dave3232

Members
  • Content count

    18
  • Joined

  • Last visited

About dave3232

  • Rank
    New Member

Contact Methods

  • ICQ
    0
  1. Thank you very much for all of your help Maurice.
  2. Hi again Maurice, I did everything you suggested above, thank you. The only issue I came across was that I could not find Adobe Reader 9 in the list of programs to uninstall, and it does still show up when I run the Security Check by screen317. Let me know if you have any suggestions for that, and also if there are any additional steps I need to take. Otherwise things seem to be fine. Thanks, Dave
  3. Hi Maurice, here is the log: Results of screen317's Security Check version 0.99.46 Windows Vista Service Pack 2 x86 (UAC is disabled!) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Rogers Online Protection Anti-Virus Microsoft Security Essentials Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.62.0.1300 JavaFX 2.1.1 Java 7 Update 5 Java version out of Date! Adobe Reader 9 Adobe Reader out of Date! Adobe Reader X (10.1.4) ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Rogers Online Protection Rogers Online Protection Fws.exe Rogers Online Protection Rogers Online Protection AVG Identity Protection\agent\Bin\AVGIDSAgent.exe Rogers Online Protection Rogers Online Protection RpsSecurityAwareR.exe Rogers Online Protection Rogers Servicepoint Agent ServicepointService.exe Rogers Online Protection Rogers Servicepoint Agent RogersServicepointAgent.exe Rogers Online Protection Rogers Servicepoint Agent RogersServicepointAgentComHandler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1 % ````````````````````End of Log``````````````````````
  4. Maurice, Here are the MBAM Quick scan results and Bitdefender log. Both were clean. Any next steps? Thank you. Dave Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.21.08 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Dave :: DAVE-PC [administrator] 8/21/2012 11:25:11 AM mbam-log-2012-08-21 (11-25-11).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 210140 Time elapsed: 11 minute(s), 10 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) QuickScan 32-bit v0.9.9.118 --------------------------- Scan date: Tue Aug 21 14:16:40 2012 Machine ID: C410C296 No infection found. ------------------- Processes --------- Adobe Acrobat Update Service 1668 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe APO Access Service (32-bit) 856 C:\Windows\System32\AERTSrv.exe AVG IDS 1980 C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe Backup Manager 2364 C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe Backup Manager 2436 C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe Bonjour 1332 C:\Program Files\Bonjour\mDNSResponder.exe Client Gateway 3.7.44 4784 C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgentComHandler.exe Client Gateway 3.7.44 2224 C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe Dell Dock 2676 C:\Program Files\Dell\DellDock\DellDock.exe DNA 2984 C:\Program Files\DNA\btdna.exe Dock Login Service 1476 C:\Program Files\Dell\DellDock\DockLogin.exe HD Audio Control Panel 3804 C:\Windows\RtHDVCpl.exe Intel® Common User Interface 3772 C:\Windows\System32\hkcmd.exe Intel® Common User Interface 3780 C:\Windows\System32\igfxpers.exe Intel® Common User Interface 3796 C:\Windows\System32\igfxsrvc.exe iTunes 4284 C:\Program Files\iPod\bin\iPodService.exe iTunes 3828 C:\Program Files\iTunes\iTunesHelper.exe Java™ Platform SE Auto Updater 2 0 3916 C:\Program Files\Common Files\Java\Java Update\jusched.exe Microsoft IntelliPoint 2788 C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe Microsoft IntelliPoint 1808 C:\Program Files\Microsoft IntelliPoint\ipoint.exe Microsoft Malware Protection 1036 C:\Program Files\Microsoft Security Client\MsMpEng.exe Microsoft Security Client 2352 C:\Program Files\Microsoft Security Client\msseces.exe Microsoft® CoReXT 2492 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE Microsoft® CoReXT 2556 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE Microsoft® Windows® Operating System 3468 C:\Windows\explorer.exe Microsoft® Windows® Operating System 4560 C:\Windows\System32\conime.exe Microsoft® Windows® Operating System 564 C:\Windows\System32\csrss.exe Microsoft® Windows® Operating System 620 C:\Windows\System32\csrss.exe Microsoft® Windows® Operating System 704 C:\Windows\System32\lsass.exe Microsoft® Windows® Operating System 692 C:\Windows\System32\services.exe Microsoft® Windows® Operating System 1296 C:\Windows\System32\SLsvc.exe Microsoft® Windows® Operating System 484 C:\Windows\System32\smss.exe Microsoft® Windows® Operating System 1956 C:\Windows\System32\spoolsv.exe Microsoft® Windows® Operating System 2992 C:\Windows\System32\taskeng.exe Microsoft® Windows® Operating System 3328 C:\Windows\System32\taskeng.exe Microsoft® Windows® Operating System 4572 C:\Windows\System32\wbem\WmiPrvSE.exe Microsoft® Windows® Operating System 608 C:\Windows\System32\wininit.exe Microsoft® Windows® Operating System 656 C:\Windows\System32\winlogon.exe mlb-nexdef-autobahn.exe 3252 C:\Users\Dave\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe MobileDeviceService 1404 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe OmniPage 1632 C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe PhotoshopElementsFileAgent.exe 1648 C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe RealPlayer (32-bit) 3848 C:\Program Files\real\realplayer\Update\realsched.exe RIMBBLaunchAgent 3836 C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe Rogers Online Protection 1548 C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe Rogers Online Protection 2176 C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe Rogers Servicepoint Agent 3812 C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe Windows® Internet Explorer 2584 C:\Program Files\Internet Explorer\iexplore.exe Windows® Internet Explorer 5452 C:\Program Files\Internet Explorer\iexplore.exe Windows® Internet Explorer 5996 C:\Program Files\Internet Explorer\iexplore.exe Windows® Search 5736 C:\Windows\System32\SearchFilterHost.exe Windows® Search 3524 C:\Windows\System32\SearchProtocolHost.exe (verified) Microsoft® Windows® Operating System 3376 C:\Windows\System32\dwm.exe (verified) Microsoft® Windows® Operating System 712 C:\Windows\System32\lsm.exe (verified) Microsoft® Windows® Operating System 900 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 960 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 2068 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1732 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 2460 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1412 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 2264 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1184 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 304 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 3964 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1160 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1132 C:\Windows\System32\svchost.exe (verified) Microsoft® Windows® Operating System 1272 C:\Windows\System32\svchost.exe (verified) Windows® Search 2532 C:\Windows\System32\SearchIndexer.exe Network activity ---------------- Process iexplore.exe (5452) connected on port 80 (HTTP) --> 74.125.226.66 Process iexplore.exe (5452) connected on port 80 (HTTP) --> 74.125.226.66 Process iexplore.exe (5452) connected on port 80 (HTTP) --> 199.7.71.72 Process iexplore.exe (5452) connected on port 80 (HTTP) --> 66.235.142.2 Process iexplore.exe (5452) connected on port 80 (HTTP) --> 66.235.142.2 Process wininit.exe (608) listens on ports: 49152 (RPC) Process services.exe (692) listens on ports: 49160 (RPC) Process lsass.exe (704) listens on ports: 49154 (RPC) Process svchost.exe (960) listens on ports: 135 (RPC) Process svchost.exe (1132) listens on ports: 49153 (RPC) Process svchost.exe (1184) listens on ports: 49155 (RPC) Process ServicepointService.exe (2224) listens on ports: 8965 Process btdna.exe (2984) listens on ports: 20329 Autoruns and critical files --------------------------- Adobe Photo Downloader 3.0 component C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe Adobe® Flash® Player Update Service C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe Google Desktop c:\Program Files\Google\Google Desktop Search\googledesktopnetwork3.dll GoToAssist C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll HD Audio Control Panel C:\Windows\RtHDVCpl.exe Intel® Common User Interface C:\Windows\System32\hkcmd.exe Intel® Common User Interface C:\Windows\system32\igfxdev.dll Intel® Common User Interface C:\Windows\System32\igfxpers.exe Intel® Common User Interface C:\Windows\system32\igfxtray.exe iTunes C:\Program Files\iTunes\iTunesHelper.exe Java™ Platform SE Auto Updater 2 0 C:\Program Files\Common Files\Java\Java Update\jusched.exe Microsoft IntelliPoint C:\Program Files\Microsoft IntelliPoint\ipoint.exe Microsoft Security Client C:\Program Files\Microsoft Security Client\msseces.exe Microsoft® Windows® Operating System C:\Windows\system32\BROWSEUI.dll Microsoft® Windows® Operating System C:\Windows\system32\scrnsave.scr mlb-nexdef-autobahn.exe C:\Users\Dave\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe OmniPage C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe QuickTime C:\Program Files\QuickTime\QTTask.exe RealPlayer (32-bit) C:\Program Files\real\realplayer\Update\realsched.exe Rogers Servicepoint Agent C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe SSBkgdUpdate C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe Windows® Internet Explorer c:\windows\system32\webcheck.dll (verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe (verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe Browser plugins --------------- AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll Bonjour C:\Program Files\Bonjour\mdnsNSP.dll Browser Address Error Redirector c:\program files\dell\bae\bae.dll DivX Web Player C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll DNA Plug-in C:\Program Files\DNA\plugins\npbtdna.dll Google Toolbar for Internet Explorer c:\program files\google\google toolbar\googletoolbar_32.dll Google Update C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.exe Java Deployment Toolkit 7.0.50.255 C:\Windows\system32\npDeployJava1.dll Java™ Platform SE 7 U5 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll Java™ Platform SE 7 U5 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll Java™ Platform SE 7 U5 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll NPWebSLLauncher.dll C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll QuickTime Plug-in 7.7.2 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll RealJukebox NS Plugin c:\program files\real\realplayer\Netscape6\nprjplug.dll RealNetworks™ Chrome Background Exte C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll RealPlayer Download and Record Plugin C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll RealPlayer Download Plugin c:\program files\real\realplayer\Netscape6\nprpplugin.dll RealPlayer™ G2 LiveConnect-Enabled P c:\program files\real\realplayer\Netscape6\nppl3260.dll RealPlayer™ HTML5VideoShim Plug-In ( C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll Rogers Servicepoint Agent C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\nprpspa.dll Silverlight Plug-In c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll Software Manager C:\Windows\Downloaded Program Files\isusweb.dll Windows Presentation Foundation c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll Windows® Internet Explorer C:\Windows\system32\IEFRAME.dll Yahoo Application State Plugin C:\Program Files\Yahoo!\Shared\npYState.dll (verified) DivX Player Netscape Plugin C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (verified) InstallShield Update Service C:\Windows\Downloaded Program Files\dwusplay.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll (verified) Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll (verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll Scan ---- MD5: 72292ae254ad01236143e750d8952d03 C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe MD5: 63ab43534cbf5d7f3eb81dfdc8161490 C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe MD5: bfe015272a8a81ece1e79952db49bbce C:\Program Files\Adobe\Photoshop Elements 5.0\platform.dll MD5: 84cbd6f6aa7ee399fbdc265b8ea64474 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe MD5: d3316f6e3c011435f36e3d6e49b3196c C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe MD5: 02a450fb1b4131b63f0782b3b626bf3d C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll MD5: ba0ed7aa3c36a8da27ded1d6b3508158 c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll MD5: b63e5c7807334a3a8f731062f15462cc C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe MD5: d19c4ee2ac7c47b8f5f84fff1a789d8a C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe MD5: 60c079cb2150760263d1fe5ff6218961 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll MD5: b45f2c4076acfd9714037b7c69d90167 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe MD5: ba02f01be7ed88e8974c798acb3075f5 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll MD5: af54247f97ccf3539de7505c09972ff9 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll MD5: 67b539d844f804ebac7a1e3828fde709 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll MD5: 3bde52411df2fe4252c9289f51cb0f7e C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll MD5: fd86c605fd7ad4a41c01ec7a4a1e1c5d C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll MD5: a3609397ef273b03295dbb10274be12c C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll MD5: 18301b40411b2108076ab685b4e4b6dc C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll MD5: 32d78dcabfb942275e01363d5232c77d C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll MD5: df1c1cd0c7ee95cc00d71e9e415e7bcd C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll MD5: c28fd3b37b6f18751c99e6022a2a9782 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll MD5: 53a6ffb9fff5c3e64b64e9b68c31d4e5 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll MD5: a56ccbbfccedce2fd9c69fed24e035e3 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MD5: f401929ee0cc92bfe7f15161ca535383 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe MD5: 3b7d8eae5e44cbda4cd772720594f116 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll MD5: d5369247b6c11eae2c0650d8303e23b4 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll MD5: b0bf87f9e247bb0621bce59eb8cd113f C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll MD5: 995beb69ae5c50d354894354f5a6cd5a C:\Program Files\Common Files\Java\Java Update\jusched.exe MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE MD5: cf39a105cd553eed31e2255aff4c6742 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll MD5: 45406ffd87f6ba4345b018e303a64ff1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll MD5: fb01d4ae207b9efdbabfc55dc95c7e31 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE MD5: c649f293b8b047a2694f3c615d09bf17 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE MD5: fae937ced2dceb5001ff08acc81ba479 C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll MD5: cdb517386a26ae420cb24bdb3cd88779 C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe MD5: 846965ae55a2662b1576c0f392dd1d6e C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe MD5: 1d0063597c3666404fcf97698abeb019 C:\Program Files\Common Files\SureThing Shared\stllssvr.exe MD5: 1a4f60ef6da38621f1091b0cb0fa2c09 c:\program files\dell\bae\bae.dll MD5: 58d9c70b01dbf2deaea787a1d7c869bb C:\Program Files\Dell\DellDock\DellDock.exe MD5: db29915209770d8b59654345ec2d943a C:\Program Files\Dell\DellDock\DockLogin.exe MD5: fc77ea9f18d22d6feca318e81a0bc473 C:\Program Files\Dell\DellDock\MyDockLib.dll MD5: d05ef65bdd18fcb8632236d4e58b818d C:\Program Files\DNA\btdna.exe MD5: fb9ca6bf794d81f533b633f40d7e8ec1 C:\Program Files\DNA\plugins\npbtdna.dll MD5: 5d4bc124faae6730ac002cdb67bf1a1c C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe MD5: 9e37e0c528e1e3a79e215b6a4eea2143 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe MD5: 5d0207080ee0e1588f01f75b63e8bc3d c:\Program Files\Google\Google Desktop Search\googledesktopnetwork3.dll MD5: a43d7a68d70f57e44352a1973c8196a8 c:\program files\google\google toolbar\googletoolbar_32.dll MD5: 8f628060daecf76c537bd89a53228d3b C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll MD5: 75101a87783e93c4c7a64aa12413b8ab C:\Program Files\Griffin Technology\iTalk Sync\CopyHook.dll MD5: 20aa5135c856c44b08333365ebfa8087 C:\Program Files\Internet Explorer\ieproxy.dll MD5: 868722237aa095367491785e5c41ef0d C:\Program Files\Internet Explorer\IEShims.dll MD5: 93569d46d79f9756ed077156496afe23 C:\Program Files\Internet Explorer\iexplore.exe MD5: 0a7b01235b1cbfa387b04a91e2f2b7d0 C:\Program Files\Internet Explorer\plugins\nppdf32.dll MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll MD5: 2f7480a40151eb2e483cf6524edba3f7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll MD5: e6be7a41a28d8f2db174957454d32448 C:\Program Files\iPod\bin\iPodService.exe MD5: ce4b444bd0cdcd45d57d17c206159bed C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL MD5: edc992a51a19205c619c48261dd53655 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL MD5: b1ca4aa760ff0ddfa1c38e95d19cfefb C:\Program Files\iTunes\iTunesHelper.dll MD5: 34086f1dbb4065047ea3671cb70505cc C:\Program Files\iTunes\iTunesHelper.exe MD5: e7fe89f69c3cc65cad3d1adc5d6a9f41 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL MD5: 0654195051d1024c005e7be135a6fee7 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL MD5: d28ad1cb902ac6d228532812d3850c7d C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll MD5: 0b4159026b99fa24baa9b1a62f8cbad0 C:\Program Files\Microsoft IntelliPoint\Components\Commands\dpghnt\dpghnt.dll MD5: 844dbabfb55257433c4f116a4154c0c8 C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll MD5: 29e8836d4ba4bee95db9d1ffe1608115 C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll MD5: 812f17ed4c2ea6c5c4f872e9474bafff C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe MD5: 55c0c08f29c43cc9e883dfe4d98d80fc C:\Program Files\Microsoft IntelliPoint\ipoint.exe MD5: 03a8471f917e71e986bda1e7b7aa6d70 C:\Program Files\Microsoft IntelliPoint\ipres.dll MD5: 9a278db687a48c791d8d19790433562b C:\Program Files\Microsoft IntelliPoint\sqmapi.dll MD5: 7ad9b21be75ae5aa81ef54636f227c66 C:\Program Files\Microsoft IntelliPoint\srres.dll MD5: a8e35801e04a4183a27df60829402867 C:\Program Files\Microsoft Security Client\EppManifest.dll MD5: 410ccadf699cee2c0c741df0fd90f204 c:\Program Files\Microsoft Security Client\mpclient.dll MD5: 891348171414bf1fd6bbbd46159d5446 c:\Program Files\Microsoft Security Client\MpOAv.dll MD5: 0b3e2a065bb0e0c8854fef37f90dc3be c:\Program Files\Microsoft Security Client\mprtp.dll MD5: 120aa0938e8b76ce044d5307dd6caa11 c:\Program Files\Microsoft Security Client\mpsvc.dll MD5: d5bd2608a465a5867e6220ff84e58768 c:\Program Files\Microsoft Security Client\MsMpCom.dll MD5: 24516bf4e12a46cb67302e2cdcb8cddf C:\Program Files\Microsoft Security Client\MsMpEng.exe MD5: 687b71c161b246ece1a13d24aacf0413 C:\Program Files\Microsoft Security Client\msseces.exe MD5: 8de82bd61f12035a07ddf62f4a44d225 c:\Program Files\Microsoft Security Client\NisIpsPlugin.dll MD5: 290c0d4c4889398797f8df3be00b9698 c:\Program Files\Microsoft Security Client\NisSrv.exe MD5: 9013599b12923a45c029c34e8d2211ac c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll MD5: 565b2e248ce57ad0d6a31d9fb200cb54 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\msvcr100.dll MD5: 18c6a57b569f088c2bd7b828a211ac06 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll MD5: b82665cfecc58fb6479f33381abd9da2 C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll MD5: 916a2c4eb028604783fd5ea169236c1d C:\Program Files\QuickTime\QTTask.exe MD5: 82d8354db7ce7131fb939e8482ddf511 C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe MD5: 3719de4180e251ab91d8c183f2d949bf C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe MD5: ba2d1c9cd426fea1dae5a133bf6f3075 c:\program files\real\realplayer\Netscape6\nppl3260.dll MD5: ff83180f3d888205b3b137927a2665a5 c:\program files\real\realplayer\Netscape6\nprjplug.dll MD5: b0bb120c94262686b7772ca71cebd364 c:\program files\real\realplayer\Netscape6\nprpplugin.dll MD5: a05602fcf939a0a051d0cdf8c5ceda98 C:\Program Files\real\realplayer\Update\realsched.exe MD5: 952bfa893477f97a0f254d82d38f45d4 C:\Program Files\Rogers Backup Manager\LIBEXPAT.dll MD5: 70b029a0e50bbb1c95497b75d6626fa7 C:\Program Files\Rogers Backup Manager\VaultClientCOM.dll MD5: 9c080e899a92a4dad24ab4205a47ced9 C:\Program Files\Rogers Backup Manager\VaultClientMenu.dll MD5: f56f0e24e35fd91f74a5319e7081a0db C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe MD5: cf3b0ad3091b2997a1e5d4b6be87ec07 C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe MD5: c4890ace6384522e9b678f403ab5a145 C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe MD5: bdbed9fc165faf04be644ec212ba4603 C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys MD5: a6c0c7d9da55e5c3dd9c62b11916586b C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSFilter.sys MD5: a79eeb6feace017928581ef13d573745 C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys MD5: 716c833fdd8b3c3814cad55503a60bd9 C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\bdfltlib.dll MD5: d90a33660d328a9f587580f0b38c85de C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\profos.sys MD5: 4bea90f7d79143cc2135e2c5e85c9eb0 C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\scan.dll MD5: 86ec240d05066b075569e39cdb245941 C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\smartscn.dll MD5: 6d15feb597b46286f23ecade64d32b0f C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefenderEngineR.dll MD5: ec43ffed505c4b4b41232ee3e5cf82e9 C:\Program Files\Rogers Online Protection\Rogers Online Protection\CLBR.DLL MD5: a4877c15981a532502836f5f36b69b38 C:\Program Files\Rogers Online Protection\Rogers Online Protection\CstmUIR.dll MD5: 74edbb03de3291fcf2094af1fb363f1d C:\Program Files\Rogers Online Protection\Rogers Online Protection\dbghelp.dll MD5: cea890bbef0704f49daea9b340fb6a6c C:\Program Files\Rogers Online Protection\Rogers Online Protection\FireR.dll MD5: ca9ed725bbd3f4795ebbed935fe6e824 C:\Program Files\Rogers Online Protection\Rogers Online Protection\FreeSCR.dll MD5: 3fc8401df4ee3c257569cd50f2ff2f0d C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe MD5: 54d5e02a4c66671beea956a6679865c5 C:\Program Files\Rogers Online Protection\Rogers Online Protection\inhR.dll MD5: e9390afa4cb30af10400c89c153e9e26 C:\Program Files\Rogers Online Protection\Rogers Online Protection\LibZkR.dll MD5: 0adab1389e99deb9ca9b89e0857fa65a C:\Program Files\Rogers Online Protection\Rogers Online Protection\MalwareEngineR.dll MD5: 687e03e8e214a51ed936596051f778b8 C:\Program Files\Rogers Online Protection\Rogers Online Protection\OemLibR.dll MD5: 6ea00ad5a7d552a3d17bf6d2121a4d2b C:\Program Files\Rogers Online Protection\Rogers Online Protection\PersistR.dll MD5: c401ccf45d3c2f11d9c252cce7021c91 C:\Program Files\Rogers Online Protection\Rogers Online Protection\PktShimR.dll MD5: 663c165c99e0b902ab9b6cbf0d46ddf9 C:\Program Files\Rogers Online Protection\Rogers Online Protection\Resources\zk_en_US\CLB_Rsrc.dll MD5: 5bf0caf1cdcfab7da7c2cd7e0603c654 C:\Program Files\Rogers Online Protection\Rogers Online Protection\Resources\zk_en_US\Fws_Rsrc.dll MD5: 87f398eecc74e57fbc9b4e7657e8f550 C:\Program Files\Rogers Online Protection\Rogers Online Protection\Resources\zk_en_US\inh_Rsrc.dll MD5: 6dceffad9f0a9ab4fbfefc044c2ea0ed C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe MD5: a45507d531de275cf0cff2fb7f29846e C:\Program Files\Rogers Online Protection\Rogers Online Protection\SecurityAwareLIBR.dll MD5: bb902c9860255a25e6f1458391f55a9b C:\Program Files\Rogers Online Protection\Rogers Online Protection\SktShimR.dll MD5: 05c3bf97e84f6d132c48b204b83acee3 C:\Program Files\Rogers Online Protection\Rogers Online Protection\UpdMgrR.dll MD5: 9e4261c9fd4f0396a090bdb9e8e0e35c C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\BSUtil.dll MD5: 9d47d89c5e942c533263f2578875627f C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\nprpspa.dll MD5: ab89479b0b34f2145ff96a348d71a2c2 C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe MD5: eec60879217702e58459102350ee87df C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgentComHandler.exe MD5: b651a7b4bf84e7b14fb827d4d674891e C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RpSpaWshComAgent.dll MD5: 47c274b918dfa3de8e25e902568cbea6 C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe MD5: c826f7ba9c7bf0860cbf1f650e2edc1b C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\Windows7Features.dll MD5: fba22c413fe8b13ba49d7535174ddbef C:\Program Files\ScanSoft\OmniPageSE4\OpHookSE4.dll MD5: f8d427dae2984a4968e2d1cb53634784 C:\Program Files\ScanSoft\OmniPageSE4\OpWareSE4.exe MD5: 6128e98eaaed364ed1a32708d2fd22cb C:\Program Files\Skype\Updater\Updater.exe MD5: b7dc98f6f4e7611a9c0849945fb28fb9 C:\Program Files\Windows Defender\MpOav.dll MD5: f3031f25c96f80a3297146903cea016b C:\Program Files\Windows Photo Gallery\PhotoBase.dll MD5: 5eb87ba0b93ca7e894fc8002e3ce4c2a C:\Program Files\Windows Portable Devices\SqmApi.dll MD5: aa060cc3384b08dadf9dad31f3d6175b C:\Program Files\Yahoo!\Shared\npYState.dll MD5: 253973ca45d11d646d5fd23f205b8922 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{526002E9-B960-4F06-BF6A-B389643AE70F}\mpengine.dll MD5: 1af17e5a327c4af6d930e2cfd709c74a C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll MD5: 6a03609a79d8c5acecb66eed53f3a0ab C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll MD5: 70677064555d2eb816249abb0150951f C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll MD5: 2a805b53e3d54e3c847ebf0a53ceb0e2 C:\Users\Dave\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe MD5: c17cf1e7ed495ade9e2bbb07aa592d92 C:\Users\Dave\AppData\Local\Autobahn\rt\bin\hpi.dll MD5: d5f824b36d43465808639b082553cf59 C:\Users\Dave\AppData\Local\Autobahn\rt\bin\java.dll MD5: 299634b6acaa2795e2ab4a3f935b026e C:\Users\Dave\AppData\Local\Autobahn\rt\bin\jetvm\jvm.dll MD5: b52bcf2bf55ff248601277b7d7c8d13d C:\Users\Dave\AppData\Local\Autobahn\rt\bin\net.dll MD5: 6c078c9f52d38604af22a025fd2394ac C:\Users\Dave\AppData\Local\Autobahn\rt\bin\nio.dll MD5: 8f9397974d713971656da2681e787b4a C:\Users\Dave\AppData\Local\Autobahn\rt\bin\zip.dll MD5: 0db1d42e30aa8da79e2e29664feb64d1 C:\Users\Dave\AppData\Local\Autobahn\rt\jetrt\baseline720.dll MD5: d6804f089cbb6749e95124e7c4d80900 C:\Windows\AppPatch\AcLayers.DLL MD5: 3dd74ddfada2d113033ebd87da85893a C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll MD5: d3f7336df6475923f26a732c4672c947 C:\Windows\assembly\NativeImages_v2.0.50727_32\DellDock\a2117f9d2b9670193889149f0ec777d5\DellDock.ni.exe MD5: 6b9f51436b93925bfac9b0b47aee595f C:\Windows\assembly\NativeImages_v2.0.50727_32\MenuSkinning\e4ead33e7390326a9814a511c566054b\MenuSkinning.ni.dll MD5: 015a9d857726c083144ca352a273378a C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll MD5: d30528cc80571fb8435a934bfd11102f C:\Windows\assembly\NativeImages_v2.0.50727_32\MyDock.Util\d8dfd448743194309366caa97c215c21\MyDock.Util.ni.dll MD5: b8876bba284dfec2311d7694483ab8ae C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll MD5: f05fdb5756f82c6cbbc9203d974a0c3b C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll MD5: 5a6bfe723cf0e6e39021cdc01ca57eed C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll MD5: 279a8be318ebc0c25c5ea9aed19e0cf9 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll MD5: 99495e46cbf87f1c1ff3e57c069d0a8d C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll MD5: 1e03babb4d6ca5c27bd2c822f7f95788 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll MD5: 8fbf6631a3513b5bfd3f9519fe4c338b C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\53ff6fb64982a15d164f25e727be6bb4\VistaBridgeLibrary.ni.dll MD5: 01e2eca759056f23c73a035fdabb2d6d C:\Windows\Downloaded Program Files\dwusplay.exe MD5: 56940b50ab0e5923822f47b0e4463885 C:\Windows\Downloaded Program Files\qsax.dll MD5: 3787a4bc97ce6c630f4b581425223d96 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll MD5: c42ae64f5db6bc5e947b7e3e1b1e633e C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll MD5: 35a936c7c029a5b705d3ffd40518d660 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll MD5: 215ce077258cedd5be4c56e9d614db9f C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MD5: b503285b5d1cac5ae445d60c690dcff9 C:\Windows\RtHDVCpl.exe MD5: e9b9c1b98c8d6d48407e1c1203eac659 C:\Windows\System32\adsldpc.dll MD5: 031da76a5a7dc13f015dd3491394865e C:\Windows\system32\advpack.dll MD5: 330a1e4df07c2e29949ed8631cd8828e C:\Windows\System32\AERTSrv.exe MD5: f31eebc1a1c81fd04005489cc3dcdfe7 C:\Windows\system32\basesrv.dll MD5: f21f255b91ca4f04e4250decd2067cbb c:\windows\system32\bitsperf.dll MD5: d333058925ce305e39de8d5ad2b52a46 C:\Windows\system32\CLUSAPI.DLL MD5: 74f26fc01b180d4a99a168ed69c30a53 C:\Windows\system32\cmd.exe MD5: 7f15b4953378c8b5161d65c26d5fed4d C:\Windows\system32\cngaudit.dll MD5: c7bd18da1a6e114d2ee4a0bac290de63 C:\Windows\System32\CNMLM97.DLL MD5: 93e317d7ad783d8eaee2e3500bfe889d C:\Windows\System32\credui.dll MD5: f180ede9cfc3ff218d4b45155119f4d9 c:\windows\system32\CRYPT32.dll MD5: f798a893c8c214f74889dbf9d3a412de C:\Windows\system32\cryptnet.dll MD5: 75c6a297e364014840b48eccd7525e30 c:\windows\system32\cryptsvc.dll MD5: 187076dd5d8d4d5d23079d0741195ead C:\Windows\system32\CSRSRV.dll MD5: abca209eba02cb59233614db83b4f50d C:\Windows\System32\csrss.exe MD5: 6f766eb966d33dff62810c0b3190fcf7 C:\Windows\system32\CTAPO32.dll MD5: e9b39c81c87e5b790fce121da9e02701 C:\Windows\system32\d2d1.dll MD5: 8b02d2ecc7ef6e1f6af08459e3f741f6 C:\Windows\system32\d3d10.dll MD5: 5256383d1d266a9eefcdb270340c0e5c C:\Windows\system32\d3d10_1.dll MD5: a441f5b43eaf4bd4e3acfbe38841b46b C:\Windows\system32\d3d10_1core.dll MD5: 9c7094f537782a82b6a29b4a7172e180 C:\Windows\system32\d3d10core.dll MD5: 04802864f51046e93471083a24469ace C:\Windows\system32\D3D10Level9.dll MD5: 4a4c71376eca305d6dea021f1a44816d C:\Windows\system32\D3D10Warp.dll MD5: d76ef22d86646efe8b1b3ccbb362d4cc C:\Windows\system32\DaisyWrp.dll MD5: 85e861d0b88db2b54acb0839654c09f7 c:\windows\system32\DNSAPI.dll MD5: 57d762f6f5974af0da2be88a3349baaa c:\windows\system32\dnsrslvr.dll MD5: 062373995eae5f0eac9eaa9192136bfb C:\Windows\system32\dnssd.dll MD5: 3911b972b55fea0478476b2e777b29fa C:\Windows\system32\drivers\afd.sys MD5: ab37408508b9754e657ec3a7d8af9e5c C:\Windows\system32\drivers\AVGIDSEH.sys MD5: 9b281f5f673cbc5b9ec886d59e0b4f26 C:\Windows\system32\drivers\bdfsfltr.sys MD5: 35f376253f687bde63976ccb3f2108ca C:\Windows\system32\DRIVERS\bowser.sys MD5: 622c41a07ca7e6dd91770f50d532cb6c C:\Windows\System32\Drivers\dfsc.sys MD5: c68ac676b0ef30cfbb1080adce49eb1f C:\Windows\System32\drivers\dxgkrnl.sys MD5: 04944f4fc4f0477185f5d26ae0ddb90e C:\Windows\system32\DRIVERS\e1e6032.sys MD5: 997e8f5939f2d12cd9f2e6b395724c16 C:\Windows\system32\drivers\iastor.sys MD5: 9378d57e2b96c0a185d844770ad49948 C:\Windows\system32\DRIVERS\igdkmd32.sys MD5: 4a1445efa932a3baf5bdb02d7131ee20 C:\Windows\System32\Drivers\ksecdd.sys MD5: d993bea500e7382dc4e760bf4f35efcb C:\Windows\system32\DRIVERS\MpFilter.sys MD5: 1e94971c4b446ab2290deb71d01cf0c2 C:\Windows\system32\DRIVERS\mrxsmb.sys MD5: 4fccb34d793b116423209c0f8b7a3b03 C:\Windows\system32\DRIVERS\mrxsmb10.sys MD5: c3cb1b40ad4a0124d617a1199b0b9d7c C:\Windows\system32\DRIVERS\mrxsmb20.sys MD5: f70590424eefbf5c27a40c67afdb8383 C:\Windows\system32\drivers\msahci.sys MD5: b52f26bade7d7e4a79706e3fd91834cd C:\Windows\system32\DRIVERS\NisDrvWFP.sys MD5: e8717d9b0d1919cadafd8896a8e23e17 C:\Windows\system32\DRIVERS\NuidFltr.sys MD5: f5cf06754ae54d9d3353fc9c59bc4e04 C:\Windows\System32\DRIVERS\papycpu2.sys MD5: b09a71e8e1e127455f3a2fe83d38851f C:\Windows\System32\DRIVERS\papyjoy.sys MD5: b9c2b89f08670e159f7181891e449cd9 C:\Windows\System32\drivers\partmgr.sys MD5: 1636d43f10416aeb483bc6001097b26c C:\Windows\system32\drivers\pciide.sys MD5: e56e57cfb75b1ee2bb001ad036c27fbb C:\Windows\system32\DRIVERS\point32k.sys MD5: 3a5633ad615e2b15291bd0b1b97ccd8a C:\Windows\system32\DRIVERS\RimSerial.sys MD5: 4f4a4c09cc5be58a76cac1c337e004e6 C:\Windows\System32\Drivers\RimUsb.sys MD5: 75e8a6bfa7374aba833ae92bf41ae4e6 C:\Windows\System32\Drivers\RootMdm.sys MD5: b7e136986bb3dac249a00e760281f0a9 C:\Windows\system32\DRIVERS\rp_pkt32.sys MD5: 750d83c39d60964b6bc2b8a75ed7a165 C:\Windows\system32\DRIVERS\rp_skt32.sys MD5: f8f53c5449f15b23d4c61d51d2701da8 C:\Windows\system32\drivers\RTKVHDA.sys MD5: 12e0a4134d5fd9914b965aa5aaa49e8f C:\Windows\System32\Drivers\SQcaptur.sys MD5: 41987f9fc0e61adf54f581e15029ad91 C:\Windows\System32\DRIVERS\srv.sys MD5: ff33aff99564b1aa534f58868cbe41ef C:\Windows\System32\DRIVERS\srv2.sys MD5: 7605c0e1d01a08f3ecd743f38b834a44 C:\Windows\System32\DRIVERS\srvnet.sys MD5: ee7e10bed85c312c1d5d30c435bdda9f C:\Windows\System32\drivers\tcpip.sys MD5: 2c2d4cff5e09c73908f9b5af49a51365 C:\Windows\System32\drivers\tcpipreg.sys MD5: eafe1e00739afe6c51487a050e772e17 C:\Windows\System32\Drivers\usbaapl.sys MD5: cabd1b34bd05c986b4dbc18bc0e947ee C:\Windows\system32\DWrite.dll MD5: aaae543c535ed596ecad2ab8761c2c6f C:\Windows\system32\dxgi.dll MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\system32\Dxtmsft.dll MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\system32\Dxtrans.dll MD5: b8a21907fe2f1a113f3487d9ab60bef9 C:\Windows\system32\en-us\tQuery.dll.mui MD5: abaeaee763e287bdd39094c4165e1f3f C:\Windows\system32\fdproxy.dll MD5: a9542ff2e9a82cf100e5729ec79068f0 C:\Windows\system32\FLTLIB.DLL MD5: 8ce364388c8eca59b14b539179276d44 c:\windows\system32\fntcache.dll MD5: 67bb7141f7f5f37411f796943b3418b6 C:\Windows\system32\framedynos.dll MD5: 03f2078a0af7e12fd294d36541a57eca C:\Windows\System32\hccutils.DLL MD5: b4b59ac042ee3733a862f26cbc0b17fc C:\Windows\system32\hidphone.tsp MD5: 5f529fbb095cbc9f14bb1e97a7a6b547 C:\Windows\System32\hkcmd.exe MD5: 0c84b6affa7486422235584110d7176f c:\windows\system32\ICAAPI.dll MD5: ed6f6fbbcdec95483b7351e23f4fcdf6 C:\Windows\system32\IEADVPACK.DLL MD5: ee9d715af1b928982f417238b9914484 C:\Windows\system32\ieapfltr.dll MD5: 32e15ecf5854f5610bc895490bc3246a C:\Windows\system32\IEFRAME.dll MD5: b17adbbbdc97148d28f995f32c380f2e C:\Windows\system32\iertutil.dll MD5: 2cc34eff09799a50fa44299599f6589f C:\Windows\system32\IEUI.dll MD5: 784485b6bf7f0156d3cf64e8a91d1ce6 C:\Windows\system32\igdumd32.dll MD5: 6b01dad4cb6b2bb507a268dd0dfef04f C:\Windows\system32\igfxdev.dll MD5: d8a33af26e4143f7a892009890bb6f64 C:\Windows\System32\igfxpers.exe MD5: d0e997dd37fdf2b7951c96c71b99f14c C:\Windows\system32\igfxrENU.lrc MD5: 65c4ecda9f77735b26d3459df535db81 C:\Windows\system32\igfxsrvc.dll MD5: 734006a2db2404138f2c1a2cb86d32ef C:\Windows\System32\igfxsrvc.exe MD5: 412c0e1b515ab44f45037cd495d6a1be C:\Windows\system32\igfxTMM.dll MD5: 7f7b42b1ba42242116f5b277a063fe2e C:\Windows\system32\igfxtray.exe MD5: eb49faa5ebbc06356fb12476438781b9 C:\Windows\system32\imagehlp.dll MD5: a2c5a505398a160af30121e307ae996e C:\Windows\system32\jscript.dll MD5: 9f179da6bf972f2b8b7f90978d02d719 C:\Windows\System32\jscript9.dll MD5: 574b473facaa0e91702b86578440b525 C:\Windows\system32\kernel32.dll MD5: 953193a9dea40348c1086d171f6440ae C:\Windows\system32\kmddsp.tsp MD5: ca0b849566776a17f35f0339be17dfd9 c:\windows\system32\ktmw32.dll MD5: 35d40113e4a5b961b6ce5c5857702518 c:\windows\system32\lmhsvc.dll MD5: 63396cbb1365769d520e0fd89c2419f2 C:\Windows\System32\localspl.dll MD5: 178fac2b7c66e9a4400ce7ac37623e3f C:\Windows\system32\LSASRV.dll MD5: a3e186b4b935905b829219502557314e C:\Windows\System32\lsass.exe MD5: 09cc3cb9b87dd31a6ebfe5f9b99fdd4c C:\Windows\system32\Macromed\Flash\Flash32_11_3_300_271.ocx MD5: a9d3b95e8466bd58eeb8a1154654e162 C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe MD5: bf142d4f8c61ed3629a9cdd7ba867900 C:\Windows\System32\mfplat.dll MD5: b4f5de3dad8e6b97272f45db97674878 C:\Windows\System32\mgmtapi.dll MD5: 2e837f3d406224df131c34bc8f71621e C:\Windows\system32\modemui.dll MD5: 56e315acfb08a177b4d01e42b9044db5 C:\Windows\System32\MPRAPI.dll MD5: 7940c04ce581288a3498d57ec4ee47d2 C:\Windows\System32\msfeeds.dll MD5: 5e8e869e1342308752a37a2c90cca79d C:\Windows\system32\MSHTML.dll MD5: aab5feaabf4cb6f76d794203831c8d94 C:\Windows\system32\Msidle.dll MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll MD5: c52ce534397e1d3a442fb4c88a3cbe42 C:\Windows\System32\msonpmon.dll MD5: 5e41139ec6efbcaffd96d46925e544ab c:\windows\system32\mspatcha.dll MD5: abe9eea1eabea0711610a637a7b1c25d C:\Windows\system32\msprivs.dll MD5: 17af64d727545f2804f6e6d998327e3f C:\Windows\system32\msvcrt.dll MD5: 6abd253226770eae1292b4c945ed4b4b C:\Windows\System32\msxml3.dll MD5: 024528e25bbe8768536861ea09be1672 C:\Windows\System32\msxml6.dll MD5: 2fa16465f64db54b1f7f511395eb4fd7 C:\Windows\system32\NCObjAPI.DLL MD5: 188cc19108b0ebd6332d6628d4ede469 C:\Windows\system32\ncrypt.dll MD5: f4d9ed6bd74ad7cc0bec83c43a1cb76b c:\windows\system32\ncsi.dll MD5: 2f6776acefe41ee889c464ea407918f2 C:\Windows\system32\ndptsp.tsp MD5: 98b656eaf128cd06f625b09c84d959e1 C:\Windows\system32\NETAPI32.dll MD5: 6bc5fcef351e4cb5a269c1e84b5a06da C:\Windows\system32\netcfgx.dll MD5: 95daecf0fb120a7b5da679cc54e37dde C:\Windows\system32\netlogon.dll MD5: 4bf053944e973c073339be841c9ecf28 C:\Windows\System32\NETRAP.dll MD5: 2f4781f84c92e8c4b1586e47a78e8a61 C:\Windows\system32\npDeployJava1.dll MD5: 8bb86f0c7eea2bded6fe095d0b4ca9bd c:\windows\system32\nsisvc.dll MD5: dda770bbd7c2ed024d6f50e279d90e5b C:\Windows\system32\ntdll.dll MD5: 9586e7cb2255a8b097a7e4538202585e C:\Windows\system32\ole32.dll MD5: dc15ab7168c0309d8f04fd95b6240422 c:\windows\system32\OLEACC.dll MD5: b218342214d9bba0f54ea12ba2e9278c C:\Windows\system32\OLEAUT32.dll MD5: f0062778f50838145ac46b384ffb4fa3 C:\Windows\system32\pcadm.dll MD5: 21322832c99e8de85bd047689a2a69db C:\Windows\system32\pnpts.dll MD5: db551a68e81c9049ae050dc0729f3fed C:\Windows\system32\pots.dll MD5: e340845c8e96d107c36420065d7a5733 C:\Windows\system32\printcom.dll MD5: 429a7b2973a57b1ef405df270cf3f90c C:\Windows\system32\prnntfy.dll MD5: 08f9134a2215b7ed985409a4df60ac60 C:\Windows\system32\psbase.dll MD5: 6d01259214d1e815613eca3cd81679ec C:\Windows\system32\pstorsvc.dll MD5: c55d27c5a6b99fc8c40feb51b4dacd75 C:\Windows\system32\puiobj.dll MD5: 801f1e963f7eeffda3f9ef89db3ef133 C:\Windows\system32\radardt.dll MD5: 2dd6af8e97f59c9d39329bbc2a81f13f C:\Windows\System32\RASDLG.dll MD5: 88225070dd2f7b0b2ed51e7935078641 C:\Windows\system32\RASQEC.DLL MD5: b9f3ff52b84fd9e3cafb29b8ee385e5b C:\Windows\system32\RESUTILS.DLL MD5: c76672234d46fa1a81547f97332eb5d6 C:\Windows\system32\RtkAPO.dll MD5: 50e3e76b0901bb4fc029bb88bfa5ce79 C:\Windows\system32\schannel.dll MD5: 1a58069db21d05eb2ab58ee5753ebe8d c:\windows\system32\schedsvc.dll MD5: 0b883a187017547784420e0a855604d9 C:\Windows\system32\scrnsave.scr MD5: d602fedbd9155fc2ded6863fb60c950f c:\windows\system32\Secur32.dll MD5: 0a990afb9f2726323d61c8ecb8b70b17 C:\Windows\system32\security.dll MD5: 167ac31450c0c53a01fa1491e94d7678 C:\Windows\System32\shdocvw.dll MD5: aaf101900a23d75ae1ae00840fa6f3b8 C:\Windows\system32\SHELL32.dll MD5: 9176285122b7b849fec2aa1b72a8f7a8 C:\Windows\system32\SHLWAPI.dll MD5: c7230fbee14437716701c15be02c27b8 C:\Windows\system32\SHSVCS.dll MD5: 0be1d05f714dbad3d3a3d316a66555ce C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMDR97.DLL MD5: 391f6b1a6692c9ac97c0a733d7f2b405 C:\Windows\system32\spool\DRIVERS\W32X86\3\CNMUI97.DLL MD5: 1e35825eed687981f94aa15b2fe85deb C:\Windows\system32\spool\PRTPROCS\W32X86\CNMPD97.DLL MD5: 8554097e5136c3bf9f69fe578a1b35f4 C:\Windows\System32\spoolsv.exe MD5: bf7e4d6f60a6d9e866432855c6f8c262 c:\windows\system32\sqmapi.dll MD5: 1bf5eebfd518dd7298434d8c862f825d c:\windows\system32\srvsvc.dll MD5: 452341e471d2d961229dfe0842957272 C:\Windows\system32\SSCORE.DLL MD5: 365828e555e9479246efd9090c41c2d7 C:\Windows\System32\sti.dll MD5: b5950df243837d8217f4e597919b224a C:\Windows\system32\stobject.dll MD5: 71f5a7104fdf16c0ac5283a6ce666553 C:\Windows\system32\SYSNTFY.dll MD5: bfa034aac103d8a6f591ac9364688339 C:\Windows\system32\T2EMBED.DLL MD5: 2a6a2c09ecc2cb495628e45f1379ece8 C:\Windows\system32\taskcomp.dll MD5: 3d50c4b10352367d5cb20ed1f50f8da2 C:\Windows\System32\taskeng.exe MD5: 52e129522c1775dbb8cc252e7a0655c7 C:\Windows\system32\taskschd.dll MD5: cde36a70a5280fc0696e6e4363c4c71d C:\Windows\system32\TaskSchdPS.dll MD5: 5091452dc719281cf1dd69367e13b494 C:\Windows\System32\tcpmib.dll MD5: 8a38b5e8493a9d103083b8620ac5f3a1 C:\Windows\system32\tdh.dll MD5: f8873d15018f411588bec02c1725bada C:\Windows\system32\tspkg.dll MD5: e45051c374f845edf3db02a35ba13193 C:\Windows\system32\umb.dll MD5: 0b71899e60d1265229bf3d080eab573d C:\Windows\system32\unimdmat.dll MD5: dfbaadf1b624dc71e88d34d86b3595be C:\Windows\system32\uniplat.dll MD5: 667981f2e7c26275f0694b58eee303b9 C:\Windows\system32\urlmon.dll MD5: 0bf0bb276f17b6ad61a8694d2551ec28 C:\Windows\System32\usbmon.dll MD5: 80fff14f1757b9af8be9d314fc1ae88b C:\Windows\system32\USP10.dll MD5: dc3ae9f1554dcd97f90983ddbdacd83d C:\Windows\system32\vsstrace.dll MD5: f723422a11cd6fa13036746272200993 C:\Windows\system32\wbem\cimwin32.dll MD5: 83c2f5076e1b4a63c04f2b14ee7cad47 C:\Windows\system32\wbem\wbemdisp.dll MD5: 2c3b09e586bda2cc49a292be7badc589 C:\Windows\system32\wbem\wmiutils.dll MD5: e7d0f91e44d9d3b2116fa549bdcdb756 c:\windows\system32\WDSCORE.dll MD5: 5193de33f3284c447e0d31dafbf92570 c:\windows\system32\webcheck.dll MD5: 0745d6ead386710110817fbec03f5161 C:\Windows\system32\wfapigp.dll MD5: 73fe2e5fa55088a241aa2732f5d387d6 C:\Windows\system32\wiarpc.dll MD5: dbd02e3e6f061ebbbf9b99a9d7cba30b C:\Windows\System32\WINHTTP.dll MD5: 75a97a2c060e72ab49e071e08c7dd2ba C:\Windows\system32\WININET.dll MD5: 101ba3ea053480bb5d957ef37c06b5ed C:\Windows\System32\wininit.exe MD5: 14ff750efe13b0c21e5a06507c3a97b1 c:\windows\system32\WINMM.dll MD5: 5ec8fb83f31aa2d6f421f02c3f4f4475 c:\windows\system32\WINSPOOL.DRV MD5: d2293b069e4b63dc17b2f08d45e71124 C:\Windows\system32\winsrv.dll MD5: e253e5da1249a471d913f7ea4c81faf6 C:\Windows\system32\WINTRUST.dll MD5: 92283d9e33ec5f41ecc0b430b7459241 C:\Windows\system32\wls0wndh.dll MD5: 0727200f10320a6ba7e59433094fbba7 C:\Windows\system32\WMALFXGFXDSP.dll MD5: f0321da5203f1e71917f3b7a13dc4912 C:\Windows\system32\WMsgAPI.dll MD5: a9662bcf218bc76869a8d91635d5f93a C:\Windows\System32\Wpc.dll MD5: 1a617835452eee5060976c9b9f5fe635 C:\Windows\system32\wuapi.dll MD5: fc3ec24fce372c89423e015a2ac1a31e c:\windows\system32\wuaueng.dll MD5: 399bb52ad0668472717498e97cf28341 c:\windows\system32\WUDFPlatform.dll MD5: 1908cc7673f72601affdca022689cedf C:\Windows\system32\XmlLite.dll MD5: d5e459bed3db9cf7fc6cc1455f177d2d C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll MD5: 1f5afd468eb5e09e9ed75a087529eab5 C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL MD5: e2c48cd0132d4d1dc7d0df9a6bef686a C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL MD5: 28a09777d2d952122567a8a82f1a2c7b C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll MD5: 35acd5ea63d75e97dd0e9a1629e582b2 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\COMCTL32.dll MD5: be3c082837866c4c291adaf163c10ea6 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll MD5: 76eaef4ddebbc7c38853f586c0e91dce C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll No file uploaded. Scan finished - communication took 2 sec Total traffic - 0.02 MB sent, 1.49 KB recvd Scanned 921 files and modules - 32 seconds ==============================================================================
  5. Maurice, Windows Update was successful! Thank you, I really appreciate your help. Are there any final steps for me? Dave
  6. Maurice, thank you for the reply. I have tried what Firefox suggested. I do not see BITS in my list of services. And when I try to run the MS Fix-it tool I receive an error saying "trouble shooting cannot continue because an error has occured. Here are the msconfig services results: Look for COM+ Event System. Is it shown? Is it checked? If not, click on that checkbox to checkmark. checked Look for COM+ System Application. Is it shown? Is it checked? If not, click on that checkbox to checkmark. checked Look for Ipsec Policy Agent. Is it shown? Is it checked? If not, click on that checkbox to checkmark. checked Look for Remote Procedure Call (RPC) Locator. Is it shown ? Is it checked? If not, click on that checkbox to checkmark. checked Look for RPC Endpoint Mapper. Is it shown ? Is it checked? If not, click on that checkbox to checkmark. not shown Look for Windows Firewall. Is it shown ? Is it checked? If not, click on that checkbox to checkmark. checked Look for Windows Management Instrumentation. Is it shown ? Is it checked? If not, click on that checkbox to checkmark. checked Look for Windows Installer. Is it shown ? Is it checked? If not, click on that checkbox to checkmark. checked Look for Windows Update. Is it shown ? Is it checked? If not, click on that checkbox to checkmark. checked Here is the FSS.txt results: Farbar Service Scanner Version: 06-08-2012 Ran by Dave (administrator) on 20-08-2012 at 18:53:52 Running from "C:\Users\Dave\Desktop" Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ Windows Update: ============ BITS Service is not running. Checking service configuration: Checking Start type: ATTENTION!=====> Unable to retrieve start type of BITS. The value does not exist. The ImagePath of BITS service is OK. The ServiceDll of BITS service is OK. Windows Autoupdate Disabled Policy: ============================ Windows Defender: ============== WinDefend Service is not running. Checking service configuration: The start type of WinDefend service is set to Demand. The default start type is Auto. The ImagePath of WinDefend service is OK. The ServiceDll of WinDefend service is OK. Windows Defender Disabled Policy: ========================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=DWORD:1 Other Services: ============== File Check: ======== C:\Windows\system32\nsisvc.dll => MD5 is legit C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit C:\Windows\system32\dhcpcsvc.dll => MD5 is legit C:\Windows\system32\Drivers\afd.sys => MD5 is legit C:\Windows\system32\Drivers\tdx.sys => MD5 is legit C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit C:\Windows\system32\dnsrslvr.dll => MD5 is legit C:\Windows\system32\mpssvc.dll => MD5 is legit C:\Windows\system32\bfe.dll => MD5 is legit C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit C:\Windows\system32\SDRSVC.dll => MD5 is legit C:\Windows\system32\vssvc.exe => MD5 is legit C:\Windows\system32\wscsvc.dll => MD5 is legit C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\system32\wuaueng.dll => MD5 is legit C:\Windows\system32\qmgr.dll => MD5 is legit C:\Windows\system32\es.dll => MD5 is legit C:\Windows\system32\cryptsvc.dll => MD5 is legit C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit **** End of log ****
  7. Done. And thank you again for all of your help!
  8. I have recently had malware removed as outlined here: http://forums.malwar...howtopic=113811 It was recommended that I start a new topic in this forum. I am now unable to perform a Windows Update. There were 9 updates available, and they all failed and I got the following message: "Code 80246008 Windows Update encountered an unknown error" Any assistance will be greatly appreciated. Thanks in advance. Dave
  9. I would definitely like to do that. What do I need to do? Thanks.
  10. Hi again Chris. After posting the message above I attempted to do a Windows Update as you suggested. There were 9 updates available, and they all failed and I got the following message: "Code 80246008 Windows Update encountered an unknown error" Most of the updates are security updates, so I'd like to get them installed obviously. I tried to look up more info about the error code but couldn't find any helpful info. Any suggestions? Dave
  11. Hi Chris, I've been away, but wanted to thank you so much for all of your assistance and advice. I really appreciate it. Dave
  12. Chris, I have installed MS Security Essentials as you recommended earlier, thanks again for that. I have performed all steps in your last post. I was unable to install one of the Windows updates (a Windows Defender update), but after installing MS Security Essentials, Windows Update is no longer showing that as an outstanding update. As well, I was unable to install IE9 via Windows Update, so I installed it via MS website. I re-ran Malwarebytes Quick Scan and it came up clean. It only took about 4 minutes to run, whereas in the past it took 20-30 minutes. Does this make sense? Are there any next steps for me? Things seem to be running smoothly, and I appreciate every bit of help you've provided. Dave
  13. Chris, are there any next steps for me based on my post above? I ran a Malwarebytes Quick Scan and it came up clean. Please let me know, thanks. Dave
  14. Chris, again thank you for your reply. Below are TDSKiller log, ESET Online Scanner results, and Security Check log: 14:40:39.0652 6132 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 14:40:40.0042 6132 ============================================================ 14:40:40.0042 6132 Current date / time: 2012/08/08 14:40:40.0042 14:40:40.0042 6132 SystemInfo: 14:40:40.0042 6132 14:40:40.0042 6132 OS Version: 6.0.6002 ServicePack: 2.0 14:40:40.0042 6132 Product type: Workstation 14:40:40.0042 6132 ComputerName: DAVE-PC 14:40:40.0042 6132 UserName: Dave 14:40:40.0042 6132 Windows directory: C:\Windows 14:40:40.0042 6132 System windows directory: C:\Windows 14:40:40.0042 6132 Processor architecture: Intel x86 14:40:40.0042 6132 Number of processors: 4 14:40:40.0042 6132 Page size: 0x1000 14:40:40.0042 6132 Boot type: Normal boot 14:40:40.0042 6132 ============================================================ 14:40:41.0696 6132 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 14:40:41.0696 6132 ============================================================ 14:40:41.0696 6132 \Device\Harddisk0\DR0: 14:40:41.0696 6132 MBR partitions: 14:40:41.0696 6132 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000 14:40:41.0696 6132 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x38F6A000 14:40:41.0696 6132 ============================================================ 14:40:41.0727 6132 C: <-> \Device\Harddisk0\DR0\Partition1 14:40:41.0774 6132 D: <-> \Device\Harddisk0\DR0\Partition0 14:40:41.0774 6132 ============================================================ 14:40:41.0774 6132 Initialize success 14:40:41.0774 6132 ============================================================ 14:40:44.0753 6024 ============================================================ 14:40:44.0753 6024 Scan started 14:40:44.0753 6024 Mode: Manual; 14:40:44.0753 6024 ============================================================ 14:40:47.0436 6024 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 14:40:47.0436 6024 ACPI - ok 14:40:47.0577 6024 AdobeActiveFileMonitor5.0 (63ab43534cbf5d7f3eb81dfdc8161490) C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe 14:40:47.0577 6024 AdobeActiveFileMonitor5.0 - ok 14:40:47.0670 6024 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 14:40:47.0670 6024 AdobeFlashPlayerUpdateSvc - ok 14:40:47.0733 6024 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys 14:40:47.0733 6024 adp94xx - ok 14:40:47.0764 6024 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys 14:40:47.0764 6024 adpahci - ok 14:40:47.0780 6024 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys 14:40:47.0780 6024 adpu160m - ok 14:40:47.0795 6024 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys 14:40:47.0795 6024 adpu320 - ok 14:40:47.0858 6024 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll 14:40:47.0858 6024 AeLookupSvc - ok 14:40:47.0920 6024 AERTFilters (330a1e4df07c2e29949ed8631cd8828e) C:\Windows\system32\AERTSrv.exe 14:40:47.0920 6024 AERTFilters - ok 14:40:48.0029 6024 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 14:40:48.0060 6024 AFD - ok 14:40:48.0138 6024 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys 14:40:48.0138 6024 agp440 - ok 14:40:48.0185 6024 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 14:40:48.0185 6024 aic78xx - ok 14:40:48.0201 6024 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe 14:40:48.0201 6024 ALG - ok 14:40:48.0216 6024 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys 14:40:48.0216 6024 aliide - ok 14:40:48.0263 6024 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys 14:40:48.0263 6024 amdagp - ok 14:40:48.0279 6024 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys 14:40:48.0279 6024 amdide - ok 14:40:48.0310 6024 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys 14:40:48.0310 6024 AmdK7 - ok 14:40:48.0341 6024 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys 14:40:48.0341 6024 AmdK8 - ok 14:40:48.0357 6024 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll 14:40:48.0357 6024 Appinfo - ok 14:40:48.0591 6024 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:40:48.0591 6024 Apple Mobile Device - ok 14:40:48.0638 6024 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys 14:40:48.0653 6024 arc - ok 14:40:48.0684 6024 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys 14:40:48.0684 6024 arcsas - ok 14:40:48.0731 6024 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 14:40:48.0731 6024 AsyncMac - ok 14:40:48.0762 6024 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 14:40:48.0762 6024 atapi - ok 14:40:48.0825 6024 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 14:40:48.0825 6024 AudioEndpointBuilder - ok 14:40:48.0825 6024 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 14:40:48.0825 6024 Audiosrv - ok 14:40:48.0918 6024 bdfsfltr (9b281f5f673cbc5b9ec886d59e0b4f26) C:\Windows\system32\drivers\bdfsfltr.sys 14:40:48.0918 6024 bdfsfltr - ok 14:40:48.0934 6024 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 14:40:48.0950 6024 Beep - ok 14:40:49.0090 6024 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll 14:40:49.0090 6024 BFE - ok 14:40:49.0152 6024 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys 14:40:49.0152 6024 blbdrive - ok 14:40:49.0308 6024 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 14:40:49.0324 6024 Bonjour Service - ok 14:40:49.0386 6024 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 14:40:49.0386 6024 bowser - ok 14:40:49.0402 6024 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 14:40:49.0402 6024 BrFiltLo - ok 14:40:49.0418 6024 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 14:40:49.0418 6024 BrFiltUp - ok 14:40:49.0433 6024 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll 14:40:49.0433 6024 Browser - ok 14:40:49.0496 6024 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 14:40:49.0496 6024 Brserid - ok 14:40:49.0527 6024 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 14:40:49.0527 6024 BrSerWdm - ok 14:40:49.0558 6024 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 14:40:49.0558 6024 BrUsbMdm - ok 14:40:49.0558 6024 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 14:40:49.0558 6024 BrUsbSer - ok 14:40:49.0620 6024 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 14:40:49.0620 6024 BTHMODEM - ok 14:40:49.0776 6024 catchme - ok 14:40:49.0808 6024 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 14:40:49.0808 6024 cdfs - ok 14:40:49.0870 6024 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 14:40:49.0870 6024 cdrom - ok 14:40:49.0964 6024 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 14:40:49.0964 6024 CertPropSvc - ok 14:40:49.0979 6024 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys 14:40:49.0979 6024 circlass - ok 14:40:50.0042 6024 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 14:40:50.0042 6024 CLFS - ok 14:40:50.0135 6024 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:40:50.0151 6024 clr_optimization_v2.0.50727_32 - ok 14:40:50.0276 6024 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:40:50.0276 6024 clr_optimization_v4.0.30319_32 - ok 14:40:50.0291 6024 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys 14:40:50.0291 6024 cmdide - ok 14:40:50.0291 6024 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys 14:40:50.0291 6024 Compbatt - ok 14:40:50.0307 6024 COMSysApp - ok 14:40:50.0463 6024 cpuz134 - ok 14:40:50.0478 6024 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys 14:40:50.0478 6024 crcdisk - ok 14:40:50.0510 6024 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys 14:40:50.0510 6024 Crusoe - ok 14:40:50.0556 6024 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll 14:40:50.0556 6024 CryptSvc - ok 14:40:50.0603 6024 DCamUSBSQTECH (12e0a4134d5fd9914b965aa5aaa49e8f) C:\Windows\system32\Drivers\SQcaptur.sys 14:40:50.0603 6024 DCamUSBSQTECH - ok 14:40:50.0666 6024 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 14:40:50.0681 6024 DcomLaunch - ok 14:40:50.0728 6024 DefragFS (65c7122d1115a4e1db3e8c11df919a40) C:\Windows\system32\drivers\DefragFS.sys 14:40:50.0744 6024 DefragFS - ok 14:40:50.0775 6024 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 14:40:50.0790 6024 DfsC - ok 14:40:50.0900 6024 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe 14:40:50.0915 6024 DFSR - ok 14:40:51.0087 6024 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll 14:40:51.0102 6024 Dhcp - ok 14:40:51.0180 6024 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 14:40:51.0180 6024 disk - ok 14:40:51.0243 6024 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll 14:40:51.0243 6024 Dnscache - ok 14:40:51.0383 6024 DockLoginService (db29915209770d8b59654345ec2d943a) C:\Program Files\Dell\DellDock\DockLogin.exe 14:40:51.0383 6024 DockLoginService - ok 14:40:51.0414 6024 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll 14:40:51.0414 6024 dot3svc - ok 14:40:51.0477 6024 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll 14:40:51.0492 6024 DPS - ok 14:40:51.0555 6024 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 14:40:51.0555 6024 drmkaud - ok 14:40:51.0602 6024 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 14:40:51.0617 6024 DXGKrnl - ok 14:40:51.0648 6024 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys 14:40:51.0648 6024 e1express - ok 14:40:51.0711 6024 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys 14:40:51.0711 6024 E1G60 - ok 14:40:51.0773 6024 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll 14:40:51.0773 6024 EapHost - ok 14:40:51.0851 6024 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 14:40:51.0851 6024 Ecache - ok 14:40:51.0898 6024 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe 14:40:51.0898 6024 ehRecvr - ok 14:40:51.0914 6024 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe 14:40:51.0914 6024 ehSched - ok 14:40:51.0929 6024 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll 14:40:51.0929 6024 ehstart - ok 14:40:51.0960 6024 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys 14:40:51.0976 6024 elxstor - ok 14:40:52.0054 6024 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll 14:40:52.0054 6024 EMDMgmt - ok 14:40:52.0101 6024 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys 14:40:52.0101 6024 ErrDev - ok 14:40:52.0148 6024 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll 14:40:52.0148 6024 EventSystem - ok 14:40:52.0179 6024 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 14:40:52.0194 6024 exfat - ok 14:40:52.0226 6024 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 14:40:52.0226 6024 fastfat - ok 14:40:52.0257 6024 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 14:40:52.0257 6024 fdc - ok 14:40:52.0257 6024 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll 14:40:52.0257 6024 fdPHost - ok 14:40:52.0257 6024 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll 14:40:52.0257 6024 FDResPub - ok 14:40:52.0319 6024 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 14:40:52.0319 6024 FileInfo - ok 14:40:52.0350 6024 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 14:40:52.0350 6024 Filetrace - ok 14:40:52.0350 6024 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys 14:40:52.0350 6024 flpydisk - ok 14:40:52.0413 6024 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 14:40:52.0428 6024 FltMgr - ok 14:40:52.0553 6024 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll 14:40:52.0553 6024 FontCache - ok 14:40:52.0662 6024 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 14:40:52.0662 6024 FontCache3.0.0.0 - ok 14:40:52.0709 6024 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys 14:40:52.0725 6024 Fs_Rec - ok 14:40:52.0725 6024 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys 14:40:52.0725 6024 gagp30kx - ok 14:40:52.0787 6024 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 14:40:52.0787 6024 GEARAspiWDM - ok 14:40:52.0928 6024 GoogleDesktopManager-092308-165331 (9e37e0c528e1e3a79e215b6a4eea2143) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 14:40:52.0928 6024 GoogleDesktopManager-092308-165331 - ok 14:40:52.0974 6024 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe 14:40:52.0974 6024 GoToAssist - ok 14:40:53.0115 6024 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll 14:40:53.0115 6024 gpsvc - ok 14:40:53.0177 6024 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 14:40:53.0177 6024 HDAudBus - ok 14:40:53.0208 6024 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 14:40:53.0208 6024 HidBth - ok 14:40:53.0224 6024 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 14:40:53.0224 6024 HidIr - ok 14:40:53.0255 6024 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll 14:40:53.0271 6024 hidserv - ok 14:40:53.0286 6024 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 14:40:53.0286 6024 HidUsb - ok 14:40:53.0318 6024 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll 14:40:53.0318 6024 hkmsvc - ok 14:40:53.0364 6024 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys 14:40:53.0364 6024 HpCISSs - ok 14:40:53.0396 6024 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 14:40:53.0396 6024 HTTP - ok 14:40:53.0411 6024 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys 14:40:53.0411 6024 i2omp - ok 14:40:53.0474 6024 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 14:40:53.0474 6024 i8042prt - ok 14:40:53.0552 6024 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys 14:40:53.0552 6024 iaStor - ok 14:40:53.0583 6024 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys 14:40:53.0583 6024 iaStorV - ok 14:40:53.0692 6024 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 14:40:53.0708 6024 idsvc - ok 14:40:53.0832 6024 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys 14:40:53.0848 6024 igfx - ok 14:40:53.0942 6024 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 14:40:53.0942 6024 iirsp - ok 14:40:53.0988 6024 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll 14:40:53.0988 6024 IKEEXT - ok 14:40:54.0144 6024 IntcAzAudAddService (4eae74c8bcbca309a5d7cbad7e231427) C:\Windows\system32\drivers\RTKVHDA.sys 14:40:54.0160 6024 IntcAzAudAddService - ok 14:40:54.0238 6024 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\DRIVERS\intelide.sys 14:40:54.0238 6024 intelide - ok 14:40:54.0300 6024 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 14:40:54.0300 6024 intelppm - ok 14:40:54.0332 6024 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll 14:40:54.0332 6024 IPBusEnum - ok 14:40:54.0347 6024 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:40:54.0363 6024 IpFilterDriver - ok 14:40:54.0425 6024 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll 14:40:54.0425 6024 iphlpsvc - ok 14:40:54.0425 6024 IpInIp - ok 14:40:54.0456 6024 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys 14:40:54.0456 6024 IPMIDRV - ok 14:40:54.0472 6024 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 14:40:54.0472 6024 IPNAT - ok 14:40:54.0612 6024 iPod Service (e6be7a41a28d8f2db174957454d32448) C:\Program Files\iPod\bin\iPodService.exe 14:40:54.0612 6024 iPod Service - ok 14:40:54.0628 6024 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 14:40:54.0628 6024 IRENUM - ok 14:40:54.0659 6024 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys 14:40:54.0659 6024 isapnp - ok 14:40:54.0706 6024 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 14:40:54.0722 6024 iScsiPrt - ok 14:40:54.0753 6024 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 14:40:54.0753 6024 iteatapi - ok 14:40:54.0800 6024 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 14:40:54.0800 6024 iteraid - ok 14:40:54.0940 6024 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 14:40:54.0940 6024 kbdclass - ok 14:40:55.0049 6024 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 14:40:55.0049 6024 kbdhid - ok 14:40:55.0143 6024 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 14:40:55.0143 6024 KeyIso - ok 14:40:55.0283 6024 KSecDD (4a1445efa932a3baf5bdb02d7131ee20) C:\Windows\system32\Drivers\ksecdd.sys 14:40:55.0299 6024 KSecDD - ok 14:40:55.0361 6024 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll 14:40:55.0361 6024 KtmRm - ok 14:40:55.0408 6024 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll 14:40:55.0408 6024 LanmanServer - ok 14:40:55.0486 6024 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll 14:40:55.0486 6024 LanmanWorkstation - ok 14:40:55.0642 6024 Lavasoft Ad-Aware Service (5ee22a614300a61136faf2d047d6e927) C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe 14:40:55.0658 6024 Lavasoft Ad-Aware Service - ok 14:40:55.0814 6024 Lbd (336abe8721cbc3110f1c6426da633417) C:\Windows\system32\DRIVERS\Lbd.sys 14:40:55.0814 6024 Lbd - ok 14:40:55.0845 6024 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 14:40:55.0845 6024 lltdio - ok 14:40:55.0892 6024 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll 14:40:55.0892 6024 lltdsvc - ok 14:40:55.0923 6024 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll 14:40:55.0923 6024 lmhosts - ok 14:40:55.0970 6024 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys 14:40:55.0970 6024 LSI_FC - ok 14:40:55.0970 6024 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys 14:40:55.0985 6024 LSI_SAS - ok 14:40:56.0001 6024 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys 14:40:56.0001 6024 LSI_SCSI - ok 14:40:56.0016 6024 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 14:40:56.0016 6024 luafv - ok 14:40:56.0032 6024 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll 14:40:56.0032 6024 Mcx2Svc - ok 14:40:56.0110 6024 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys 14:40:56.0110 6024 megasas - ok 14:40:56.0157 6024 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys 14:40:56.0157 6024 MegaSR - ok 14:40:56.0172 6024 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 14:40:56.0172 6024 MMCSS - ok 14:40:56.0204 6024 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 14:40:56.0204 6024 Modem - ok 14:40:56.0235 6024 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 14:40:56.0235 6024 monitor - ok 14:40:56.0266 6024 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 14:40:56.0266 6024 mouclass - ok 14:40:56.0282 6024 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 14:40:56.0282 6024 mouhid - ok 14:40:56.0282 6024 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 14:40:56.0282 6024 MountMgr - ok 14:40:56.0344 6024 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys 14:40:56.0344 6024 mpio - ok 14:40:56.0391 6024 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 14:40:56.0391 6024 mpsdrv - ok 14:40:56.0484 6024 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll 14:40:56.0484 6024 MpsSvc - ok 14:40:56.0516 6024 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 14:40:56.0516 6024 Mraid35x - ok 14:40:56.0562 6024 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 14:40:56.0562 6024 MRxDAV - ok 14:40:56.0609 6024 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:40:56.0609 6024 mrxsmb - ok 14:40:56.0640 6024 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:40:56.0640 6024 mrxsmb10 - ok 14:40:56.0672 6024 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:40:56.0672 6024 mrxsmb20 - ok 14:40:56.0687 6024 msahci (f70590424eefbf5c27a40c67afdb8383) C:\Windows\system32\drivers\msahci.sys 14:40:56.0687 6024 msahci - ok 14:40:56.0703 6024 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys 14:40:56.0703 6024 msdsm - ok 14:40:56.0750 6024 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe 14:40:56.0750 6024 MSDTC - ok 14:40:56.0796 6024 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 14:40:56.0796 6024 Msfs - ok 14:40:56.0859 6024 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 14:40:56.0859 6024 msisadrv - ok 14:40:56.0906 6024 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll 14:40:56.0906 6024 MSiSCSI - ok 14:40:56.0906 6024 msiserver - ok 14:40:56.0952 6024 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 14:40:56.0952 6024 MSKSSRV - ok 14:40:56.0968 6024 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 14:40:56.0968 6024 MSPCLOCK - ok 14:40:56.0984 6024 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 14:40:56.0984 6024 MSPQM - ok 14:40:56.0999 6024 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 14:40:57.0015 6024 MsRPC - ok 14:40:57.0015 6024 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 14:40:57.0030 6024 mssmbios - ok 14:40:57.0030 6024 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 14:40:57.0030 6024 MSTEE - ok 14:40:57.0046 6024 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 14:40:57.0046 6024 Mup - ok 14:40:57.0140 6024 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll 14:40:57.0140 6024 napagent - ok 14:40:57.0218 6024 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 14:40:57.0218 6024 NativeWifiP - ok 14:40:57.0264 6024 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 14:40:57.0280 6024 NDIS - ok 14:40:57.0296 6024 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 14:40:57.0296 6024 NdisTapi - ok 14:40:57.0311 6024 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 14:40:57.0311 6024 Ndisuio - ok 14:40:57.0358 6024 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 14:40:57.0358 6024 NdisWan - ok 14:40:57.0389 6024 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 14:40:57.0389 6024 NDProxy - ok 14:40:57.0389 6024 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 14:40:57.0389 6024 NetBIOS - ok 14:40:57.0420 6024 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 14:40:57.0420 6024 netbt - ok 14:40:57.0452 6024 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 14:40:57.0452 6024 Netlogon - ok 14:40:57.0483 6024 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll 14:40:57.0483 6024 Netman - ok 14:40:57.0498 6024 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll 14:40:57.0514 6024 netprofm - ok 14:40:57.0608 6024 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:40:57.0608 6024 NetTcpPortSharing - ok 14:40:57.0623 6024 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 14:40:57.0623 6024 nfrd960 - ok 14:40:57.0654 6024 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll 14:40:57.0654 6024 NlaSvc - ok 14:40:57.0701 6024 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 14:40:57.0701 6024 Npfs - ok 14:40:57.0732 6024 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll 14:40:57.0732 6024 nsi - ok 14:40:57.0748 6024 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 14:40:57.0748 6024 nsiproxy - ok 14:40:57.0920 6024 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 14:40:57.0951 6024 Ntfs - ok 14:40:57.0998 6024 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 14:40:57.0998 6024 ntrigdigi - ok 14:40:58.0060 6024 NuidFltr (e8717d9b0d1919cadafd8896a8e23e17) C:\Windows\system32\DRIVERS\NuidFltr.sys 14:40:58.0060 6024 NuidFltr - ok 14:40:58.0107 6024 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 14:40:58.0107 6024 Null - ok 14:40:58.0138 6024 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys 14:40:58.0138 6024 nvraid - ok 14:40:58.0154 6024 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys 14:40:58.0154 6024 nvstor - ok 14:40:58.0247 6024 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys 14:40:58.0247 6024 nv_agp - ok 14:40:58.0263 6024 NwlnkFlt - ok 14:40:58.0263 6024 NwlnkFwd - ok 14:40:58.0419 6024 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 14:40:58.0434 6024 odserv - ok 14:40:58.0466 6024 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 14:40:58.0466 6024 ohci1394 - ok 14:40:58.0528 6024 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:40:58.0528 6024 ose - ok 14:40:58.0575 6024 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 14:40:58.0590 6024 p2pimsvc - ok 14:40:58.0590 6024 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 14:40:58.0590 6024 p2psvc - ok 14:40:58.0668 6024 papycpu2 (f5cf06754ae54d9d3353fc9c59bc4e04) C:\Windows\System32\DRIVERS\papycpu2.sys 14:40:58.0668 6024 papycpu2 - ok 14:40:58.0731 6024 papyjoy (b09a71e8e1e127455f3a2fe83d38851f) C:\Windows\System32\DRIVERS\papyjoy.sys 14:40:58.0731 6024 papyjoy - ok 14:40:58.0762 6024 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 14:40:58.0762 6024 Parport - ok 14:40:58.0809 6024 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys 14:40:58.0809 6024 partmgr - ok 14:40:58.0887 6024 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 14:40:58.0887 6024 Parvdm - ok 14:40:58.0965 6024 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll 14:40:58.0965 6024 PcaSvc - ok 14:40:58.0996 6024 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 14:40:58.0996 6024 pci - ok 14:40:59.0043 6024 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 14:40:59.0043 6024 pciide - ok 14:40:59.0074 6024 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 14:40:59.0074 6024 pcmcia - ok 14:40:59.0136 6024 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys 14:40:59.0136 6024 pcouffin - ok 14:40:59.0230 6024 PDAgent (82d8354db7ce7131fb939e8482ddf511) C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe 14:40:59.0246 6024 PDAgent - ok 14:40:59.0386 6024 PDEngine (3719de4180e251ab91d8c183f2d949bf) C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe 14:40:59.0386 6024 PDEngine - ok 14:40:59.0526 6024 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 14:40:59.0526 6024 PEAUTH - ok 14:40:59.0589 6024 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll 14:40:59.0604 6024 pla - ok 14:40:59.0667 6024 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll 14:40:59.0667 6024 PlugPlay - ok 14:40:59.0698 6024 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 14:40:59.0714 6024 PNRPAutoReg - ok 14:40:59.0714 6024 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 14:40:59.0729 6024 PNRPsvc - ok 14:40:59.0823 6024 Point32 (e56e57cfb75b1ee2bb001ad036c27fbb) C:\Windows\system32\DRIVERS\point32k.sys 14:40:59.0823 6024 Point32 - ok 14:40:59.0870 6024 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll 14:40:59.0870 6024 PolicyAgent - ok 14:40:59.0916 6024 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 14:40:59.0916 6024 PptpMiniport - ok 14:40:59.0948 6024 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys 14:40:59.0948 6024 Processor - ok 14:41:00.0104 6024 Profos (d90a33660d328a9f587580f0b38c85de) C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\profos.sys 14:41:00.0104 6024 Profos - ok 14:41:00.0182 6024 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll 14:41:00.0197 6024 ProfSvc - ok 14:41:00.0228 6024 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 14:41:00.0228 6024 ProtectedStorage - ok 14:41:00.0665 6024 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 14:41:00.0665 6024 PSched - ok 14:41:00.0993 6024 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\Windows\system32\Drivers\PxHelp20.sys 14:41:00.0993 6024 PxHelp20 - ok 14:41:01.0227 6024 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys 14:41:01.0227 6024 ql2300 - ok 14:41:01.0242 6024 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 14:41:01.0242 6024 ql40xx - ok 14:41:01.0305 6024 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll 14:41:01.0305 6024 QWAVE - ok 14:41:01.0320 6024 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 14:41:01.0320 6024 QWAVEdrv - ok 14:41:01.0414 6024 R300 (e642b131fb74caf4bb8a014f31113142) C:\Windows\system32\DRIVERS\atikmdag.sys 14:41:01.0414 6024 R300 - ok 14:41:01.0554 6024 Radialpoint Security Services (6dceffad9f0a9ab4fbfefc044c2ea0ed) C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe 14:41:01.0554 6024 Radialpoint Security Services - ok 14:41:01.0773 6024 RadialpointIDSAgent (c4890ace6384522e9b678f403ab5a145) C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe 14:41:01.0804 6024 RadialpointIDSAgent - ok 14:41:01.0866 6024 RadialpointIDSDriver (bdbed9fc165faf04be644ec212ba4603) C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys 14:41:01.0882 6024 RadialpointIDSDriver - ok 14:41:01.0976 6024 RadialpointIDSEH (ab37408508b9754e657ec3a7d8af9e5c) C:\Windows\system32\drivers\AVGIDSEH.sys 14:41:01.0976 6024 RadialpointIDSEH - ok 14:41:02.0007 6024 RadialpointIDSFilter (a6c0c7d9da55e5c3dd9c62b11916586b) C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSFilter.sys 14:41:02.0007 6024 RadialpointIDSFilter - ok 14:41:02.0038 6024 RadialpointIDSShim (a79eeb6feace017928581ef13d573745) C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys 14:41:02.0038 6024 RadialpointIDSShim - ok 14:41:02.0069 6024 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 14:41:02.0069 6024 RasAcd - ok 14:41:02.0085 6024 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll 14:41:02.0085 6024 RasAuto - ok 14:41:02.0100 6024 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:41:02.0100 6024 Rasl2tp - ok 14:41:02.0147 6024 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll 14:41:02.0147 6024 RasMan - ok 14:41:02.0194 6024 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 14:41:02.0194 6024 RasPppoe - ok 14:41:02.0256 6024 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 14:41:02.0256 6024 RasSstp - ok 14:41:02.0303 6024 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 14:41:02.0303 6024 rdbss - ok 14:41:02.0319 6024 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:41:02.0319 6024 RDPCDD - ok 14:41:02.0350 6024 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys 14:41:02.0366 6024 rdpdr - ok 14:41:02.0366 6024 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 14:41:02.0366 6024 RDPENCDD - ok 14:41:02.0412 6024 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys 14:41:02.0412 6024 RDPWD - ok 14:41:02.0459 6024 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll 14:41:02.0459 6024 RemoteAccess - ok 14:41:02.0506 6024 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll 14:41:02.0506 6024 RemoteRegistry - ok 14:41:02.0584 6024 RimUsb (4f4a4c09cc5be58a76cac1c337e004e6) C:\Windows\system32\Drivers\RimUsb.sys 14:41:02.0584 6024 RimUsb - ok 14:41:02.0631 6024 RimVSerPort (3a5633ad615e2b15291bd0b1b97ccd8a) C:\Windows\system32\DRIVERS\RimSerial.sys 14:41:02.0631 6024 RimVSerPort - ok 14:41:02.0662 6024 ROOTMODEM (75e8a6bfa7374aba833ae92bf41ae4e6) C:\Windows\system32\Drivers\RootMdm.sys 14:41:02.0662 6024 ROOTMODEM - ok 14:41:02.0678 6024 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe 14:41:02.0678 6024 RpcLocator - ok 14:41:02.0724 6024 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 14:41:02.0724 6024 RpcSs - ok 14:41:02.0771 6024 RPPKT (b7e136986bb3dac249a00e760281f0a9) C:\Windows\system32\DRIVERS\rp_pkt32.sys 14:41:02.0771 6024 RPPKT - ok 14:41:02.0834 6024 RPSKT (750d83c39d60964b6bc2b8a75ed7a165) C:\Windows\system32\DRIVERS\rp_skt32.sys 14:41:02.0834 6024 RPSKT - ok 14:41:02.0958 6024 RP_FWS (3fc8401df4ee3c257569cd50f2ff2f0d) C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe 14:41:02.0958 6024 RP_FWS - ok 14:41:02.0990 6024 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 14:41:02.0990 6024 rspndr - ok 14:41:03.0021 6024 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 14:41:03.0021 6024 SamSs - ok 14:41:03.0052 6024 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 14:41:03.0052 6024 sbp2port - ok 14:41:03.0130 6024 scan (4bea90f7d79143cc2135e2c5e85c9eb0) C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\scan.dll 14:41:03.0130 6024 scan - ok 14:41:03.0224 6024 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll 14:41:03.0224 6024 SCardSvr - ok 14:41:03.0270 6024 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll 14:41:03.0270 6024 Schedule - ok 14:41:03.0317 6024 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 14:41:03.0317 6024 SCPolicySvc - ok 14:41:03.0348 6024 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll 14:41:03.0364 6024 SDRSVC - ok 14:41:03.0411 6024 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 14:41:03.0411 6024 secdrv - ok 14:41:03.0426 6024 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll 14:41:03.0426 6024 seclogon - ok 14:41:03.0442 6024 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll 14:41:03.0442 6024 SENS - ok 14:41:03.0458 6024 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 14:41:03.0458 6024 Serenum - ok 14:41:03.0489 6024 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 14:41:03.0489 6024 Serial - ok 14:41:03.0504 6024 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 14:41:03.0504 6024 sermouse - ok 14:41:03.0660 6024 ServicepointService (47c274b918dfa3de8e25e902568cbea6) C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe 14:41:03.0676 6024 ServicepointService - ok 14:41:03.0692 6024 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll 14:41:03.0692 6024 SessionEnv - ok 14:41:03.0707 6024 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys 14:41:03.0707 6024 sffdisk - ok 14:41:03.0738 6024 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys 14:41:03.0738 6024 sffp_mmc - ok 14:41:03.0754 6024 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys 14:41:03.0754 6024 sffp_sd - ok 14:41:03.0770 6024 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 14:41:03.0770 6024 sfloppy - ok 14:41:03.0863 6024 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll 14:41:03.0863 6024 SharedAccess - ok 14:41:03.0910 6024 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll 14:41:03.0926 6024 ShellHWDetection - ok 14:41:03.0926 6024 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys 14:41:03.0941 6024 sisagp - ok 14:41:03.0957 6024 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys 14:41:03.0957 6024 SiSRaid2 - ok 14:41:03.0972 6024 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys 14:41:03.0972 6024 SiSRaid4 - ok 14:41:04.0066 6024 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe 14:41:04.0066 6024 SkypeUpdate - ok 14:41:04.0191 6024 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe 14:41:04.0222 6024 slsvc - ok 14:41:04.0316 6024 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll 14:41:04.0331 6024 SLUINotify - ok 14:41:04.0409 6024 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 14:41:04.0409 6024 Smb - ok 14:41:04.0440 6024 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe 14:41:04.0456 6024 SNMPTRAP - ok 14:41:04.0472 6024 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 14:41:04.0472 6024 spldr - ok 14:41:04.0503 6024 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe 14:41:04.0518 6024 Spooler - ok 14:41:04.0565 6024 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 14:41:04.0565 6024 srv - ok 14:41:04.0612 6024 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 14:41:04.0612 6024 srv2 - ok 14:41:04.0659 6024 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 14:41:04.0659 6024 srvnet - ok 14:41:04.0674 6024 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll 14:41:04.0690 6024 SSDPSRV - ok 14:41:04.0752 6024 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll 14:41:04.0752 6024 SstpSvc - ok 14:41:04.0768 6024 StarOpen - ok 14:41:04.0846 6024 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll 14:41:04.0846 6024 stisvc - ok 14:41:05.0033 6024 stllssvr (1d0063597c3666404fcf97698abeb019) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe 14:41:05.0033 6024 stllssvr - ok 14:41:05.0064 6024 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 14:41:05.0064 6024 swenum - ok 14:41:05.0111 6024 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll 14:41:05.0127 6024 swprv - ok 14:41:05.0142 6024 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 14:41:05.0142 6024 Symc8xx - ok 14:41:05.0158 6024 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 14:41:05.0158 6024 Sym_hi - ok 14:41:05.0174 6024 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 14:41:05.0174 6024 Sym_u3 - ok 14:41:05.0283 6024 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll 14:41:05.0283 6024 SysMain - ok 14:41:05.0314 6024 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll 14:41:05.0314 6024 TabletInputService - ok 14:41:05.0361 6024 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll 14:41:05.0361 6024 TapiSrv - ok 14:41:05.0376 6024 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll 14:41:05.0376 6024 TBS - ok 14:41:05.0439 6024 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys 14:41:05.0439 6024 Tcpip - ok 14:41:05.0454 6024 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys 14:41:05.0454 6024 Tcpip6 - ok 14:41:05.0501 6024 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 14:41:05.0501 6024 tcpipreg - ok 14:41:05.0517 6024 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 14:41:05.0517 6024 TDPIPE - ok 14:41:05.0532 6024 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 14:41:05.0532 6024 TDTCP - ok 14:41:05.0579 6024 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 14:41:05.0579 6024 tdx - ok 14:41:05.0610 6024 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 14:41:05.0610 6024 TermDD - ok 14:41:05.0657 6024 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll 14:41:05.0657 6024 TermService - ok 14:41:05.0704 6024 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll 14:41:05.0704 6024 Themes - ok 14:41:05.0735 6024 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 14:41:05.0735 6024 THREADORDER - ok 14:41:05.0766 6024 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll 14:41:05.0766 6024 TrkWks - ok 14:41:05.0922 6024 Trufos (b16d66a71de03285e14e9f165b59eda4) C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\trufos.sys 14:41:05.0922 6024 Trufos - ok 14:41:06.0000 6024 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe 14:41:06.0000 6024 TrustedInstaller - ok 14:41:06.0032 6024 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:41:06.0032 6024 tssecsrv - ok 14:41:06.0078 6024 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 14:41:06.0078 6024 tunmp - ok 14:41:06.0125 6024 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 14:41:06.0125 6024 tunnel - ok 14:41:06.0156 6024 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys 14:41:06.0156 6024 uagp35 - ok 14:41:06.0219 6024 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 14:41:06.0219 6024 udfs - ok 14:41:06.0234 6024 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe 14:41:06.0250 6024 UI0Detect - ok 14:41:06.0281 6024 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys 14:41:06.0281 6024 uliagpkx - ok 14:41:06.0297 6024 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys 14:41:06.0312 6024 uliahci - ok 14:41:06.0328 6024 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 14:41:06.0328 6024 UlSata - ok 14:41:06.0344 6024 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 14:41:06.0344 6024 ulsata2 - ok 14:41:06.0375 6024 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 14:41:06.0375 6024 umbus - ok 14:41:06.0390 6024 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll 14:41:06.0390 6024 upnphost - ok 14:41:06.0468 6024 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 14:41:06.0468 6024 USBAAPL - ok 14:41:06.0500 6024 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 14:41:06.0500 6024 usbccgp - ok 14:41:06.0531 6024 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 14:41:06.0531 6024 usbcir - ok 14:41:06.0593 6024 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 14:41:06.0593 6024 usbehci - ok 14:41:06.0624 6024 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 14:41:06.0624 6024 usbhub - ok 14:41:06.0640 6024 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 14:41:06.0640 6024 usbohci - ok 14:41:06.0656 6024 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 14:41:06.0656 6024 usbprint - ok 14:41:06.0718 6024 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 14:41:06.0718 6024 usbscan - ok 14:41:06.0749 6024 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:41:06.0749 6024 USBSTOR - ok 14:41:06.0765 6024 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 14:41:06.0765 6024 usbuhci - ok 14:41:06.0796 6024 usb_rndisx (35c9095fa7076466afbfc5b9ec4b779e) C:\Windows\system32\DRIVERS\usb8023x.sys 14:41:06.0796 6024 usb_rndisx - ok 14:41:06.0843 6024 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll 14:41:06.0843 6024 UxSms - ok 14:41:06.0968 6024 VaultClientSRV (f56f0e24e35fd91f74a5319e7081a0db) C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe 14:41:06.0968 6024 VaultClientSRV - ok 14:41:06.0983 6024 VaultClientUpgrade (cf3b0ad3091b2997a1e5d4b6be87ec07) C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe 14:41:06.0999 6024 VaultClientUpgrade - ok 14:41:07.0046 6024 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe 14:41:07.0061 6024 vds - ok 14:41:07.0124 6024 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys 14:41:07.0124 6024 vga - ok 14:41:07.0139 6024 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 14:41:07.0155 6024 VgaSave - ok 14:41:07.0170 6024 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys 14:41:07.0170 6024 viaagp - ok 14:41:07.0186 6024 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys 14:41:07.0186 6024 ViaC7 - ok 14:41:07.0217 6024 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys 14:41:07.0217 6024 viaide - ok 14:41:07.0264 6024 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 14:41:07.0264 6024 volmgr - ok 14:41:07.0280 6024 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 14:41:07.0295 6024 volmgrx - ok 14:41:07.0342 6024 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 14:41:07.0342 6024 volsnap - ok 14:41:07.0389 6024 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys 14:41:07.0389 6024 vsmraid - ok 14:41:07.0451 6024 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe 14:41:07.0467 6024 VSS - ok 14:41:07.0529 6024 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll 14:41:07.0529 6024 W32Time - ok 14:41:07.0576 6024 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 14:41:07.0576 6024 WacomPen - ok 14:41:07.0592 6024 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 14:41:07.0592 6024 Wanarp - ok 14:41:07.0592 6024 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 14:41:07.0592 6024 Wanarpv6 - ok 14:41:07.0623 6024 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll 14:41:07.0638 6024 wcncsvc - ok 14:41:07.0685 6024 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll 14:41:07.0701 6024 WcsPlugInService - ok 14:41:07.0716 6024 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys 14:41:07.0716 6024 Wd - ok 14:41:07.0748 6024 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 14:41:07.0748 6024 Wdf01000 - ok 14:41:07.0779 6024 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 14:41:07.0779 6024 WdiServiceHost - ok 14:41:07.0779 6024 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 14:41:07.0779 6024 WdiSystemHost - ok 14:41:07.0810 6024 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll 14:41:07.0826 6024 WebClient - ok 14:41:07.0857 6024 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll 14:41:07.0857 6024 Wecsvc - ok 14:41:07.0872 6024 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll 14:41:07.0888 6024 wercplsupport - ok 14:41:07.0919 6024 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll 14:41:07.0919 6024 WerSvc - ok 14:41:08.0028 6024 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll 14:41:08.0044 6024 WinDefend - ok 14:41:08.0044 6024 WinHttpAutoProxySvc - ok 14:41:08.0106 6024 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll 14:41:08.0122 6024 Winmgmt - ok 14:41:08.0169 6024 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll 14:41:08.0184 6024 WinRM - ok 14:41:08.0294 6024 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll 14:41:08.0309 6024 Wlansvc - ok 14:41:08.0528 6024 wlidsvc (fb01d4ae207b9efdbabfc55dc95c7e31) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 14:41:08.0543 6024 wlidsvc - ok 14:41:08.0652 6024 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys 14:41:08.0652 6024 WmiAcpi - ok 14:41:08.0730 6024 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe 14:41:08.0730 6024 wmiApSrv - ok 14:41:08.0808 6024 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe 14:41:08.0808 6024 WMPNetworkSvc - ok 14:41:08.0840 6024 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll 14:41:08.0840 6024 WPCSvc - ok 14:41:08.0871 6024 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll 14:41:08.0871 6024 WPDBusEnum - ok 14:41:08.0933 6024 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 14:41:08.0933 6024 WpdUsb - ok 14:41:09.0120 6024 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 14:41:09.0120 6024 WPFFontCache_v0400 - ok 14:41:09.0152 6024 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 14:41:09.0152 6024 ws2ifsl - ok 14:41:09.0245 6024 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll 14:41:09.0245 6024 wscsvc - ok 14:41:09.0245 6024 WSearch - ok 14:41:09.0354 6024 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll 14:41:09.0495 6024 wuauserv - ok 14:41:09.0588 6024 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:41:09.0588 6024 WUDFRd - ok 14:41:09.0620 6024 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll 14:41:09.0620 6024 wudfsvc - ok 14:41:09.0682 6024 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 14:41:09.0869 6024 \Device\Harddisk0\DR0 - ok 14:41:09.0885 6024 Boot (0x1200) (e51ef6137b2baae5d3903841a42b9d80) \Device\Harddisk0\DR0\Partition0 14:41:09.0885 6024 \Device\Harddisk0\DR0\Partition0 - ok 14:41:09.0900 6024 Boot (0x1200) (42e17d8b196f908fa186a4abb89e26a0) \Device\Harddisk0\DR0\Partition1 14:41:09.0900 6024 \Device\Harddisk0\DR0\Partition1 - ok 14:41:09.0900 6024 ============================================================ 14:41:09.0900 6024 Scan finished 14:41:09.0900 6024 ============================================================ 14:41:09.0916 4272 Detected object count: 0 14:41:09.0916 4272 Actual detected object count: 0 14:44:33.0850 6124 Deinitialize success C:\Qoobox\Quarantine\C\Users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\n.vir Win32/Sirefef.EV trojan cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\00000004.@.vir Win32/Conedex.D trojan cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\000000cb.@.vir Win32/Conedex.E trojan cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\80000000.@.vir a variant of Win32/Sirefef.FA trojan cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\80000032.@.vir a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\00000004.@.vir Win32/Conedex.D trojan cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\000000cb.@.vir Win32/Conedex.E trojan cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\80000000.@.vir a variant of Win32/Sirefef.FA trojan cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\80000032.@.vir a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined C:\Qoobox\Quarantine\C\Windows\System32\services.exe.vir Win32/Sirefef.FB.Gen trojan deleted - quarantined C:\Users\Dave\AppData\Roaming\145FF7A3B5AE5AA739DBBA420DD11112\enemies-names.txt Win32/Adware.AntimalwareDoctor.AE.Gen application cleaned by deleting - quarantined Results of screen317's Security Check version 0.99.43 Windows Vista Service Pack 2 x86 (UAC is disabled!) Internet Explorer 8 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Lavasoft Ad-Watch Live! Anti-Virus Rogers Online Protection Anti-Virus Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Ad-Aware Malwarebytes Anti-Malware version 1.62.0.1300 Java 6 Update 7 Java version out of Date! Adobe Reader 9 Adobe Reader out of Date! ````````Process Check: objlist.exe by Laurent```````` Ad-Aware AAWService.exe is disabled! Ad-Aware AAWTray.exe is disabled! Rogers Online Protection Rogers Online Protection AVG Identity Protection\agent\Bin\AVGIDSAgent.exe Rogers Online Protection Rogers Online Protection RpsSecurityAwareR.exe Rogers Online Protection Rogers Servicepoint Agent ServicepointService.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1 % ````````````````````End of Log``````````````````````
  15. Chris, thank you for your reply. Thanks also for your recommendations. I will use MS Security Essentials in future. FYI, Rogers is my ISP. Here is the Combofix log and DDS log. ComboFix 12-08-07.05 - Dave 08/08/2012 13:29:38.1.4 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3316.2227 [GMT -4:00] Running from: c:\users\Dave\Desktop\ComboFix.exe AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Rogers Online Protection Anti-Virus *Disabled/Updated* {A61154FD-4365-E00F-9A33-13A09AD54B56} FW: Rogers Online Protection Firewall *Disabled* {9E2AD5D8-090A-E157-B16C-BA9564060C2D} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} SP: Rogers Online Protection Anti-Spyware *Disabled/Updated* {1D70B519-655F-EF81-A083-28D2E15201EB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\s c:\users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be} c:\users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\@ c:\users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\L\00000004.@ c:\users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\n c:\users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\00000004.@ c:\users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\00000008.@ c:\users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\000000cb.@ c:\users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\80000000.@ c:\users\Dave\AppData\Local\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\80000032.@ c:\users\Dave\AppData\Local\Windows Server c:\users\Dave\AppData\Local\Windows Server\server.dat c:\users\Dave\AppData\Roaming\Adobe\plugs c:\users\Dave\AppData\Roaming\Adobe\shed c:\users\Dave\AppData\Roaming\inst.exe c:\windows\assembly\GAC\Desktop.ini c:\windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be} c:\windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\@ c:\windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\L\00000004.@ c:\windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\L\201d3dde c:\windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\00000004.@ c:\windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\00000008.@ c:\windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\000000cb.@ c:\windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\80000000.@ c:\windows\Installer\{ff25052d-10af-0d08-53df-ff5d0ba603be}\U\80000032.@ . Infected copy of c:\windows\system32\services.exe was found and disinfected Restored copy from - c:\32788r22fwjfw\HarddiskVolumeShadowCopy4_!Windows!System32!services.exe . . ((((((((((((((((((((((((( Files Created from 2012-07-08 to 2012-08-08 ))))))))))))))))))))))))))))))) . . 2012-08-07 16:57 . 2012-08-07 16:57 -------- d-----w- c:\windows\system32\MpEngineStore 2012-08-05 20:00 . 2012-08-05 20:00 -------- d-----w- c:\program files\Microsoft Silverlight 2012-07-31 19:39 . 2012-07-31 19:39 -------- d-----w- c:\program files\Common Files\xing shared 2012-07-28 21:25 . 2012-07-28 21:25 -------- d-----w- c:\users\Dave\AppData\Local\Research In Motion 2012-07-28 21:25 . 2012-07-28 21:26 -------- d-----w- c:\users\Dave\AppData\Roaming\Research In Motion 2012-07-28 21:23 . 2012-07-28 21:23 -------- d-----w- c:\programdata\Research In Motion 2012-07-28 21:23 . 2012-07-28 21:23 -------- d-----w- c:\program files\Common Files\XCPCSync.OEM 2012-07-28 15:28 . 2011-07-20 19:13 35328 ----a-w- c:\windows\system32\drivers\RimSerial.sys 2012-07-28 15:27 . 2012-07-28 21:23 -------- d-----w- c:\program files\Common Files\Research In Motion 2012-07-28 15:26 . 2012-07-28 21:23 -------- d-----w- c:\program files\Research In Motion 2012-07-13 18:57 . 2012-07-13 18:57 -------- d-----w- c:\program files\v-Grabber 2012-07-13 18:56 . 2012-07-13 18:56 1491 ----a-w- C:\user.js 2012-07-13 18:56 . 2012-07-13 18:56 -------- d-----w- c:\users\Dave\AppData\Local\Giant Savings 2012-07-13 18:56 . 2012-07-15 15:22 -------- d-----w- c:\program files\Giant Savings 2012-07-13 18:56 . 2012-07-13 18:56 -------- d-----w- c:\users\Dave\AppData\Roaming\Babylon 2012-07-13 18:56 . 2012-07-13 18:56 -------- d-----w- c:\programdata\Babylon 2012-07-12 02:37 . 2012-06-13 13:40 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 22:12 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2012-07-11 22:12 . 2012-06-05 16:47 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 22:12 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 22:12 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 22:12 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 22:12 . 2012-06-02 00:03 204288 ----a-w- c:\windows\system32\ncrypt.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-03 17:12 . 2012-04-01 14:16 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-08-03 17:12 . 2011-05-14 14:13 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-31 19:39 . 2003-03-19 01:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-07-31 19:39 . 2003-02-21 09:42 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-07-03 17:46 . 2011-06-05 14:27 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-29 08:44 . 2012-07-31 13:28 6891424 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C08A1BD4-636F-4FB4-B5B5-ACCEF0E4969F}\mpengine.dll 2012-06-02 22:19 . 2012-06-21 15:42 53784 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 15:42 45080 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 15:41 35864 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 15:41 577048 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:19 . 2012-06-21 15:42 1933848 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:12 . 2012-06-21 15:42 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12 . 2012-06-21 15:41 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 19:19 . 2012-06-21 15:40 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 19:12 . 2012-06-21 15:40 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-05-31 16:25 . 2009-10-02 21:12 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-15 06:37 . 2012-06-13 20:10 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 06:32 . 2012-06-13 20:09 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-15 06:32 . 2012-06-13 20:10 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-15 06:31 . 2012-06-13 20:09 109056 ----a-w- c:\windows\system32\iesysprep.dll 2012-05-15 06:31 . 2012-06-13 20:09 71680 ----a-w- c:\windows\system32\iesetup.dll 2012-05-15 05:01 . 2012-06-13 20:10 385024 ----a-w- c:\windows\system32\html.iec 2012-05-15 03:26 . 2012-06-13 20:10 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2012-05-15 03:23 . 2012-06-13 20:09 1638912 ----a-w- c:\windows\system32\mshtml.tlb . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VaultIcon1] @="{B976888E-DC7B-456C-A62F-44EA07ED231F}" [HKEY_CLASSES_ROOT\CLSID\{B976888E-DC7B-456C-A62F-44EA07ED231F}] 2010-06-07 17:46 344064 ----a-w- c:\program files\Rogers Backup Manager\VaultClientMenu.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-12 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-12 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-12 133656] "RtHDVCpl"="RtHDVCpl.exe" [2007-05-11 4452352] "RogersServicepointAgent.exe"="c:\program files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe" [2011-01-04 4318520] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776] "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448] "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-07-31 296096] . c:\users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ MLB.TV NexDef Plug-in.lnk - c:\users\Dave\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe [2011-3-16 15502336] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2008-9-24 1295656] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist] 2009-01-10 00:31 10536 ----a-w- c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk * . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Radialpoint Security Services] @="Service" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NaturalColorLoad.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NaturalColorLoad.lnk backup=c:\windows\pss\NaturalColorLoad.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.0.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 5.0.lnk backup=c:\windows\pss\PHOTOfunSTUDIO 5.0.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Dave^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk] path=c:\users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk backup=c:\windows\pss\Dell Dock.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-01-02 15:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2006-12-22 11:29 67752 ----a-w- c:\program files\Adobe\Photoshop Elements 5.0\apdproxy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA] 2009-01-18 19:16 342848 ----a-w- c:\program files\DNA\btdna.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter] 2007-09-14 01:50 1603152 ----a-w- c:\program files\Canon\MyPrinter\BJMYPRT.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu] 2007-10-26 01:10 652624 ----a-w- c:\program files\Canon\SolutionMenu\CNSLMAIN.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search] 2009-01-10 00:21 30192 ----a-w- c:\program files\Google\Google Desktop Search\GoogleDesktop.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelliPoint] 2009-01-07 21:57 1468296 ----a-w- c:\program files\Microsoft IntelliPoint\ipoint.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-06-07 23:33 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4] 2007-02-04 17:02 79400 ----a-w- c:\program files\ScanSoft\OmniPageSE4\OpWareSE4.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-04-19 00:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2007-05-11 13:26 4452352 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate] 2006-10-25 14:03 210472 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] 2012-07-31 19:39 296096 ----a-w- c:\program files\real\realplayer\Update\realsched.exe . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x] R4 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [x] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 0B1532DA *NewlyCreated* - 2D2CC75C *Deregistered* - 0b1532da *Deregistered* - 2d2cc75c . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache bdx REG_MULTI_SZ scan sysagent . Contents of the 'Scheduled Tasks' folder . 2012-08-08 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 17:12] . 2012-08-07 c:\windows\Tasks\User_Feed_Synchronization-{C3AFB109-1DE7-420C-98FA-748D18FB6371}.job - c:\windows\system32\msfeedssync.exe [2012-06-13 03:24] . . ------- Supplementary Scan ------- . uStart Page = hxxp://my.yahoo.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000 Trusted Zone: skillport.com Trusted Zone: skillwsa.com TCP: DhcpNameServer = 64.71.255.198 192.168.1.1 . - - - - ORPHANS REMOVED - - - - . HKLM-Run-dellsupportcenter - c:\program files\Dell Support Center\bin\sprtcmd.exe MSConfigStartUp-dvd43 - c:\program files\dvd43\dvd43_tray.exe MSConfigStartUp-Scan Buttons - c:\program files\NewSoft\Presto! PageManager 7.15\Pmsb.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-08-08 14:02 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(1476) c:\program files\Rogers Backup Manager\VaultClientMenu.dll c:\program files\Rogers Backup Manager\LIBEXPAT.dll c:\program files\Rogers Backup Manager\VaultClientCOM.dll c:\program files\Griffin Technology\iTalk Sync\CopyHook.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Rogers Online Protection\Rogers Online Protection\Fws.exe c:\windows\system32\igfxsrvc.exe c:\program files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe c:\program files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe c:\program files\Rogers Backup Manager\VaultClientSRV.exe c:\program files\Rogers Backup Manager\VaultClientUpgrade.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\program files\iPod\bin\iPodService.exe c:\program files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgentComHandler.exe . ************************************************************************** . Completion time: 2012-08-08 14:11:31 - machine was rebooted ComboFix-quarantined-files.txt 2012-08-08 18:11 . Pre-Run: 226,861,125,632 bytes free Post-Run: 228,086,796,288 bytes free . - - End Of File - - 0C99CFFC18A79BDA64C2AC17001C8F39 DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.19272 Run by Dave at 14:15:55 on 2012-08-08 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.2.1033.18.3316.1751 [GMT -4:00] . AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116} AV: Rogers Online Protection Anti-Virus *Disabled/Updated* {A61154FD-4365-E00F-9A33-13A09AD54B56} SP: Rogers Online Protection Anti-Spyware *Disabled/Updated* {1D70B519-655F-EF81-A083-28D2E15201EB} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB} FW: Rogers Online Protection Firewall *Disabled* {9E2AD5D8-090A-E157-B16C-BA9564060C2D} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\System32\spoolsv.exe C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe C:\Program Files\real\realplayer\Update\realsched.exe C:\Users\Dave\AppData\Local\Autobahn\mlb-nexdef-autobahn.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgentComHandler.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\Explorer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\conime.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://my.yahoo.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [RogersServicepointAgent.exe] "c:\program files\rogers online protection\rogers servicepoint agent\RogersServicepointAgent.exe" /AUTORUN mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot StartupFolder: c:\users\dave\appdata\roaming\micros~1\windows\startm~1\programs\startup\mlbtvn~1.lnk - c:\users\dave\appdata\local\autobahn\mlb-nexdef-autobahn.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\progra~1\java\jre16~1.0_0\bin\ssv.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL Trusted Zone: skillport.com Trusted Zone: skillwsa.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab TCP: DhcpNameServer = 64.71.255.198 192.168.1.1 TCP: Interfaces\{2097E326-751A-4997-A99D-7D7282A7C81D} : DhcpNameServer = 64.71.255.198 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll Notify: igfxcui - igfxdev.dll AppInit_DLLs: c:\progra~1\google\google~3\GoogleDesktopNetwork3.dll . ============= SERVICES / DRIVERS =============== . R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-6-5 64512] R0 RadialpointIDSEH;RadialpointIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-6-23 25608] R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 Radialpoint Security Services;Rogers Online Protection;c:\program files\rogers online protection\rogers online protection\RpsSecurityAwareR.exe [2010-6-7 166944] R2 RadialpointIDSAgent;RadialpointIDSAgent;c:\program files\rogers online protection\rogers online protection\avg\identity protection\agent\bin\AVGIDSAgent.exe [2011-6-23 5832712] R2 ServicepointService;ServicepointService;c:\program files\rogers online protection\rogers servicepoint agent\ServicepointService.exe [2011-6-23 689464] R2 VaultClientSRV;Rogers Backup Manager Service;c:\program files\rogers backup manager\VaultClientSRV.exe [2010-6-7 1053936] R2 VaultClientUpgrade;Rogers Backup Manager Upgrade Service;c:\program files\rogers backup manager\VaultClientUpgrade.exe [2010-6-7 120048] R3 RadialpointIDSDriver;RadialpointIDSDriver;c:\program files\rogers online protection\rogers online protection\avg\identity protection\agent\drivers\AVGIDSDriver.sys [2011-6-23 122376] R3 RadialpointIDSFilter;RadialpointIDSFilter;c:\program files\rogers online protection\rogers online protection\avg\identity protection\agent\drivers\AVGIDSfilter.sys [2011-6-23 30216] R3 RadialpointIDSShim;RadialpointIDSShim;c:\program files\rogers online protection\rogers online protection\avg\identity protection\agent\drivers\AVGIDSShim.sys [2011-6-23 27800] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 250056] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 AERTFilters;Andrea RT Filters Service;c:\windows\system32\AERTSrv.exe [2007-12-5 77824] S4 DockLoginService;Dock Login Service;c:\program files\dell\delldock\DockLogin.exe [2008-9-24 155648] S4 GoogleDesktopManager-092308-165331;Google Desktop Manager 5.8.809.23506;c:\program files\google\google desktop search\GoogleDesktop.exe [2009-1-9 30192] S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-5-25 2151128] . =============== Created Last 30 ================ . 2012-08-08 18:11:42 -------- d-----w- c:\users\dave\appdata\local\temp 2012-08-08 17:55:22 -------- d-----w- C:\$RECYCLE.BIN 2012-08-08 17:24:57 98816 ----a-w- c:\windows\sed.exe 2012-08-08 17:24:57 518144 ----a-w- c:\windows\SWREG.exe 2012-08-08 17:24:57 256000 ----a-w- c:\windows\PEV.exe 2012-08-08 17:24:57 208896 ----a-w- c:\windows\MBR.exe 2012-08-08 17:24:46 -------- d-----w- C:\ComboFix 2012-08-07 16:57:21 -------- d-----w- c:\windows\system32\MpEngineStore 2012-08-03 17:49:06 -------- d-----w- c:\users\dave\appdata\local\{F2E14B23-BF40-46CB-94E2-0A5F35DEBBE9} 2012-08-03 17:48:46 -------- d-----w- c:\users\dave\appdata\local\{396F838A-4000-4657-AE6C-D80989050B5C} 2012-08-02 16:59:05 -------- d-----w- c:\users\dave\appdata\local\{B197535A-4F21-4E29-A80F-62C7BEA61479} 2012-08-02 16:58:42 -------- d-----w- c:\users\dave\appdata\local\{D9036F97-C1B4-4C8A-B401-E2748CDE0875} 2012-08-01 13:10:18 -------- d-----w- c:\users\dave\appdata\local\{05405500-E5EB-44F9-A9D2-6CEC80B982B6} 2012-08-01 13:09:59 -------- d-----w- c:\users\dave\appdata\local\{FB57AE5F-45BC-4347-B2A7-6602D1ECDCCB} 2012-07-31 19:39:26 -------- d-----w- c:\program files\common files\xing shared 2012-07-31 17:30:16 -------- d-----w- c:\users\dave\appdata\local\{E40E143A-8C6B-4DDD-AC90-0FC6EC902122} 2012-07-31 17:30:02 -------- d-----w- c:\users\dave\appdata\local\{DD464583-C78E-4479-91DC-D4B5A122693F} 2012-07-31 13:28:04 6891424 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{c08a1bd4-636f-4fb4-b5b5-accef0e4969f}\mpengine.dll 2012-07-30 14:47:51 -------- d-----w- c:\users\dave\appdata\local\{B3935F7B-6470-4092-9A3F-DF746D6CB6CE} 2012-07-30 14:47:36 -------- d-----w- c:\users\dave\appdata\local\{8AC4F9A3-7139-44CA-B809-52824D2FFACD} 2012-07-28 21:25:29 -------- d-----w- c:\users\dave\appdata\local\Research In Motion 2012-07-28 21:25:27 -------- d-----w- c:\users\dave\appdata\roaming\Research In Motion 2012-07-28 21:23:23 -------- d-----w- c:\programdata\Research In Motion 2012-07-28 21:23:10 -------- d-----w- c:\program files\common files\XCPCSync.OEM 2012-07-28 20:25:18 -------- d-----w- c:\users\dave\appdata\local\{21D7422E-0FE7-45C6-85D6-938CDF281C8C} 2012-07-28 20:25:08 -------- d-----w- c:\users\dave\appdata\local\{16AE43B3-0E86-48C1-9A3D-ACFD12D1C98C} 2012-07-28 15:28:29 35328 ----a-w- c:\windows\system32\drivers\RimSerial.sys 2012-07-28 15:27:02 -------- d-----w- c:\program files\common files\Research In Motion 2012-07-28 15:26:56 -------- d-----w- c:\program files\Research In Motion 2012-07-24 18:20:47 -------- d-----w- c:\users\dave\appdata\local\{E3908851-D128-4BE8-A172-EF72BF037B57} 2012-07-24 18:20:36 -------- d-----w- c:\users\dave\appdata\local\{ECF4A556-BBEE-4D85-8235-1B15EEE17150} 2012-07-21 23:04:26 -------- d-----w- c:\users\dave\appdata\local\{1C3E55CE-9D78-4777-8640-4F8616E24C94} 2012-07-21 23:04:16 -------- d-----w- c:\users\dave\appdata\local\{0B2BBAEA-BB71-4568-BB2F-FC221DDE43C9} 2012-07-14 21:19:08 -------- d-----w- c:\users\dave\appdata\local\{77776764-3AF4-4B65-A20D-E730C659349F} 2012-07-14 21:18:57 -------- d-----w- c:\users\dave\appdata\local\{C82D8E24-04AB-4550-8E3C-6728D02A2F28} 2012-07-13 18:57:16 -------- d-----w- c:\program files\v-Grabber 2012-07-13 18:56:48 -------- d-----w- c:\users\dave\appdata\local\Giant Savings 2012-07-13 18:56:47 -------- d-----w- c:\program files\Giant Savings 2012-07-13 18:56:43 -------- d-----w- c:\users\dave\appdata\roaming\Babylon 2012-07-13 18:56:43 -------- d-----w- c:\programdata\Babylon 2012-07-12 02:37:34 2047488 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 22:12:38 708608 ----a-w- c:\program files\common files\system\ado\msado15.dll 2012-07-11 22:12:35 1401856 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 22:12:35 1248768 ----a-w- c:\windows\system32\msxml3.dll 2012-07-11 22:12:30 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-11 22:12:30 278528 ----a-w- c:\windows\system32\schannel.dll 2012-07-11 22:12:30 204288 ----a-w- c:\windows\system32\ncrypt.dll . ==================== Find3M ==================== . 2012-08-03 17:12:52 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-08-03 17:12:52 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-31 19:39:08 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-07-31 19:39:08 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-07-03 17:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-02 22:12:32 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:12:13 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 19:19:42 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 19:12:20 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-05-31 16:25:14 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-05-15 06:37:49 916992 ----a-w- c:\windows\system32\wininet.dll 2012-05-15 06:32:25 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-05-15 06:32:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-05-15 06:31:44 109056 ----a-w- c:\windows\system32\iesysprep.dll 2012-05-15 06:31:43 71680 ----a-w- c:\windows\system32\iesetup.dll 2012-05-15 05:01:56 385024 ----a-w- c:\windows\system32\html.iec 2012-05-15 03:26:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2012-05-15 03:23:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb . ============= FINISH: 14:17:11.06 ===============