C:\Documents and Settings\Randy Green\Local Settings\Application Data\{95893C46-6679-4483-811A-B294C6556DE3}


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.235 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Motive.com/NpMotive,version=1.0]
"Description"=Motive Plugin
"Path"=C:\Program Files\Common Files\Motive\npMotive.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP]
"Description"=Viewpoint Media Player for Mozilla
"Path"=C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

C:\Program Files\Mozilla Firefox\extensions\
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
amazondotcom.xml
answers.xml
avg_igeared.xml
bing.xml
creativecommons.xml
eBay.xml
google.xml
twitter.xml
wikipedia.xml
yahoo.xml

C:\Documents and Settings\Randy Green\Application Data\Mozilla\Firefox\Profiles\picgvapf.default\extensions\
info@djzig.com
{20a82645-c095-46ed-80e3-08825760534b}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2012-01-11 1517368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-05 118842]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2006-10-12 2108480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-17 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - c:\Program Files\BAE\BAE.dll [2006-02-22 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-21 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2009-09-19 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2006-10-12 2108480]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2012-01-11 1517368]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-12-13 98304]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-12-13 77824]
"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2005-11-16 397312]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-11-29 761947]
"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2005-12-09 49152]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-12-05 127035]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]
"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2006-11-21 813912]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 849280]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-06-15 47408]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-10-18 696320]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-10-18 802816]
"ATT-SST_McciTrayApp"=C:\Program Files\ATT-SST\McciTrayApp.exe [2010-07-27 1573888]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2011-08-30 40368]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]
"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2011-10-24 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-03-27 421736]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/w...=90&ver=9.0.894 []
"Malwarebytes Anti-Malware (cleanup)"=C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll [2012-04-04 1082440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]
"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2012-03-06 574296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
c:\windows\ehome\ehtray.exe [2005-09-29 67584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
c:\program files\google\google desktop search\googledesktop.exe [2006-05-29 169472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
c:\program files\hp\hp software update\hpwuschd2.exe [2005-02-16 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-06-22 172032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
c:\windows\system32\igfxpers.exe [2005-12-13 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\program files\common files\installshield\updateservice\isuspm.exe [2005-06-10 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]
c:\program files\lexmark x1100 series\lxbkbmgr.exe [2003-08-19 57344]

C:\Documents and Settings\Randy Green\Start Menu\Programs\Startup
Dropbox.lnk - C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\SYSTEM32\igfxdev.dll [2005-12-13 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\SYSTEM32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:Enabled:ActiveSync RAPI Manager"
"C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:svchost.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-05-07 17:25:46 ----D---- C:\Documents and Settings\Randy Green\Application Data\QuickScan
2012-05-07 17:16:58 ----D---- C:\rsit
2012-05-07 17:15:13 ----D---- C:\WINDOWS\ERDNT
2012-05-07 17:10:55 ----D---- C:\Program Files\ERUNT
2012-05-07 14:13:55 ----D---- C:\Program Files\Trend Micro
2012-05-07 14:08:21 ----A---- C:\WINDOWS\system32\drivers\iavbfqt.sys
2012-05-07 09:23:53 ----ASH---- C:\WINDOWS\system32\papycpu2.dll
2012-05-03 08:58:02 ----A---- C:\WINDOWS\ntbtlog.txt
2012-04-30 11:02:57 ----ASH---- C:\WINDOWS\system32\dds_trash_log.cmd
2012-04-25 14:47:55 ----D---- C:\Program Files\iPod
2012-04-25 14:42:27 ----D---- C:\Program Files\Bonjour
2012-04-18 21:22:11 ----A---- C:\WINDOWS\system32\RegistryDefragBootTime.exe
2012-04-18 19:59:04 ----D---- C:\Documents and Settings\Randy Green\Application Data\Intelli-studio
2012-04-18 19:58:59 ----D---- C:\Program Files\Samsung
2012-04-13 22:31:29 ----D---- C:\Documents and Settings\Randy Green\Application Data\MrSmooth.1F1C2CE6230412E7752D206B573506D8446D8E6A.1
2012-04-13 22:30:46 ----D---- C:\Program Files\MrSmooth
2012-04-13 22:29:51 ----D---- C:\Program Files\Common Files\Adobe AIR
2012-04-13 22:29:16 ----D---- C:\Program Files\Mr Smooth
2012-04-13 18:25:09 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe
2012-04-12 10:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2656378$
2012-04-12 09:49:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$

======List of files/folders modified in the last 1 month======

2012-05-07 17:41:36 ----D---- C:\WINDOWS\system32\drivers
2012-05-07 17:37:23 ----D---- C:\WINDOWS\system32
2012-05-07 17:25:46 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-05-07 17:25:45 ----D---- C:\WINDOWS\system32\CatRoot2
2012-05-07 17:24:39 ----D---- C:\WINDOWS\Temp
2012-05-07 17:15:13 ----D---- C:\WINDOWS
2012-05-07 17:10:55 ----D---- C:\Program Files
2012-05-07 14:14:15 ----SHD---- C:\WINDOWS\Installer
2012-05-07 14:13:59 ----HD---- C:\Config.Msi
2012-05-07 14:08:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2012-05-07 12:36:35 ----D---- C:\Documents and Settings\Randy Green\Application Data\Dropbox
2012-05-07 11:48:40 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt
2012-05-07 10:43:01 ----D---- C:\WINDOWS\Registration
2012-05-07 10:42:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-05-07 10:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2012-05-07 09:01:41 ----RSHD---- C:\WINDOWS\system32\dllcache
2012-05-07 09:01:41 ----D---- C:\WINDOWS\system32\en-US
2012-05-07 09:01:40 ----HD---- C:\WINDOWS\inf
2012-05-07 09:01:40 ----D---- C:\WINDOWS\Media
2012-05-07 09:01:40 ----D---- C:\WINDOWS\Help
2012-05-07 09:01:39 ----D---- C:\Program Files\Internet Explorer
2012-05-07 09:00:30 ----D---- C:\WINDOWS\ie8updates
2012-05-07 08:51:18 ----SHD---- C:\WINDOWS\CSC
2012-05-06 10:18:09 ----D---- C:\WINDOWS\Prefetch
2012-05-06 10:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938829$
2012-05-06 10:15:15 ----HDC---- C:\WINDOWS\$NtUninstallKB909394$
2012-05-06 08:25:40 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-05-04 19:20:06 ----D---- C:\Program Files\Mozilla Firefox
2012-05-03 19:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-05-03 19:48:41 ----RSD---- C:\WINDOWS\Fonts
2012-05-03 19:18:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_1$
2012-05-03 19:18:34 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$
2012-05-03 18:25:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2012-05-03 12:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$
2012-05-02 19:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_2$
2012-05-02 17:14:11 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2012-05-02 16:58:24 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_2$
2012-05-02 16:38:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2012-05-02 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$
2012-05-02 15:45:54 ----D---- C:\WINDOWS\Minidump
2012-05-02 15:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$
2012-05-02 14:34:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$
2012-05-02 12:36:12 ----SD---- C:\WINDOWS\occache
2012-05-01 15:58:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2012-05-01 15:58:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$
2012-05-01 15:58:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2012-04-30 16:13:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2012-04-26 08:39:34 ----D---- C:\WINDOWS\ServicePackFiles
2012-04-25 20:23:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2012-04-25 18:23:15 ----D---- C:\Program Files\Microsoft Silverlight
2012-04-25 15:13:29 ----D---- C:\Documents and Settings\Randy Green\Application Data\Apple Computer
2012-04-25 15:04:14 ----D---- C:\Program Files\Apple Software Update
2012-04-25 14:49:19 ----D---- C:\Program Files\iTunes
2012-04-25 14:47:52 ----D---- C:\Program Files\Common Files\Apple
2012-04-25 14:43:14 ----DC---- C:\WINDOWS\system32\DRVSTORE
2012-04-25 14:39:24 ----D---- C:\Program Files\QuickTime
2012-04-25 14:35:25 ----D---- C:\WINDOWS\WinSxS
2012-04-25 14:31:47 ----SD---- C:\WINDOWS\Tasks
2012-04-19 04:20:03 ----D---- C:\WINDOWS\system32\config
2012-04-14 09:03:47 ----D---- C:\Program Files\Adobe
2012-04-13 22:30:00 ----D---- C:\Documents and Settings\Randy Green\Application Data\Adobe
2012-04-13 22:30:00 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2012-04-13 22:29:51 ----D---- C:\Program Files\Common Files
2012-04-12 10:25:52 ----RSD---- C:\WINDOWS\assembly
2012-04-12 10:21:33 ----D---- C:\WINDOWS\Microsoft.NET
2012-04-12 10:21:11 ----HD---- C:\WINDOWS\$hf_mig$
2012-04-12 10:14:06 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-04-12 09:53:28 ----D---- C:\WINDOWS\Debug
2012-04-12 09:52:04 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 drvmcdb;drvmcdb; C:\WINDOWS\system32\drivers\drvmcdb.sys [2004-12-01 87488]
R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-07 43528]
R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]
R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-07-31 64896]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2011-11-11 21425]
R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2006-05-29 8552]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-16 13059]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-10-19 12544]
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-12-05 25883]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-12-05 34843]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-12-05 4123]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-12-05 2239]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-12-05 86586]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-12-05 15227]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-12-05 6363]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-12-05 98714]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-12-05 100603]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-08-05 45312]
R3 GearAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-21 1035008]
R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-07-21 201600]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-12-13 1364574]
R3 lknuhst;Linksys Network USB Host Controller; C:\WINDOWS\system32\DRIVERS\lknuhst.sys [2006-10-18 11136]
R3 LKNUHUB;Linksys Network USB Root Hub; C:\WINDOWS\system32\DRIVERS\lknuhub.sys [2006-10-18 37248]
R3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
R3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
R3 NETw3x32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-10-17 1711104]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 NWADI;NWADI Bus Enumerator; C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2007-04-19 194048]
R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-10-14 28544]
R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-10-14 51328]
R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-10-14 307968]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-11-16 1047816]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-11-29 191936]
R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-11-21 47104]
R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-02-09 39936]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-21 717952]
S0 emcj;emcj; C:\WINDOWS\System32\drivers\iavbfqt.sys [2012-05-07 54016]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS []
S3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-07-10 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-07-10 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-07-10 21568]
S3 LKNUCMP;Linksys Network USB Composite Device; C:\WINDOWS\system32\DRIVERS\lknucmp.sys [2006-10-18 11648]
S3 mbr;mbr; \??\C:\DOCUME~1\RANDYG~1\LOCALS~1\Temp\mbr.sys []
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 NWUSBModem;Novatel Wireless USB Modem Driver; C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys [2007-04-19 99200]
S3 NWUSBPort;Novatel Wireless USB Status Port Driver; C:\WINDOWS\system32\DRIVERS\nwusbser.sys [2007-04-19 99200]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\drivers\PCASp50.sys []
S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]
S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]
S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-01-20 108928]
S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-09-15 36480]
S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-01-11 62848]
S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-05 18612]
S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-05 50048]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-02-15 43520]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-04 1428096]
S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-10-18 434176]
R2 Iprip;RIP Listener; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-21 153376]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2011-09-09 319488]
R2 McciServiceHost;McciServiceHost; C:\Program Files\Common Files\Motive\McciServiceHost.exe [2011-09-09 315392]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [2006-04-06 380928]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-10-18 327680]
R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-10-18 946176]
R2 SimpTcp;Simple TCP/IP Services; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-10 19456]
R2 viagfx;HSX_DP; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
R2 WLANKEEPER;Intel® PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2006-10-18 290816]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-27 821608]
S2 autocomplete;WinDriver6; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 ccs;Tmesrv3; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]
S2 FirePM;Zpsc; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 freepops;Mcvsrte; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-26 136176]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-13 194104]
S2 hcwPP2;Mpfservice; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 Ias;Windows Team Tools; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S2 incdrec;Sagefserver; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 mozyFilter;Sr_watchdog; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 msdv;Zntport; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 n558;Fallback; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 NtMtlFax;PTproct; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 pacsptisvr;Atierecord; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 rupsmon;NtMtlFax; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 s116nd5;Dkeysync; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-13 14336]
S2 SQLWriter;Digitizer; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 SunkFilt39;Alcxwdm; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 SWUMX20;Zdeviceservice; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 thkeys;{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 USB_NDIS_51;Awservice; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 vmusb;USB Device Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S2 w800bus;Elosystemservice; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 wmccds;Naiavfilter1; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-06-13 69632]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-06 257696]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-26 136176]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-13 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
S3 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S3 p2pgasvc;Peer Networking Group Authentication; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 p2pimsvc;Peer Networking Identity Manager; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 p2psvc;Peer Networking; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 PNRPSvc;Peer Name Resolution Protocol; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 Bluetooth Hid Switch Service;Bluetooth Hid Switch Service; C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe [2005-08-30 188416]

-----------------EOF-----------------

#4 chewbaccaneedsamedal

chewbaccaneedsamedal

    New Member

  • Members
  • Pip
  • 10 posts

Posted 07 May 2012 - 07:55 PM

Here are the other two logs:


QuickScan 32-bit v0.9.9.114
---------------------------
Scan date: Mon May 07 17:25:55 2012
Machine ID: 4C21591B

Process ping.exe (7420) - hidden process!
Process ping.exe (7796) - hidden process!
Process ping.exe (7884) - hidden process!


No infection found.
-------------------



Processes
---------
AcroTray - Adobe Acrobat Distiller help 852 C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
Advanced SystemCare 1388 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
Advanced SystemCare 5 Tray 1384 C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
Bonjour 1032 C:\Program Files\Bonjour\mDNSResponder.exe
BVRP Software TestLine 3552 C:\Program Files\Digital Line Detect\DLG.exe
C-Major Audio 2932 C:\WINDOWS\stsystra.exe
Canon Camera Access Library 8 2804 C:\Program Files\Canon\CAL\CALMAIN.exe
Cyberlink PowerCinema 3.0 2964 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
Drive Letter Access Component 2972 C:\WINDOWS\system32\dla\tfswctrl.exe
InstallShield Update Service 2980 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
Intel PROSet/Wireless 2516 C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
Intel® Common User Interface 2920 C:\WINDOWS\system32\hkcmd.exe
Intel® Common User Interface 2076 C:\WINDOWS\system32\igfxpers.exe
Intel® Common User Interface 2500 C:\WINDOWS\system32\igfxsrvc.exe
Intel® PROSet/Wireless 3036 C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
Intel® PROSet/Wireless Event Log 1640 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
Intel® PROSet/Wireless Registry Servi 2056 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
Intel® PROSet/Wireless Service 1764 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
iTunes 1948 C:\Program Files\iPod\bin\iPodService.exe
iTunes 3136 C:\Program Files\iTunes\iTunesHelper.exe
MarkVision for Windows (32 bit) 424 C:\WINDOWS\system32\LEXBCES.EXE
MarkVision for Windows (32 bit) 496 C:\WINDOWS\system32\LEXPPS.EXE
mcci+McciCMService 728 C:\Program Files\Common Files\Motive\McciCMService.exe
mcci+McciServiceHost 820 C:\Program Files\Common Files\Motive\McciServiceHost.exe
mcci+McciTrayApp 3064 C:\Program Files\ATT-SST\McciTrayApp.exe
Microsoft ActiveSync 3168 C:\Program Files\Microsoft ActiveSync\wcescomm.exe
Microsoft ActiveSync 292 C:\PROGRA~1\MI3AA1~1\rapimgr.exe
Microsoft IntelliPoint 3020 C:\Program Files\Microsoft IntelliPoint\ipoint.exe
Microsoft IntelliType Pro 3012 C:\Program Files\Microsoft IntelliType Pro\itype.exe
Microsoft® Windows® Operating System 1060 C:\WINDOWS\ehome\ehmsas.exe
Microsoft® Windows® Operating System 1064 C:\WINDOWS\ehome\ehrecvr.exe
Microsoft® Windows® Operating System 876 C:\WINDOWS\ehome\ehSched.exe
Microsoft® Windows® Operating System 752 C:\WINDOWS\ehome\ehtray.exe
Microsoft® Windows® Operating System 2612 C:\WINDOWS\ehome\mcrdsvc.exe
Microsoft® Windows® Operating System 9064 C:\WINDOWS\system32\notepad.exe
Microsoft® Windows® Operating System 8376 C:\WINDOWS\system32\notepad.exe
Microsoft® Windows® Operating System 7420 C:\WINDOWS\system32\ping.exe
Microsoft® Windows® Operating System 7796 C:\WINDOWS\system32\ping.exe
Microsoft® Windows® Operating System 7884 C:\WINDOWS\system32\ping.exe
Microsoft® Windows® Operating System 500 C:\WINDOWS\system32\spoolsv.exe
Microsoft® Windows® Operating System 2104 C:\WINDOWS\system32\tcpsvcs.exe
MobileDeviceService 656 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
NicConfigSvc 1936 C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
SSO Service 1788 C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
Synaptics Pointing Device Driver 2940 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Windows® Internet Explorer 8300 C:\Program Files\Internet Explorer\iexplore.exe
ZeroCfgSvc Application 3044 C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(verified) Java™ Platform SE 6 U20 1492 C:\Program Files\Java\jre6\bin\jqs.exe
(verified) Microsoft® Windows® Operating System 2480 C:\WINDOWS\explorer.exe
(verified) Microsoft® Windows® Operating System 3656 C:\WINDOWS\system32\alg.exe
(verified) Microsoft® Windows® Operating System 1132 C:\WINDOWS\system32\csrss.exe
(verified) Microsoft® Windows® Operating System 3520 C:\WINDOWS\system32\dllhost.exe
(verified) Microsoft® Windows® Operating System 1224 C:\WINDOWS\system32\lsass.exe
(verified) Microsoft® Windows® Operating System 1212 C:\WINDOWS\system32\services.exe
(verified) Microsoft® Windows® Operating System 1076 C:\WINDOWS\system32\smss.exe
(verified) Microsoft® Windows® Operating System 3344 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 360 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1528 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2128 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1464 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2144 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 2028 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1896 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1884 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 1564 C:\WINDOWS\system32\svchost.exe
(verified) Microsoft® Windows® Operating System 3824 C:\WINDOWS\system32\wbem\wmiprvse.exe
(verified) Microsoft® Windows® Operating System 1156 C:\WINDOWS\system32\winlogon.exe
(verified) Yahoo! AutoUpdater 2284 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe


Network activity
----------------
Process ping.exe (7420) connected on port 80 (HTTP) --> 74.125.224.92
Process ping.exe (7796) connected on port 80 (HTTP) --> 184.31.29.229
Process ping.exe (7796) connected on port 80 (HTTP) --> 69.22.137.178
Process ping.exe (7796) connected on port 443 (HTTP over SSL) --> 69.22.137.176
Process ping.exe (7796) connected on port 80 (HTTP) --> 184.73.153.191
Process ping.exe (7796) connected on port 80 (HTTP) --> 198.87.51.35
Process ping.exe (7796) connected on port 1935 --> 208.111.174.26
Process ping.exe (7796) connected on port 80 (HTTP) --> 74.125.127.191
Process ping.exe (7796) connected on port 80 (HTTP) --> 77.67.126.50
Process ping.exe (7796) connected on port 80 (HTTP) --> 74.125.224.97
Process ping.exe (7884) connected on port 80 (HTTP) --> 66.35.51.37
Process ping.exe (7884) connected on port 80 (HTTP) --> 184.72.241.213
Process ping.exe (7884) connected on port 80 (HTTP) --> 184.72.241.213
Process ping.exe (7884) connected on port 80 (HTTP) --> 74.217.78.146
Process ping.exe (7884) connected on port 80 (HTTP) --> 74.217.78.146
Process ping.exe (7884) connected on port 80 (HTTP) --> 107.22.197.203
Process iexplore.exe (8300) connected on port 80 (HTTP) --> 184.87.159.139
Process iexplore.exe (8300) connected on port 80 (HTTP) --> 77.67.126.50
Process iexplore.exe (8300) connected on port 80 (HTTP) --> 74.125.224.67
Process iexplore.exe (8300) connected on port 80 (HTTP) --> 66.235.142.3

Process rapimgr.exe (292) listens on ports: 990 (FTP over SSL)
Process svchost.exe (1564) listens on ports: 34354
Process tcpsvcs.exe (2104) listens on ports: 7 (Echo), 9 (Discard), 13 (Daytime), 17 (Quotd), 19 (Chargen)
Process iexplore.exe (8300) listens on ports: 1301, 1516, 1537, 1733, 1786, 1802


Autoruns and critical files
---------------------------
Adobe Acrobat C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Advanced SystemCare 5 Tray C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C-Major Audio C:\WINDOWS\stsystra.exe
Cyberlink PowerCinema 3.0 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
Drive Letter Access Component C:\WINDOWS\system32\dla\tfswctrl.exe
Dropbox C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe
Google Updater C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
GoogleDesktopNetwork3.dll C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe
Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll
Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe
Intel® PROSet/Wireless C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
iTunes C:\Program Files\iTunes\iTunesHelper.exe
mcci+McciTrayApp C:\Program Files\ATT-SST\McciTrayApp.exe
Microsoft ActiveSync C:\Program Files\Microsoft ActiveSync\wcescomm.exe
Microsoft IntelliPoint C:\Program Files\Microsoft IntelliPoint\ipoint.exe
Microsoft IntelliType Pro C:\Program Files\Microsoft IntelliType Pro\itype.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\dumprep.exe
Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Microsoft® Windows® Operating System C:\WINDOWS\SYSTEM32\WlNotify.dll
MobileMe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
QuickTime C:\Program Files\QuickTime\qttask.exe
Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Windows Genuine Advantage C:\WINDOWS\SYSTEM32\WgaLogon.dll
Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll
ZeroCfgSvc Application C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\SYSTEM32\logonui.exe
(verified) Microsoft® Windows® Operating System C:\WINDOWS\SYSTEM32\sclgntfy.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll


Browser plugins
---------------
Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Browser Address Error Redirector c:\Program Files\BAE\BAE.dll
DivX Web Player C:\Program Files\DivX\DivX Web Player\npdivx32.dll
Drive Letter Access Component C:\WINDOWS\system32\dla\tfswshx.dll
get_ActiveX C:\WINDOWS\Downloaded Program Files\HPGetDownloadManager.ocx
Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
Google Toolbar for IE c:\program files\google\googletoolbar1.dll
Google Update C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
Google Updater C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
IEAWSDC.DLL C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL
InstallShield Update Service C:\WINDOWS\Downloaded Program Files\isusweb.dll
InterTrust Redemption Wizard C:\Program Files\Internet Explorer\plugins\NPDocBox.dll
Messenger C:\Program Files\Messenger\msmsgs.exe
MetaStream 3 Plugin C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
Microsoft Support Diagnostic Tool C:\WINDOWS\Downloaded Program Files\MSDCode.DLL
Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
Microsoft® Windows® Operating System C:\WINDOWS\system32\pnrpnsp.dll
Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll
Motive Plugin C:\Program Files\Common Files\Motive\npMotive.dll
mswsock.dll C:\WINDOWS\system32\mswsock.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32_11_2_202_235.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
Silverlight Plug-In C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
TODO: <Product name> C:\Documents and Settings\Randy Green\Application Data\Mozilla\Firefox\Profiles\picgvapf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll
Yahoo! Single Instance for Mail c:\program files\yahoo!\companion\installs\cpn0\ytsingleinstance.dll
Yahoo! Toolbar c:\program files\yahoo!\companion\installs\cpn1\yt.dll
(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll
(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe
(verified) Java Deployment Toolkit 6.0.200.2 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
(verified) Java™ Platform SE 6 U20 c:\program files\java\jre6\bin\jp2ssv.dll
(verified) Java™ Platform SE 6 U20 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe


Missing files
-------------
File not found: c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll
--> HKLM\Software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\InprocServer32\"(default)"


Scan
----
MD5: 832e4dd8964ab7acc880b2837cb1ed20 \\.\globalroot\systemroot\system32\mswsock.dll
MD5: 16403217ab6fc5c30c14c6b12098ad4b \\.\globalroot\SystemRoot\system32\xpsp2res.dll
MD5: 832e4dd8964ab7acc880b2837cb1ed20 \\?\globalroot\systemroot\system32\mswsock.dll
MD5: 9ed3cfe54cd2e797dc9a04397c001e89 C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe
MD5: 6d74290856347cf8682277a54b433d4b C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\DropboxExt.14.dll
MD5: 625ea13387d3f2c003a6677d6ade6942 C:\Documents and Settings\Randy Green\Application Data\Mozilla\Firefox\Profiles\picgvapf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
MD5: 21189b8f2d747b6981a54d5c5d554c8e C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
MD5: cf000d9a2df8568dc86b35e12b3531e0 C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll
MD5: 8eeef4c038a3ff7e56d47d9c0b912eac C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MD5: 7b43567b4c32ad7aded537cd3b1342b9 C:\Program Files\Apple Software Update\SoftwareUpdate.exe
MD5: 1a800c9cf2970e2e31ff2c7dbc6de1c8 C:\Program Files\ATT-SST\McciTrayApp.exe
MD5: 7100c083d0c180109376c373f862bf6c c:\Program Files\BAE\BAE.dll
MD5: b26e18adaa16e507166e3b61e79a1e25 C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 20f89e232173985a455bc9a5f70d1166 C:\Program Files\Canon\CAL\CALMAIN.exe
MD5: a4ffc35a661d42dd424f22905c333979 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
MD5: 334f0f877ef0d725b80af35ef8c5fb10 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
MD5: 47c1de0a890613ffcff1d67648eedf90 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: 35ac4b63cbb9fb6b4472913e9948b517 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
MD5: ba02f01be7ed88e8974c798acb3075f5 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: 57e8c7791ab2596afb8ee1273c2df1f8 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
MD5: 67b539d844f804ebac7a1e3828fde709 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 43a0a24cd12b110dc93462d6b035c961 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 3bde52411df2fe4252c9289f51cb0f7e C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 9abb7cdac0914579c86990048771b1b4 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: d47913f993a0e3a0c9f1e88fd02e98c6 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: c3c8d359d1fcb72941f75f8a302bfbde C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 32d78dcabfb942275e01363d5232c77d C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: 8a1cbae63fc06edaedcce1b23e9c9267 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 2dedc3afe3c49b5dae717d0a9bebf298 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
MD5: 58b61578d5704e9fc8b8a9861a85069d C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 7ef47644b74ebe721cc32211d3c35e76 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: f8ecb748b53a010464f7a63154d75f56 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
MD5: 0a6ab2478db456c0f7c8a055f43bd7b5 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MD5: 09ead9cb2346b671f8f079d3472134d8 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
MD5: 2c478e667ce27b2b7142f756cf569a9a C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
MD5: 583b7d111304be63d7d9cb65482d2187 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
MD5: 9e109b03018763fdcb075ce74547be22 C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
MD5: e6cb119ef2e148eaa1a247343550756e C:\Program Files\Common Files\Motive\McciCMService.exe
MD5: af43e8fc9f1a6e0c2c4610b67f53cdad C:\Program Files\Common Files\Motive\McciContextDetectorEmail_DSR.dll
MD5: fe00f28d26f36b1a3d734638f6cac59f C:\Program Files\Common Files\Motive\McciContextDetectorWin32_DSR.dll
MD5: 20069bf845edf301071624100bcc8745 C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll
MD5: 128d344c3f029d4905182d16d53c1bf8 C:\Program Files\Common Files\Motive\McciContextX.dll
MD5: eee1ea23c4777adb268a36196a631200 C:\Program Files\Common Files\Motive\McciServiceHost.exe
MD5: a44c53ff489f73fbdd13d0060f0fc475 C:\Program Files\Common Files\Motive\McciSMX.dll
MD5: 2a85cdda3289da228f5d86e73d76bfca C:\Program Files\Common Files\Motive\McciWirelessClientAppX.dll
MD5: eeb03cb698e801d44359323bda4f361e C:\Program Files\Common Files\Motive\MECDiscoveryServiceX.dll
MD5: ac09ad6d041781c50b430b5a3c365119 C:\Program Files\Common Files\Motive\MECHNDataServiceX.dll
MD5: 1682778803a9f60f3bdaa449c3edf51a C:\Program Files\Common Files\Motive\MREW32N55_550-1804-1_DSR.dll
MD5: b73b5999d47cd9727264f557626bce3a C:\Program Files\Common Files\Motive\npMotive.dll
MD5: 26687d8e9feed2ebab77670c72007b48 C:\Program Files\Common Files\System\ado\msado15.dll
MD5: 142cedecae89e372ee347681c3fbb257 C:\Program Files\Common Files\System\msadc\msadce.dll
MD5: 81e9041dac0983aace5c8920af73d64e C:\Program Files\Common Files\System\msadc\msadcer.dll
MD5: 1ed4c96ec76c3ddfcabd7644da23f4b6 C:\Program Files\Common Files\System\Ole DB\msdasql.dll
MD5: 8985fcece06a74017e23ddd093e34d4e C:\Program Files\Common Files\System\Ole DB\MSDASQLR.DLL
MD5: 73baffa0b02320690cdc606241078ce4 C:\Program Files\Common Files\System\Ole DB\MSDATL3.dll
MD5: fdd5d54d4eacce42b260225863f9a0f0 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
MD5: 11d8a00c7eff1aaec8e8464769c84a3d C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
MD5: a476968c08667b1e09f2a95234e8ceef C:\PROGRAM FILES\DIGITAL LINE DETECT\BVRPDIAG.dll
MD5: b66e56733e2cd6a10fda5919625fbf46 C:\Program Files\Digital Line Detect\DLG.exe
MD5: 56e18c09654020009012a53fd332d397 C:\Program Files\DivX\DivX Web Player\npdivx32.dll
MD5: 408ddd80eede47175f6844817b90213e C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
MD5: f1b2ddaeb5550c6d85f161f768fb3946 C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll
MD5: 86b0ec64611aa113e26d0598cc594bbb C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
MD5: 4973d910062d9d72b00adde4503e2cf6 C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll
MD5: 2437be68d5a37a75fad51c5f0e9a03ed C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
MD5: 358878e398ab0fb8b1ee176c2e3edf48 C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
MD5: 4cb9cc5e19f70337bfe200a4dad58025 c:\program files\google\googletoolbar1.dll
MD5: 085940dbb5db03b0c60774d193a3b48d C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll
MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
MD5: 390920e11d7729a7b98799ebe20e38fb C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
MD5: ff47057227b48ae17439e5fe56b5cfc2 C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MD5: 6815d7b5698e8af3656ab1191a0bc3aa C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll
MD5: 0d1326d3258587c6b3de8f7498a2b37a C:\Program Files\Intel\Wireless\Bin\DbEngine.dll
MD5: 7f78688d56c1a1e5b8fef897ae1f83fd C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
MD5: 788c72b145c75a7ee5f5d6a32542d912 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
MD5: b3085c213cf9b3f57dbe7b0d3b9064c7 C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll
MD5: 4e984df322dbeefbd92a54c03da43c37 C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
MD5: 15d5aad77cfe5490bcc4f63ae68a44b9 C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MD5: d77304e48082e9577fc30944cb5c5a17 C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
MD5: 11add8816d61a6025844eb5123ec92d3 C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
MD5: 84c76404d9512110113eb44cb4a79247 C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll
MD5: a145927eb8638e89f8777a765be93088 C:\Program Files\Intel\Wireless\Bin\MurocApi.dll
MD5: 39e29387bfc413ccec156a2061d02ff9 C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll
MD5: ae97950b5a5fae518c7d78eb0cff4969 C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll
MD5: d8894acefe1a607de7d0e628285bfff4 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
MD5: c17c3a529ce14012f9731a6e264c1911 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
MD5: 6451784b32bee1eb8924748435e02dd1 C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll
MD5: dcfcfab0693c8340488a7cda2d338f93 C:\Program Files\Intel\Wireless\Bin\SsoGnENU.dll
MD5: 3a76a9d3075a1a3aaa31631d4ef0b9a9 C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL
MD5: 22516ed8e0d89323d4e0d9ccc2848819 C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
MD5: 8edb7e5feb26ea4e2be78053831f32dc C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
MD5: fd0cba527032d2d3d00e17c0f24a99d3 C:\Program Files\Internet Explorer\IEPROXY.DLL
MD5: 1c206b8feec6882b7f7f479e95d2bdd9 C:\Program Files\Internet Explorer\iexplore.exe
MD5: 9d63f257e9cc6367692b92da4cb4ddac C:\Program Files\Internet Explorer\plugins\NPDocBox.dll
MD5: 4687b6f8cf5f62ddcf21916114142ff7 C:\Program Files\Internet Explorer\plugins\nppdf32.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: b11c71b29fa69e4586f9b65560e6604d C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
MD5: 1bd96c48598c0d8534e6dfb1baf4dc13 C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
MD5: 56ad8e1ed1a47721f45959b4d6151153 C:\Program Files\IObit\Advanced SystemCare 5\datastate.dll
MD5: 4c2eaedd8e7e57838db48c4c88b476db C:\Program Files\IObit\Advanced SystemCare 5\madBasic_.bpl
MD5: d5d103a7c4f9dab3de6062160a9d03a6 C:\Program Files\IObit\Advanced SystemCare 5\madDisAsm_.bpl
MD5: 9e60c31564457f12584f7ac755e968b4 C:\Program Files\IObit\Advanced SystemCare 5\madExcept_.bpl
MD5: 4b2f13ff26579b8d4f851ae157705445 C:\Program Files\IObit\Advanced SystemCare 5\OFCommon.dll
MD5: 2ba8242cd13b239565628220fbd0535b C:\Program Files\IObit\Advanced SystemCare 5\rtl120.bpl
MD5: e716be751fca66e97e49757305f44b3c C:\Program Files\IObit\Advanced SystemCare 5\vcl120.bpl
MD5: 57edb35ea2feca88f8b17c0c095c9a56 C:\Program Files\iPod\bin\iPodService.exe
MD5: e2ae392170bdd664739bb09552d833dc C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL
MD5: 693c7694d451c51beae530f75a18e0df C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL
MD5: b64f80b64ee7de4fb68a0feda192ee52 C:\Program Files\iTunes\iTunesHelper.dll
MD5: d9d79f547ae2a70c650dfcfc27aec0f7 C:\Program Files\iTunes\iTunesHelper.exe
MD5: f047ac8029004b2fb94e2429f54617a9 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
MD5: a0f110ab73271da15e6bc314a8c1512a C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
MD5: 8d43de6f1385057b8ad2857547b7b828 C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe
MD5: 532f1d7f6f40019e1dc56a2470ec6ee2 C:\Program Files\Microsoft ActiveSync\dtptdns.dll
MD5: 7d4a768dea3dc643cbb65222d5b1377b C:\Program Files\Microsoft ActiveSync\rapimgr.exe
MD5: 6c1f256696fdb4ccbb46048c206eceb7 C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll
MD5: db0aa3706292af63b46c7084beccb8c7 C:\Program Files\Microsoft ActiveSync\TCP2UDP.dll
MD5: 5515eb5e3a8b073f66cfc697eb0d4b55 C:\Program Files\Microsoft ActiveSync\wcescomm.exe
MD5: f202f638b47a036f7fc028ddcb98efb0 C:\Program Files\Microsoft IntelliPoint\Components\Commands\dpghnt\dpghnt.dll
MD5: aaea0cc711dc358eca96ac6c635539dc C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll
MD5: 161add7f4201b55536954c0a1fee2828 C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll
MD5: f4e7979d8adebeedead33019a5bd52bf C:\Program Files\Microsoft IntelliPoint\ipoint.exe
MD5: 2e75afd880546928c2da7f4d7318bb41 C:\Program Files\Microsoft IntelliPoint\ipres.dll
MD5: e4407196305a5820837cd7384e321754 C:\Program Files\Microsoft IntelliPoint\srres.dll
MD5: c37a652f9f16e0154e1bc197abe30761 C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll
MD5: d764192b30b9c4600d8483ab2643712d C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll
MD5: f2e2aad0ee3e886161a907f473a10b20 C:\Program Files\Microsoft IntelliType Pro\itype.exe
MD5: f21c80514a213a66c4c1600347112403 C:\Program Files\Microsoft IntelliType Pro\srres.dll
MD5: 72a0df237f9118f18ad136e99266e816 C:\Program Files\Microsoft Office\Office10\msohev.dll
MD5: ed327201724ea05d509b7939abe49e98 C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
MD5: 99f97c9fe748c37528c338a423577fcb C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
MD5: 49da696e73bc2cb49c0e374c7885f7ad C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
MD5: c5b70a6aa947667ce0e5fc84a05ec8b6 C:\Program Files\MSN Messenger\usnsvc.exe
MD5: af43c4f7f3c8bc95dad95024f96cdc4a C:\Program Files\QuickTime\qttask.exe
MD5: 493e16b21ce724241728aa652e9e18c6 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MD5: bcdff548f7d31a2bcf1cf98da7eb5445 C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
MD5: f26031e09b5c820d02622702e16c5c75 c:\program files\yahoo!\companion\installs\cpn1\yt.dll
MD5: 9bd4dcb5412921864a7aacdedfbd1923 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
MD5: 07c02c892e8e1a72d6bf35004f0e9c5e C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
MD5: 7d4a768dea3dc643cbb65222d5b1377b C:\PROGRA~1\MI3AA1~1\rapimgr.exe
MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL
MD5: 200e3189656f9a29fb5bc7f71ab3f283 C:\WINDOWS\Downloaded Program Files\HPGetDownloadManager.ocx
MD5: bcd0a5c3c1715c363cb3f321abe31514 C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL
MD5: d8fb851a9fbd62352fd74283f9c14c77 C:\WINDOWS\Downloaded Program Files\isusweb.dll
MD5: 2a8c7ca8b40ca320bf88d0ff92da7cf8 C:\WINDOWS\Downloaded Program Files\qsax.dll
MD5: 03a905fba1d62317087db5c21c0f8f62 C:\WINDOWS\ehome\ehmsas.exe
MD5: 0f0f5b564c5a3c9b38a6220230252567 C:\WINDOWS\eHome\ehProxy.dll
MD5: 5d1347aa5ae6e2f77d7f4f8372d95ac9 C:\WINDOWS\ehome\ehrecvr.exe
MD5: a53243709439ac2a4c216b817f8d7411 C:\WINDOWS\ehome\ehSched.exe
MD5: 6d280bc969218ae4a72180f907c32913 C:\WINDOWS\eHome\ehTrace.dll
MD5: 7e48b4958c131e9643ddcd2e7ca3fe9f C:\WINDOWS\ehome\ehtray.exe
MD5: df0a511f38f16016bf658fca0090cb87 C:\WINDOWS\ehome\mcrdsvc.exe
MD5: 9a2d686c89acc36e3aa7cde3d1c45c1a C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll
MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
MD5: 931e5e560d5f7bd2a22c8d32c24fe8f3 C:\WINDOWS\stsystra.exe
MD5: c07d5197410aab28d0d93f943f59656d c:\windows\system32\6to4svc.dll
MD5: 0b05ce905a752177cc332b22633abd5a C:\WINDOWS\system32\ADVPACK.DLL
MD5: 43ccb246b3d0c385e54f14b04df96e9f C:\WINDOWS\system32\CEUTIL.dll
MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll
MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll
MD5: f5430b03e141e098c78d5db46b00f8fc C:\WINDOWS\system32\confmsp.dll
MD5: a95bdc983b81e052530eab816c581e31 C:\WINDOWS\system32\corpol.dll
MD5: a90e118f12d355f9946dfb30a8f94609 C:\WINDOWS\system32\CRYPT32.dll
MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll
MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll
MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll
MD5: 0607cbc6fa20114cb491efe4b2f9efad C:\WINDOWS\System32\d3d9.dll
MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll
MD5: 30698355067d07da5f9eb81132c9fdd6 C:\WINDOWS\system32\dla\tfsnboio.sys
MD5: fb9d825bb4a2abdf24600f7505050e2b C:\WINDOWS\system32\dla\tfsncofs.sys
MD5: cafd8cca11aa1e8b6d2ea1ba8f70ec33 C:\WINDOWS\system32\dla\tfsndrct.sys
MD5: 8db1e78fbf7c426d8ec3d8f1a33d6485 C:\WINDOWS\system32\dla\tfsndres.sys
MD5: b92f67a71cc8176f331b8aa8d9f555ad C:\WINDOWS\system32\dla\tfsnifs.sys
MD5: 85985faa9a71e2358fcc2edefc2a3c5c C:\WINDOWS\system32\dla\tfsnopio.sys
MD5: bba22094f0f7c210567efdaf11f64495 C:\WINDOWS\system32\dla\tfsnpool.sys
MD5: 81340bef80b9811e98ce64611e67e3ff C:\WINDOWS\system32\dla\tfsnudf.sys
MD5: c035fd116224ccc8325f384776b6a8bb C:\WINDOWS\system32\dla\tfsnudfa.sys
MD5: 32182cbbdc1dc700096ec3253e31cb3c C:\WINDOWS\system32\dla\tfswcres.dll
MD5: 2ca827ba68d0cdb5437c40c6f53d7f20 C:\WINDOWS\system32\dla\tfswctrl.exe
MD5: 37943b990d318145d1efcbeef8f9566a C:\WINDOWS\system32\dla\tfswshx.dll
MD5: 389496118b3b03c2328024af320132ac c:\windows\system32\DNSAPI.dll
MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll
MD5: 062373995eae5f0eac9eaa9192136bfb C:\WINDOWS\system32\dnssd.dll
MD5: 375eb0b97e3950adef3633c27a82438b C:\WINDOWS\system32\DRIVERS\AegisP.sys
MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys
MD5: ec94e05b76d033b74394e7b2175103cf C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
MD5: c768c8a463d32c219ce291645a0621a4 C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
MD5: 248dfa5762dde38dfddbbd44149e9d7a C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
MD5: e814854e6b246ccf498874839ab64d77 C:\WINDOWS\system32\drivers\drvmcdb.sys
MD5: ee83a4ebae70bc93cf14879d062f548b C:\WINDOWS\system32\drivers\drvnddm.sys
MD5: d03d10f7ded688fecf50f8fbf1ea9b8a C:\WINDOWS\system32\DRIVERS\HPZid412.sys
MD5: 89f41658929393487b6b7d13c8528ce3 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
MD5: 74cf3f2e4e40c4a2e18d39d6300a5c24 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
MD5: 698204d9c2832e53633e53a30a53fc3d C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
MD5: 1c8caa80e91fb71864e9426f9eed048d C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
MD5: cc449157474d5e43daea7e20f52c635a C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
MD5: e6d35f3aa51a65eb35c1f2340154a25e C:\WINDOWS\System32\drivers\iavbfqt.sys
MD5: e19b79a7c6217b40253fa1e8e01d8ad9 C:\WINDOWS\system32\DRIVERS\lknucmp.sys
MD5: 16aa31702b14f0176df86409cc133b64 C:\WINDOWS\system32\DRIVERS\lknuhst.sys
MD5: 9b1eee47969a977da0d26c98c93cbe0b C:\WINDOWS\system32\DRIVERS\lknuhub.sys
MD5: 3c318b9cd391371bed62126581ee9961 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
MD5: 7f2f1d2815a6449d346fcccbc569fbd6 C:\WINDOWS\system32\DRIVERS\mhndrv.sys
MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys
MD5: 71371ed9086a3d65f43967c89634e9a9 C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
MD5: 67fb86eeb94059177642050718d57460 C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
MD5: 4e651808b35656ac88a4dcdaf6cc1169 C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys
MD5: 4e651808b35656ac88a4dcdaf6cc1169 C:\WINDOWS\system32\DRIVERS\nwusbser.sys
MD5: dcdf0421a1c14f2923e298a30fd7636d C:\WINDOWS\system32\DRIVERS\point32.sys
MD5: 24ed7af20651f9fa1f249482e7c1f165 C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
MD5: 1bdba2d2d402415a78a4ba766dfe0f7b C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
MD5: f774ecd11a064f0debb2d4395418153c C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
MD5: daef68fc328342d219de928c8ee610b2 C:\WINDOWS\system32\DRIVERS\s24trans.sys
MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys
MD5: d7968049be0adbb6a57cee3960320911 C:\WINDOWS\system32\drivers\sscdbhk5.sys
MD5: c3ffd65abfb6441e7606cf74f1155273 C:\WINDOWS\system32\drivers\ssrtln.sys
MD5: 2a2dc39623adef8ab3703ab9fac4b440 C:\WINDOWS\system32\drivers\sthda.sys
MD5: 35d5b3632e0bcebe27b391157de05996 C:\WINDOWS\system32\DRIVERS\SynTP.sys
MD5: e362d54fd394999c4178936396664e57 C:\WINDOWS\system32\drivers\Toshidpt.sys
MD5: 0470bf2d5f49ff98464ac2c838e6a080 C:\WINDOWS\system32\DRIVERS\tosporte.sys
MD5: 077869082a635e8ff2c205dc95c78775 C:\WINDOWS\System32\Drivers\tosrfbd.sys
MD5: 613e09572f4c5b92ca6be8bdc4cc5b7d C:\WINDOWS\System32\Drivers\tosrfbnp.sys
MD5: 5ba1ca3b3cddb1ddc67df473f05d1ec2 C:\WINDOWS\System32\Drivers\tosrfcom.sys
MD5: f4e4795528d17ff8d1d6d98ebbb92655 C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
MD5: c52fd27b9adf3a1f22cb90e6bcf9b0cb C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
MD5: b5518adb2b0029ff95d22e8e7336f49f C:\WINDOWS\system32\drivers\TosRfSnd.sys
MD5: ac2123e788230c712d0919ed0fec9ddd C:\WINDOWS\System32\Drivers\tosrfusb.sys
MD5: 8f861eda21c05857eb8197300a92501c C:\WINDOWS\system32\DRIVERS\tunmp.sys
MD5: b6cc50279d6cd28e090a5d33244adc9a C:\WINDOWS\system32\DRIVERS\usb8023x.sys
MD5: eafe1e00739afe6c51487a050e772e17 C:\WINDOWS\System32\Drivers\usbaapl.sys
MD5: b1f126e7e28877106d60e6ff3998d033 C:\WINDOWS\system32\DRIVERS\w39n51.sys
MD5: 8e16bf5600797e678ea97051cf93e6bf C:\WINDOWS\system32\dumprep.exe
MD5: 702cea7b19bc9a70d861a4f310d40dca C:\WINDOWS\system32\Dxtmsft.dll
MD5: d0230d3d19081372e09b1333e986b053 C:\WINDOWS\system32\Dxtrans.dll
MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll
MD5: ce8c3bc1377b83dbcd7304ab2d0a4735 C:\WINDOWS\system32\h323msp.dll
MD5: 91c797fddaeeaaebe705b5283b6e50a4 C:\WINDOWS\system32\hccutils.DLL
MD5: 19d63cf10330b51fd42abb1d4d39d0c4 C:\WINDOWS\system32\hkcmd.exe
MD5: 195a250167fba93b3aeac87227af61ef C:\WINDOWS\system32\hpz3l4x6.dll
MD5: be3cd116130174657ead2731ab3daa5d C:\WINDOWS\system32\hpz3l5ha.dll
MD5: 51c6d8bfbd4ea5b62a1ba7f4469250d3 c:\windows\system32\hpzinw12.dll
MD5: 79834aa2fbf9fe81eebb229024f6f7fc c:\windows\system32\hpzipm12.dll
MD5: 900e7e6601b14c8d8640d02a70d37e59 C:\WINDOWS\system32\hpzsnt10.dll
MD5: 795f91af512a7cc2c7c1c459805e4eb7 C:\WINDOWS\system32\ieframe.dll
MD5: 1209e384e07c838b111b35483484a4bc C:\WINDOWS\SYSTEM32\iepeers.dll
MD5: 6bb98325c50d9b47cf68b2358a8dee47 C:\WINDOWS\system32\iertutil.dll
MD5: 4e89bf45219bb2cf4f931201e2f5755e C:\WINDOWS\system32\IEUI.dll
MD5: efc3639ae8a452dc8dddf7d526092d3e C:\WINDOWS\system32\igfxdev.dll
MD5: 697963452107c59be69a67bee54e3eac C:\WINDOWS\system32\igfxpers.exe
MD5: b52ae3cfa8eb665004500484b3a9fc62 C:\WINDOWS\system32\igfxres.dll
MD5: 11e2b4ded4a051dc9067461996f5e02a C:\WINDOWS\system32\igfxsrvc.dll
MD5: 93084839f7517112829f2a26f486e8cf C:\WINDOWS\system32\igfxsrvc.exe
MD5: 45985c1b266666cb7bbac01428ac2fad C:\WINDOWS\system32\igfxtray.exe
MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\imagehlp.dll
MD5: f08d74ec300b8ba60ca953c58a24d19e c:\windows\system32\iprip.dll
MD5: 8d25a2c200dadce82205e45ddee9725a C:\WINDOWS\SYSTEM32\IWPDGINA.DLL
MD5: f7b098a08efcf4ab4247264c0ac225d2 C:\WINDOWS\SYSTEM32\jscript.dll
MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll
MD5: b3548df8db695e8cf02ec379b2307883 C:\WINDOWS\system32\lex2kusb.dll
MD5: 00e2ae113dd2ed2f20a715710a255d3e C:\WINDOWS\system32\LEXBCE.DLL
MD5: 027d03d9d8ab95194a115a999e960ac0 C:\WINDOWS\system32\LEXBCES.EXE
MD5: d4a932612c4e4a42a5227005d106c92c C:\WINDOWS\system32\LEXLMPM.DLL
MD5: 1c3a51a4847df611d5c3ad16bbf8f6cb C:\WINDOWS\system32\lexp2p32.dll
MD5: 8d836e60877ed79c409712b9be2dfc3b C:\WINDOWS\system32\LEXPPS.EXE
MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll
MD5: 780682ee1ab47fa8a46a776800484527 C:\WINDOWS\system32\LXBKpwr.dll
MD5: fe8797f9dc9a6bbf18d6db12142ed7e2 C:\WINDOWS\system32\Macromed\Flash\Flash32_11_2_202_235.ocx
MD5: 76d5a3d2a50402a0b9b6ed13c4371e79 C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
MD5: de5a4d89c47b9a1cc97dfab11a795abb C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MD5: da63e3cbd330411244ff50b56dae7fb6 C:\WINDOWS\system32\MdmXSdk.dll
MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL
MD5: b7521f69c0a9b29d356157229376fb21 C:\WINDOWS\System32\mhn.dll
MD5: a8cecd5ea322b9858eb576f508ad73a5 C:\WINDOWS\system32\mshtml.dll
MD5: 465f19783a50bfae0f70c3a87905877b C:\WINDOWS\SYSTEM32\mshtmled.dll
MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll
MD5: 9e70016c950b1f8fdeaa6f067e2e25a8 C:\WINDOWS\system32\msjet40.dll
MD5: 7e2b58ce8c4013287371667880b1080d C:\WINDOWS\system32\MSJINT40.DLL
MD5: e325bcdbb6ded6c89f679b8ae89e975c C:\WINDOWS\system32\msvidctl.dll
MD5: 832e4dd8964ab7acc880b2837cb1ed20 C:\WINDOWS\system32\mswsock.dll
MD5: afdc647d16b285b9ae6140335b3b3255 C:\WINDOWS\system32\mswstr10.dll
MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 c:\windows\system32\netshell.dll
MD5: 5e28284f9b5f9097640d58a73d38ad4c C:\WINDOWS\system32\notepad.exe
MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll
MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\SYSTEM32\ODBC32.dll
MD5: 2c288aa87e4723ac9ff4d76a192ec3f8 C:\WINDOWS\system32\odbccp32.dll
MD5: 5ce275cdc5ffb77b1ec29dbdfe4b6689 C:\WINDOWS\system32\odbcji32.dll
MD5: 1b05dcc75fbb903a17e3e0ddaea8d508 C:\WINDOWS\system32\odbcjt32.dll
MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll
MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\oleacc.dll
MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll
MD5: 937a02981f11b2ce96b1d493c95aed2b C:\WINDOWS\system32\p2pgasvc.dll
MD5: 4a1035cb8f0d57be41873b5183d96cf4 C:\WINDOWS\system32\p2psvc.dll
MD5: de88d1c34c355470b032e372525f3dac C:\WINDOWS\system32\pdfports.dll
MD5: 66cdf02d86c9f0b4300ee981a614d296 C:\WINDOWS\system32\ping.exe
MD5: cb1b40f9742496d384645a33d0f85c77 C:\WINDOWS\system32\pngfilt.dll
MD5: af1449ac1d79d37c7026c1d8912dda8e C:\WINDOWS\system32\pnrpnsp.dll
MD5: 34ffb6aba2da398bb33422e1e9275ba9 C:\WINDOWS\system32\quartz.dll
MD5: b12c853961947ed89b9437966c7507b4 C:\WINDOWS\system32\RAPI.dll
MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll
MD5: 926afc4848ff3297bb264333bf51e21f C:\WINDOWS\system32\sbe.dll
MD5: a645a78fcdabad67067324d7e6cd9f79 C:\WINDOWS\system32\schannel.dll
MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll
MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll
MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\SYSTEM32\SHSVCS.dll
MD5: 9c454cd857b4c0ccf7a614b047616503 C:\WINDOWS\system32\simptcp.dll
MD5: c7d2c931a1a2cbd3a2d335fe86303174 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp4x6.dll
MD5: 75bf87e542c1368dbd6768ae6e6ed507 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5ha.dll
MD5: c213c40d8e9f2d1affbd1262cd23e026 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LXBKPP5C.dll
MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe
MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll
MD5: 230eedee132305e3acce6bbbb10d6ab6 C:\WINDOWS\system32\stacapi.dll
MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll
MD5: c47a9c9364e1a242a8c8174b2e60f725 C:\WINDOWS\system32\SynCOM.dll
MD5: 1eb004455e7cce792cc26480d7021b9d C:\WINDOWS\system32\SynTPAPI.dll
MD5: 3f8411328e808a8794a41da9acb22dd9 C:\WINDOWS\system32\tapi3.dll
MD5: 4872275a99bd55a92c43bae8c51fb3c8 C:\WINDOWS\system32\tbtmon.dll
MD5: a27378d30d5208f1f0b6706b9fed22c2 C:\WINDOWS\system32\tbtmon98Language.dll
MD5: 32933b07fc16d9f778bee12545fa1b1a C:\WINDOWS\system32\tcpsvcs.exe
MD5: 8edd9dcd5196b6c54a622e9549f667b8 C:\WINDOWS\system32\termmgr.dll
MD5: b5c05ce075f48cc44c154f0ce25c4cfe C:\WINDOWS\system32\tfswapi.dll
MD5: 934a64c5fb0a68a4d487978bffec4e04 C:\WINDOWS\system32\TosBdAPI.dll
MD5: dc6bd517fb6daa7849e23800f13bb864 C:\WINDOWS\system32\TosBtAPI.dll
MD5: 353de1defd41b1e4a1b668320135200b C:\WINDOWS\system32\TosBtHcrpAPI.dll
MD5: 17e0cf9c8cbb717d05948656bcd86efa C:\WINDOWS\system32\txflog.dll
MD5: 798cf252e6fdb984c07430eb0b387dfd C:\WINDOWS\system32\urlmon.dll
MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe
MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\System32\USP10.dll
MD5: 142e08e570d8fcd87e845f1463c1aece C:\WINDOWS\system32\vbscript.dll
MD5: 0dfa4d5e8205614eda53394e637812e4 C:\WINDOWS\system32\VDMDBG.DLL
MD5: 6404807abc7af52fa3792697ae638b50 C:\WINDOWS\system32\wbem\wbemcons.dll
MD5: 880f7ed2df24db14af96c6d797958796 C:\WINDOWS\system32\wbem\wbemdisp.dll
MD5: 960f6d3cd9a1ba6435d7aadd102b297f C:\WINDOWS\system32\wbem\wmiprov.dll
MD5: 767c6c11407a89f849e296cd3bb520b9 C:\WINDOWS\system32\webcheck.dll
MD5: 627b55fad15c6b03b44198afbeebab1a C:\WINDOWS\SYSTEM32\WgaLogon.dll
MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll
MD5: 3c28461660bab5449f267d5e9c4e13cf C:\WINDOWS\system32\WININET.dll
MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\System32\WINMM.dll
MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll
MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll
MD5: 95f5c420e9bdd4c3569602911420a774 C:\WINDOWS\system32\WINTRUST.dll
MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\SYSTEM32\WlNotify.dll
MD5: 60b8c0db5a8e4d7b4712df66d6ff2788 C:\WINDOWS\System32\wship6.dll
MD5: 18473f44d6de85c8cb4e70f503c5ea64 C:\WINDOWS\System32\xactsrv.dll
MD5: 7facb452456ef5c053af3ee4b228fe0d C:\WINDOWS\System32\XPOB2RES.DLL
MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll
MD5: 1b3b381e1aab46f7b321a46150d890cb C:\WINDOWS\system32\xpsp3res.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MD5: 33d9b7bb7ba323bafe489df033dac824 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll


No file uploaded.

Scan finished - communication took 6 sec
Total traffic - 0.01 MB sent, 1.53 KB recvd
Scanned 838 files and modules - 207 seconds

==============================================================================

#5 chewbaccaneedsamedal

chewbaccaneedsamedal

    New Member

  • Members
  • Pip
  • 10 posts

Posted 07 May 2012 - 07:56 PM

RogueKiller V7.4.3 [05/04/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User: Randy Green [Admin rights]
Mode: Scan -- Date: 05/07/2012 17:38:47

¤¤¤ Bad processes: 1 ¤¤¤
[HJ NAME] svchost.exe -- \\.\globalroot\SystemRoot\system32\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 4 ¤¤¤
[BLACKLIST DLL] HKUS\S-1-5-19[...]\Run : Corel Photo Album (rundll32.exe "C:\Documents and Settings\Randy Green\Local Settings\Application Data\Help\Corel Photo Album\ihkpbqo.dll",DllRegisterServer) -> FOUND
[BLACKLIST DLL] HKUS\S-1-5-20[...]\Run : Corel Photo Album (rundll32.exe "C:\Documents and Settings\Randy Green\Local Settings\Application Data\Help\Corel Photo Album\ihkpbqo.dll",DllRegisterServer) -> FOUND
[BLACKLIST DLL] HKLM\[...]\RunOnce : Malwarebytes Anti-Malware (cleanup) (rundll32.exe "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤
[FAKED] nwlnknb.sys : c:\windows\system32\drivers\nwlnknb.sys --> CANNOT FIX

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤
[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHV2060BH +++++
--- User ---
[MBR] db6140e1a106772a433230fd4788e446
[BSP] 6a16940a05e78a8357108e829835cd80 : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 80325 | Size: 38138 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 78204420 | Size: 12848 Mo
3 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 104518890 | Size: 4753 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

#6 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,551 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 07 May 2012 - 09:05 PM

Please download the following program to your Desktop >> Unhide <<
Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives.

Step 2
Turn off your antivirus so that it does not interfere.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Download aswMBR.exe ( 511KB ) to your desktop.
On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.
On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls


Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Step 3
Please read carefully and follow these steps.
  • Delete the prior copies of TDSSKILLER.zip & TDSSKILLER.exe that you may have.
  • Download TDSSKiller and save it to your Desktop.
  • If on Windows 7 or Vista, RIGHT-Click on TDSSKiller.exe and select Run As Administrator to run the application.
    If on Windows XP, double-click to start.
  • Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
  • Then press Start Scan

When the scan is done, it will display a summary screen.

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 4
Recheck: Turn off your antivirus so that it does not interfere.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Save and close any work documents, close any apps that you started.
Start your MBAM MalwareBytes' Anti-Malware.
Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.
Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.
Do a Quick Scan.

When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.



Step 5
Re-enable your antivirus program.

There will be more to do.

Reply (Copy & Paste) contents of aswMBR log
TDSSKILLER log
MBAM scan log
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#7 chewbaccaneedsamedal

chewbaccaneedsamedal

    New Member

  • Members
  • Pip
  • 10 posts

Posted 08 May 2012 - 11:59 AM

I got as far as Step 3. When my laptop rebooted after running TDSKILLER I lost the use of my keyboard and touchpad. I am writing this from a different computer trying to figure it out. Any suggestions?

#8 chewbaccaneedsamedal

chewbaccaneedsamedal

    New Member

  • Members
  • Pip
  • 10 posts

Posted 09 May 2012 - 06:06 PM

15:54:13.0203 2708 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
15:54:13.0890 2708 ============================================================
15:54:13.0890 2708 Current date / time: 2012/05/09 15:54:13.0890
15:54:13.0890 2708 SystemInfo:
15:54:13.0890 2708
15:54:13.0890 2708 OS Version: 5.1.2600 ServicePack: 3.0
15:54:13.0890 2708 Product type: Workstation
15:54:13.0890 2708 ComputerName: D36FC2B1
15:54:13.0890 2708 UserName: Randy Green
15:54:13.0890 2708 Windows directory: C:\WINDOWS
15:54:13.0890 2708 System windows directory: C:\WINDOWS
15:54:13.0890 2708 Processor architecture: Intel x86
15:54:13.0890 2708 Number of processors: 2
15:54:13.0890 2708 Page size: 0x1000
15:54:13.0890 2708 Boot type: Normal boot
15:54:13.0890 2708 ============================================================
15:54:15.0890 2708 Drive \Device\Harddisk0\DR0 - Size: 0xD9F411200 (54.49 Gb), SectorSize: 0x200, Cylinders: 0x1BC9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:54:15.0890 2708 ============================================================
15:54:15.0890 2708 \Device\Harddisk0\DR0:
15:54:15.0890 2708 MBR partitions:
15:54:15.0890 2708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x4A7D57E
15:54:15.0890 2708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x4A94E04, BlocksNum 0x19186E6
15:54:15.0890 2708 ============================================================
15:54:16.0218 2708 C: <-> \Device\Harddisk0\DR0\Partition0
15:54:16.0281 2708 D: <-> \Device\Harddisk0\DR0\Partition1
15:54:16.0312 2708 ============================================================
15:54:16.0312 2708 Initialize success
15:54:16.0312 2708 ============================================================
15:54:24.0187 2276 ============================================================
15:54:24.0187 2276 Scan started
15:54:24.0187 2276 Mode: Manual; SigCheck; TDLFS;
15:54:24.0187 2276 ============================================================
15:54:25.0578 2276 64229514 - ok
15:54:25.0640 2276 6to4 (c07d5197410aab28d0d93f943f59656d) C:\WINDOWS\System32\6to4svc.dll
15:54:26.0859 2276 6to4 - ok
15:54:26.0859 2276 Abiosdsk - ok
15:54:26.0906 2276 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
15:54:30.0343 2276 abp480n5 - ok
15:54:30.0390 2276 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:54:30.0703 2276 ACPI - ok
15:54:30.0750 2276 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:54:30.0921 2276 ACPIEC - ok
15:54:31.0000 2276 Adobe LM Service (a4ffc35a661d42dd424f22905c333979) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:54:31.0031 2276 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
15:54:31.0031 2276 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
15:54:31.0171 2276 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:54:31.0187 2276 AdobeFlashPlayerUpdateSvc - ok
15:54:31.0234 2276 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
15:54:31.0375 2276 adpu160m - ok
15:54:31.0531 2276 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
15:54:31.0593 2276 AdvancedSystemCareService5 - ok
15:54:31.0656 2276 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:54:31.0812 2276 aec - ok
15:54:31.0890 2276 AegisP (375eb0b97e3950adef3633c27a82438b) C:\WINDOWS\system32\DRIVERS\AegisP.sys
15:54:31.0906 2276 AegisP ( UnsignedFile.Multi.Generic ) - warning
15:54:31.0906 2276 AegisP - detected UnsignedFile.Multi.Generic (1)
15:54:31.0937 2276 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:54:32.0000 2276 AFD - ok
15:54:32.0015 2276 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
15:54:32.0187 2276 agp440 - ok
15:54:32.0218 2276 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
15:54:32.0359 2276 agpCPQ - ok
15:54:32.0390 2276 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
15:54:32.0484 2276 Aha154x - ok
15:54:32.0515 2276 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
15:54:32.0671 2276 aic78u2 - ok
15:54:32.0703 2276 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
15:54:32.0843 2276 aic78xx - ok
15:54:32.0906 2276 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
15:54:33.0062 2276 Alerter - ok
15:54:33.0062 2276 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
15:54:33.0218 2276 ALG - ok
15:54:33.0234 2276 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
15:54:33.0390 2276 AliIde - ok
15:54:33.0421 2276 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
15:54:33.0562 2276 alim1541 - ok
15:54:33.0609 2276 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
15:54:33.0765 2276 amdagp - ok
15:54:33.0796 2276 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
15:54:33.0890 2276 amsint - ok
15:54:33.0937 2276 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
15:54:33.0937 2276 APPDRV ( UnsignedFile.Multi.Generic ) - warning
15:54:33.0937 2276 APPDRV - detected UnsignedFile.Multi.Generic (1)
15:54:34.0093 2276 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:54:34.0093 2276 Apple Mobile Device - ok
15:54:34.0156 2276 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
15:54:34.0312 2276 AppMgmt - ok
15:54:34.0343 2276 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:54:34.0500 2276 Arp1394 - ok
15:54:34.0546 2276 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
15:54:34.0687 2276 asc - ok
15:54:34.0703 2276 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
15:54:34.0781 2276 asc3350p - ok
15:54:34.0828 2276 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
15:54:34.0968 2276 asc3550 - ok
15:54:35.0015 2276 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
15:54:35.0031 2276 ASCTRM ( UnsignedFile.Multi.Generic ) - warning
15:54:35.0031 2276 ASCTRM - detected UnsignedFile.Multi.Generic (1)
15:54:35.0171 2276 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:54:35.0203 2276 aspnet_state - ok
15:54:35.0218 2276 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:54:35.0375 2276 AsyncMac - ok
15:54:35.0421 2276 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:54:35.0593 2276 atapi - ok
15:54:35.0593 2276 Atdisk - ok
15:54:35.0640 2276 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:54:35.0890 2276 Atmarpc - ok
15:54:35.0953 2276 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
15:54:36.0125 2276 AudioSrv - ok
15:54:36.0171 2276 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:54:36.0343 2276 audstub - ok
15:54:36.0343 2276 autocomplete - ok
15:54:36.0359 2276 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
15:54:36.0437 2276 bcm4sbxp - ok
15:54:36.0468 2276 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:54:36.0640 2276 Beep - ok
15:54:36.0687 2276 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
15:54:37.0015 2276 BITS - ok
15:54:37.0125 2276 Bluetooth Hid Switch Service (b26e18adaa16e507166e3b61e79a1e25) C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe
15:54:37.0140 2276 Bluetooth Hid Switch Service ( UnsignedFile.Multi.Generic ) - warning
15:54:37.0156 2276 Bluetooth Hid Switch Service - detected UnsignedFile.Multi.Generic (1)
15:54:37.0218 2276 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
15:54:37.0265 2276 Bonjour Service - ok
15:54:37.0312 2276 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
15:54:37.0546 2276 Browser - ok
15:54:37.0593 2276 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
15:54:37.0609 2276 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning
15:54:37.0609 2276 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)
15:54:37.0640 2276 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
15:54:37.0812 2276 cbidf - ok
15:54:37.0812 2276 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:54:37.0953 2276 cbidf2k - ok
15:54:38.0015 2276 CCALib8 (20f89e232173985a455bc9a5f70d1166) C:\Program Files\Canon\CAL\CALMAIN.exe
15:54:38.0046 2276 CCALib8 ( UnsignedFile.Multi.Generic ) - warning
15:54:38.0046 2276 CCALib8 - detected UnsignedFile.Multi.Generic (1)
15:54:38.0046 2276 ccs - ok
15:54:38.0078 2276 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
15:54:38.0171 2276 cd20xrnt - ok
15:54:38.0234 2276 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:54:38.0390 2276 Cdaudio - ok
15:54:38.0437 2276 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:54:38.0593 2276 Cdfs - ok
15:54:38.0609 2276 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:54:38.0781 2276 Cdrom - ok
15:54:38.0781 2276 Changer - ok
15:54:38.0843 2276 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
15:54:39.0000 2276 CiSvc - ok
15:54:39.0031 2276 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
15:54:39.0171 2276 ClipSrv - ok
15:54:39.0296 2276 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:54:39.0421 2276 clr_optimization_v2.0.50727_32 - ok
15:54:39.0437 2276 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
15:54:39.0593 2276 CmBatt - ok
15:54:39.0640 2276 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
15:54:39.0859 2276 CmdIde - ok
15:54:39.0875 2276 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
15:54:40.0015 2276 Compbatt - ok
15:54:40.0031 2276 COMSysApp - ok
15:54:40.0046 2276 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
15:54:40.0203 2276 Cpqarray - ok
15:54:40.0250 2276 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
15:54:40.0406 2276 CryptSvc - ok
15:54:40.0437 2276 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
15:54:40.0593 2276 dac2w2k - ok
15:54:40.0609 2276 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
15:54:40.0750 2276 dac960nt - ok
15:54:40.0843 2276 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:54:40.0953 2276 DcomLaunch - ok
15:54:41.0015 2276 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
15:54:41.0171 2276 Dhcp - ok
15:54:41.0171 2276 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:54:41.0328 2276 Disk - ok
15:54:41.0328 2276 dmadmin - ok
15:54:41.0406 2276 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:54:41.0687 2276 dmboot - ok
15:54:41.0734 2276 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:54:41.0953 2276 dmio - ok
15:54:41.0984 2276 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:54:42.0187 2276 dmload - ok
15:54:42.0250 2276 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
15:54:42.0406 2276 dmserver - ok
15:54:42.0421 2276 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:54:42.0578 2276 DMusic - ok
15:54:42.0609 2276 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
15:54:42.0640 2276 Dnscache - ok
15:54:42.0703 2276 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
15:54:42.0875 2276 Dot3svc - ok
15:54:42.0906 2276 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
15:54:43.0062 2276 dpti2o - ok
15:54:43.0109 2276 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:54:43.0296 2276 drmkaud - ok
15:54:43.0359 2276 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
15:54:43.0375 2276 drvmcdb ( UnsignedFile.Multi.Generic ) - warning
15:54:43.0375 2276 drvmcdb - detected UnsignedFile.Multi.Generic (1)
15:54:43.0406 2276 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
15:54:43.0421 2276 drvnddm ( UnsignedFile.Multi.Generic ) - warning
15:54:43.0421 2276 drvnddm - detected UnsignedFile.Multi.Generic (1)
15:54:43.0453 2276 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
15:54:43.0625 2276 E100B - ok
15:54:43.0671 2276 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
15:54:43.0859 2276 EapHost - ok
15:54:44.0562 2276 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
15:54:44.0921 2276 ehRecvr - ok
15:54:44.0937 2276 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
15:54:45.0031 2276 ehSched - ok
15:54:45.0078 2276 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
15:54:45.0296 2276 ERSvc - ok
15:54:45.0343 2276 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:54:45.0390 2276 Eventlog - ok
15:54:45.0437 2276 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
15:54:45.0500 2276 EventSystem - ok
15:54:45.0671 2276 EvtEng (788c72b145c75a7ee5f5d6a32542d912) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
15:54:45.0765 2276 EvtEng ( UnsignedFile.Multi.Generic ) - warning
15:54:45.0765 2276 EvtEng - detected UnsignedFile.Multi.Generic (1)
15:54:45.0875 2276 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:54:46.0078 2276 Fastfat - ok
15:54:46.0125 2276 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:54:46.0187 2276 FastUserSwitchingCompatibility - ok
15:54:46.0250 2276 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
15:54:46.0406 2276 Fax - ok
15:54:46.0453 2276 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:54:46.0593 2276 Fdc - ok
15:54:46.0656 2276 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:54:46.0812 2276 Fips - ok
15:54:46.0812 2276 FirePM - ok
15:54:46.0875 2276 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:54:47.0031 2276 Flpydisk - ok
15:54:47.0062 2276 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:54:47.0218 2276 FltMgr - ok
15:54:47.0359 2276 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:54:47.0375 2276 FontCache3.0.0.0 - ok
15:54:47.0375 2276 freepops - ok
15:54:47.0437 2276 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:54:47.0593 2276 Fs_Rec - ok
15:54:47.0625 2276 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:54:47.0796 2276 Ftdisk - ok
15:54:47.0843 2276 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:54:47.0859 2276 GearAspiWDM - ok
15:54:47.0906 2276 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:54:48.0125 2276 Gpc - ok
15:54:48.0312 2276 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:54:48.0328 2276 gupdate - ok
15:54:48.0328 2276 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
15:54:48.0343 2276 gupdatem - ok
15:54:48.0406 2276 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:54:48.0421 2276 gusvc - ok
15:54:48.0421 2276 hcwPP2 - ok
15:54:48.0484 2276 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:54:48.0640 2276 HDAudBus - ok
15:54:48.0734 2276 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:54:48.0968 2276 helpsvc - ok
15:54:49.0031 2276 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
15:54:49.0187 2276 HidServ - ok
15:54:49.0203 2276 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:54:49.0343 2276 HidUsb - ok
15:54:49.0390 2276 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
15:54:49.0546 2276 hkmsvc - ok
15:54:49.0609 2276 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
15:54:49.0750 2276 hpn - ok
15:54:49.0906 2276 hpqcxs08 (390920e11d7729a7b98799ebe20e38fb) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
15:54:49.0937 2276 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
15:54:49.0937 2276 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
15:54:49.0984 2276 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:54:50.0328 2276 HPZid412 - ok
15:54:50.0343 2276 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:54:50.0390 2276 HPZipr12 - ok
15:54:50.0406 2276 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:54:50.0453 2276 HPZius12 - ok
15:54:50.0515 2276 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
15:54:50.0578 2276 HSFHWAZL - ok
15:54:50.0656 2276 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
15:54:50.0765 2276 HSF_DPV - ok
15:54:50.0828 2276 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:54:50.0906 2276 HTTP - ok
15:54:50.0953 2276 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
15:54:51.0203 2276 HTTPFilter - ok
15:54:51.0250 2276 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
15:54:51.0406 2276 i2omgmt - ok
15:54:51.0437 2276 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
15:54:51.0593 2276 i2omp - ok
15:54:51.0593 2276 i8042prt - ok
15:54:51.0718 2276 ialm (cc449157474d5e43daea7e20f52c635a) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
15:54:51.0875 2276 ialm - ok
15:54:51.0984 2276 Ias - ok
15:54:52.0140 2276 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
15:54:52.0171 2276 IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:54:52.0171 2276 IDriverT - detected UnsignedFile.Multi.Generic (1)
15:54:52.0500 2276 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:54:52.0656 2276 idsvc - ok
15:54:52.0765 2276 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:54:52.0984 2276 Imapi - ok
15:54:53.0031 2276 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
15:54:53.0187 2276 ImapiService - ok
15:54:53.0187 2276 incdrec - ok
15:54:53.0250 2276 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
15:54:53.0406 2276 ini910u - ok
15:54:53.0421 2276 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
15:54:53.0578 2276 IntelIde - ok
15:54:53.0625 2276 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:54:53.0781 2276 intelppm - ok
15:54:53.0796 2276 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:54:53.0968 2276 Ip6Fw - ok
15:54:54.0015 2276 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:54:54.0171 2276 IpFilterDriver - ok
15:54:54.0203 2276 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:54:54.0343 2276 IpInIp - ok
15:54:54.0375 2276 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:54:54.0531 2276 IpNat - ok
15:54:54.0671 2276 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
15:54:54.0765 2276 iPod Service - ok
15:54:54.0828 2276 Iprip (f08d74ec300b8ba60ca953c58a24d19e) C:\WINDOWS\System32\iprip.dll
15:54:54.0984 2276 Iprip - ok
15:54:55.0000 2276 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:54:55.0171 2276 IPSec - ok
15:54:55.0218 2276 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:54:55.0390 2276 IRENUM - ok
15:54:55.0421 2276 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:54:55.0578 2276 isapnp - ok
15:54:55.0703 2276 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe
15:54:55.0718 2276 JavaQuickStarterService - ok
15:54:55.0734 2276 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:54:55.0890 2276 Kbdclass - ok
15:54:55.0921 2276 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:54:56.0062 2276 kbdhid - ok
15:54:56.0093 2276 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:54:56.0281 2276 kmixer - ok
15:54:56.0328 2276 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:54:56.0406 2276 KSecDD - ok
15:54:56.0453 2276 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
15:54:56.0500 2276 lanmanserver - ok
15:54:56.0562 2276 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
15:54:56.0625 2276 lanmanworkstation - ok
15:54:56.0625 2276 lbrtfdc - ok
15:54:56.0687 2276 LexBceS (027d03d9d8ab95194a115a999e960ac0) C:\WINDOWS\system32\LEXBCES.EXE
15:54:56.0796 2276 LexBceS - ok
15:54:56.0843 2276 LKNUCMP (e19b79a7c6217b40253fa1e8e01d8ad9) C:\WINDOWS\system32\DRIVERS\lknucmp.sys
15:54:56.0859 2276 LKNUCMP ( UnsignedFile.Multi.Generic ) - warning
15:54:56.0859 2276 LKNUCMP - detected UnsignedFile.Multi.Generic (1)
15:54:56.0921 2276 lknuhst (16aa31702b14f0176df86409cc133b64) C:\WINDOWS\system32\DRIVERS\lknuhst.sys
15:54:56.0937 2276 lknuhst ( UnsignedFile.Multi.Generic ) - warning
15:54:56.0937 2276 lknuhst - detected UnsignedFile.Multi.Generic (1)
15:54:57.0000 2276 LKNUHUB (9b1eee47969a977da0d26c98c93cbe0b) C:\WINDOWS\system32\DRIVERS\lknuhub.sys
15:54:57.0000 2276 LKNUHUB ( UnsignedFile.Multi.Generic ) - warning
15:54:57.0000 2276 LKNUHUB - detected UnsignedFile.Multi.Generic (1)
15:54:57.0046 2276 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
15:54:57.0203 2276 LmHosts - ok
15:54:57.0296 2276 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files\Common Files\Motive\McciCMService.exe
15:54:57.0359 2276 McciCMService ( UnsignedFile.Multi.Generic ) - warning
15:54:57.0359 2276 McciCMService - detected UnsignedFile.Multi.Generic (1)
15:54:57.0406 2276 McciServiceHost (eee1ea23c4777adb268a36196a631200) C:\Program Files\Common Files\Motive\McciServiceHost.exe
15:54:57.0484 2276 McciServiceHost ( UnsignedFile.Multi.Generic ) - warning
15:54:57.0484 2276 McciServiceHost - detected UnsignedFile.Multi.Generic (1)
15:54:57.0609 2276 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
15:54:57.0687 2276 McrdSvc - ok
15:54:57.0734 2276 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
15:54:57.0765 2276 mdmxsdk - ok
15:54:57.0781 2276 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
15:54:58.0015 2276 Messenger - ok
15:54:58.0046 2276 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
15:54:58.0078 2276 MHN ( UnsignedFile.Multi.Generic ) - warning
15:54:58.0078 2276 MHN - detected UnsignedFile.Multi.Generic (1)
15:54:58.0125 2276 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
15:54:58.0156 2276 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
15:54:58.0156 2276 MHNDRV - detected UnsignedFile.Multi.Generic (1)
15:54:58.0203 2276 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:54:58.0359 2276 mnmdd - ok
15:54:58.0484 2276 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
15:54:58.0968 2276 mnmsrvc - ok
15:54:59.0000 2276 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:54:59.0156 2276 Modem - ok
15:54:59.0171 2276 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:54:59.0328 2276 Mouclass - ok
15:54:59.0375 2276 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:54:59.0546 2276 mouhid - ok
15:54:59.0578 2276 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:54:59.0765 2276 MountMgr - ok
15:54:59.0765 2276 mozyFilter - ok
15:54:59.0796 2276 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
15:54:59.0968 2276 mraid35x - ok
15:55:00.0031 2276 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
15:55:00.0046 2276 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
15:55:00.0046 2276 MREMP50 - detected UnsignedFile.Multi.Generic (1)
15:55:00.0046 2276 MREMPR5 - ok
15:55:00.0046 2276 MRENDIS5 - ok
15:55:00.0078 2276 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
15:55:00.0109 2276 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
15:55:00.0109 2276 MRESP50 - detected UnsignedFile.Multi.Generic (1)
15:55:00.0140 2276 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:55:00.0359 2276 MRxDAV - ok
15:55:00.0453 2276 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:55:00.0578 2276 MRxSmb - ok
15:55:00.0625 2276 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
15:55:00.0781 2276 MSDTC - ok
15:55:00.0781 2276 msdv - ok
15:55:00.0828 2276 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:55:01.0031 2276 Msfs - ok
15:55:01.0046 2276 MSIServer - ok
15:55:01.0078 2276 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:55:01.0218 2276 MSKSSRV - ok
15:55:01.0218 2276 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:55:01.0375 2276 MSPCLOCK - ok
15:55:01.0390 2276 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:55:01.0562 2276 MSPQM - ok
15:55:01.0593 2276 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:55:01.0734 2276 mssmbios - ok
15:55:01.0796 2276 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:55:01.0843 2276 Mup - ok
15:55:01.0843 2276 n558 - ok
15:55:01.0937 2276 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
15:55:02.0140 2276 napagent - ok
15:55:02.0156 2276 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:55:02.0328 2276 NDIS - ok
15:55:02.0359 2276 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:55:02.0390 2276 NdisTapi - ok
15:55:02.0406 2276 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:55:02.0546 2276 Ndisuio - ok
15:55:02.0562 2276 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:55:02.0718 2276 NdisWan - ok
15:55:02.0781 2276 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:55:02.0828 2276 NDProxy - ok
15:55:02.0875 2276 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\WINDOWS\system32\HPZinw12.dll
15:55:02.0890 2276 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:55:02.0890 2276 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:55:02.0937 2276 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:55:03.0125 2276 NetBIOS - ok
15:55:03.0156 2276 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:55:03.0328 2276 NetBT - ok
15:55:03.0375 2276 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:55:03.0531 2276 NetDDE - ok
15:55:03.0546 2276 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:55:03.0703 2276 NetDDEdsdm - ok
15:55:03.0734 2276 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:55:03.0890 2276 Netlogon - ok
15:55:03.0953 2276 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
15:55:04.0125 2276 Netman - ok
15:55:04.0281 2276 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:55:04.0296 2276 NetTcpPortSharing - ok
15:55:04.0453 2276 NETw3x32 (71371ed9086a3d65f43967c89634e9a9) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
15:55:04.0640 2276 NETw3x32 - ok
15:55:04.0859 2276 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:55:05.0015 2276 NIC1394 - ok
15:55:05.0156 2276 NICCONFIGSVC (11d8a00c7eff1aaec8e8464769c84a3d) C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
15:55:05.0187 2276 NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - warning
15:55:05.0187 2276 NICCONFIGSVC - detected UnsignedFile.Multi.Generic (1)
15:55:05.0265 2276 Nla (832e4dd8964ab7acc880b2837cb1ed20) C:\WINDOWS\System32\mswsock.dll
15:55:05.0312 2276 Nla - ok
15:55:05.0359 2276 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:55:05.0515 2276 Npfs - ok
15:55:05.0578 2276 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:55:05.0828 2276 Ntfs - ok
15:55:05.0875 2276 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:55:06.0031 2276 NtLmSsp - ok
15:55:06.0093 2276 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
15:55:06.0250 2276 NtmsSvc - ok
15:55:06.0265 2276 NtMtlFax - ok
15:55:06.0312 2276 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:55:06.0468 2276 Null - ok
15:55:06.0640 2276 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:55:06.0875 2276 nv - ok
15:55:07.0046 2276 NWADI (67fb86eeb94059177642050718d57460) C:\WINDOWS\system32\DRIVERS\NWADIenum.sys
15:55:07.0093 2276 NWADI - ok
15:55:07.0156 2276 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:55:07.0328 2276 NwlnkFlt - ok
15:55:07.0343 2276 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:55:07.0500 2276 NwlnkFwd - ok
15:55:07.0828 2276 NWUSBModem (4e651808b35656ac88a4dcdaf6cc1169) C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys
15:55:08.0000 2276 NWUSBModem - ok
15:55:08.0031 2276 NWUSBPort (4e651808b35656ac88a4dcdaf6cc1169) C:\WINDOWS\system32\DRIVERS\nwusbser.sys
15:55:08.0046 2276 NWUSBPort - ok
15:55:08.0093 2276 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:55:08.0265 2276 ohci1394 - ok
15:55:08.0312 2276 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys
15:55:08.0328 2276 omci ( UnsignedFile.Multi.Generic ) - warning
15:55:08.0328 2276 omci - detected UnsignedFile.Multi.Generic (1)
15:55:08.0375 2276 p2pgasvc (937a02981f11b2ce96b1d493c95aed2b) C:\WINDOWS\system32\p2pgasvc.dll
15:55:08.0531 2276 p2pgasvc - ok
15:55:08.0593 2276 p2pimsvc (4a1035cb8f0d57be41873b5183d96cf4) C:\WINDOWS\system32\p2psvc.dll
15:55:08.0812 2276 p2pimsvc - ok
15:55:08.0828 2276 p2psvc (4a1035cb8f0d57be41873b5183d96cf4) C:\WINDOWS\system32\p2psvc.dll
15:55:09.0031 2276 p2psvc - ok
15:55:09.0031 2276 pacsptisvr - ok
15:55:09.0062 2276 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
15:55:09.0234 2276 Parport - ok
15:55:09.0250 2276 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:55:09.0421 2276 PartMgr - ok
15:55:09.0484 2276 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:55:09.0640 2276 ParVdm - ok
15:55:09.0640 2276 PCASp50 - ok
15:55:09.0656 2276 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:55:09.0812 2276 PCI - ok
15:55:09.0828 2276 PCIDump - ok
15:55:09.0859 2276 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:55:09.0984 2276 PCIIde - ok
15:55:10.0015 2276 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:55:10.0171 2276 Pcmcia - ok
15:55:10.0187 2276 PDCOMP - ok
15:55:10.0187 2276 PDFRAME - ok
15:55:10.0187 2276 PDRELI - ok
15:55:10.0203 2276 PDRFRAME - ok
15:55:10.0218 2276 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
15:55:10.0375 2276 perc2 - ok
15:55:10.0406 2276 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
15:55:10.0531 2276 perc2hib - ok
15:55:10.0593 2276 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:55:10.0625 2276 PlugPlay - ok
15:55:10.0671 2276 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll
15:55:10.0703 2276 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:55:10.0703 2276 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:55:10.0718 2276 PNRPSvc (4a1035cb8f0d57be41873b5183d96cf4) C:\WINDOWS\system32\p2psvc.dll
15:55:10.0859 2276 PNRPSvc - ok
15:55:10.0921 2276 Point32 (dcdf0421a1c14f2923e298a30fd7636d) C:\WINDOWS\system32\DRIVERS\point32.sys
15:55:11.0000 2276 Point32 - ok
15:55:11.0031 2276 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:55:11.0203 2276 PolicyAgent - ok
15:55:11.0234 2276 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:55:11.0390 2276 PptpMiniport - ok
15:55:11.0390 2276 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:55:11.0531 2276 ProtectedStorage - ok
15:55:11.0562 2276 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:55:11.0718 2276 PSched - ok
15:55:11.0765 2276 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:55:11.0921 2276 Ptilink - ok
15:55:11.0968 2276 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:55:12.0171 2276 PxHelp20 - ok
15:55:12.0203 2276 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
15:55:12.0359 2276 ql1080 - ok
15:55:12.0390 2276 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
15:55:12.0593 2276 Ql10wnt - ok
15:55:12.0593 2276 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
15:55:12.0750 2276 ql12160 - ok
15:55:12.0812 2276 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
15:55:12.0953 2276 ql1240 - ok
15:55:12.0968 2276 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
15:55:13.0109 2276 ql1280 - ok
15:55:13.0171 2276 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:55:13.0296 2276 RasAcd - ok
15:55:13.0343 2276 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
15:55:13.0500 2276 RasAuto - ok
15:55:13.0515 2276 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:55:13.0687 2276 Rasl2tp - ok
15:55:13.0734 2276 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
15:55:13.0906 2276 RasMan - ok
15:55:13.0921 2276 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:55:14.0062 2276 RasPppoe - ok
15:55:14.0078 2276 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:55:14.0218 2276 Raspti - ok
15:55:14.0281 2276 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:55:14.0421 2276 Rdbss - ok
15:55:14.0437 2276 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:55:14.0578 2276 RDPCDD - ok
15:55:14.0609 2276 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:55:14.0765 2276 rdpdr - ok
15:55:14.0828 2276 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
15:55:14.0937 2276 RDPWD - ok
15:55:15.0000 2276 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
15:55:15.0156 2276 RDSessMgr - ok
15:55:15.0171 2276 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:55:15.0328 2276 redbook - ok
15:55:15.0468 2276 RegSrvc (d8894acefe1a607de7d0e628285bfff4) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
15:55:15.0515 2276 RegSrvc ( UnsignedFile.Multi.Generic ) - warning
15:55:15.0515 2276 RegSrvc - detected UnsignedFile.Multi.Generic (1)
15:55:15.0562 2276 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
15:55:15.0750 2276 RemoteAccess - ok
15:55:15.0828 2276 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
15:55:16.0062 2276 RemoteRegistry - ok
15:55:16.0109 2276 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
15:55:16.0156 2276 rimmptsk - ok
15:55:16.0218 2276 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
15:55:16.0265 2276 rimsptsk - ok
15:55:16.0296 2276 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
15:55:16.0359 2276 rismxdp - ok
15:55:16.0390 2276 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
15:55:16.0531 2276 ROOTMODEM - ok
15:55:16.0578 2276 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
15:55:16.0781 2276 RpcLocator - ok
15:55:16.0859 2276 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:55:16.0906 2276 RpcSs - ok
15:55:16.0953 2276 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
15:55:17.0078 2276 RSVP - ok
15:55:17.0093 2276 rupsmon - ok
15:55:17.0281 2276 S24EventMonitor (c17c3a529ce14012f9731a6e264c1911) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
15:55:17.0390 2276 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
15:55:17.0390 2276 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
15:55:17.0484 2276 s24trans (daef68fc328342d219de928c8ee610b2) C:\WINDOWS\system32\DRIVERS\s24trans.sys
15:55:17.0500 2276 s24trans ( UnsignedFile.Multi.Generic ) - warning
15:55:17.0500 2276 s24trans - detected UnsignedFile.Multi.Generic (1)
15:55:17.0562 2276 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:55:17.0718 2276 SamSs - ok
15:55:17.0781 2276 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
15:55:17.0937 2276 SCardSvr - ok
15:55:18.0000 2276 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
15:55:18.0156 2276 Schedule - ok
15:55:18.0187 2276 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
15:55:18.0343 2276 sdbus - ok
15:55:18.0375 2276 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:55:18.0531 2276 Secdrv - ok
15:55:18.0546 2276 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
15:55:18.0703 2276 seclogon - ok
15:55:18.0734 2276 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
15:55:18.0890 2276 SENS - ok
15:55:18.0921 2276 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:55:19.0062 2276 serenum - ok
15:55:19.0109 2276 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
15:55:19.0250 2276 Serial - ok
15:55:19.0296 2276 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:55:19.0437 2276 Sfloppy - ok
15:55:19.0500 2276 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
15:55:19.0687 2276 SharedAccess - ok
15:55:19.0734 2276 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:55:19.0765 2276 ShellHWDetection - ok
15:55:19.0765 2276 Simbad - ok
15:55:19.0812 2276 SimpTcp (32933b07fc16d9f778bee12545fa1b1a) C:\WINDOWS\system32\tcpsvcs.exe
15:55:19.0953 2276 SimpTcp - ok
15:55:19.0984 2276 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
15:55:20.0171 2276 sisagp - ok
15:55:20.0234 2276 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
15:55:20.0328 2276 Sparrow - ok
15:55:20.0375 2276 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:55:20.0562 2276 splitter - ok
15:55:20.0625 2276 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:55:20.0671 2276 Spooler - ok
15:55:20.0687 2276 SQLWriter - ok
15:55:20.0703 2276 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:55:20.0890 2276 sr - ok
15:55:20.0937 2276 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
15:55:21.0156 2276 srservice - ok
15:55:21.0218 2276 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:55:21.0312 2276 Srv - ok
15:55:21.0390 2276 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
15:55:21.0390 2276 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
15:55:21.0390 2276 sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
15:55:21.0421 2276 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
15:55:21.0640 2276 SSDPSRV - ok
15:55:21.0656 2276 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
15:55:21.0671 2276 ssrtln ( UnsignedFile.Multi.Generic ) - warning
15:55:21.0671 2276 ssrtln - detected UnsignedFile.Multi.Generic (1)
15:55:21.0796 2276 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys
15:55:21.0906 2276 STHDA - ok
15:55:21.0968 2276 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
15:55:22.0171 2276 stisvc - ok
15:55:22.0187 2276 SunkFilt39 - ok
15:55:22.0296 2276 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:55:22.0515 2276 swenum - ok
15:55:22.0531 2276 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:55:22.0687 2276 swmidi - ok
15:55:22.0687 2276 SwPrv - ok
15:55:22.0687 2276 SWUMX20 - ok
15:55:22.0734 2276 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
15:55:22.0875 2276 symc810 - ok
15:55:22.0890 2276 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
15:55:23.0046 2276 symc8xx - ok
15:55:23.0078 2276 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
15:55:23.0234 2276 sym_hi - ok
15:55:23.0250 2276 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
15:55:23.0390 2276 sym_u3 - ok
15:55:23.0437 2276 SynTP (35d5b3632e0bcebe27b391157de05996) C:\WINDOWS\system32\DRIVERS\SynTP.sys
15:55:23.0500 2276 SynTP - ok
15:55:23.0515 2276 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:55:23.0671 2276 sysaudio - ok
15:55:23.0734 2276 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
15:55:23.0906 2276 SysmonLog - ok
15:55:23.0953 2276 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
15:55:24.0515 2276 TapiSrv - ok
15:55:24.0578 2276 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:55:24.0625 2276 Tcpip - ok
15:55:24.0687 2276 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
15:55:24.0734 2276 Tcpip6 - ok
15:55:24.0796 2276 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:55:25.0046 2276 TDPIPE - ok
15:55:25.0062 2276 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:55:25.0234 2276 TDTCP - ok
15:55:25.0265 2276 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:55:25.0421 2276 TermDD - ok
15:55:25.0484 2276 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
15:55:25.0656 2276 TermService - ok
15:55:25.0703 2276 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
15:55:25.0718 2276 tfsnboio ( UnsignedFile.Multi.Generic ) - warning
15:55:25.0718 2276 tfsnboio - detected UnsignedFile.Multi.Generic (1)
15:55:25.0750 2276 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
15:55:25.0781 2276 tfsncofs ( UnsignedFile.Multi.Generic ) - warning
15:55:25.0781 2276 tfsncofs - detected UnsignedFile.Multi.Generic (1)
15:55:25.0796 2276 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
15:55:25.0812 2276 tfsndrct ( UnsignedFile.Multi.Generic ) - warning
15:55:25.0812 2276 tfsndrct - detected UnsignedFile.Multi.Generic (1)
15:55:25.0843 2276 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
15:55:25.0859 2276 tfsndres ( UnsignedFile.Multi.Generic ) - warning
15:55:25.0859 2276 tfsndres - detected UnsignedFile.Multi.Generic (1)
15:55:25.0875 2276 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
15:55:25.0890 2276 tfsnifs ( UnsignedFile.Multi.Generic ) - warning
15:55:25.0890 2276 tfsnifs - detected UnsignedFile.Multi.Generic (1)
15:55:25.0921 2276 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
15:55:25.0937 2276 tfsnopio ( UnsignedFile.Multi.Generic ) - warning
15:55:25.0937 2276 tfsnopio - detected UnsignedFile.Multi.Generic (1)
15:55:25.0937 2276 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
15:55:25.0984 2276 tfsnpool ( UnsignedFile.Multi.Generic ) - warning
15:55:25.0984 2276 tfsnpool - detected UnsignedFile.Multi.Generic (1)
15:55:26.0031 2276 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
15:55:26.0046 2276 tfsnudf ( UnsignedFile.Multi.Generic ) - warning
15:55:26.0046 2276 tfsnudf - detected UnsignedFile.Multi.Generic (1)
15:55:26.0062 2276 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
15:55:26.0062 2276 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
15:55:26.0062 2276 tfsnudfa - detected UnsignedFile.Multi.Generic (1)
15:55:26.0125 2276 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:55:26.0140 2276 Themes - ok
15:55:26.0140 2276 thkeys - ok
15:55:26.0203 2276 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
15:55:26.0406 2276 TlntSvr - ok
15:55:26.0468 2276 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys
15:55:26.0484 2276 toshidpt ( UnsignedFile.Multi.Generic ) - warning
15:55:26.0484 2276 toshidpt - detected UnsignedFile.Multi.Generic (1)
15:55:26.0531 2276 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
15:55:26.0671 2276 TosIde - ok
15:55:26.0703 2276 tosporte (0470bf2d5f49ff98464ac2c838e6a080) C:\WINDOWS\system32\DRIVERS\tosporte.sys
15:55:26.0718 2276 tosporte ( UnsignedFile.Multi.Generic ) - warning
15:55:26.0718 2276 tosporte - detected UnsignedFile.Multi.Generic (1)
15:55:26.0734 2276 Tosrfbd (077869082a635e8ff2c205dc95c78775) C:\WINDOWS\system32\Drivers\tosrfbd.sys
15:55:26.0765 2276 Tosrfbd ( UnsignedFile.Multi.Generic ) - warning
15:55:26.0765 2276 Tosrfbd - detected UnsignedFile.Multi.Generic (1)
15:55:26.0796 2276 Tosrfbnp (613e09572f4c5b92ca6be8bdc4cc5b7d) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
15:55:26.0796 2276 Tosrfbnp ( UnsignedFile.Multi.Generic ) - warning
15:55:26.0796 2276 Tosrfbnp - detected UnsignedFile.Multi.Generic (1)
15:55:26.0828 2276 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys
15:55:26.0859 2276 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning
15:55:26.0859 2276 Tosrfcom - detected UnsignedFile.Multi.Generic (1)
15:55:26.0875 2276 Tosrfhid (f4e4795528d17ff8d1d6d98ebbb92655) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
15:55:26.0906 2276 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning
15:55:26.0906 2276 Tosrfhid - detected UnsignedFile.Multi.Generic (1)
15:55:26.0906 2276 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
15:55:26.0906 2276 tosrfnds ( UnsignedFile.Multi.Generic ) - warning
15:55:26.0906 2276 tosrfnds - detected UnsignedFile.Multi.Generic (1)
15:55:26.0937 2276 TosRfSnd (b5518adb2b0029ff95d22e8e7336f49f) C:\WINDOWS\system32\drivers\TosRfSnd.sys
15:55:26.0953 2276 TosRfSnd ( UnsignedFile.Multi.Generic ) - warning
15:55:26.0953 2276 TosRfSnd - detected UnsignedFile.Multi.Generic (1)
15:55:26.0984 2276 Tosrfusb (ac2123e788230c712d0919ed0fec9ddd) C:\WINDOWS\system32\Drivers\tosrfusb.sys
15:55:27.0000 2276 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning
15:55:27.0000 2276 Tosrfusb - detected UnsignedFile.Multi.Generic (1)
15:55:27.0062 2276 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
15:55:27.0296 2276 TrkWks - ok
15:55:27.0343 2276 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
15:55:27.0500 2276 tunmp - ok
15:55:27.0546 2276 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:55:27.0718 2276 Udfs - ok
15:55:27.0765 2276 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
15:55:27.0859 2276 ultra - ok
15:55:27.0921 2276 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:55:28.0125 2276 Update - ok
15:55:28.0187 2276 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
15:55:28.0406 2276 upnphost - ok
15:55:28.0437 2276 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
15:55:28.0578 2276 UPS - ok
15:55:28.0625 2276 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
15:55:28.0656 2276 USBAAPL - ok
15:55:28.0718 2276 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:55:28.0890 2276 usbccgp - ok
15:55:28.0921 2276 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:55:29.0078 2276 usbehci - ok
15:55:29.0078 2276 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:55:29.0250 2276 usbhub - ok
15:55:29.0281 2276 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:55:29.0421 2276 usbprint - ok
15:55:29.0468 2276 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:55:29.0625 2276 usbscan - ok
15:55:29.0671 2276 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:55:29.0828 2276 USBSTOR - ok
15:55:29.0828 2276 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:55:29.0984 2276 usbuhci - ok
15:55:29.0984 2276 USB_NDIS_51 - ok
15:55:30.0015 2276 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
15:55:30.0171 2276 usb_rndisx - ok
15:55:30.0281 2276 usnjsvc (c5b70a6aa947667ce0e5fc84a05ec8b6) C:\Program Files\MSN Messenger\usnsvc.exe
15:55:30.0296 2276 usnjsvc - ok
15:55:30.0312 2276 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:55:30.0468 2276 VgaSave - ok
15:55:30.0500 2276 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
15:55:30.0640 2276 viaagp - ok
15:55:30.0640 2276 viagfx - ok
15:55:30.0671 2276 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
15:55:30.0843 2276 ViaIde - ok
15:55:30.0843 2276 vmusb - ok
15:55:30.0890 2276 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:55:31.0046 2276 VolSnap - ok
15:55:31.0109 2276 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
15:55:31.0281 2276 VSS - ok
15:55:31.0296 2276 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
15:55:31.0453 2276 w32time - ok
15:55:31.0578 2276 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys
15:55:31.0750 2276 w39n51 - ok
15:55:31.0843 2276 w800bus - ok
15:55:31.0906 2276 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:55:32.0093 2276 Wanarp - ok
15:55:32.0109 2276 wanatw - ok
15:55:32.0109 2276 WDICA - ok
15:55:32.0140 2276 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:55:32.0390 2276 wdmaud - ok
15:55:32.0437 2276 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
15:55:32.0609 2276 WebClient - ok
15:55:32.0687 2276 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
15:55:32.0796 2276 winachsf - ok
15:55:32.0906 2276 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:55:33.0140 2276 winmgmt - ok
15:55:33.0328 2276 WLANKEEPER (22516ed8e0d89323d4e0d9ccc2848819) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
15:55:33.0359 2276 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
15:55:33.0359 2276 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
15:55:33.0359 2276 wmccds - ok
15:55:33.0421 2276 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:55:33.0484 2276 WmdmPmSN - ok
15:55:33.0578 2276 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
15:55:33.0687 2276 Wmi - ok
15:55:33.0781 2276 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
15:55:34.0015 2276 WmiAcpi - ok
15:55:34.0125 2276 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:55:34.0281 2276 WmiApSrv - ok
15:55:34.0437 2276 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\wmpnetwk.exe
15:55:34.0515 2276 WMPNetworkSvc - ok
15:55:34.0546 2276 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:55:34.0734 2276 WS2IFSL - ok
15:55:34.0781 2276 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
15:55:34.0953 2276 wuauserv - ok
15:55:34.0984 2276 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:55:35.0031 2276 WudfPf - ok
15:55:35.0046 2276 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:55:35.0078 2276 WudfRd - ok
15:55:35.0109 2276 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:55:35.0156 2276 WudfSvc - ok
15:55:35.0218 2276 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
15:55:35.0406 2276 WZCSVC - ok
15:55:35.0453 2276 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
15:55:35.0656 2276 xmlprov - ok
15:55:35.0828 2276 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
15:55:35.0875 2276 YahooAUService - ok
15:55:35.0921 2276 MBR (0x1B8) (dea9e81f0228b68c9adaf84c9b0cf931) \Device\Harddisk0\DR0
15:55:36.0046 2276 \Device\Harddisk0\DR0 - ok
15:55:36.0078 2276 Boot (0x1200) (c6376e81db97bee0b1ff4463254a5b2e) \Device\Harddisk0\DR0\Partition0
15:55:36.0078 2276 \Device\Harddisk0\DR0\Partition0 - ok
15:55:36.0109 2276 Boot (0x1200) (7e0382f8527f83dcfee8fcef81d48ed6) \Device\Harddisk0\DR0\Partition1
15:55:36.0109 2276 \Device\Harddisk0\DR0\Partition1 - ok
15:55:36.0109 2276 ============================================================
15:55:36.0109 2276 Scan finished
15:55:36.0109 2276 ============================================================
15:55:36.0234 3412 Detected object count: 49
15:55:36.0234 3412 Actual detected object count: 49
15:56:04.0812 3412 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe - copied to quarantine
15:56:04.0812 3412 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:04.0921 3412 C:\WINDOWS\system32\DRIVERS\AegisP.sys - copied to quarantine
15:56:04.0921 3412 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:05.0000 3412 C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS - copied to quarantine
15:56:05.0000 3412 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:05.0062 3412 C:\WINDOWS\system32\drivers\ASCTRM.sys - copied to quarantine
15:56:05.0062 3412 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:05.0171 3412 C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe - copied to quarantine
15:56:05.0171 3412 Bluetooth Hid Switch Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:05.0250 3412 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS - copied to quarantine
15:56:05.0250 3412 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:05.0343 3412 C:\Program Files\Canon\CAL\CALMAIN.exe - copied to quarantine
15:56:05.0343 3412 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:05.0421 3412 C:\WINDOWS\system32\drivers\drvmcdb.sys - copied to quarantine
15:56:05.0421 3412 drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:05.0484 3412 C:\WINDOWS\system32\drivers\drvnddm.sys - copied to quarantine
15:56:05.0484 3412 drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:05.0593 3412 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - copied to quarantine
15:56:05.0593 3412 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:05.0843 3412 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - copied to quarantine
15:56:05.0843 3412 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:05.0968 3412 C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe - copied to quarantine
15:56:05.0968 3412 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:06.0109 3412 C:\WINDOWS\system32\DRIVERS\lknucmp.sys - copied to quarantine
15:56:06.0109 3412 LKNUCMP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:06.0171 3412 C:\WINDOWS\system32\DRIVERS\lknuhst.sys - copied to quarantine
15:56:06.0171 3412 lknuhst ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:06.0265 3412 C:\WINDOWS\system32\DRIVERS\lknuhub.sys - copied to quarantine
15:56:06.0265 3412 LKNUHUB ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:06.0359 3412 C:\Program Files\Common Files\Motive\McciCMService.exe - copied to quarantine
15:56:06.0359 3412 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:06.0468 3412 C:\Program Files\Common Files\Motive\McciServiceHost.exe - copied to quarantine
15:56:06.0468 3412 McciServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:06.0531 3412 C:\WINDOWS\System32\mhn.dll - copied to quarantine
15:56:06.0531 3412 MHN ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:06.0593 3412 C:\WINDOWS\system32\DRIVERS\mhndrv.sys - copied to quarantine
15:56:06.0593 3412 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:06.0656 3412 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS - copied to quarantine
15:56:06.0656 3412 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:06.0718 3412 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS - copied to quarantine
15:56:06.0718 3412 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:06.0906 3412 C:\WINDOWS\system32\HPZinw12.dll - copied to quarantine
15:56:06.0906 3412 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:07.0031 3412 C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe - copied to quarantine
15:56:07.0031 3412 NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:07.0171 3412 C:\WINDOWS\system32\DRIVERS\omci.sys - copied to quarantine
15:56:07.0171 3412 omci ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:07.0203 3412 C:\WINDOWS\system32\HPZipm12.dll - copied to quarantine
15:56:07.0203 3412 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:07.0375 3412 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe - copied to quarantine
15:56:07.0375 3412 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:07.0468 3412 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe - copied to quarantine
15:56:07.0468 3412 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:07.0750 3412 C:\WINDOWS\system32\DRIVERS\s24trans.sys - copied to quarantine
15:56:07.0750 3412 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:07.0796 3412 C:\WINDOWS\system32\drivers\sscdbhk5.sys - copied to quarantine
15:56:07.0796 3412 sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:07.0968 3412 C:\WINDOWS\system32\drivers\ssrtln.sys - copied to quarantine
15:56:07.0968 3412 ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0015 3412 C:\WINDOWS\system32\dla\tfsnboio.sys - copied to quarantine
15:56:08.0015 3412 tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0093 3412 C:\WINDOWS\system32\dla\tfsncofs.sys - copied to quarantine
15:56:08.0093 3412 tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0125 3412 C:\WINDOWS\system32\dla\tfsndrct.sys - copied to quarantine
15:56:08.0125 3412 tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0203 3412 C:\WINDOWS\system32\dla\tfsndres.sys - copied to quarantine
15:56:08.0203 3412 tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0234 3412 C:\WINDOWS\system32\dla\tfsnifs.sys - copied to quarantine
15:56:08.0234 3412 tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0312 3412 C:\WINDOWS\system32\dla\tfsnopio.sys - copied to quarantine
15:56:08.0312 3412 tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0328 3412 C:\WINDOWS\system32\dla\tfsnpool.sys - copied to quarantine
15:56:08.0328 3412 tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0453 3412 C:\WINDOWS\system32\dla\tfsnudf.sys - copied to quarantine
15:56:08.0453 3412 tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0515 3412 C:\WINDOWS\system32\dla\tfsnudfa.sys - copied to quarantine
15:56:08.0515 3412 tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0625 3412 C:\WINDOWS\system32\drivers\Toshidpt.sys - copied to quarantine
15:56:08.0625 3412 toshidpt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0671 3412 C:\WINDOWS\system32\DRIVERS\tosporte.sys - copied to quarantine
15:56:08.0671 3412 tosporte ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0750 3412 C:\WINDOWS\system32\Drivers\tosrfbd.sys - copied to quarantine
15:56:08.0750 3412 Tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:08.0796 3412 C:\WINDOWS\system32\Drivers\tosrfbnp.sys - copied to quarantine
15:56:08.0796 3412 Tosrfbnp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:09.0078 3412 C:\WINDOWS\system32\Drivers\tosrfcom.sys - copied to quarantine
15:56:09.0078 3412 Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:09.0093 3412 C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys - copied to quarantine
15:56:09.0093 3412 Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:09.0156 3412 C:\WINDOWS\system32\DRIVERS\tosrfnds.sys - copied to quarantine
15:56:09.0156 3412 tosrfnds ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:09.0218 3412 C:\WINDOWS\system32\drivers\TosRfSnd.sys - copied to quarantine
15:56:09.0218 3412 TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:09.0312 3412 C:\WINDOWS\system32\Drivers\tosrfusb.sys - copied to quarantine
15:56:09.0312 3412 Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
15:56:09.0531 3412 C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe - copied to quarantine
15:56:09.0531 3412 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

#9 chewbaccaneedsamedal

chewbaccaneedsamedal

    New Member

  • Members
  • Pip
  • 10 posts

Posted 09 May 2012 - 06:24 PM

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.09.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Randy Green :: D36FC2B1 [administrator]

5/9/2012 4:07:11 PM
mbam-log-2012-05-09 (16-07-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 230888
Time elapsed: 14 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 chewbaccaneedsamedal

chewbaccaneedsamedal

    New Member

  • Members
  • Pip
  • 10 posts

Posted 09 May 2012 - 06:26 PM

still dont have the use of touchpad or keyboard on my laptop. i am using a usb mouse and keyboard temporarily.

#11 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,551 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 10 May 2012 - 09:25 AM

This is a Toshiba notebook (laptop) ??

Disable CD-ROM Emulation Software:
Please download the following tool DeFogger to your desktop.
◦Double click DeFogger to run the tool.
◦The application window will appear
◦Click the Disable button to disable your CD Emulation drivers.
◦Click Yes to continue
◦A 'Finished!' message will appear
◦Click OK
◦DeFogger will now ask to reboot the machine - click OK
◦IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
◦Do not re-enable these drivers until otherwise instructed.


Next:
Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

Please close any of your open windows/programs and exit; saving any open work you have.

Go slow and careful. This is a Custom scan. Have infinite patience while it runs.

Temporarily turn OFF your antivirus program so that it does not interfere. Leave the firewall on
For a how-to-reference, see this How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

I'd like to have you do a special run of OTL to generate some searches & a new log-report.
  • Please double-click OTL.exe Posted Image to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  • Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    *****************************************************************
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %ALLUSERSPROFILE%\Application Data\*.dll /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %APPDATA%\*.dll /s
    %SYSTEMDRIVE%\*.exe
    c:|Fun4IM;true;true;true; /FP
    c:|Bandoo;true;true;true; /FP
    c:|Searchn;true;true;true; /FP
    c:|Searchq;true;true;true; /FP
    c:|datamngr;true;true;true; /FP
    c:|iLivid;true;true;true; /FP
    c:|whitesmoke;true;true;true; /FP
    %USERPROFILE%\..|smtmp;true;true;true /FP
    %systemroot%\*. /mp /s
    CLEARALLRESTOREPOINTS

    *****************************************************************
  • Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
  • :excl: Close any browser(s) windows that may be open.
  • Using your mouse, click on Run Scan.
  • The scan won't take long. Have inifinite patience. OTL may appear to stall but it will finish.
    When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    These are saved in the same location as OTL.
  • Please Copy and Paste the OTL log(s) . Do not enclose in Code or Quote.

Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#12 chewbaccaneedsamedal

chewbaccaneedsamedal

    New Member

  • Members
  • Pip
  • 10 posts

Posted 10 May 2012 - 04:30 PM

It's a dell laptop. I did the defogger it finished but didn't ask to reboot. I did a restart anyway. I did the OTL custom scan and win the status gets to the "Scanning HKEY_LOCAL_MACHINE Winsock 2 settings" an error message pops up the say ')' is not a valid integer. It never gets out of that status and I waited for about 4 hours. I closed it and I am running it again.

#13 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,551 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 10 May 2012 - 06:25 PM

Make sure you have copied all the lines between the **stars** and Pasted into the custom scan box --- as I outlined.
Should not take more than 15-20 minutes (faster depending on your system).
You may have to temporarily disable antivirus program if still get a failure or "freeze".
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#14 chewbaccaneedsamedal

chewbaccaneedsamedal

    New Member

  • Members
  • Pip
  • 10 posts

Posted 10 May 2012 - 07:43 PM

I pasted exactly this:

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%ALLUSERSPROFILE%\Application Data\*.dll /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%APPDATA%\*.dll /s
%SYSTEMDRIVE%\*.exe
c:|Fun4IM;true;true;true; /FP
c:|Bandoo;true;true;true; /FP
c:|Searchn;true;true;true; /FP
c:|Searchq;true;true;true; /FP
c:|datamngr;true;true;true; /FP
c:|iLivid;true;true;true; /FP
c:|whitesmoke;true;true;true; /FP
%USERPROFILE%\..|smtmp;true;true;true /FP
%systemroot%\*. /mp /s
CLEARALLRESTOREPOINTS

I have no anti virus running and I have tried running OTL multiple times. It always freezes in the scanning HKEY_LOCAL_MACHINE......Winsock2 settings after I get the warning ')' is not a valid integer value.

#15 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,551 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 12 May 2012 - 03:33 AM

Let's not try running OTL for the time being. By the way, do not run stuff more than one time. IF you run into a hitch, STOP and post & ask for guidance or clarification.

These steps are for chewbacca only. If you are a casual viewer, do NOT try this on your system!
If you are not chewbacca and have a similar problem, do NOT post here; start your own topic

The fixes in this Topic are for this system only! Do not apply the fix-instructions from this topic to any other system!



You will want to print out or copy these instructions to Notepad for Safe offline reference!


Let's have you do this next, in preparation for running Combofix:
Step 1
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.
  • Link 2
    Link 3
    Link 4
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
  • If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL
IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

Step 2
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall

If you have a prior copy of Combofix, delete it now !

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages
It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.
You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.
Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)


Download Combofix from any of the links below. You must rename it before saving it. Save it to your Desktop.

Link 1

Link 2

Posted Image


Posted Image


* IMPORTANT !!! SAVE AS Combo-Fix.exe to your Desktop
If your I.E. browser shows a warning message at the top, do a Right-Click on the bar and select Download, saving it to the Desktop.

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

  • Double click on Combo-Fix.exe Posted Image & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

Please watch Combofix as it runs, as you may see messages which require your response, or the pressing of OK button.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
-------------------------------------------------------

A caution - Do not run Combofix more than once.
Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.
If this occurs, please reboot to restore the desktop.

Step 3
RE-Enable your AntiVirus and AntiSpyware applications.

I had asked you early on to get & run Security Check and to post the Checkup.txt log

Download it if you have not already. If you did download it, I need you to run it now & post the log !

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!
Posted Image If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.

Reply with copy of contents of C:\Combofix.txt
and Checkup.txt
and
tell me what antivirus program is active on this system !
and if this pc came with a pre-installed antivirus, such as McAfee or Norton Symantec
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#16 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,551 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 15 May 2012 - 10:16 AM

Hello chewbacca,

Are you still around ? Kindly provide status update & did you see my last reply?
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#17 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,551 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 22 May 2012 - 09:58 AM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users