KJamal99

I really apologize. I'm covering 2 people who are on vacation at work through mid-next week. I have been working 16 hour days - even the weekend. I literally eat on my drive home, check email and go to bed. If you must, you can end/close my issue. But I still plan to get to your final steps above when I have time. Off to bed.

Okay, I'll do all of this tomorrow... I've had a hard week, and must sleep now. I'll let you know if I hit any snags when I do all of this.

Oh, so I don't need to do anything with that DeFogger program right?

You're right, auto-run is still working. Well the issue seems to be fixed for now. I suppose you can close my request. I appreciate your help! Something fixed it...

I did not see the dialog come up for the "Microsoft Windows Recovery Console", so I guess it must already be installed? Though, I have never heard of it... My computer seems to be operating pretty smoothly now. I'm guessing something we have done has solved my problem... Thanks! Would you please tell me how to re-enable anything I've been required to turn-off as part of your instructions? Like the auto-run capability of my Media drives. Here is the ComboFix log - do you see anything funky? ------------------------------------------------------------------------------------- ComboFix 11-06-27.01 - Kris 06/27/2011 18:48:11.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2038.817 [GMT -5:00] Running from: c:\users\Kris\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\3bi1kd7k.default\extensions\{9e69dc27-faac-4223-ab10-8b3753aab021} c:\users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\3bi1kd7k.default\extensions\{9e69dc27-faac-4223-ab10-8b3753aab021}\chrome.manifest c:\users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\3bi1kd7k.default\extensions\{9e69dc27-faac-4223-ab10-8b3753aab021}\chrome\xulcache.jar c:\users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\3bi1kd7k.default\extensions\{9e69dc27-faac-4223-ab10-8b3753aab021}\defaults\preferences\xulcache.js c:\users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\3bi1kd7k.default\extensions\{9e69dc27-faac-4223-ab10-8b3753aab021}\install.rdf c:\windows\system32\jusched.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_BITS32 -------\Service_RpcSs32 -------\Service_wmiApSrv32 . . ((((((((((((((((((((((((( Files Created from 2011-05-28 to 2011-06-28 ))))))))))))))))))))))))))))))) . . 2011-06-28 00:02 . 2011-06-28 00:10 -------- d-----w- c:\users\Kris\AppData\Local\temp 2011-06-26 16:22 . 2011-06-26 16:22 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll 2011-06-26 16:22 . 2011-06-26 16:22 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll 2011-06-26 00:41 . 2011-03-13 16:42 24376 ----a-w- c:\program files\Mozilla Firefox\distribution\bundles\{D19CA586-DD6C-4a0a-96F8-14644F340D60}\components\scriptff.dll 2011-06-21 12:30 . 2011-06-21 12:30 -------- d-----w- c:\users\Kris\AppData\Roaming\Malwarebytes 2011-06-21 12:29 . 2011-05-29 14:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-06-21 12:29 . 2011-06-21 12:29 -------- d-----w- c:\programdata\Malwarebytes 2011-06-21 12:29 . 2011-06-21 12:29 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-06-21 12:29 . 2011-05-29 14:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-16 22:46 . 2011-05-02 12:00 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat 2011-06-11 12:34 . 2011-06-11 12:34 11776 ----a-w- c:\program files\Mozilla Firefox\plugins\nprjplug.dll 2011-06-11 12:33 . 2011-06-11 12:33 -------- d-----w- c:\program files\Common Files\xing shared 2011-06-11 12:31 . 2011-06-11 12:31 150712 ----a-w- c:\program files\Mozilla Firefox\plugins\nppl3260.dll 2011-06-11 12:29 . 2011-06-11 12:30 105472 ----a-w- c:\program files\Mozilla Firefox\plugins\nprpjplug.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-25 06:29 . 2011-05-23 16:44 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-11 12:28 . 2008-06-03 05:36 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-06-11 12:28 . 2003-08-13 01:17 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-05-04 09:52 . 2010-04-24 18:12 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-06-26 16:22 . 2011-04-10 17:05 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2011-04-14 19:01 . 2011-02-04 05:35 24376 ----a-w- c:\program files\mozilla firefox\components\Scriptff.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK] @="{3c3f3c1a-9153-7c05-f938-622e7003894d}" [HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}] 2010-04-14 02:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2] @="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}" [HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}] 2010-04-14 02:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3] @="{b4caf489-1eec-c617-49ad-8d7088598c06}" [HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}] 2010-04-14 02:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CCUTRAYICON"="FactoryMode" [X] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536] "KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536] "OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784] "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008] "SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-09-25 54672] "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072] "Symantec PIF AlertEng"="c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048] "SBC_McciTrayApp"="c:\program files\SBC\update\SST.exe" [2007-02-28 1011200] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152] "D-Link D-Link Wireless N DWA-130"="c:\program files\D-Link\D-Link Wireless N DWA-130\AirNCFG.exe" [2008-03-20 1675264] "KMCONFIG"="c:\program files\Keyboard & Mouse Driver\StartAutorun.exe" [2008-05-30 212992] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-02-27 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-02-27 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-02-27 150552] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2006-11-03 319488] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-05-26 1306216] "McPvTray"="c:\program files\McAfee\Anti-Theft\McPvTray.exe" [2009-11-17 670312] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208] "TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2011-06-11 273544] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . c:\users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Media Player.lnk - c:\program files\Adobe Media Player\Adobe Media Player.exe [2009-1-5 261120] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish Media Detector.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish Media Detector.lnk backup=c:\windows\pss\Snapfish Media Detector.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^Users^Kris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.3.lnk] path=c:\users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.3.lnk backup=c:\windows\pss\OpenOffice.org 2.3.lnk.Startup backupExtension=.Startup . [HKLM\~\startupfolder\C:^Users^Kris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ZooskMessenger.lnk] path=c:\users\Kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk backup=c:\windows\pss\ZooskMessenger.lnk.Startup backupExtension=.Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-11-10 17:49 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-01-30 15:45 35736 ----a-w- c:\program files\Adobe\Reader 10.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cdloader] 2010-02-18 15:53 50520 ----a-w- c:\users\Kris\AppData\Roaming\mjusbsp\cdloader2.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2011-03-21 18:56 1230704 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager] 2008-06-24 18:34 41824 ----a-w- c:\program files\Common Files\aol\1199758750\ee\aolsoftware.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPAdvisor] 2009-08-05 17:27 1644088 ----a-w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2011-03-07 20:33 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] 2010-06-01 15:17 5252408 ----a-w- c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 23:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] 2008-01-15 16:26 4874240 ----a-w- c:\windows\RtHDVCpl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager] 2010-06-01 15:17 5252408 ----a-w- c:\program files\Yahoo!\Messenger\YahooMessenger.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 . R2 AeLookupSvc3232;Application Experience ;c:\programdata\dinput832.exe [x] R2 AeLookupSvc323232;Application Experience ;c:\programdata\msscp32.exe [x] R2 AeLookupSvc3232323232323232;Application Experience ;c:\programdata\ureg32.exe [x] R2 AeLookupSvc323232323232323232;Application Experience ;c:\programdata\localsec32.exe [x] R2 AeLookupSvc32323232323232323232;Application Experience ;c:\programdata\NlsData001132.exe [x] R2 AeLookupSvc3232323232323232323232;Application Experience ;c:\programdata\MPSSVC32.exe [x] R2 AeLookupSvc323232323232323232323232;Application Experience ;c:\programdata\dpnathlp32.exe [x] R2 AlertService3232;Intel® Alert Service ;c:\programdata\atmfd32.exe [x] R2 AlertService323232;Intel® Alert Service ;c:\programdata\Icam4EXT32.exe [x] R2 ALG32323232;Application Layer Gateway Service ;c:\programdata\KBDUS32.exe [x] R2 ALG323232323232323232;Application Layer Gateway Service ;c:\programdata\dot3ui32.exe [x] R2 AOL ACS3232;AOL Connectivity Service ;c:\programdata\KBDIT32.exe [x] R2 AOL ACS323232;AOL Connectivity Service ;c:\programdata\advapi3232.exe [x] R2 AOL ACS32323232323232323232;AOL Connectivity Service ;c:\programdata\esent32.exe [x] R2 AOL ACS3232323232323232323232;AOL Connectivity Service ;c:\programdata\btpanui32.exe [x] R2 AOL ACS323232323232323232323232;AOL Connectivity Service ;c:\programdata\wkssvc32.exe [x] R2 Appinfo32;Application Information ;c:\programdata\iprtrmgr32.exe [x] R2 Appinfo3232323232323232323232;Application Information ;c:\programdata\NcdProp32.exe [x] R2 Appinfo323232323232323232323232;Application Information ;c:\programdata\msdmo32.exe [x] R2 Appinfo3232323232323232323232323232;Application Information ;c:\programdata\netfxperf32.exe [x] R2 Appinfo323232323232323232323232323232;Application Information ;c:\programdata\cmutil32.exe [x] R2 Apple Mobile Device3232;Apple Mobile Device ;c:\programdata\clfsw3232.exe [x] R2 Apple Mobile Device323232;Apple Mobile Device ;c:\programdata\xwizards32.exe [x] R2 Apple Mobile Device3232323232;Apple Mobile Device ;c:\programdata\C_G1803032.exe [x] R2 Apple Mobile Device323232323232;Apple Mobile Device ;c:\programdata\WINNLS32.exe [x] R2 Apple Mobile Device3232323232323232;Apple Mobile Device ;c:\programdata\napipsec32.exe [x] R2 AudioEndpointBuilder32;Windows Audio Endpoint Builder ;c:\programdata\C_IS202232.exe [x] R2 AudioEndpointBuilder3232;Windows Audio Endpoint Builder ;c:\programdata\iprop32.exe [x] R2 AudioEndpointBuilder32323232;Windows Audio Endpoint Builder ;c:\programdata\igfxdo32.exe [x] R2 AudioEndpointBuilder3232323232;Windows Audio Endpoint Builder ;c:\programdata\QSVRMGMT32.exe [x] R2 AudioEndpointBuilder323232323232;Windows Audio Endpoint Builder ;c:\programdata\BFE32.exe [x] R2 AudioEndpointBuilder32323232323232;Windows Audio Endpoint Builder ;c:\programdata\mstask32.exe [x] R2 Audiosrv32;Windows Audio ;c:\programdata\cmcfg3232.exe [x] R2 Audiosrv3232;Windows Audio ;c:\programdata\uniplat32.exe [x] R2 Audiosrv323232;Windows Audio ;c:\programdata\wecsvc32.exe [x] R2 Audiosrv32323232;Windows Audio ;c:\programdata\d3dx9_3232.exe [x] R2 Audiosrv323232323232;Windows Audio ;c:\programdata\netdiagfx32.exe [x] R2 Automatic LiveUpdate Scheduler32;Automatic LiveUpdate Scheduler ;c:\programdata\msoert232.exe [x] R2 Automatic LiveUpdate Scheduler323232;Automatic LiveUpdate Scheduler ;c:\programdata\gcdef32.exe [x] R2 Automatic LiveUpdate Scheduler32323232;Automatic LiveUpdate Scheduler ;c:\programdata\itircl32.exe [x] R2 BFE32;Base Filtering Engine ;c:\programdata\pifmgr32.exe [x] R2 BITS3232;Background Intelligent Transfer Service ;c:\programdata\msdtcprx32.exe [x] R2 BITS323232;Background Intelligent Transfer Service ;c:\programdata\NlsLexicons000c32.exe [x] R2 BITS32323232;Background Intelligent Transfer Service ;c:\programdata\mssha32.exe [x] R2 BITS3232323232323232323232;Background Intelligent Transfer Service ;c:\programdata\dmocx32.exe [x] R2 BITS323232323232323232323232;Background Intelligent Transfer Service ;c:\programdata\mstime32.exe [x] R2 BITS323232323232323232323232323232;Background Intelligent Transfer Service ;c:\programdata\KBDSL132.exe [x] R2 BITS32323232323232323232323232323232;Background Intelligent Transfer Service ;c:\programdata\wsepno32.exe [x] R2 BITS3232323232323232323232323232323232;Background Intelligent Transfer Service ;c:\programdata\usbui32.exe [x] R2 BITS323232323232323232323232323232323232;Background Intelligent Transfer Service ;c:\programdata\swprv32.exe [x] R2 Bonjour Service32323232;Bonjour Service ;c:\programdata\AuthFWGP32.exe [x] R2 Bonjour Service3232323232;Bonjour Service ;c:\programdata\KBDIR32.exe [x] R2 Bonjour Service323232323232;Bonjour Service ;c:\programdata\xactsrv32.exe [x] R2 Bonjour Service32323232323232;Bonjour Service ;c:\programdata\rsaenh32.exe [x] R2 Bonjour Service32323232323232323232;Bonjour Service ;c:\programdata\NlsData002732.exe [x] R2 Bonjour Service3232323232323232323232;Bonjour Service ;c:\programdata\KBDRU132.exe [x] R2 Browser32;Computer Browser ;c:\programdata\oleaut3232.exe [x] R2 Browser3232;Computer Browser ;c:\programdata\ATHPRXY32.exe [x] R2 Browser323232;Computer Browser ;c:\programdata\ssdpapi32.exe [x] R2 Browser32323232;Computer Browser ;c:\programdata\glmf3232.exe [x] R2 Browser323232323232;Computer Browser ;c:\programdata\msdtcprx32.exe [x] R2 Browser32323232323232;Computer Browser ;c:\programdata\WlanApp32.exe [x] R2 Browser3232323232323232;Computer Browser ;c:\programdata\scesrv32.exe [x] R2 Browser323232323232323232;Computer Browser ;c:\programdata\pxwma32.exe [x] R2 CertPropSvc32;Certificate Propagation ;c:\programdata\dnshc32.exe [x] R2 CertPropSvc3232;Certificate Propagation ;c:\programdata\KBDHE31932.exe [x] R2 CertPropSvc323232;Certificate Propagation ;c:\programdata\mssitlb32.exe [x] R2 CertPropSvc32323232;Certificate Propagation ;c:\programdata\KBDIULAT32.exe [x] R2 CertPropSvc3232323232;Certificate Propagation ;c:\programdata\KBDNEPR32.exe [x] R2 CertPropSvc323232323232323232;Certificate Propagation ;c:\programdata\KBDTIPRC32.exe [x] R2 CertPropSvc32323232323232323232;Certificate Propagation ;c:\programdata\msftedit32.exe [x] R2 CertPropSvc3232323232323232323232;Certificate Propagation ;c:\programdata\WUDFx32.exe [x] R2 clr_optimization_v2.0.50727_3232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\powercpl32.exe [x] R2 clr_optimization_v2.0.50727_32323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\spnet32.exe [x] R2 clr_optimization_v2.0.50727_3232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\wuapi32.exe [x] R2 clr_optimization_v2.0.50727_32323232323232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\dmloader32.exe [x] R2 clr_optimization_v2.0.50727_3232323232323232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\wdi32.exe [x] R2 clr_optimization_v2.0.50727_323232323232323232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\msshavmsg32.exe [x] R2 clr_optimization_v2.0.50727_32323232323232323232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\COLORCNV32.exe [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_323232323232;Microsoft .NET Framework NGEN v4.0.30319_X86 ;c:\programdata\WUDFx32.exe [x] R2 clr_optimization_v4.0.30319_323232323232323232;Microsoft .NET Framework NGEN v4.0.30319_X86 ;c:\programdata\profprov32.exe [x] R2 clr_optimization_v4.0.30319_32323232323232323232;Microsoft .NET Framework NGEN v4.0.30319_X86 ;c:\programdata\msexch4032.exe [x] R2 clr_optimization_v4.0.30319_3232323232323232323232;Microsoft .NET Framework NGEN v4.0.30319_X86 ;c:\programdata\icsfiltr32.exe [x] R2 COMSysApp32;COM+ System Application ;c:\programdata\zipfldr32.exe [x] R2 COMSysApp32323232;COM+ System Application ;c:\programdata\KBDNO132.exe [x] R2 COMSysApp32323232323232323232;COM+ System Application ;c:\programdata\avifil3232.exe [x] R2 COMSysApp3232323232323232323232;COM+ System Application ;c:\programdata\QCLIPROV32.exe [x] R2 COMSysApp32323232323232323232323232;COM+ System Application ;c:\programdata\amstream32.exe [x] R2 COMSysApp3232323232323232323232323232;COM+ System Application ;c:\programdata\KBDPL132.exe [x] R2 CryptSvc32323232;Cryptographic Services ;c:\programdata\webcheck32.exe [x] R2 CryptSvc3232323232;Cryptographic Services ;c:\programdata\comcat32.exe [x] R2 CryptSvc32323232323232323232;Cryptographic Services ;c:\programdata\NlsData000732.exe [x] R2 CryptSvc32323232323232323232323232;Cryptographic Services ;c:\programdata\mydocs32.exe [x] R2 DcomLaunch32323232323232;DCOM Server Process Launcher ;c:\programdata\imagehlp32.exe [x] R2 DcomLaunch3232323232323232;DCOM Server Process Launcher ;c:\programdata\xpssvcs32.exe [x] R2 DcomLaunch323232323232323232;DCOM Server Process Launcher ;c:\programdata\lz3232.exe [x] R2 DFSR32;DFS Replication ;c:\programdata\dsuiext32.exe [x] R2 DFSR3232;DFS Replication ;c:\programdata\msacm32.exe [x] R2 DFSR323232;DFS Replication ;c:\programdata\catsrv32.exe [x] R2 DFSR323232323232;DFS Replication ;c:\programdata\msxml432.exe [x] R2 DFSR32323232323232;DFS Replication ;c:\programdata\divx_xx1132.exe [x] R2 DFSR3232323232323232;DFS Replication ;c:\programdata\TabbtnEx32.exe [x] R2 Dhcp32;DHCP Client ;c:\programdata\perfnet32.exe [x] R2 Dhcp3232;DHCP Client ;c:\programdata\mciqtz3232.exe [x] R2 Dnscache323232;DNS Client ;c:\programdata\txfw3232.exe [x] R2 dot3svc323232;Wired AutoConfig ;c:\programdata\KBDJPN32.exe [x] R2 dot3svc3232323232;Wired AutoConfig ;c:\programdata\eswia5a32.exe [x] R2 dot3svc323232323232;Wired AutoConfig ;c:\programdata\puiobj32.exe [x] R2 dot3svc32323232323232;Wired AutoConfig ;c:\programdata\bcdprov32.exe [x] R2 dot3svc32323232323232323232;Wired AutoConfig ;c:\programdata\KBDLV132.exe [x] R2 dot3svc3232323232323232323232;Wired AutoConfig ;c:\programdata\wshqos32.exe [x] R2 dot3svc323232323232323232323232;Wired AutoConfig ;c:\programdata\KBDINASA32.exe [x] R2 dot3svc3232323232323232323232323232;Wired AutoConfig ;c:\programdata\msscb32.exe [x] R2 DPS323232;Diagnostic Policy Service ;c:\programdata\NlsData001032.exe [x] R2 DPS32323232;Diagnostic Policy Service ;c:\programdata\icfupgd32.exe [x] R2 DPS3232323232;Diagnostic Policy Service ;c:\programdata\fdWNet32.exe [x] R2 DPS323232323232;Diagnostic Policy Service ;c:\programdata\samlib32.exe [x] R2 DPS32323232323232;Diagnostic Policy Service ;c:\programdata\rasmxs32.exe [x] R2 DPS32323232323232323232;Diagnostic Policy Service ;c:\programdata\mspatcha32.exe [x] R2 DQLWinService32;DQLWinService ;c:\programdata\GuidedHelp32.exe [x] R2 DQLWinService3232;DQLWinService ;c:\programdata\NlsData041432.exe [x] R2 DQLWinService323232;DQLWinService ;c:\programdata\modemui32.exe [x] R2 DQLWinService32323232;DQLWinService ;c:\programdata\powrprof32.exe [x] R2 DQLWinService3232323232;DQLWinService ;c:\programdata\KBDINBE132.exe [x] R2 EapHost3232;Extensible Authentication Protocol ;c:\programdata\sqlcese3032.exe [x] R2 EapHost323232;Extensible Authentication Protocol ;c:\programdata\asycfilt3232.exe [x] R2 EapHost32323232;Extensible Authentication Protocol ;c:\programdata\sxsstore32.exe [x] R2 EapHost3232323232;Extensible Authentication Protocol ;c:\programdata\wow3232.exe [x] R2 EapHost323232323232;Extensible Authentication Protocol ;c:\programdata\scrrun32.exe [x] R2 ehSched3232;Windows Media Center Scheduler Service ;c:\programdata\NlsLexicons041632.exe [x] R2 ehSched323232;Windows Media Center Scheduler Service ;c:\programdata\eappprxy32.exe [x] R2 EMDMgmt32;ReadyBoost ;c:\programdata\mplvw732.exe [x] R2 EMDMgmt3232323232323232;ReadyBoost ;c:\programdata\NlsLexicons041632.exe [x] R2 EPSON_PM_RPCV4_0132;EPSON V3 Service4(01) ;c:\programdata\KBDKAZ32.exe [x] R2 EPSON_PM_RPCV4_013232;EPSON V3 Service4(01) ;c:\programdata\dmdskmgr32.exe [x] R2 Eventlog32;Windows Event Log ;c:\programdata\msident32.exe [x] R2 Eventlog3232;Windows Event Log ;c:\programdata\Wldap3232.exe [x] R2 Eventlog323232;Windows Event Log ;c:\programdata\MsCtfMonitor32.exe [x] R2 fdPHost323232323232;Function Discovery Provider Host ;c:\programdata\msswch32.exe [x] R2 fdPHost32323232323232;Function Discovery Provider Host ;c:\programdata\spbcd32.exe [x] R2 fdPHost3232323232323232;Function Discovery Provider Host ;c:\programdata\icmui32.exe [x] R2 fdPHost323232323232323232;Function Discovery Provider Host ;c:\programdata\pdfmona32.exe [x] R2 FDResPub32;Function Discovery Resource Publication ;c:\programdata\SessEnv32.exe [x] R2 FDResPub3232;Function Discovery Resource Publication ;c:\programdata\blackbox32.exe [x] R2 FDResPub3232323232;Function Discovery Resource Publication ;c:\programdata\ipsecsnp32.exe [x] R2 FDResPub323232323232;Function Discovery Resource Publication ;c:\programdata\NlsData001932.exe [x] R2 FLEXnet Licensing Service32;FLEXnet Licensing Service ;c:\programdata\dxgi32.exe [x] R2 FLEXnet Licensing Service3232;FLEXnet Licensing Service ;c:\programdata\irmon32.exe [x] R2 FLEXnet Licensing Service323232;FLEXnet Licensing Service ;c:\programdata\NlsLexicons002432.exe [x] R2 FontCache3.0.0.032;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\txflog32.exe [x] R2 FontCache3.0.0.03232;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\dhcpcsvc32.exe [x] R2 FontCache3.0.0.0323232;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\wlandlg32.exe [x] R2 FontCache3.0.0.032323232;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\qwave32.exe [x] R2 FontCache3.0.0.03232323232;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\offfilt32.exe [x] R2 FontCache3.0.0.0323232323232;Windows Presentation Foundation Font Cache 3.0.0.0 ;c:\programdata\mswsock32.exe [x] R2 GameConsoleService3232323232323232323232;GameConsoleService ;c:\programdata\dwmredir32.exe [x] R2 GameConsoleService323232323232323232323232;GameConsoleService ;c:\programdata\pywintypes2532.exe [x] R2 GameConsoleService32323232323232323232323232;GameConsoleService ;c:\programdata\lsmproxy32.exe [x] R2 GameConsoleService323232323232323232323232323232;GameConsoleService ;c:\programdata\VXBLOCK32.exe [x] R2 GameConsoleService32323232323232323232323232323232;GameConsoleService ;c:\programdata\AOLDial32.exe [x] R2 gpsvc32323232323232;Group Policy Client ;c:\programdata\WINNLS32.exe [x] R2 gpsvc3232323232323232;Group Policy Client ;c:\programdata\FirewallAPI32.exe [x] R2 gpsvc32323232323232323232;Group Policy Client ;c:\programdata\ntlanui232.exe [x] R2 gpsvc3232323232323232323232;Group Policy Client ;c:\programdata\dinput32.exe [x] R2 gusvc32323232;Google Software Updater ;c:\programdata\riched3232.exe [x] R2 gusvc3232323232;Google Software Updater ;c:\programdata\ws2help32.exe [x] R2 gusvc323232323232;Google Software Updater ;c:\programdata\KBDPO32.exe [x] R2 hidserv32;Human Interface Device Access ;c:\programdata\SMBHelperClass32.exe [x] R2 hidserv3232;Human Interface Device Access ;c:\programdata\wlanpref32.exe [x] R2 hkmsvc3232;Health Key and Certificate Management ;c:\programdata\printfilterpipelineprxy32.exe [x] R2 hkmsvc3232323232323232;Health Key and Certificate Management ;c:\programdata\licmgr1032.exe [x] R2 hkmsvc323232323232323232;Health Key and Certificate Management ;c:\programdata\mscoree32.exe [x] R2 hkmsvc32323232323232323232;Health Key and Certificate Management ;c:\programdata\NlsLexicons001332.exe [x] R2 hkmsvc32323232323232323232323232;Health Key and Certificate Management ;c:\programdata\ieakui32.exe [x] R2 HP Health Check Service32;HP Health Check Service ;c:\programdata\P2PGraph32.exe [x] R2 HP Health Check Service3232;HP Health Check Service ;c:\programdata\wiarpc32.exe [x] R2 HP Health Check Service32323232;HP Health Check Service ;c:\programdata\newdev32.exe [x] R2 HP Health Check Service3232323232;HP Health Check Service ;c:\programdata\nlmsprep32.exe [x] R2 HP Health Check Service32323232323232;HP Health Check Service ;c:\programdata\KBDBASH32.exe [x] R2 HP Health Check Service323232323232323232;HP Health Check Service ;c:\programdata\MFC71CHS32.exe [x] R2 IDriverT32;InstallDriver Table Manager ;c:\programdata\dpnathlp32.exe [x] R2 IDriverT3232;InstallDriver Table Manager ;c:\programdata\WINSRPC32.exe [x] R2 IDriverT323232;InstallDriver Table Manager ;c:\programdata\networkitemfactory32.exe [x] R2 IDriverT32323232;InstallDriver Table Manager ;c:\programdata\atl32.exe [x] R2 idsvc32323232;Windows CardSpace ;c:\programdata\ole232.exe [x] R2 idsvc3232323232;Windows CardSpace ;c:\programdata\adsnt32.exe [x] R2 idsvc323232323232;Windows CardSpace ;c:\programdata\spwizeng32.exe [x] R2 idsvc32323232323232;Windows CardSpace ;c:\programdata\TMM32.exe [x] R2 idsvc3232323232323232;Windows CardSpace ;c:\programdata\mfc40u32.exe [x] R2 IKEEXT3232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\mswmdm32.exe [x] R2 IKEEXT323232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\uicom32.exe [x] R2 IKEEXT32323232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\nshipsec32.exe [x] R2 IKEEXT3232323232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\appinfo32.exe [x] R2 IKEEXT323232323232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\KBDTH232.exe [x] R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696] R2 IntelDHSvcConf323232;Intel DH Service ;c:\programdata\jnwmon32.exe [x] R2 IntelDHSvcConf32323232;Intel DH Service ;c:\programdata\bcdsrv32.exe [x] R2 IntelDHSvcConf3232323232;Intel DH Service ;c:\programdata\wnicapi32.exe [x] R2 IntuitUpdateService32;Intuit Update Service ;c:\programdata\KBDINHIN32.exe [x] R2 IntuitUpdateService3232;Intuit Update Service ;c:\programdata\KBDMAC32.exe [x] R2 IntuitUpdateService323232323232;Intuit Update Service ;c:\programdata\WMNetMgr32.exe [x] R2 IntuitUpdateService32323232323232;Intuit Update Service ;c:\programdata\compstui32.exe [x] R2 IntuitUpdateService323232323232323232;Intuit Update Service ;c:\programdata\McxDriv32.exe [x] R2 IntuitUpdateService3232323232323232323232;Intuit Update Service ;c:\programdata\KBDPASH32.exe [x] R2 IntuitUpdateService323232323232323232323232;Intuit Update Service ;c:\programdata\SSShim32.exe [x] R2 IPBusEnum32;PnP-X IP Bus Enumerator ;c:\programdata\mstext4032.exe [x] R2 IPBusEnum3232;PnP-X IP Bus Enumerator ;c:\programdata\MFC42ENU32.exe [x] R2 IPBusEnum3232323232;PnP-X IP Bus Enumerator ;c:\programdata\NlsLexicons004532.exe [x] R2 IPBusEnum32323232323232;PnP-X IP Bus Enumerator ;c:\programdata\eapp3hst32.exe [x] R2 IPBusEnum3232323232323232;PnP-X IP Bus Enumerator ;c:\programdata\thumbcache32.exe [x] R2 iphlpsvc32323232;IP Helper ;c:\programdata\msxml6r32.exe [x] R2 iphlpsvc3232323232;IP Helper ;c:\programdata\aelupsvc32.exe [x] R2 iphlpsvc323232323232;IP Helper ;c:\programdata\comsvcs32.exe [x] R2 iPod Service32;iPod Service ;c:\programdata\adsldpc32.exe [x] R2 iPod Service3232;iPod Service ;c:\programdata\wmdmps32.exe [x] R2 iPod Service323232;iPod Service ;c:\programdata\halacpi32.exe [x] R2 ISSM3232;Intel® Software Services Manager ;c:\programdata\mciwave32.exe [x] R2 ISSM323232;Intel® Software Services Manager ;c:\programdata\MPG4DECD32.exe [x] R2 ISSM32323232;Intel® Software Services Manager ;c:\programdata\PICEntry32.exe [x] R2 ISSM323232323232;Intel® Software Services Manager ;c:\programdata\korwbrkr32.exe [x] R2 ISSM32323232323232;Intel® Software Services Manager ;c:\programdata\msidntld32.exe [x] R2 ISSM3232323232323232;Intel® Software Services Manager ;c:\programdata\KBDINDEV32.exe [x] R2 ISSM323232323232323232;Intel® Software Services Manager ;c:\programdata\tsgqec32.exe [x] R2 KeyIso32;CNG Key Isolation ;c:\programdata\NlsLexicons004b32.exe [x] R2 KeyIso3232;CNG Key Isolation ;c:\programdata\bridgeres32.exe [x] R2 KMWDSERVICE323232323232;Keyboard And Mouse Communication Service ;c:\programdata\tapiui32.exe [x] R2 KMWDSERVICE32323232323232;Keyboard And Mouse Communication Service ;c:\programdata\msvcirt32.exe [x] R2 KtmRm32;KtmRm for Distributed Transaction Coordinator ;c:\programdata\serwvdrv32.exe [x] R2 KtmRm3232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\ncobjapi32.exe [x] R2 KtmRm323232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\AudioEng32.exe [x] R2 KtmRm32323232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\dsquery32.exe [x] R2 KtmRm3232323232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\wcescommproxy32.exe [x] R2 KtmRm323232323232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\igmedkrn32.exe [x] R2 KtmRm323232323232323232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\WMSPDMOD32.exe [x] R2 KtmRm32323232323232323232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\MSMPEG2ENC32.exe [x] R2 LanmanServer32;Server ;c:\programdata\KBDLT232.exe [x] R2 LanmanWorkstation3232;Workstation ;c:\programdata\msrepl4032.exe [x] R2 LanmanWorkstation3232323232323232;Workstation ;c:\programdata\KBDARMW32.exe [x] R2 LanmanWorkstation323232323232323232;Workstation ;c:\programdata\fltLib32.exe [x] R2 LightScribeService32;LightScribeService Direct Disc Labeling Service ;c:\programdata\nlsbres32.exe [x] R2 LightScribeService3232;LightScribeService Direct Disc Labeling Service ;c:\programdata\RESAMPLEDMO32.exe [x] R2 LightScribeService323232;LightScribeService Direct Disc Labeling Service ;c:\programdata\ncryptui32.exe [x] R2 LiveUpdate Notice Ex3232;LiveUpdate Notice Service Ex ;c:\programdata\cmpbk3232.exe [x] R2 LiveUpdate Notice Ex323232;LiveUpdate Notice Service Ex ;c:\programdata\vdmredir32.exe [x] R2 LiveUpdate Notice Service32;LiveUpdate Notice Service ;c:\programdata\dbnetlib32.exe [x] R2 LiveUpdate Notice Service323232;LiveUpdate Notice Service ;c:\programdata\ndfetw32.exe [x] R2 LiveUpdate Notice Service3232323232;LiveUpdate Notice Service ;c:\programdata\GEARAspi32.exe [x] R2 LiveUpdate Notice Service32323232323232;LiveUpdate Notice Service ;c:\programdata\wshirda32.exe [x] R2 LiveUpdate Notice Service323232323232323232;LiveUpdate Notice Service ;c:\programdata\msexcl4032.exe [x] R2 LiveUpdate Notice Service3232323232323232323232;LiveUpdate Notice Service ;c:\programdata\odbc32gt32.exe [x] R2 LiveUpdate32;LiveUpdate ;c:\programdata\tapi332.exe [x] R2 LiveUpdate3232;LiveUpdate ;c:\programdata\kbd101a32.exe [x] R2 LiveUpdate323232;LiveUpdate ;c:\programdata\dot3cfg32.exe [x] R2 LiveUpdate32323232323232;LiveUpdate ;c:\programdata\CRPPresentation32.exe [x] R2 LiveUpdate3232323232323232323232;LiveUpdate ;c:\programdata\OLESVR32.exe [x] R2 lltdsvc32;Link-Layer Topology Discovery Mapper ;c:\programdata\mfplat32.exe [x] R2 lltdsvc32323232;Link-Layer Topology Discovery Mapper ;c:\programdata\ntmarta32.exe [x] R2 lltdsvc32323232323232;Link-Layer Topology Discovery Mapper ;c:\programdata\dmusic32.exe [x] R2 lmhosts32;TCP/IP NetBIOS Helper ;c:\programdata\wmpps32.exe [x] R2 lmhosts3232;TCP/IP NetBIOS Helper ;c:\programdata\NlsData002a32.exe [x] R2 lmhosts32323232;TCP/IP NetBIOS Helper ;c:\programdata\shrink32.exe [x] R2 lmhosts3232323232;TCP/IP NetBIOS Helper ;c:\programdata\inetmib132.exe [x] R2 lmhosts323232323232323232323232323232323232;TCP/IP NetBIOS Helper ;c:\programdata\MFC71DEU32.exe [x] R2 lmhosts32323232323232323232323232323232323232;TCP/IP NetBIOS Helper ;c:\programdata\hccutils32.exe [x] R2 M1 Server3232;Intel® Viiv™ Media Server ;c:\programdata\MFC71JPN32.exe [x] R2 M1 Server323232;Intel® Viiv™ Media Server ;c:\programdata\Magnification32.exe [x] R2 M1 Server32323232;Intel® Viiv™ Media Server ;c:\programdata\KBDINPUN32.exe [x] R2 M1 Server323232323232323232;Intel® Viiv™ Media Server ;c:\programdata\fontext32.exe [x] R2 M1 Server3232323232323232323232;Intel® Viiv™ Media Server ;c:\programdata\ir50_qc32.exe [x] R2 M1 Server32323232323232323232323232;Intel® Viiv™ Media Server ;c:\programdata\dbghelp32.exe [x] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-05-29 366640] R2 McComponentHostService32;McAfee Security Scan Component Host Service ;c:\programdata\KBDUR132.exe [x] R2 MCLServiceATL32;Intel® Application Tracker ;c:\programdata\kbd101b32.exe [x] R2 MCLServiceATL323232;Intel® Application Tracker ;c:\programdata\SmiEngine32.exe [x] R2 MCLServiceATL32323232;Intel® Application Tracker ;c:\programdata\brcoinst32.exe [x] R2 MCLServiceATL3232323232;Intel® Application Tracker ;c:\programdata\mssvp32.exe [x] R2 McMPFSvc3232;McAfee Personal Firewall Service ;c:\programdata\CoInst32.exe [x] R2 McMPFSvc323232;McAfee Personal Firewall Service ;c:\programdata\EpPicPrt32.exe [x] R2 McMPFSvc3232323232;McAfee Personal Firewall Service ;c:\programdata\dispci32.exe [x] R2 McMPFSvc323232323232;McAfee Personal Firewall Service ;c:\programdata\e1000msg32.exe [x] R2 McMPFSvc32323232323232;McAfee Personal Firewall Service ;c:\programdata\WindowsCodecs32.exe [x] R2 McMPFSvc3232323232323232;McAfee Personal Firewall Service ;c:\programdata\NlsData001a32.exe [x] R2 McMPFSvc323232323232323232;McAfee Personal Firewall Service ;c:\programdata\storage32.exe [x] R2 mcmscsvc32;McAfee Services ;c:\programdata\comdlg3232.exe [x] R2 mcmscsvc3232;McAfee Services ;c:\programdata\osuninst32.exe [x] R2 mcmscsvc323232;McAfee Services ;c:\programdata\wiashext32.exe [x] R2 mcmscsvc3232323232;McAfee Services ;c:\programdata\wcncsvc32.exe [x] R2 mcmscsvc323232323232;McAfee Services ;c:\programdata\wsdchngr32.exe [x] R2 McNaiAnn323232;McAfee VirusScan Announcer ;c:\programdata\wdigest32.exe [x] R2 McNaiAnn32323232;McAfee VirusScan Announcer ;c:\programdata\kernel3232.exe [x] R2 McNaiAnn323232323232;McAfee VirusScan Announcer ;c:\programdata\unattend32.exe [x] R2 McNaiAnn32323232323232323232323232;McAfee VirusScan Announcer ;c:\programdata\KBDKYR32.exe [x] R2 McNASvc3232;McAfee Network Agent ;c:\programdata\iasrecst32.exe [x] R2 McNASvc32323232;McAfee Network Agent ;c:\programdata\themeui32.exe [x] R2 McNASvc3232323232;McAfee Network Agent ;c:\programdata\KBDBGPH32.exe [x] R2 McNASvc32323232323232;McAfee Network Agent ;c:\programdata\igfxpph32.exe [x] R2 McNASvc3232323232323232;McAfee Network Agent ;c:\programdata\remotepg32.exe [x] R2 McNASvc32323232323232323232;McAfee Network Agent ;c:\programdata\sqmapi32.exe [x] R2 McNASvc3232323232323232323232;McAfee Network Agent ;c:\programdata\cic32.exe [x] R2 McProxy32;McAfee Proxy Service ;c:\programdata\mfc42u32.exe [x] R2 McProxy3232;McAfee Proxy Service ;c:\programdata\localui32.exe [x] R2 McProxy323232;McAfee Proxy Service ;c:\programdata\jsproxy32.exe [x] R2 McProxy32323232;McAfee Proxy Service ;c:\programdata\mscpx32r32.exe [x] R2 McProxy323232323232323232323232;McAfee Proxy Service ;c:\programdata\KBDSORST32.exe [x] R2 McProxy32323232323232323232323232;McAfee Proxy Service ;c:\programdata\mmcshext32.exe [x] R2 McProxy323232323232323232323232323232;McAfee Proxy Service ;c:\programdata\xwreg32.exe [x] R2 McProxy32323232323232323232323232323232;McAfee Proxy Service ;c:\programdata\kbdgeoer32.exe [x] R2 McShield32;McShield ;c:\programdata\RegCtrl32.exe [x] R2 McShield3232;McShield ;c:\programdata\wevtapi32.exe [x] R2 McShield323232;McShield ;c:\programdata\trkwks32.exe [x] R2 McShield32323232;McShield ;c:\programdata\dimsroam32.exe [x] R2 McShield3232323232;McShield ;c:\programdata\KBDCZ232.exe [x] R2 McShield323232323232;McShield ;c:\programdata\halmacpi32.exe [x] R2 McShield32323232323232;McShield ;c:\programdata\w32time32.exe [x] R2 McShield3232323232323232;McShield ;c:\programdata\actxprxy32.exe [x] R2 Mcx2Svc32;Windows Media Center Extender Service ;c:\programdata\odSupp_M32.exe [x] R2 Mcx2Svc3232;Windows Media Center Extender Service ;c:\programdata\NlsLexicons002a32.exe [x] R2 Mcx2Svc323232;Windows Media Center Extender Service ;c:\programdata\msctfp32.exe [x] R2 mfefire32;McAfee Firewall Core Service ;c:\programdata\mmcndmgr32.exe [x] R2 mfefire3232;McAfee Firewall Core Service ;c:\programdata\cdral32.exe [x] R2 mfefire32323232323232;McAfee Firewall Core Service ;c:\programdata\pidgenx32.exe [x] R2 mfefire3232323232323232;McAfee Firewall Core Service ;c:\programdata\NlsData001832.exe [x] R2 mfefire323232323232323232;McAfee Firewall Core Service ;c:\programdata\igmedcompkrn32.exe [x] R2 mfefire32323232323232323232323232;McAfee Firewall Core Service ;c:\programdata\mprdim32.exe [x] R2 mfefire3232323232323232323232323232;McAfee Firewall Core Service ;c:\programdata\dmutil32.exe [x] R2 mfefire323232323232323232323232323232;McAfee Firewall Core Service ;c:\programdata\TabSvc32.exe [x] R2 mfefire32323232323232323232323232323232;McAfee Firewall Core Service ;c:\programdata\cewmdm32.exe [x] R2 mfefire323232323232323232323232323232323232;McAfee Firewall Core Service ;c:\programdata\AUDIOKSE32.exe [x] R2 mfefire32323232323232323232323232323232323232;McAfee Firewall Core Service ;c:\programdata\msrating32.exe [x] R2 mfevtp323232;McAfee Validation Trust Protection Service ;c:\programdata\l2nacp32.exe [x] R2 mfevtp3232323232;McAfee Validation Trust Protection Service ;c:\programdata\ir50_qcx32.exe [x] R2 mfevtp323232323232;McAfee Validation Trust Protection Service ;c:\programdata\KBDFR32.exe [x] R2 MMCSS32;Multimedia Class Scheduler ;c:\programdata\bitsprx432.exe [x] R2 MMCSS323232;Multimedia Class Scheduler ;c:\programdata\IKEEXT32.exe [x] R2 MMCSS32323232;Multimedia Class Scheduler ;c:\programdata\wlangpui32.exe [x] R2 MMCSS3232323232;Multimedia Class Scheduler ;c:\programdata\osblprov32.exe [x] R2 MMCSS323232323232;Multimedia Class Scheduler ;c:\programdata\NlsModels001132.exe [x] R2 MMCSS3232323232323232;Multimedia Class Scheduler ;c:\programdata\KBDCAN32.exe [x] R2 MMCSS323232323232323232;Multimedia Class Scheduler ;c:\programdata\adtschema32.exe [x] R2 MMCSS32323232323232323232;Multimedia Class Scheduler ;c:\programdata\miguiresource32.exe [x] R2 MOBKbackup3232323232;McAfee Online Backup ;c:\programdata\vfpodbc32.exe [x] R2 MOBKbackup32323232323232;McAfee Online Backup ;c:\programdata\LegitCheckControl32.exe [x] R2 MOBKbackup3232323232323232;McAfee Online Backup ;c:\programdata\unimdmat32.exe [x] R2 MOBKbackup323232323232323232;McAfee Online Backup ;c:\programdata\mciavi3232.exe [x] R2 MOBKbackup32323232323232323232;McAfee Online Backup ;c:\programdata\tapiui32.exe [x] R2 MOBKbackup3232323232323232323232;McAfee Online Backup ;c:\programdata\SCardSvr32.exe [x] R2 MOBKbackup323232323232323232323232;McAfee Online Backup ;c:\programdata\InetClnt32.exe [x] R2 MOBKbackup32323232323232323232323232;McAfee Online Backup ;c:\programdata\mdminst32.exe [x] R2 MpsSvc32;Windows Firewall ;c:\programdata\wmpdxm32.exe [x] R2 MpsSvc32323232323232;Windows Firewall ;c:\programdata\vdsdyn32.exe [x] R2 MpsSvc3232323232323232;Windows Firewall ;c:\programdata\RDOCURS32.exe [x] R2 MpsSvc323232323232323232;Windows Firewall ;c:\programdata\rasmontr32.exe [x] R2 MSDTC3232;Distributed Transaction Coordinator ;c:\programdata\WindowsCodecsExt32.exe [x] R2 MSDTC323232;Distributed Transaction Coordinator ;c:\programdata\lsasrv32.exe [x] R2 MSDTC3232323232;Distributed Transaction Coordinator ;c:\programdata\synceng32.exe [x] R2 MSDTC323232323232;Distributed Transaction Coordinator ;c:\programdata\dnssdX32.exe [x] R2 MSiSCSI32;Microsoft iSCSI Initiator Service ;c:\programdata\ndproxystub32.exe [x] R2 MSiSCSI3232;Microsoft iSCSI Initiator Service ;c:\programdata\icm3232.exe [x] R2 msiserver3232323232;Windows Installer ;c:\programdata\catsrvps32.exe [x] R2 msiserver323232323232323232323232323232;Windows Installer ;c:\programdata\KBDUS32.exe [x] R2 MSK80Service323232;McAfee Anti-Spam Service ;c:\programdata\rasqec32.exe [x] R2 MSK80Service32323232;McAfee Anti-Spam Service ;c:\programdata\cmipnpinstall32.exe [x] R2 MSK80Service3232323232;McAfee Anti-Spam Service ;c:\programdata\MSMPEG2ADEC32.exe [x] R2 napagent32;Network Access Protection Agent ;c:\programdata\mcmde32.exe [x] R2 napagent323232;Network Access Protection Agent ;c:\programdata\wucltux32.exe [x] R2 napagent32323232323232323232323232;Network Access Protection Agent ;c:\programdata\pla32.exe [x] R2 napagent32323232323232323232323232323232;Network Access Protection Agent ;c:\programdata\SyncCenter32.exe [x] R2 Netlogon32;Netlogon ;c:\programdata\dimsjob32.exe [x] R2 Netlogon3232;Netlogon ;c:\programdata\VAN32.exe [x] R2 Netlogon323232;Netlogon ;c:\programdata\rdpdd32.exe [x] R2 Netlogon32323232;Netlogon ;c:\programdata\oemdspif32.exe [x] R2 Netlogon323232323232;Netlogon ;c:\programdata\lzexpand32.exe [x] R2 Netlogon32323232323232;Netlogon ;c:\programdata\devenum32.exe [x] R2 Netlogon3232323232323232;Netlogon ;c:\programdata\csrsrv32.exe [x] R2 Netman32;Network Connections ;c:\programdata\oleaccrc32.exe [x] R2 Netman323232;Network Connections ;c:\programdata\winhttp32.exe [x] R2 netprofm3232323232;Network List Service ;c:\programdata\KBDHEB32.exe [x] R2 NetTcpPortSharing32;Net.Tcp Port Sharing Service ;c:\programdata\oleaccrc32.exe [x] R2 NetTcpPortSharing3232;Net.Tcp Port Sharing Service ;c:\programdata\tdh32.exe [x] R2 NetTcpPortSharing323232;Net.Tcp Port Sharing Service ;c:\programdata\PSHED32.exe [x] R2 NlaSvc3232323232;Network Location Awareness ;c:\programdata\ir50_3232.exe [x] R2 NlaSvc323232323232;Network Location Awareness ;c:\programdata\ActiveContentWizard32.exe [x] R2 nsi32;Network Store Interface Service ;c:\programdata\rapi32.exe [x] R2 nsi3232;Network Store Interface Service ;c:\programdata\davclnt32.exe [x] R2 nsi32323232323232323232;Network Store Interface Service ;c:\programdata\winsockhc32.exe [x] R2 p2pimsvc32;Peer Networking Identity Manager ;c:\programdata\ieframe32.exe [x] R2 p2pimsvc3232;Peer Networking Identity Manager ;c:\programdata\hnetmon32.exe [x] R2 p2pimsvc323232;Peer Networking Identity Manager ;c:\programdata\pndx501632.exe [x] R2 p2pimsvc32323232;Peer Networking Identity Manager ;c:\programdata\avicap3232.exe [x] R2 p2psvc3232323232;Peer Networking Grouping ;c:\programdata\WsmSvc32.exe [x] R2 PcaSvc32;Program Compatibility Assistant Service ;c:\programdata\dot3msm32.exe [x] R2 PcaSvc3232;Program Compatibility Assistant Service ;c:\programdata\pautoenr32.exe [x] R2 PcaSvc323232;Program Compatibility Assistant Service ;c:\programdata\MSMPEG2VDEC32.exe [x] R2 PcaSvc323232323232;Program Compatibility Assistant Service ;c:\programdata\KBDMONMO32.exe [x] R2 pla32;Performance Logs & Alerts ;c:\programdata\deskadp32.exe [x] R2 pla3232;Performance Logs & Alerts ;c:\programdata\NlsData081a32.exe [x] R2 pla32323232;Performance Logs & Alerts ;c:\programdata\KBDINUK232.exe [x] R2 pla3232323232;Performance Logs & Alerts ;c:\programdata\KBDTAJIK32.exe [x] R2 pla32323232323232;Performance Logs & Alerts ;c:\programdata\KBDINORI32.exe [x] R2 PlugPlay32;Plug and Play ;c:\programdata\rasgcw32.exe [x] R2 PlugPlay3232;Plug and Play ;c:\programdata\urlmon32.exe [x] R2 PlugPlay323232;Plug and Play ;c:\programdata\wiaaut32.exe [x] R2 PlugPlay32323232;Plug and Play ;c:\programdata\xolehlp32.exe [x] R2 PlugPlay3232323232;Plug and Play ;c:\programdata\kbdnecnt32.exe [x] R2 PNRPAutoReg32;PNRP Machine Name Publication Service ;c:\programdata\KBDSYR132.exe [x] R2 PNRPAutoReg323232;PNRP Machine Name Publication Service ;c:\programdata\srrstr32.exe [x] R2 PNRPAutoReg3232323232;PNRP Machine Name Publication Service ;c:\programdata\wmdrmsdk32.exe [x] R2 PNRPsvc32;Peer Name Resolution Protocol ;c:\programdata\snmpapi32.exe [x] R2 PNRPsvc3232;Peer Name Resolution Protocol ;c:\programdata\amxread32.exe [x] R2 PNRPsvc323232;Peer Name Resolution Protocol ;c:\programdata\NlsLexicons002232.exe [x] R2 PNRPsvc32323232;Peer Name Resolution Protocol ;c:\programdata\wuaueng32.exe [x] R2 PNRPsvc3232323232;Peer Name Resolution Protocol ;c:\programdata\dpnlobby32.exe [x] R2 PNRPsvc323232323232;Peer Name Resolution Protocol ;c:\programdata\perfos32.exe [x] R2 PNRPsvc32323232323232;Peer Name Resolution Protocol ;c:\programdata\KBDMACST32.exe [x] R2 PolicyAgent32;IPsec Policy Agent ;c:\programdata\browser32.exe [x] R2 PolicyAgent3232;IPsec Policy Agent ;c:\programdata\nlhtml32.exe [x] R2 PolicyAgent3232323232323232;IPsec Policy Agent ;c:\programdata\d3d932.exe [x] R2 ProfSvc32;User Profile Service ;c:\programdata\wscntfy32.exe [x] R2 ProfSvc3232;User Profile Service ;c:\programdata\WUDFPlatform32.exe [x] R2 ProfSvc323232;User Profile Service ;c:\programdata\riched2032.exe [x] R2 ProfSvc323232323232;User Profile Service ;c:\programdata\winipsec32.exe [x] R2 ProfSvc32323232323232;User Profile Service ;c:\programdata\RTCRES32.exe [x] R2 ProfSvc3232323232323232;User Profile Service ;c:\programdata\iepeers32.exe [x] R2 ProfSvc323232323232323232323232;User Profile Service ;c:\programdata\msdadiag32.exe [x] R2 ProfSvc32323232323232323232323232;User Profile Service ;c:\programdata\dxmasf32.exe [x] R2 ProfSvc3232323232323232323232323232;User Profile Service ;c:\programdata\XPSSHHDR32.exe [x] R2 ProfSvc323232323232323232323232323232;User Profile Service ;c:\programdata\wiatrace32.exe [x] R2 QWAVE3232323232;Quality Windows Audio Video Experience ;c:\programdata\tquery32.exe [x] R2 QWAVE323232323232;Quality Windows Audio Video Experience ;c:\programdata\bitsprx332.exe [x] R2 QWAVE32323232323232;Quality Windows Audio Video Experience ;c:\programdata\UCI32M2232.exe [x] R2 QWAVE3232323232323232;Quality Windows Audio Video Experience ;c:\programdata\ShellvRTF32.exe [x] R2 QWAVE323232323232323232;Quality Windows Audio Video Experience ;c:\programdata\AuthFWSnapin32.exe [x] R2 QWAVE32323232323232323232;Quality Windows Audio Video Experience ;c:\programdata\ufat32.exe [x] R2 RapiMgr32;Windows Mobile-based device connectivity ;c:\programdata\cdd32.exe [x] R2 RapiMgr3232;Windows Mobile-based device connectivity ;c:\programdata\iesetup32.exe [x] R2 RapiMgr323232;Windows Mobile-based device connectivity ;c:\programdata\MSSTKPRP32.exe [x] R2 RapiMgr32323232;Windows Mobile-based device connectivity ;c:\programdata\KBDGAE32.exe [x] R2 RapiMgr3232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\CRPPresentation32.exe [x] R2 RapiMgr323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\cfgmgr3232.exe [x] R2 RapiMgr32323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\mapi3232.exe [x] R2 RapiMgr3232323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\mscat3232.exe [x] R2 RapiMgr323232323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\iertutil32.exe [x] R2 RapiMgr32323232323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\dpnhupnp32.exe [x] R2 RapiMgr3232323232323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\qcap32.exe [x] R2 RasAuto32;Remote Access Auto Connection Manager ;c:\programdata\apss32.exe [x] R2 RasAuto3232323232;Remote Access Auto Connection Manager ;c:\programdata\LAPRXY32.exe [x] R2 RasAuto323232323232323232;Remote Access Auto Connection Manager ;c:\programdata\framebuf32.exe [x] R2 RasAuto32323232323232323232;Remote Access Auto Connection Manager ;c:\programdata\TapiSysprep32.exe [x] R2 RasMan32;Remote Access Connection Manager ;c:\programdata\pmspl32.exe [x] R2 RasMan32323232323232;Remote Access Connection Manager ;c:\programdata\oleprn32.exe [x] R2 RasMan3232323232323232;Remote Access Connection Manager ;c:\programdata\inetppui32.exe [x] R2 RasMan323232323232323232;Remote Access Connection Manager ;c:\programdata\imapi2fs32.exe [x] R2 RasMan32323232323232323232;Remote Access Connection Manager ;c:\programdata\activeds32.exe [x] R2 Remote UI Service3232;Intel® Remoting Service ;c:\programdata\QUTIL32.exe [x] R2 Remote UI Service323232;Intel® Remoting Service ;c:\programdata\NlsLexicons000332.exe [x] R2 Remote UI Service32323232323232;Intel® Remoting Service ;c:\programdata\NlsData001b32.exe [x] R2 Remote UI Service3232323232323232;Intel® Remoting Service ;c:\programdata\rtm32.exe [x] R2 RemoteAccess3232;Routing and Remote Access ;c:\programdata\nddeapi32.exe [x] R2 RemoteAccess323232;Routing and Remote Access ;c:\programdata\AuxiliaryDisplayCpl32.exe [x] R2 RemoteAccess32323232;Routing and Remote Access ;c:\programdata\KBDTH132.exe [x] R2 RemoteRegistry32323232;Remote Registry ;c:\programdata\Inetwh3232.exe [x] R2 RemoteRegistry3232323232;Remote Registry ;c:\programdata\NlsLexicons001b32.exe [x] R2 RoxMediaDB932;RoxMediaDB9 ;c:\programdata\qdv32.exe [x] R2 RoxMediaDB9323232;RoxMediaDB9 ;c:\programdata\capisp32.exe [x] R2 RoxMediaDB932323232;RoxMediaDB9 ;c:\programdata\JJAKEn32.exe [x] R2 RpcLocator323232;Remote Procedure Call (RPC) Locator ;c:\programdata\dhcpcsvc632.exe [x] R2 RpcLocator32323232;Remote Procedure Call (RPC) Locator ;c:\programdata\KBDROPR32.exe [x] R2 RpcSs3232;Remote Procedure Call (RPC) ;c:\programdata\AuthFWWizFwk32.exe [x] R2 RpcSs323232;Remote Procedure Call (RPC) ;c:\programdata\WS2_32_Shim32.exe [x] R2 SamSs32;Security Accounts Manager ;c:\programdata\dpnaddr32.exe [x] R2 SamSs323232;Security Accounts Manager ;c:\programdata\eqossnap32.exe [x] R2 SamSs32323232;Security Accounts Manager ;c:\programdata\bthserv32.exe [x] R2 SamSs323232323232323232;Security Accounts Manager ;c:\programdata\KBDGKL32.exe [x] R2 SamSs32323232323232323232;Security Accounts Manager ;c:\programdata\NlsLexicons001a32.exe [x] R2 SamSs3232323232323232323232;Security Accounts Manager ;c:\programdata\KBDCR32.exe [x] R2 SamSs323232323232323232323232323232;Security Accounts Manager ;c:\programdata\prntvpt32.exe [x] R2 SamSs32323232323232323232323232323232;Security Accounts Manager ;c:\programdata\msscntrs32.exe [x] R2 SCardSvr32323232;Smart Card ;c:\programdata\ddraw32.exe [x] R2 SCardSvr3232323232;Smart Card ;c:\programdata\uDWM32.exe [x] R2 SCardSvr32323232323232;Smart Card ;c:\programdata\PNPXAssoc32.exe [x] R2 SCardSvr3232323232323232;Smart Card ;c:\programdata\mplam632.exe [x] R2 SCardSvr323232323232323232;Smart Card ;c:\programdata\KBDUK32.exe [x] R2 SCardSvr32323232323232323232;Smart Card ;c:\programdata\docprop32.exe [x] R2 SCardSvr3232323232323232323232;Smart Card ;c:\programdata\KMSVC32.exe [x] R2 SCardSvr323232323232323232323232;Smart Card ;c:\programdata\wscproxystub32.exe [x] R2 SCardSvr32323232323232323232323232;Smart Card ;c:\programdata\RTPCEE3232.exe [x] R2 SCardSvr3232323232323232323232323232;Smart Card ;c:\programdata\wecapi32.exe [x] R2 Schedule3232;Task Scheduler ;c:\programdata\drmv2clt32.exe [x] R2 Schedule323232;Task Scheduler ;c:\programdata\psapi32.exe [x] R2 Schedule32323232323232;Task Scheduler ;c:\programdata\rapiproxystub32.exe [x] R2 Schedule32323232323232323232323232323232;Task Scheduler ;c:\programdata\KBDLT32.exe [x] R2 Schedule32323232323232323232323232323232323232;Task Scheduler ;c:\programdata\hid32.exe [x] R2 Schedule323232323232323232323232323232323232323232;Task Scheduler ;c:\programdata\netplwiz32.exe [x] R2 SCPolicySvc32;Smart Card Removal Policy ;c:\programdata\upnphost32.exe [x] R2 SCPolicySvc3232;Smart Card Removal Policy ;c:\programdata\crypt3232.exe [x] R2 SCPolicySvc323232;Smart Card Removal Policy ;c:\programdata\winrsmgr32.exe [x] R2 SCPolicySvc32323232;Smart Card Removal Policy ;c:\programdata\dispex32.exe [x] R2 SCPolicySvc3232323232;Smart Card Removal Policy ;c:\programdata\WIFEMAN32.exe [x] R2 SCPolicySvc32323232323232;Smart Card Removal Policy ;c:\programdata\xwtpw3232.exe [x] R2 SCPolicySvc3232323232323232323232;Smart Card Removal Policy ;c:\programdata\cryptext32.exe [x] R2 SCPolicySvc323232323232323232323232;Smart Card Removal Policy ;c:\programdata\odbcint32.exe [x] R2 SCPolicySvc32323232323232323232323232;Smart Card Removal Policy ;c:\programdata\scecli32.exe [x] R2 SCPolicySvc3232323232323232323232323232;Smart Card Removal Policy ;c:\programdata\msxbde4032.exe [x] R2 SDRSVC32;Windows Backup ;c:\programdata\milcore32.exe [x] R2 SDRSVC3232;Windows Backup ;c:\programdata\mprddm32.exe [x] R2 SDRSVC323232;Windows Backup ;c:\programdata\wshcon32.exe [x] R2 SDRSVC32323232;Windows Backup ;c:\programdata\cmicryptinstall32.exe [x] R2 SDRSVC3232323232323232323232;Windows Backup ;c:\programdata\fde32.exe [x] R2 SDRSVC323232323232323232323232;Windows Backup ;c:\programdata\keymgr32.exe [x] R2 SDRSVC32323232323232323232323232;Windows Backup ;c:\programdata\msvcp7132.exe [x] R2 SDRSVC3232323232323232323232323232;Windows Backup ;c:\programdata\ncrypt32.exe [x] R2 seclogon32;Secondary Logon ;c:\programdata\ieapfltr32.exe [x] R2 seclogon3232323232;Secondary Logon ;c:\programdata\wmpeffects32.exe [x] R2 seclogon32323232323232;Secondary Logon ;c:\programdata\sti_ci32.exe [x] R2 seclogon3232323232323232;Secondary Logon ;c:\programdata\certmgr32.exe [x] R2 seclogon323232323232323232;Secondary Logon ;c:\programdata\whealogr32.exe [x] R2 seclogon3232323232323232323232;Secondary Logon ;c:\programdata\KBDTUF32.exe [x] R2 SENS32;System Event Notification Service ;c:\programdata\PresentationHostProxy32.exe [x] R2 SENS3232;System Event Notification Service ;c:\programdata\ncsi32.exe [x] R2 SENS3232323232;System Event Notification Service ;c:\programdata\loadperf32.exe [x] R2 SessionEnv32;Terminal Services Configuration ;c:\programdata\wmsgapi32.exe [x] R2 SessionEnv3232;Terminal Services Configuration ;c:\programdata\NlsLexicons000f32.exe [x] R2 SessionEnv323232;Terminal Services Configuration ;c:\programdata\rdpwsx32.exe [x] R2 SessionEnv32323232;Terminal Services Configuration ;c:\programdata\dot3svc32.exe [x] R2 SessionEnv3232323232;Terminal Services Configuration ;c:\programdata\dpmodemx32.exe [x] R2 SessionEnv323232323232;Terminal Services Configuration ;c:\programdata\nsi32.exe [x] R2 SessionEnv32323232323232;Terminal Services Configuration ;c:\programdata\pndx503232.exe [x] R2 SessionEnv3232323232323232;Terminal Services Configuration ;c:\programdata\tcpipcfg32.exe [x] R2 SessionEnv323232323232323232;Terminal Services Configuration ;c:\programdata\wiascanprofiles32.exe [x] R2 SessionEnv32323232323232323232;Terminal Services Configuration ;c:\programdata\corpol32.exe [x] R2 ShellHWDetection3232;Shell Hardware Detection ;c:\programdata\shacct32.exe [x] R2 ShellHWDetection323232;Shell Hardware Detection ;c:\programdata\imm3232.exe [x] R2 ShellHWDetection32323232;Shell Hardware Detection ;c:\programdata\resutils32.exe [x] R2 ShellHWDetection3232323232;Shell Hardware Detection ;c:\programdata\rasmontr32.exe [x] R2 slsvc32;Software Licensing ;c:\programdata\NlsLexicons004932.exe [x] R2 slsvc3232;Software Licensing ;c:\programdata\olethk3232.exe [x] R2 slsvc323232;Software Licensing ;c:\programdata\dpl10032.exe [x] R2 slsvc32323232;Software Licensing ;c:\programdata\KBDPL32.exe [x] R2 slsvc3232323232;Software Licensing ;c:\programdata\acprgwiz32.exe [x] R2 SLUINotify32;SL UI Notification Service ;c:\programdata\wiaservc32.exe [x] R2 SNMPTRAP32323232323232;SNMP Trap ;c:\programdata\htui32.exe [x] R2 SNMPTRAP3232323232323232;SNMP Trap ;c:\programdata\wevtsvc32.exe [x] R2 Spooler3232;Print Spooler ;c:\programdata\shsvcs32.exe [x] R2 SSDPSRV3232;SSDP Discovery ;c:\programdata\sqlsrv3232.exe [x] R2 SSDPSRV323232;SSDP Discovery ;c:\programdata\iprtprio32.exe [x] R2 SSDPSRV32323232;SSDP Discovery ;c:\programdata\chtbrkr32.exe [x] R2 SSDPSRV3232323232;SSDP Discovery ;c:\programdata\tvratings32.exe [x] R2 SstpSvc32;Secure Socket Tunneling Protocol Service ;c:\programdata\ias32.exe [x] R2 SstpSvc3232323232;Secure Socket Tunneling Protocol Service ;c:\programdata\vssapi32.exe [x] R2 stisvc32;Windows Image Acquisition (WIA) ;c:\programdata\KBDHE22032.exe [x] R2 stisvc3232;Windows Image Acquisition (WIA) ;c:\programdata\cmlua32.exe [x] R2 stisvc323232;Windows Image Acquisition (WIA) ;c:\programdata\nsisvc32.exe [x] R2 stisvc3232323232;Windows Image Acquisition (WIA) ;c:\programdata\ig4icd3232.exe [x] R2 stisvc323232323232;Windows Image Acquisition (WIA) ;c:\programdata\Wpc32.exe [x] R2 stisvc323232323232323232;Windows Image Acquisition (WIA) ;c:\programdata\procinst32.exe [x] R2 stisvc32323232323232323232;Windows Image Acquisition (WIA) ;c:\programdata\KBDDIV232.exe [x] R2 stisvc3232323232323232323232;Windows Image Acquisition (WIA) ;c:\programdata\mscories32.exe [x] R2 stllssvr32;stllssvr ;c:\programdata\quartz32.exe [x] R2 stllssvr3232;stllssvr ;c:\programdata\NlsLexicons000a32.exe [x] R2 stllssvr323232;stllssvr ;c:\programdata\kbd10632.exe [x] R2 stllssvr3232323232323232;stllssvr ;c:\programdata\olecli3232.exe [x] R2 stllssvr323232323232323232;stllssvr ;c:\programdata\rshx3232.exe [x] R2 stllssvr32323232323232323232;stllssvr ;c:\programdata\drprov32.exe [x] R2 stllssvr323232323232323232323232;stllssvr ;c:\programdata\secproc_isv32.exe [x] R2 stllssvr32323232323232323232323232;stllssvr ;c:\programdata\PortableDeviceClassExtension32.exe [x] R2 swprv3232;Microsoft Software Shadow Copy Provider ;c:\programdata\deskmon32.exe [x] R2 swprv323232;Microsoft Software Shadow Copy Provider ;c:\programdata\devmgr32.exe [x] R2 swprv3232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\TOOLHELP32.exe [x] R2 swprv323232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\C_IS202232.exe [x] R2 swprv32323232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\muifontsetup32.exe [x] R2 swprv3232323232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\WsmRes32.exe [x] R2 swprv323232323232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\drvstore32.exe [x] R2 swprv32323232323232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\NlsLexicons002032.exe [x] R2 SysMain32;Superfetch ;c:\programdata\ipnathlp32.exe [x] R2 SysMain323232;Superfetch ;c:\programdata\tbssvc32.exe [x] R2 SysMain32323232;Superfetch ;c:\programdata\ci32.exe [x] R2 SysMain3232323232;Superfetch ;c:\programdata\photowiz32.exe [x] R2 SysMain3232323232323232;Superfetch ;c:\programdata\oleres32.exe [x] R2 SysMain323232323232323232;Superfetch ;c:\programdata\wlanapi32.exe [x] R2 SysMain32323232323232323232;Superfetch ;c:\programdata\NlsLexicons004732.exe [x] R2 SysMain323232323232323232323232;Superfetch ;c:\programdata\mimefilt32.exe [x] R2 TabletInputService32;Tablet PC Input Service ;c:\programdata\netprofm32.exe [x] R2 TabletInputService3232;Tablet PC Input Service ;c:\programdata\drmmgrtn32.exe [x] R2 TabletInputService323232;Tablet PC Input Service ;c:\programdata\apphelp32.exe [x] R2 TabletInputService32323232;Tablet PC Input Service ;c:\programdata\mssign3232.exe [x] R2 TabletInputService323232323232;Tablet PC Input Service ;c:\programdata\NlsData002632.exe [x] R2 TabletInputService32323232323232;Tablet PC Input Service ;c:\programdata\wsmplpxy32.exe [x] R2 TabletInputService3232323232323232;Tablet PC Input Service ;c:\programdata\rasdiag32.exe [x] R2 TapiSrv32;Telephony ;c:\programdata\bootstr32.exe [x] R2 TapiSrv323232;Telephony ;c:\programdata\iyuv_3232.exe [x] R2 TapiSrv3232323232323232;Telephony ;c:\programdata\wshelper32.exe [x] R2 TapiSrv323232323232323232;Telephony ;c:\programdata\vga64k32.exe [x] R2 TapiSrv32323232323232323232;Telephony ;c:\programdata\NlsLexicons000232.exe [x] R2 TBS3232;TPM Base Services ;c:\programdata\KBDINTAM32.exe [x] R2 TermService32;Terminal Services ;c:\programdata\PresentationNative_v030032.exe [x] R2 TermService3232;Terminal Services ;c:\programdata\KBDSYR232.exe [x] R2 TermService323232;Terminal Services ;c:\programdata\msihnd32.exe [x] R2 TermService3232323232;Terminal Services ;c:\programdata\NlsLexicons081632.exe [x] R2 TermService323232323232;Terminal Services ;c:\programdata\adsldp32.exe [x] R2 TermService32323232323232;Terminal Services ;c:\programdata\WMNetMgr32.exe [x] R2 TermService323232323232323232;Terminal Services ;c:\programdata\PortableDeviceApi32.exe [x] R2 Themes32;Themes ;c:\programdata\d3d10_132.exe [x] R2 Themes3232;Themes ;c:\programdata\cfgbkend32.exe [x] R2 Themes323232;Themes ;c:\programdata\eappcfg32.exe [x] R2 Themes32323232;Themes ;c:\programdata\E_FBCHALA32.exe [x] R2 Themes3232323232;Themes ;c:\programdata\winusb32.exe [x] R2 Themes323232323232;Themes ;c:\programdata\termmgr32.exe [x] R2 Themes32323232323232;Themes ;c:\programdata\acppage32.exe [x] R2 Themes323232323232323232;Themes ;c:\programdata\dsprop32.exe [x] R2 Themes32323232323232323232;Themes ;c:\programdata\NlsData000932.exe [x] R2 THREADORDER3232;Thread Ordering Server ;c:\programdata\msv1_032.exe [x] R2 THREADORDER323232;Thread Ordering Server ;c:\programdata\KBDSF32.exe [x] R2 TrkWks32;Distributed Link Tracking Client ;c:\programdata\RtkPgExt32.exe [x] R2 TrkWks32323232;Distributed Link Tracking Client ;c:\programdata\msjint4032.exe [x] R2 TrkWks3232323232;Distributed Link Tracking Client ;c:\programdata\NlsData000032.exe [x] R2 TrkWks323232323232;Distributed Link Tracking Client ;c:\programdata\dskquota32.exe [x] R2 TrkWks32323232323232;Distributed Link Tracking Client ;c:\programdata\security32.exe [x] R2 TrustedInstaller32;Windows Modules Installer ;c:\programdata\hnetcfg32.exe [x] R2 TrustedInstaller3232;Windows Modules Installer ;c:\programdata\wmiprop32.exe [x] R2 TrustedInstaller3232323232;Windows Modules Installer ;c:\programdata\ntdll32.exe [x] R2 TrustedInstaller323232323232;Windows Modules Installer ;c:\programdata\cmlua32.exe [x] R2 TrustedInstaller3232323232323232;Windows Modules Installer ;c:\programdata\odbc16gt32.exe [x] R2 UI0Detect323232323232;Interactive Services Detection ;c:\programdata\ir41_qc32.exe [x] R2 UI0Detect32323232323232;Interactive Services Detection ;c:\programdata\raschap32.exe [x] R2 UI0Detect3232323232323232;Interactive Services Detection ;c:\programdata\ndfapi32.exe [x] R2 upnphost32;UPnP Device Host ;c:\programdata\imgutil32.exe [x] R2 upnphost3232323232323232323232323232;UPnP Device Host ;c:\programdata\msexcl4032.exe [x] R2 upnphost3232323232323232323232323232323232;UPnP Device Host ;c:\programdata\KBDMLT4732.exe [x] R2 upnphost323232323232323232323232323232323232;UPnP Device Host ;c:\programdata\rasplap32.exe [x] R2 UxSms323232;Desktop Window Manager Session Manager ;c:\programdata\ktmw3232.exe [x] R2 UxSms32323232;Desktop Window Manager Session Manager ;c:\programdata\winethc32.exe [x] R2 UxSms3232323232;Desktop Window Manager Session Manager ;c:\programdata\NlsData000132.exe [x] R2 UxSms323232323232;Desktop Window Manager Session Manager ;c:\programdata\wlanmsm32.exe [x] R2 vds32;Virtual Disk ;c:\programdata\bitsperf32.exe [x] R2 vds323232;Virtual Disk ;c:\programdata\NlsLexicons000932.exe [x] R2 vds3232323232;Virtual Disk ;c:\programdata\d3dim70032.exe [x] R2 vds3232323232323232;Virtual Disk ;c:\programdata\scripto32.exe [x] R2 vds323232323232323232;Virtual Disk ;c:\programdata\perfts32.exe [x] R2 vds323232323232323232323232;Virtual Disk ;c:\programdata\KBDLV32.exe [x] R2 Viewpoint Manager Service3232;Viewpoint Manager Service ;c:\programdata\Query32.exe [x] R2 Viewpoint Manager Service323232;Viewpoint Manager Service ;c:\programdata\sstpsvc32.exe [x] R2 Viewpoint Manager Service32323232;Viewpoint Manager Service ;c:\programdata\ntshrui32.exe [x] R2 Viewpoint Manager Service3232323232;Viewpoint Manager Service ;c:\programdata\authz32.exe [x] R2 Viewpoint Manager Service323232323232;Viewpoint Manager Service ;c:\programdata\umb32.exe [x] R2 Viewpoint Manager Service32323232323232323232;Viewpoint Manager Service ;c:\programdata\RpcNs432.exe [x] R2 Viewpoint Manager Service3232323232323232323232;Viewpoint Manager Service ;c:\programdata\QSHVHOST32.exe [x] R2 Viewpoint Manager Service323232323232323232323232;Viewpoint Manager Service ;c:\programdata\msstrc32.exe [x] R2 Viewpoint Manager Service32323232323232323232323232;Viewpoint Manager Service ;c:\programdata\WMVDECOD32.exe [x] R2 VSS32;Volume Shadow Copy ;c:\programdata\rpchttp32.exe [x] R2 W32Time3232;Windows Time ;c:\programdata\NlsLexicons000f32.exe [x] R2 W32Time323232;Windows Time ;c:\programdata\igfxCoIn_v127732.exe [x] R2 WcesComm32;Windows Mobile-2003-based device connectivity ;c:\programdata\certcli32.exe [x] R2 WcesComm3232;Windows Mobile-2003-based device connectivity ;c:\programdata\dmvdsitf32.exe [x] R2 WcesComm323232;Windows Mobile-2003-based device connectivity ;c:\programdata\CertEnrollUI32.exe [x] R2 WcesComm32323232;Windows Mobile-2003-based device connectivity ;c:\programdata\occache32.exe [x] R2 WcesComm323232323232;Windows Mobile-2003-based device connectivity ;c:\programdata\sfc32.exe [x] R2 WcesComm3232323232323232;Windows Mobile-2003-based device connectivity ;c:\programdata\msxml632.exe [x] R2 wcncsvc32;Windows Connect Now - Config Registrar ;c:\programdata\networkmap32.exe [x] R2 wcncsvc3232;Windows Connect Now - Config Registrar ;c:\programdata\bitsprx232.exe [x] R2 wcncsvc323232;Windows Connect Now - Config Registrar ;c:\programdata\iaspolcy32.exe [x] R2 wcncsvc32323232;Windows Connect Now - Config Registrar ;c:\programdata\asferror32.exe [x] R2 wcncsvc3232323232;Windows Connect Now - Config Registrar ;c:\programdata\untfs32.exe [x] R2 wcncsvc3232323232323232;Windows Connect Now - Config Registrar ;c:\programdata\wshbth32.exe [x] R2 wcncsvc323232323232323232;Windows Connect Now - Config Registrar ;c:\programdata\TRAPI32.exe [x] R2 WcsPlugInService3232;Windows Color System ;c:\programdata\rasdlg32.exe [x] R2 WcsPlugInService323232;Windows Color System ;c:\programdata\msmmsp32.exe [x] R2 WcsPlugInService32323232;Windows Color System ;c:\programdata\KBDJPN32.exe [x] R2 WcsPlugInService323232323232;Windows Color System ;c:\programdata\FwRemoteSvr32.exe [x] R2 WcsPlugInService32323232323232;Windows Color System ;c:\programdata\CompatUI32.exe [x] R2 WdiSystemHost323232;Diagnostic System Host ;c:\programdata\d3dim70032.exe [x] R2 WdiSystemHost32323232;Diagnostic System Host ;c:\programdata\wmerror32.exe [x] R2 WdiSystemHost32323232323232;Diagnostic System Host ;c:\programdata\KBDMON32.exe [x] R2 WdiSystemHost3232323232323232;Diagnostic System Host ;c:\programdata\deskperf32.exe [x] R2 WdiSystemHost32323232323232323232323232323232;Diagnostic System Host ;c:\programdata\KBDFC32.exe [x] R2 WebClient32;WebClient ;c:\programdata\WlS0WndH32.exe [x] R2 WebClient3232;WebClient ;c:\programdata\VIDRESZR32.exe [x] R2 WebClient32323232;WebClient ;c:\programdata\tapisrv32.exe [x] R2 WebClient3232323232;WebClient ;c:\programdata\els32.exe [x] R2 WebClient323232323232;WebClient ;c:\programdata\hccoin32.exe [x] R2 WebClient32323232323232;WebClient ;c:\programdata\NicCo632.exe [x] R2 WebClient3232323232323232;WebClient ;c:\programdata\odbctrac32.exe [x] R2 Wecsvc3232;Windows Event Collector ;c:\programdata\rasctrs32.exe [x] R2 Wecsvc323232;Windows Event Collector ;c:\programdata\win87em32.exe [x] R2 Wecsvc32323232;Windows Event Collector ;c:\programdata\wsnmp3232.exe [x] R2 Wecsvc3232323232;Windows Event Collector ;c:\programdata\wiavideo32.exe [x] R2 Wecsvc323232323232323232;Windows Event Collector ;c:\programdata\netcfgx32.exe [x] R2 Wecsvc3232323232323232323232;Windows Event Collector ;c:\programdata\msvidc3232.exe [x] R2 wercplsupport32;Problem Reports and Solutions Control Panel Support ;c:\programdata\AQCKGen32.exe [x] R2 wercplsupport323232323232;Problem Reports and Solutions Control Panel Support ;c:\programdata\msrle3232.exe [x] R2 WerSvc323232;Windows Error Reporting Service ;c:\programdata\cPC_DMIRD32.exe [x] R2 WerSvc32323232;Windows Error Reporting Service ;c:\programdata\AltTab32.exe [x] R2 WerSvc323232323232;Windows Error Reporting Service ;c:\programdata\Sens32.exe [x] R2 WinDefend32323232;Windows Defender ;c:\programdata\msctfui32.exe [x] R2 WinDefend3232323232;Windows Defender ;c:\programdata\MMDevAPI32.exe [x] R2 WinDefend323232323232;Windows Defender ;c:\programdata\taskcomp32.exe [x] R2 WinHttpAutoProxySvc3232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\msaudite32.exe [x] R2 WinHttpAutoProxySvc323232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\COMMDLG32.exe [x] R2 WinHttpAutoProxySvc32323232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\qdvd32.exe [x] R2 WinHttpAutoProxySvc3232323232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\KBDROST32.exe [x] R2 WinHttpAutoProxySvc323232323232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\RtkCoInst32.exe [x] R2 Winmgmt323232;Windows Management Instrumentation ;c:\programdata\slwga32.exe [x] R2 wmiApSrv3232;WMI Performance Adapter ;c:\programdata\msvideo32.exe [x] R2 wmiApSrv323232;WMI Performance Adapter ;c:\programdata\msafd32.exe [x] R2 wmiApSrv32323232;WMI Performance Adapter ;c:\programdata\imagesp132.exe [x] R2 WMPNetworkSvc3232;Windows Media Player Network Sharing Service ;c:\programdata\KBDUSL32.exe [x] R2 WPCSvc32;Parental Controls ;c:\programdata\wsecedit32.exe [x] R2 WPDBusEnum32;Portable Device Enumerator Service ;c:\programdata\prnntfy32.exe [x] R2 WPDBusEnum32323232;Portable Device Enumerator Service ;c:\programdata\NlsLexicons004632.exe [x] R2 WPDBusEnum3232323232;Portable Device Enumerator Service ;c:\programdata\iassvcs32.exe [x] R2 WPDBusEnum323232323232;Portable Device Enumerator Service ;c:\programdata\dhcpcmonitor32.exe [x] R2 WPDBusEnum32323232323232;Portable Device Enumerator Service ;c:\programdata\sdohlp32.exe [x] R2 WPFFontCache_v04003232;Windows Presentation Foundation Font Cache 4.0.0.0 ;c:\programdata\C_ISCII32.exe [x] R2 WPFFontCache_v0400323232323232;Windows Presentation Foundation Font Cache 4.0.0.0 ;c:\programdata\sqlunirl32.exe [x] R2 WPFFontCache_v040032323232323232;Windows Presentation Foundation Font Cache 4.0.0.0 ;c:\programdata\osbaseln32.exe [x] R2 WPFFontCache_v04003232323232323232;Windows Presentation Foundation Font Cache 4.0.0.0 ;c:\programdata\pcadm32.exe [x] R2 WPFFontCache_v0400323232323232323232;Windows Presentation Foundation Font Cache 4.0.0.0 ;c:\programdata\PortableDeviceWMDRM32.exe [x] R2 wscsvc32;Security Center ;c:\programdata\radardt32.exe [x] R2 wscsvc323232;Security Center ;c:\programdata\KBDBU32.exe [x] R2 wscsvc32323232;Security Center ;c:\programdata\Faultrep32.exe [x] R2 wscsvc3232323232;Security Center ;c:\programdata\dxtmsft32.exe [x] R2 wscsvc323232323232;Security Center ;c:\programdata\NlsLexicons004c32.exe [x] R2 WSearch32;Windows Search ;c:\programdata\dxtrans32.exe [x] R2 WSearch323232;Windows Search ;c:\programdata\dnsrslvr32.exe [x] R2 WSearch32323232;Windows Search ;c:\programdata\KBDSW32.exe [x] R2 WSearch3232323232;Windows Search ;c:\programdata\ifsutil32.exe [x] R2 wuauserv3232;Windows Update ;c:\programdata\SysFxUI32.exe [x] R2 wuauserv323232;Windows Update ;c:\programdata\d3dxof32.exe [x] R2 wuauserv32323232;Windows Update ;c:\programdata\KBDIT14232.exe [x] R2 wuauserv323232323232;Windows Update ;c:\programdata\d3d8thk32.exe [x] R2 wuauserv32323232323232;Windows Update ;c:\programdata\uxtheme32.exe [x] R2 wuauserv3232323232323232;Windows Update ;c:\programdata\wtsapi3232.exe [x] R2 wuauserv323232323232323232;Windows Update ;c:\programdata\odbccr3232.exe [x] R2 wudfsvc32;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\KBDUSX32.exe [x] R2 XAudioService3232;XAudioService ;c:\programdata\msfeedsbs32.exe [x] R3 A5AGU;D-Link Wireless LAN 802.11 USB device driver;c:\windows\system32\DRIVERS\AGUx86.sys [2007-10-08 892416] R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232] R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-03-13 85984] R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\DRIVERS\netr28u.sys [2008-01-31 599040] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2009-11-17 63080] S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2011-03-13 64648] S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-03-13 163400] S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-14 54776] S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896] S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Keyboard & Mouse Driver\KMWDSrv.exe [2008-06-24 208896] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904] S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2011-01-27 214904] S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 214904] S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-03-13 159832] S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-03-13 148520] S2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [2010-04-14 229688] S2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652] S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-03-13 57432] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-05-29 22712] S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-03-13 337912] . . --- Other Services/Drivers In Memory --- . *Deregistered* - mfeavfk01 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Contents of the 'Scheduled Tasks' folder . 2011-06-28 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-01 00:15] . 2011-06-27 c:\windows\Tasks\Norton Security Scan for Kris.job - c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-08-21 06:27] . 2011-06-27 c:\windows\Tasks\User_Feed_Synchronization-{9878F9A8-E70F-4132-8388-B0441121DB0B}.job - c:\windows\system32\msfeedssync.exe [2008-06-13 07:33] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.aol.com mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=74&bd=Pavilion&pf=desktop uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000 Trusted Zone: intuit.com\ttlc Trusted Zone: real.com\rhap-app-4-0 Trusted Zone: real.com\rhapreg TCP: DhcpNameServer = 192.168.1.254 FF - ProfilePath - c:\users\Kris\AppData\Roaming\Mozilla\Firefox\Profiles\cxisknfq.default\ FF - prefs.js: browser.search.defaulturl - hxxp://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us FF - prefs.js: browser.search.selectedEngine - Secure Search FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=mcafee&p= FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(yahoo.ytff.general.dontshowhpoffer, true . - - - - ORPHANS REMOVED - - - - . BHO-{2D46040B-2EE3-B0FD-A350-AAACE23C2B9D} - c:\programdata\asycfilt32.dll MSConfigStartUp-BitTorrent DNA - c:\users\Kris\Program Files\DNA\btdna.exe MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-06-27 19:09 Windows 6.0.6001 Service Pack 1 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(548) c:\progra~1\mcafee\SITEAD~1\saHook.dll c:\program files\McAfee Online Backup\MOBKshell.dll c:\program files\ArcSoft\PhotoImpression 5\share\pihook.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE c:\program files\Common Files\LightScribe\LSSrvc.exe c:\windows\system32\rundll32.exe c:\windows\system32\DRIVERS\xaudio.exe c:\program files\Common Files\McAfee\SystemCore\mcshield.exe c:\program files\Common Files\McAfee\SystemCore\mfefire.exe c:\windows\system32\WUDFHost.exe c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe c:\progra~1\mcafee.com\agent\mcagent.exe c:\windows\system32\vssvc.exe . ************************************************************************** . Completion time: 2011-06-27 19:19:39 - machine was rebooted ComboFix-quarantined-files.txt 2011-06-28 00:19 . Pre-Run: 162,248,196,096 bytes free Post-Run: 162,175,229,952 bytes free . - - End Of File - - 3075997D669654816C3C3D3B0628AF72

Hello LDTate, and thank you for your response.... Here is the GooredFix.txt contents: GooredFix by jpshortstuff (03.07.10.1) Log created at 18:45 on 25/06/2011 (Kris) Firefox version 4.0.1 (en-US) ========== GooredScan ========== Deleting "C:\Users\Kris\Application Data\Mozilla\Firefox\Profiles\cxisknfq.default\extensions\{9e69dc27-faac-4223-ab10-8b3753aab021}" -> Success! ========== GooredLog ========== C:\Program Files\Mozilla Firefox\extensions\ talkback@mozilla.org [21:30 19/01/2008] {972ce4c6-7e08-4474-a285-3208198ce6fd} [21:30 19/01/2008] {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [13:57 25/01/2008] {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [05:14 20/09/2009] {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [14:03 07/12/2009] {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} [15:15 04/04/2010] {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [18:12 24/04/2010] {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [03:05 02/09/2010] {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [04:22 24/11/2010] {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [05:49 04/02/2011] {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [01:37 22/06/2011] C:\Users\Kris\Application Data\Mozilla\Firefox\Profiles\cxisknfq.default\extensions\ moveplayer@movenetworks.com [13:44 18/04/2009] {1280606b-2510-4fe0-97ef-9b5a22eafe30} [13:07 23/03/2011] {20a82645-c095-46ed-80e3-08825760534b} [17:02 09/06/2010] [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\" [16:08 11/03/2009] "{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files\McAfee\SiteAdvisor" [05:37 04/02/2011] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext" [12:32 11/06/2011] -=E.O.F=- TDSSKiller did not find anything... Does that mean the issue has been resolved? The only difference I've noticed at the moment is that Firefox is seems to be starting-up quite a bit slower. Also when I close it, the firefox.exe process and some firefox plug-in container remain active until I forcefully end those processes. Also, I just tried some of the same searches I did before, and the search results don't seem to be compromised at the moment? Could it be fixed, or will it be back? What can I do to keep from having that happen again in the future??

continued from above post... S2 MSK80Service32323232;McAfee Anti-Spam Service ;c:\programdata\cmipnpinstall32.exe --> c:\programdata\cmipnpinstall32.exe [?] S2 MSK80Service3232323232;McAfee Anti-Spam Service ;c:\programdata\msmpeg2adec32.exe --> c:\programdata\MSMPEG2ADEC32.exe [?] S2 napagent32;Network Access Protection Agent ;c:\programdata\mcmde32.exe --> c:\programdata\mcmde32.exe [?] S2 napagent323232;Network Access Protection Agent ;c:\programdata\wucltux32.exe --> c:\programdata\wucltux32.exe [?] S2 napagent32323232323232323232323232;Network Access Protection Agent ;c:\programdata\pla32.exe --> c:\programdata\pla32.exe [?] S2 napagent32323232323232323232323232323232;Network Access Protection Agent ;c:\programdata\synccenter32.exe --> c:\programdata\SyncCenter32.exe [?] S2 Netlogon32;Netlogon ;c:\programdata\dimsjob32.exe --> c:\programdata\dimsjob32.exe [?] S2 Netlogon3232;Netlogon ;c:\programdata\van32.exe --> c:\programdata\VAN32.exe [?] S2 Netlogon323232;Netlogon ;c:\programdata\rdpdd32.exe --> c:\programdata\rdpdd32.exe [?] S2 Netlogon32323232;Netlogon ;c:\programdata\oemdspif32.exe --> c:\programdata\oemdspif32.exe [?] S2 Netlogon323232323232;Netlogon ;c:\programdata\lzexpand32.exe --> c:\programdata\lzexpand32.exe [?] S2 Netlogon32323232323232;Netlogon ;c:\programdata\devenum32.exe --> c:\programdata\devenum32.exe [?] S2 Netlogon3232323232323232;Netlogon ;c:\programdata\csrsrv32.exe --> c:\programdata\csrsrv32.exe [?] S2 Netman32;Network Connections ;c:\programdata\oleaccrc32.exe --> c:\programdata\oleaccrc32.exe [?] S2 Netman323232;Network Connections ;c:\programdata\winhttp32.exe --> c:\programdata\winhttp32.exe [?] S2 netprofm3232323232;Network List Service ;c:\programdata\kbdheb32.exe --> c:\programdata\KBDHEB32.exe [?] S2 NetTcpPortSharing32;Net.Tcp Port Sharing Service ;c:\programdata\oleaccrc32.exe --> c:\programdata\oleaccrc32.exe [?] S2 NetTcpPortSharing3232;Net.Tcp Port Sharing Service ;c:\programdata\tdh32.exe --> c:\programdata\tdh32.exe [?] S2 NetTcpPortSharing323232;Net.Tcp Port Sharing Service ;c:\programdata\pshed32.exe --> c:\programdata\PSHED32.exe [?] S2 NlaSvc3232323232;Network Location Awareness ;c:\programdata\ir50_3232.exe --> c:\programdata\ir50_3232.exe [?] S2 NlaSvc323232323232;Network Location Awareness ;c:\programdata\activecontentwizard32.exe --> c:\programdata\ActiveContentWizard32.exe [?] S2 nsi32;Network Store Interface Service ;c:\programdata\rapi32.exe --> c:\programdata\rapi32.exe [?] S2 nsi3232;Network Store Interface Service ;c:\programdata\davclnt32.exe --> c:\programdata\davclnt32.exe [?] S2 nsi32323232323232323232;Network Store Interface Service ;c:\programdata\winsockhc32.exe --> c:\programdata\winsockhc32.exe [?] S2 p2pimsvc32;Peer Networking Identity Manager ;c:\programdata\ieframe32.exe --> c:\programdata\ieframe32.exe [?] S2 p2pimsvc3232;Peer Networking Identity Manager ;c:\programdata\hnetmon32.exe --> c:\programdata\hnetmon32.exe [?] S2 p2pimsvc323232;Peer Networking Identity Manager ;c:\programdata\pndx501632.exe --> c:\programdata\pndx501632.exe [?] S2 p2pimsvc32323232;Peer Networking Identity Manager ;c:\programdata\avicap3232.exe --> c:\programdata\avicap3232.exe [?] S2 p2psvc3232323232;Peer Networking Grouping ;c:\programdata\wsmsvc32.exe --> c:\programdata\WsmSvc32.exe [?] S2 PcaSvc32;Program Compatibility Assistant Service ;c:\programdata\dot3msm32.exe --> c:\programdata\dot3msm32.exe [?] S2 PcaSvc3232;Program Compatibility Assistant Service ;c:\programdata\pautoenr32.exe --> c:\programdata\pautoenr32.exe [?] S2 PcaSvc323232;Program Compatibility Assistant Service ;c:\programdata\msmpeg2vdec32.exe --> c:\programdata\MSMPEG2VDEC32.exe [?] S2 PcaSvc323232323232;Program Compatibility Assistant Service ;c:\programdata\kbdmonmo32.exe --> c:\programdata\KBDMONMO32.exe [?] S2 pla32;Performance Logs & Alerts ;c:\programdata\deskadp32.exe --> c:\programdata\deskadp32.exe [?] S2 pla3232;Performance Logs & Alerts ;c:\programdata\nlsdata081a32.exe --> c:\programdata\NlsData081a32.exe [?] S2 pla32323232;Performance Logs & Alerts ;c:\programdata\kbdinuk232.exe --> c:\programdata\KBDINUK232.exe [?] S2 pla3232323232;Performance Logs & Alerts ;c:\programdata\kbdtajik32.exe --> c:\programdata\KBDTAJIK32.exe [?] S2 pla32323232323232;Performance Logs & Alerts ;c:\programdata\kbdinori32.exe --> c:\programdata\KBDINORI32.exe [?] S2 PlugPlay32;Plug and Play ;c:\programdata\rasgcw32.exe --> c:\programdata\rasgcw32.exe [?] S2 PlugPlay3232;Plug and Play ;c:\programdata\urlmon32.exe --> c:\programdata\urlmon32.exe [?] S2 PlugPlay323232;Plug and Play ;c:\programdata\wiaaut32.exe --> c:\programdata\wiaaut32.exe [?] S2 PlugPlay32323232;Plug and Play ;c:\programdata\xolehlp32.exe --> c:\programdata\xolehlp32.exe [?] S2 PlugPlay3232323232;Plug and Play ;c:\programdata\kbdnecnt32.exe --> c:\programdata\kbdnecnt32.exe [?] S2 PNRPAutoReg32;PNRP Machine Name Publication Service ;c:\programdata\kbdsyr132.exe --> c:\programdata\KBDSYR132.exe [?] S2 PNRPAutoReg323232;PNRP Machine Name Publication Service ;c:\programdata\srrstr32.exe --> c:\programdata\srrstr32.exe [?] S2 PNRPAutoReg3232323232;PNRP Machine Name Publication Service ;c:\programdata\wmdrmsdk32.exe --> c:\programdata\wmdrmsdk32.exe [?] S2 PNRPsvc32;Peer Name Resolution Protocol ;c:\programdata\snmpapi32.exe --> c:\programdata\snmpapi32.exe [?] S2 PNRPsvc3232;Peer Name Resolution Protocol ;c:\programdata\amxread32.exe --> c:\programdata\amxread32.exe [?] S2 PNRPsvc323232;Peer Name Resolution Protocol ;c:\programdata\nlslexicons002232.exe --> c:\programdata\NlsLexicons002232.exe [?] S2 PNRPsvc32323232;Peer Name Resolution Protocol ;c:\programdata\wuaueng32.exe --> c:\programdata\wuaueng32.exe [?] S2 PNRPsvc3232323232;Peer Name Resolution Protocol ;c:\programdata\dpnlobby32.exe --> c:\programdata\dpnlobby32.exe [?] S2 PNRPsvc323232323232;Peer Name Resolution Protocol ;c:\programdata\perfos32.exe --> c:\programdata\perfos32.exe [?] S2 PNRPsvc32323232323232;Peer Name Resolution Protocol ;c:\programdata\kbdmacst32.exe --> c:\programdata\KBDMACST32.exe [?] S2 PolicyAgent32;IPsec Policy Agent ;c:\programdata\browser32.exe --> c:\programdata\browser32.exe [?] S2 PolicyAgent3232;IPsec Policy Agent ;c:\programdata\nlhtml32.exe --> c:\programdata\nlhtml32.exe [?] S2 PolicyAgent3232323232323232;IPsec Policy Agent ;c:\programdata\d3d932.exe --> c:\programdata\d3d932.exe [?] S2 ProfSvc32;User Profile Service ;c:\programdata\wscntfy32.exe --> c:\programdata\wscntfy32.exe [?] S2 ProfSvc3232;User Profile Service ;c:\programdata\wudfplatform32.exe --> c:\programdata\WUDFPlatform32.exe [?] S2 ProfSvc323232;User Profile Service ;c:\programdata\riched2032.exe --> c:\programdata\riched2032.exe [?] S2 ProfSvc323232323232;User Profile Service ;c:\programdata\winipsec32.exe --> c:\programdata\winipsec32.exe [?] S2 ProfSvc32323232323232;User Profile Service ;c:\programdata\rtcres32.exe --> c:\programdata\RTCRES32.exe [?] S2 ProfSvc3232323232323232;User Profile Service ;c:\programdata\iepeers32.exe --> c:\programdata\iepeers32.exe [?] S2 ProfSvc323232323232323232323232;User Profile Service ;c:\programdata\msdadiag32.exe --> c:\programdata\msdadiag32.exe [?] S2 ProfSvc32323232323232323232323232;User Profile Service ;c:\programdata\dxmasf32.exe --> c:\programdata\dxmasf32.exe [?] S2 ProfSvc3232323232323232323232323232;User Profile Service ;c:\programdata\xpsshhdr32.exe --> c:\programdata\XPSSHHDR32.exe [?] S2 ProfSvc323232323232323232323232323232;User Profile Service ;c:\programdata\wiatrace32.exe --> c:\programdata\wiatrace32.exe [?] S2 QWAVE3232323232;Quality Windows Audio Video Experience ;c:\programdata\tquery32.exe --> c:\programdata\tquery32.exe [?] S2 QWAVE323232323232;Quality Windows Audio Video Experience ;c:\programdata\bitsprx332.exe --> c:\programdata\bitsprx332.exe [?] S2 QWAVE32323232323232;Quality Windows Audio Video Experience ;c:\programdata\uci32m2232.exe --> c:\programdata\UCI32M2232.exe [?] S2 QWAVE3232323232323232;Quality Windows Audio Video Experience ;c:\programdata\shellvrtf32.exe --> c:\programdata\ShellvRTF32.exe [?] S2 QWAVE323232323232323232;Quality Windows Audio Video Experience ;c:\programdata\authfwsnapin32.exe --> c:\programdata\AuthFWSnapin32.exe [?] S2 QWAVE32323232323232323232;Quality Windows Audio Video Experience ;c:\programdata\ufat32.exe --> c:\programdata\ufat32.exe [?] S2 RapiMgr32;Windows Mobile-based device connectivity ;c:\programdata\cdd32.exe --> c:\programdata\cdd32.exe [?] S2 RapiMgr3232;Windows Mobile-based device connectivity ;c:\programdata\iesetup32.exe --> c:\programdata\iesetup32.exe [?] S2 RapiMgr323232;Windows Mobile-based device connectivity ;c:\programdata\msstkprp32.exe --> c:\programdata\MSSTKPRP32.exe [?] S2 RapiMgr32323232;Windows Mobile-based device connectivity ;c:\programdata\kbdgae32.exe --> c:\programdata\KBDGAE32.exe [?] S2 RapiMgr3232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\crppresentation32.exe --> c:\programdata\CRPPresentation32.exe [?] S2 RapiMgr323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\cfgmgr3232.exe --> c:\programdata\cfgmgr3232.exe [?] S2 RapiMgr32323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\mapi3232.exe --> c:\programdata\mapi3232.exe [?] S2 RapiMgr3232323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\mscat3232.exe --> c:\programdata\mscat3232.exe [?] S2 RapiMgr323232323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\iertutil32.exe --> c:\programdata\iertutil32.exe [?] S2 RapiMgr32323232323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\dpnhupnp32.exe --> c:\programdata\dpnhupnp32.exe [?] S2 RapiMgr3232323232323232323232323232323232;Windows Mobile-based device connectivity ;c:\programdata\qcap32.exe --> c:\programdata\qcap32.exe [?] S2 RasAuto32;Remote Access Auto Connection Manager ;c:\programdata\apss32.exe --> c:\programdata\apss32.exe [?] S2 RasAuto3232323232;Remote Access Auto Connection Manager ;c:\programdata\laprxy32.exe --> c:\programdata\LAPRXY32.exe [?] S2 RasAuto323232323232323232;Remote Access Auto Connection Manager ;c:\programdata\framebuf32.exe --> c:\programdata\framebuf32.exe [?] S2 RasAuto32323232323232323232;Remote Access Auto Connection Manager ;c:\programdata\tapisysprep32.exe --> c:\programdata\TapiSysprep32.exe [?] S2 RasMan32;Remote Access Connection Manager ;c:\programdata\pmspl32.exe --> c:\programdata\pmspl32.exe [?] S2 RasMan32323232323232;Remote Access Connection Manager ;c:\programdata\oleprn32.exe --> c:\programdata\oleprn32.exe [?] S2 RasMan3232323232323232;Remote Access Connection Manager ;c:\programdata\inetppui32.exe --> c:\programdata\inetppui32.exe [?] S2 RasMan323232323232323232;Remote Access Connection Manager ;c:\programdata\imapi2fs32.exe --> c:\programdata\imapi2fs32.exe [?] S2 RasMan32323232323232323232;Remote Access Connection Manager ;c:\programdata\activeds32.exe --> c:\programdata\activeds32.exe [?] S2 Remote UI Service3232;Intel® Remoting Service ;c:\programdata\qutil32.exe --> c:\programdata\QUTIL32.exe [?] S2 Remote UI Service323232;Intel® Remoting Service ;c:\programdata\nlslexicons000332.exe --> c:\programdata\NlsLexicons000332.exe [?] S2 Remote UI Service32323232323232;Intel® Remoting Service ;c:\programdata\nlsdata001b32.exe --> c:\programdata\NlsData001b32.exe [?] S2 Remote UI Service3232323232323232;Intel® Remoting Service ;c:\programdata\rtm32.exe --> c:\programdata\rtm32.exe [?] S2 RemoteAccess3232;Routing and Remote Access ;c:\programdata\nddeapi32.exe --> c:\programdata\nddeapi32.exe [?] S2 RemoteAccess323232;Routing and Remote Access ;c:\programdata\auxiliarydisplaycpl32.exe --> c:\programdata\AuxiliaryDisplayCpl32.exe [?] S2 RemoteAccess32323232;Routing and Remote Access ;c:\programdata\kbdth132.exe --> c:\programdata\KBDTH132.exe [?] S2 RemoteRegistry32323232;Remote Registry ;c:\programdata\inetwh3232.exe --> c:\programdata\Inetwh3232.exe [?] S2 RemoteRegistry3232323232;Remote Registry ;c:\programdata\nlslexicons001b32.exe --> c:\programdata\NlsLexicons001b32.exe [?] S2 RoxMediaDB932;RoxMediaDB9 ;c:\programdata\qdv32.exe --> c:\programdata\qdv32.exe [?] S2 RoxMediaDB9323232;RoxMediaDB9 ;c:\programdata\capisp32.exe --> c:\programdata\capisp32.exe [?] S2 RoxMediaDB932323232;RoxMediaDB9 ;c:\programdata\jjaken32.exe --> c:\programdata\JJAKEn32.exe [?] S2 RpcLocator323232;Remote Procedure Call (RPC) Locator ;c:\programdata\dhcpcsvc632.exe --> c:\programdata\dhcpcsvc632.exe [?] S2 RpcLocator32323232;Remote Procedure Call (RPC) Locator ;c:\programdata\kbdropr32.exe --> c:\programdata\KBDROPR32.exe [?] S2 RpcSs32;Remote Procedure Call (RPC) ;c:\programdata\rasser32.exe --> c:\programdata\rasser32.exe [?] S2 RpcSs3232;Remote Procedure Call (RPC) ;c:\programdata\authfwwizfwk32.exe --> c:\programdata\AuthFWWizFwk32.exe [?] S2 RpcSs323232;Remote Procedure Call (RPC) ;c:\programdata\ws2_32_shim32.exe --> c:\programdata\WS2_32_Shim32.exe [?] S2 SamSs32;Security Accounts Manager ;c:\programdata\dpnaddr32.exe --> c:\programdata\dpnaddr32.exe [?] S2 SamSs323232;Security Accounts Manager ;c:\programdata\eqossnap32.exe --> c:\programdata\eqossnap32.exe [?] S2 SamSs32323232;Security Accounts Manager ;c:\programdata\bthserv32.exe --> c:\programdata\bthserv32.exe [?] S2 SamSs323232323232323232;Security Accounts Manager ;c:\programdata\kbdgkl32.exe --> c:\programdata\KBDGKL32.exe [?] S2 SamSs32323232323232323232;Security Accounts Manager ;c:\programdata\nlslexicons001a32.exe --> c:\programdata\NlsLexicons001a32.exe [?] S2 SamSs3232323232323232323232;Security Accounts Manager ;c:\programdata\kbdcr32.exe --> c:\programdata\KBDCR32.exe [?] S2 SamSs323232323232323232323232323232;Security Accounts Manager ;c:\programdata\prntvpt32.exe --> c:\programdata\prntvpt32.exe [?] S2 SamSs32323232323232323232323232323232;Security Accounts Manager ;c:\programdata\msscntrs32.exe --> c:\programdata\msscntrs32.exe [?] S2 SCardSvr32323232;Smart Card ;c:\programdata\ddraw32.exe --> c:\programdata\ddraw32.exe [?] S2 SCardSvr3232323232;Smart Card ;c:\programdata\udwm32.exe --> c:\programdata\uDWM32.exe [?] S2 SCardSvr32323232323232;Smart Card ;c:\programdata\pnpxassoc32.exe --> c:\programdata\PNPXAssoc32.exe [?] S2 SCardSvr3232323232323232;Smart Card ;c:\programdata\mplam632.exe --> c:\programdata\mplam632.exe [?] S2 SCardSvr323232323232323232;Smart Card ;c:\programdata\kbduk32.exe --> c:\programdata\KBDUK32.exe [?] S2 SCardSvr32323232323232323232;Smart Card ;c:\programdata\docprop32.exe --> c:\programdata\docprop32.exe [?] S2 SCardSvr3232323232323232323232;Smart Card ;c:\programdata\kmsvc32.exe --> c:\programdata\KMSVC32.exe [?] S2 SCardSvr323232323232323232323232;Smart Card ;c:\programdata\wscproxystub32.exe --> c:\programdata\wscproxystub32.exe [?] S2 SCardSvr32323232323232323232323232;Smart Card ;c:\programdata\rtpcee3232.exe --> c:\programdata\RTPCEE3232.exe [?] S2 SCardSvr3232323232323232323232323232;Smart Card ;c:\programdata\wecapi32.exe --> c:\programdata\wecapi32.exe [?] S2 Schedule3232;Task Scheduler ;c:\programdata\drmv2clt32.exe --> c:\programdata\drmv2clt32.exe [?] S2 Schedule323232;Task Scheduler ;c:\programdata\psapi32.exe --> c:\programdata\psapi32.exe [?] S2 Schedule32323232323232;Task Scheduler ;c:\programdata\rapiproxystub32.exe --> c:\programdata\rapiproxystub32.exe [?] S2 Schedule32323232323232323232323232323232;Task Scheduler ;c:\programdata\kbdlt32.exe --> c:\programdata\KBDLT32.exe [?] S2 Schedule32323232323232323232323232323232323232;Task Scheduler ;c:\programdata\hid32.exe --> c:\programdata\hid32.exe [?] S2 Schedule323232323232323232323232323232323232323232;Task Scheduler ;c:\programdata\netplwiz32.exe --> c:\programdata\netplwiz32.exe [?] S2 SCPolicySvc32;Smart Card Removal Policy ;c:\programdata\upnphost32.exe --> c:\programdata\upnphost32.exe [?] S2 SCPolicySvc3232;Smart Card Removal Policy ;c:\programdata\crypt3232.exe --> c:\programdata\crypt3232.exe [?] S2 SCPolicySvc323232;Smart Card Removal Policy ;c:\programdata\winrsmgr32.exe --> c:\programdata\winrsmgr32.exe [?] S2 SCPolicySvc32323232;Smart Card Removal Policy ;c:\programdata\dispex32.exe --> c:\programdata\dispex32.exe [?] S2 SCPolicySvc3232323232;Smart Card Removal Policy ;c:\programdata\wifeman32.exe --> c:\programdata\WIFEMAN32.exe [?] S2 SCPolicySvc32323232323232;Smart Card Removal Policy ;c:\programdata\xwtpw3232.exe --> c:\programdata\xwtpw3232.exe [?] S2 SCPolicySvc3232323232323232323232;Smart Card Removal Policy ;c:\programdata\cryptext32.exe --> c:\programdata\cryptext32.exe [?] S2 SCPolicySvc323232323232323232323232;Smart Card Removal Policy ;c:\programdata\odbcint32.exe --> c:\programdata\odbcint32.exe [?] S2 SCPolicySvc32323232323232323232323232;Smart Card Removal Policy ;c:\programdata\scecli32.exe --> c:\programdata\scecli32.exe [?] S2 SCPolicySvc3232323232323232323232323232;Smart Card Removal Policy ;c:\programdata\msxbde4032.exe --> c:\programdata\msxbde4032.exe [?] S2 SDRSVC32;Windows Backup ;c:\programdata\milcore32.exe --> c:\programdata\milcore32.exe [?] S2 SDRSVC3232;Windows Backup ;c:\programdata\mprddm32.exe --> c:\programdata\mprddm32.exe [?] S2 SDRSVC323232;Windows Backup ;c:\programdata\wshcon32.exe --> c:\programdata\wshcon32.exe [?] S2 SDRSVC32323232;Windows Backup ;c:\programdata\cmicryptinstall32.exe --> c:\programdata\cmicryptinstall32.exe [?] S2 SDRSVC3232323232323232323232;Windows Backup ;c:\programdata\fde32.exe --> c:\programdata\fde32.exe [?] S2 SDRSVC323232323232323232323232;Windows Backup ;c:\programdata\keymgr32.exe --> c:\programdata\keymgr32.exe [?] S2 SDRSVC32323232323232323232323232;Windows Backup ;c:\programdata\msvcp7132.exe --> c:\programdata\msvcp7132.exe [?] S2 SDRSVC3232323232323232323232323232;Windows Backup ;c:\programdata\ncrypt32.exe --> c:\programdata\ncrypt32.exe [?] S2 seclogon32;Secondary Logon ;c:\programdata\ieapfltr32.exe --> c:\programdata\ieapfltr32.exe [?] S2 seclogon3232323232;Secondary Logon ;c:\programdata\wmpeffects32.exe --> c:\programdata\wmpeffects32.exe [?] S2 seclogon32323232323232;Secondary Logon ;c:\programdata\sti_ci32.exe --> c:\programdata\sti_ci32.exe [?] S2 seclogon3232323232323232;Secondary Logon ;c:\programdata\certmgr32.exe --> c:\programdata\certmgr32.exe [?] S2 seclogon323232323232323232;Secondary Logon ;c:\programdata\whealogr32.exe --> c:\programdata\whealogr32.exe [?] S2 seclogon3232323232323232323232;Secondary Logon ;c:\programdata\kbdtuf32.exe --> c:\programdata\KBDTUF32.exe [?] S2 SENS32;System Event Notification Service ;c:\programdata\presentationhostproxy32.exe --> c:\programdata\PresentationHostProxy32.exe [?] S2 SENS3232;System Event Notification Service ;c:\programdata\ncsi32.exe --> c:\programdata\ncsi32.exe [?] S2 SENS3232323232;System Event Notification Service ;c:\programdata\loadperf32.exe --> c:\programdata\loadperf32.exe [?] S2 SessionEnv32;Terminal Services Configuration ;c:\programdata\wmsgapi32.exe --> c:\programdata\wmsgapi32.exe [?] S2 SessionEnv3232;Terminal Services Configuration ;c:\programdata\nlslexicons000f32.exe --> c:\programdata\NlsLexicons000f32.exe [?] S2 SessionEnv323232;Terminal Services Configuration ;c:\programdata\rdpwsx32.exe --> c:\programdata\rdpwsx32.exe [?] S2 SessionEnv32323232;Terminal Services Configuration ;c:\programdata\dot3svc32.exe --> c:\programdata\dot3svc32.exe [?] S2 SessionEnv3232323232;Terminal Services Configuration ;c:\programdata\dpmodemx32.exe --> c:\programdata\dpmodemx32.exe [?] S2 SessionEnv323232323232;Terminal Services Configuration ;c:\programdata\nsi32.exe --> c:\programdata\nsi32.exe [?] S2 SessionEnv32323232323232;Terminal Services Configuration ;c:\programdata\pndx503232.exe --> c:\programdata\pndx503232.exe [?] S2 SessionEnv3232323232323232;Terminal Services Configuration ;c:\programdata\tcpipcfg32.exe --> c:\programdata\tcpipcfg32.exe [?] S2 SessionEnv323232323232323232;Terminal Services Configuration ;c:\programdata\wiascanprofiles32.exe --> c:\programdata\wiascanprofiles32.exe [?] S2 SessionEnv32323232323232323232;Terminal Services Configuration ;c:\programdata\corpol32.exe --> c:\programdata\corpol32.exe [?] S2 ShellHWDetection3232;Shell Hardware Detection ;c:\programdata\shacct32.exe --> c:\programdata\shacct32.exe [?] S2 ShellHWDetection323232;Shell Hardware Detection ;c:\programdata\imm3232.exe --> c:\programdata\imm3232.exe [?] S2 ShellHWDetection32323232;Shell Hardware Detection ;c:\programdata\resutils32.exe --> c:\programdata\resutils32.exe [?] S2 ShellHWDetection3232323232;Shell Hardware Detection ;c:\programdata\rasmontr32.exe --> c:\programdata\rasmontr32.exe [?] S2 slsvc32;Software Licensing ;c:\programdata\nlslexicons004932.exe --> c:\programdata\NlsLexicons004932.exe [?] S2 slsvc3232;Software Licensing ;c:\programdata\olethk3232.exe --> c:\programdata\olethk3232.exe [?] S2 slsvc323232;Software Licensing ;c:\programdata\dpl10032.exe --> c:\programdata\dpl10032.exe [?] S2 slsvc32323232;Software Licensing ;c:\programdata\kbdpl32.exe --> c:\programdata\KBDPL32.exe [?] S2 slsvc3232323232;Software Licensing ;c:\programdata\acprgwiz32.exe --> c:\programdata\acprgwiz32.exe [?] S2 SLUINotify32;SL UI Notification Service ;c:\programdata\wiaservc32.exe --> c:\programdata\wiaservc32.exe [?] S2 SNMPTRAP32323232323232;SNMP Trap ;c:\programdata\htui32.exe --> c:\programdata\htui32.exe [?] S2 SNMPTRAP3232323232323232;SNMP Trap ;c:\programdata\wevtsvc32.exe --> c:\programdata\wevtsvc32.exe [?] S2 Spooler3232;Print Spooler ;c:\programdata\shsvcs32.exe --> c:\programdata\shsvcs32.exe [?] S2 SSDPSRV3232;SSDP Discovery ;c:\programdata\sqlsrv3232.exe --> c:\programdata\sqlsrv3232.exe [?] S2 SSDPSRV323232;SSDP Discovery ;c:\programdata\iprtprio32.exe --> c:\programdata\iprtprio32.exe [?] S2 SSDPSRV32323232;SSDP Discovery ;c:\programdata\chtbrkr32.exe --> c:\programdata\chtbrkr32.exe [?] S2 SSDPSRV3232323232;SSDP Discovery ;c:\programdata\tvratings32.exe --> c:\programdata\tvratings32.exe [?] S2 SstpSvc32;Secure Socket Tunneling Protocol Service ;c:\programdata\ias32.exe --> c:\programdata\ias32.exe [?] S2 SstpSvc3232323232;Secure Socket Tunneling Protocol Service ;c:\programdata\vssapi32.exe --> c:\programdata\vssapi32.exe [?] S2 stisvc32;Windows Image Acquisition (WIA) ;c:\programdata\kbdhe22032.exe --> c:\programdata\KBDHE22032.exe [?] S2 stisvc3232;Windows Image Acquisition (WIA) ;c:\programdata\cmlua32.exe --> c:\programdata\cmlua32.exe [?] S2 stisvc323232;Windows Image Acquisition (WIA) ;c:\programdata\nsisvc32.exe --> c:\programdata\nsisvc32.exe [?] S2 stisvc3232323232;Windows Image Acquisition (WIA) ;c:\programdata\ig4icd3232.exe --> c:\programdata\ig4icd3232.exe [?] S2 stisvc323232323232;Windows Image Acquisition (WIA) ;c:\programdata\wpc32.exe --> c:\programdata\Wpc32.exe [?] S2 stisvc323232323232323232;Windows Image Acquisition (WIA) ;c:\programdata\procinst32.exe --> c:\programdata\procinst32.exe [?] S2 stisvc32323232323232323232;Windows Image Acquisition (WIA) ;c:\programdata\kbddiv232.exe --> c:\programdata\KBDDIV232.exe [?] S2 stisvc3232323232323232323232;Windows Image Acquisition (WIA) ;c:\programdata\mscories32.exe --> c:\programdata\mscories32.exe [?] S2 stllssvr32;stllssvr ;c:\programdata\quartz32.exe --> c:\programdata\quartz32.exe [?] S2 stllssvr3232;stllssvr ;c:\programdata\nlslexicons000a32.exe --> c:\programdata\NlsLexicons000a32.exe [?] S2 stllssvr323232;stllssvr ;c:\programdata\kbd10632.exe --> c:\programdata\kbd10632.exe [?] S2 stllssvr3232323232323232;stllssvr ;c:\programdata\olecli3232.exe --> c:\programdata\olecli3232.exe [?] S2 stllssvr323232323232323232;stllssvr ;c:\programdata\rshx3232.exe --> c:\programdata\rshx3232.exe [?] S2 stllssvr32323232323232323232;stllssvr ;c:\programdata\drprov32.exe --> c:\programdata\drprov32.exe [?] S2 stllssvr323232323232323232323232;stllssvr ;c:\programdata\secproc_isv32.exe --> c:\programdata\secproc_isv32.exe [?] S2 stllssvr32323232323232323232323232;stllssvr ;c:\programdata\portabledeviceclassextension32.exe --> c:\programdata\PortableDeviceClassExtension32.exe [?] S2 swprv3232;Microsoft Software Shadow Copy Provider ;c:\programdata\deskmon32.exe --> c:\programdata\deskmon32.exe [?] S2 swprv323232;Microsoft Software Shadow Copy Provider ;c:\programdata\devmgr32.exe --> c:\programdata\devmgr32.exe [?] S2 swprv3232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\toolhelp32.exe --> c:\programdata\TOOLHELP32.exe [?] S2 swprv323232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\c_is202232.exe --> c:\programdata\C_IS202232.exe [?] S2 swprv32323232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\muifontsetup32.exe --> c:\programdata\muifontsetup32.exe [?] S2 swprv3232323232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\wsmres32.exe --> c:\programdata\WsmRes32.exe [?] S2 swprv323232323232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\drvstore32.exe --> c:\programdata\drvstore32.exe [?] S2 swprv32323232323232323232323232;Microsoft Software Shadow Copy Provider ;c:\programdata\nlslexicons002032.exe --> c:\programdata\NlsLexicons002032.exe [?] S2 SysMain32;Superfetch ;c:\programdata\ipnathlp32.exe --> c:\programdata\ipnathlp32.exe [?] S2 SysMain323232;Superfetch ;c:\programdata\tbssvc32.exe --> c:\programdata\tbssvc32.exe [?] S2 SysMain32323232;Superfetch ;c:\programdata\ci32.exe --> c:\programdata\ci32.exe [?] S2 SysMain3232323232;Superfetch ;c:\programdata\photowiz32.exe --> c:\programdata\photowiz32.exe [?] S2 SysMain3232323232323232;Superfetch ;c:\programdata\oleres32.exe --> c:\programdata\oleres32.exe [?] S2 SysMain323232323232323232;Superfetch ;c:\programdata\wlanapi32.exe --> c:\programdata\wlanapi32.exe [?] S2 SysMain32323232323232323232;Superfetch ;c:\programdata\nlslexicons004732.exe --> c:\programdata\NlsLexicons004732.exe [?] S2 SysMain323232323232323232323232;Superfetch ;c:\programdata\mimefilt32.exe --> c:\programdata\mimefilt32.exe [?] S2 TabletInputService32;Tablet PC Input Service ;c:\programdata\netprofm32.exe --> c:\programdata\netprofm32.exe [?] S2 TabletInputService3232;Tablet PC Input Service ;c:\programdata\drmmgrtn32.exe --> c:\programdata\drmmgrtn32.exe [?] S2 TabletInputService323232;Tablet PC Input Service ;c:\programdata\apphelp32.exe --> c:\programdata\apphelp32.exe [?] S2 TabletInputService32323232;Tablet PC Input Service ;c:\programdata\mssign3232.exe --> c:\programdata\mssign3232.exe [?] S2 TabletInputService323232323232;Tablet PC Input Service ;c:\programdata\nlsdata002632.exe --> c:\programdata\NlsData002632.exe [?] S2 TabletInputService32323232323232;Tablet PC Input Service ;c:\programdata\wsmplpxy32.exe --> c:\programdata\wsmplpxy32.exe [?] S2 TabletInputService3232323232323232;Tablet PC Input Service ;c:\programdata\rasdiag32.exe --> c:\programdata\rasdiag32.exe [?] S2 TapiSrv32;Telephony ;c:\programdata\bootstr32.exe --> c:\programdata\bootstr32.exe [?] S2 TapiSrv323232;Telephony ;c:\programdata\iyuv_3232.exe --> c:\programdata\iyuv_3232.exe [?] S2 TapiSrv3232323232323232;Telephony ;c:\programdata\wshelper32.exe --> c:\programdata\wshelper32.exe [?] S2 TapiSrv323232323232323232;Telephony ;c:\programdata\vga64k32.exe --> c:\programdata\vga64k32.exe [?] S2 TapiSrv32323232323232323232;Telephony ;c:\programdata\nlslexicons000232.exe --> c:\programdata\NlsLexicons000232.exe [?] S2 TBS3232;TPM Base Services ;c:\programdata\kbdintam32.exe --> c:\programdata\KBDINTAM32.exe [?] S2 TermService32;Terminal Services ;c:\programdata\presentationnative_v030032.exe --> c:\programdata\PresentationNative_v030032.exe [?] S2 TermService3232;Terminal Services ;c:\programdata\kbdsyr232.exe --> c:\programdata\KBDSYR232.exe [?] S2 TermService323232;Terminal Services ;c:\programdata\msihnd32.exe --> c:\programdata\msihnd32.exe [?] S2 TermService3232323232;Terminal Services ;c:\programdata\nlslexicons081632.exe --> c:\programdata\NlsLexicons081632.exe [?] S2 TermService323232323232;Terminal Services ;c:\programdata\adsldp32.exe --> c:\programdata\adsldp32.exe [?] S2 TermService32323232323232;Terminal Services ;c:\programdata\wmnetmgr32.exe --> c:\programdata\WMNetMgr32.exe [?] S2 TermService323232323232323232;Terminal Services ;c:\programdata\portabledeviceapi32.exe --> c:\programdata\PortableDeviceApi32.exe [?] S2 Themes32;Themes ;c:\programdata\d3d10_132.exe --> c:\programdata\d3d10_132.exe [?] S2 Themes3232;Themes ;c:\programdata\cfgbkend32.exe --> c:\programdata\cfgbkend32.exe [?] S2 Themes323232;Themes ;c:\programdata\eappcfg32.exe --> c:\programdata\eappcfg32.exe [?] S2 Themes32323232;Themes ;c:\programdata\e_fbchala32.exe --> c:\programdata\E_FBCHALA32.exe [?] S2 Themes3232323232;Themes ;c:\programdata\winusb32.exe --> c:\programdata\winusb32.exe [?] S2 Themes323232323232;Themes ;c:\programdata\termmgr32.exe --> c:\programdata\termmgr32.exe [?] S2 Themes32323232323232;Themes ;c:\programdata\acppage32.exe --> c:\programdata\acppage32.exe [?] S2 Themes323232323232323232;Themes ;c:\programdata\dsprop32.exe --> c:\programdata\dsprop32.exe [?] S2 Themes32323232323232323232;Themes ;c:\programdata\nlsdata000932.exe --> c:\programdata\NlsData000932.exe [?] S2 THREADORDER3232;Thread Ordering Server ;c:\programdata\msv1_032.exe --> c:\programdata\msv1_032.exe [?] S2 THREADORDER323232;Thread Ordering Server ;c:\programdata\kbdsf32.exe --> c:\programdata\KBDSF32.exe [?] S2 TrkWks32;Distributed Link Tracking Client ;c:\programdata\rtkpgext32.exe --> c:\programdata\RtkPgExt32.exe [?] S2 TrkWks32323232;Distributed Link Tracking Client ;c:\programdata\msjint4032.exe --> c:\programdata\msjint4032.exe [?] S2 TrkWks3232323232;Distributed Link Tracking Client ;c:\programdata\nlsdata000032.exe --> c:\programdata\NlsData000032.exe [?] S2 TrkWks323232323232;Distributed Link Tracking Client ;c:\programdata\dskquota32.exe --> c:\programdata\dskquota32.exe [?] S2 TrkWks32323232323232;Distributed Link Tracking Client ;c:\programdata\security32.exe --> c:\programdata\security32.exe [?] S2 TrustedInstaller32;Windows Modules Installer ;c:\programdata\hnetcfg32.exe --> c:\programdata\hnetcfg32.exe [?] S2 TrustedInstaller3232;Windows Modules Installer ;c:\programdata\wmiprop32.exe --> c:\programdata\wmiprop32.exe [?] S2 TrustedInstaller3232323232;Windows Modules Installer ;c:\programdata\ntdll32.exe --> c:\programdata\ntdll32.exe [?] S2 TrustedInstaller323232323232;Windows Modules Installer ;c:\programdata\cmlua32.exe --> c:\programdata\cmlua32.exe [?] S2 TrustedInstaller3232323232323232;Windows Modules Installer ;c:\programdata\odbc16gt32.exe --> c:\programdata\odbc16gt32.exe [?] S2 UI0Detect323232323232;Interactive Services Detection ;c:\programdata\ir41_qc32.exe --> c:\programdata\ir41_qc32.exe [?] S2 UI0Detect32323232323232;Interactive Services Detection ;c:\programdata\raschap32.exe --> c:\programdata\raschap32.exe [?] S2 UI0Detect3232323232323232;Interactive Services Detection ;c:\programdata\ndfapi32.exe --> c:\programdata\ndfapi32.exe [?] S2 upnphost32;UPnP Device Host ;c:\programdata\imgutil32.exe --> c:\programdata\imgutil32.exe [?] S2 upnphost3232323232323232323232323232;UPnP Device Host ;c:\programdata\msexcl4032.exe --> c:\programdata\msexcl4032.exe [?] S2 upnphost3232323232323232323232323232323232;UPnP Device Host ;c:\programdata\kbdmlt4732.exe --> c:\programdata\KBDMLT4732.exe [?] S2 upnphost323232323232323232323232323232323232;UPnP Device Host ;c:\programdata\rasplap32.exe --> c:\programdata\rasplap32.exe [?] S2 UxSms323232;Desktop Window Manager Session Manager ;c:\programdata\ktmw3232.exe --> c:\programdata\ktmw3232.exe [?] S2 UxSms32323232;Desktop Window Manager Session Manager ;c:\programdata\winethc32.exe --> c:\programdata\winethc32.exe [?] S2 UxSms3232323232;Desktop Window Manager Session Manager ;c:\programdata\nlsdata000132.exe --> c:\programdata\NlsData000132.exe [?] S2 UxSms323232323232;Desktop Window Manager Session Manager ;c:\programdata\wlanmsm32.exe --> c:\programdata\wlanmsm32.exe [?] S2 vds32;Virtual Disk ;c:\programdata\bitsperf32.exe --> c:\programdata\bitsperf32.exe [?] S2 vds323232;Virtual Disk ;c:\programdata\nlslexicons000932.exe --> c:\programdata\NlsLexicons000932.exe [?] S2 vds3232323232;Virtual Disk ;c:\programdata\d3dim70032.exe --> c:\programdata\d3dim70032.exe [?] S2 vds3232323232323232;Virtual Disk ;c:\programdata\scripto32.exe --> c:\programdata\scripto32.exe [?] S2 vds323232323232323232;Virtual Disk ;c:\programdata\perfts32.exe --> c:\programdata\perfts32.exe [?] S2 vds323232323232323232323232;Virtual Disk ;c:\programdata\kbdlv32.exe --> c:\programdata\KBDLV32.exe [?] S2 Viewpoint Manager Service3232;Viewpoint Manager Service ;c:\programdata\query32.exe --> c:\programdata\Query32.exe [?] S2 Viewpoint Manager Service323232;Viewpoint Manager Service ;c:\programdata\sstpsvc32.exe --> c:\programdata\sstpsvc32.exe [?] S2 Viewpoint Manager Service32323232;Viewpoint Manager Service ;c:\programdata\ntshrui32.exe --> c:\programdata\ntshrui32.exe [?] S2 Viewpoint Manager Service3232323232;Viewpoint Manager Service ;c:\programdata\authz32.exe --> c:\programdata\authz32.exe [?] S2 Viewpoint Manager Service323232323232;Viewpoint Manager Service ;c:\programdata\umb32.exe --> c:\programdata\umb32.exe [?] S2 Viewpoint Manager Service32323232323232323232;Viewpoint Manager Service ;c:\programdata\rpcns432.exe --> c:\programdata\RpcNs432.exe [?] S2 Viewpoint Manager Service3232323232323232323232;Viewpoint Manager Service ;c:\programdata\qshvhost32.exe --> c:\programdata\QSHVHOST32.exe [?] S2 Viewpoint Manager Service323232323232323232323232;Viewpoint Manager Service ;c:\programdata\msstrc32.exe --> c:\programdata\msstrc32.exe [?] S2 Viewpoint Manager Service32323232323232323232323232;Viewpoint Manager Service ;c:\programdata\wmvdecod32.exe --> c:\programdata\WMVDECOD32.exe [?] S2 VSS32;Volume Shadow Copy ;c:\programdata\rpchttp32.exe --> c:\programdata\rpchttp32.exe [?] S2 W32Time3232;Windows Time ;c:\programdata\nlslexicons000f32.exe --> c:\programdata\NlsLexicons000f32.exe [?] S2 W32Time323232;Windows Time ;c:\programdata\igfxcoin_v127732.exe --> c:\programdata\igfxCoIn_v127732.exe [?] S2 WcesComm32;Windows Mobile-2003-based device connectivity ;c:\programdata\certcli32.exe --> c:\programdata\certcli32.exe [?] S2 WcesComm3232;Windows Mobile-2003-based device connectivity ;c:\programdata\dmvdsitf32.exe --> c:\programdata\dmvdsitf32.exe [?] S2 WcesComm323232;Windows Mobile-2003-based device connectivity ;c:\programdata\certenrollui32.exe --> c:\programdata\CertEnrollUI32.exe [?] S2 WcesComm32323232;Windows Mobile-2003-based device connectivity ;c:\programdata\occache32.exe --> c:\programdata\occache32.exe [?] S2 WcesComm323232323232;Windows Mobile-2003-based device connectivity ;c:\programdata\sfc32.exe --> c:\programdata\sfc32.exe [?] S2 WcesComm3232323232323232;Windows Mobile-2003-based device connectivity ;c:\programdata\msxml632.exe --> c:\programdata\msxml632.exe [?] S2 wcncsvc32;Windows Connect Now - Config Registrar ;c:\programdata\networkmap32.exe --> c:\programdata\networkmap32.exe [?] S2 wcncsvc3232;Windows Connect Now - Config Registrar ;c:\programdata\bitsprx232.exe --> c:\programdata\bitsprx232.exe [?] S2 wcncsvc323232;Windows Connect Now - Config Registrar ;c:\programdata\iaspolcy32.exe --> c:\programdata\iaspolcy32.exe [?] S2 wcncsvc32323232;Windows Connect Now - Config Registrar ;c:\programdata\asferror32.exe --> c:\programdata\asferror32.exe [?] S2 wcncsvc3232323232;Windows Connect Now - Config Registrar ;c:\programdata\untfs32.exe --> c:\programdata\untfs32.exe [?] S2 wcncsvc3232323232323232;Windows Connect Now - Config Registrar ;c:\programdata\wshbth32.exe --> c:\programdata\wshbth32.exe [?] S2 wcncsvc323232323232323232;Windows Connect Now - Config Registrar ;c:\programdata\trapi32.exe --> c:\programdata\TRAPI32.exe [?] S2 WcsPlugInService3232;Windows Color System ;c:\programdata\rasdlg32.exe --> c:\programdata\rasdlg32.exe [?] S2 WcsPlugInService323232;Windows Color System ;c:\programdata\msmmsp32.exe --> c:\programdata\msmmsp32.exe [?] S2 WcsPlugInService32323232;Windows Color System ;c:\programdata\kbdjpn32.exe --> c:\programdata\KBDJPN32.exe [?] S2 WcsPlugInService323232323232;Windows Color System ;c:\programdata\fwremotesvr32.exe --> c:\programdata\FwRemoteSvr32.exe [?] S2 WcsPlugInService32323232323232;Windows Color System ;c:\programdata\compatui32.exe --> c:\programdata\CompatUI32.exe [?] S2 WdiSystemHost323232;Diagnostic System Host ;c:\programdata\d3dim70032.exe --> c:\programdata\d3dim70032.exe [?] S2 WdiSystemHost32323232;Diagnostic System Host ;c:\programdata\wmerror32.exe --> c:\programdata\wmerror32.exe [?] S2 WdiSystemHost32323232323232;Diagnostic System Host ;c:\programdata\kbdmon32.exe --> c:\programdata\KBDMON32.exe [?] S2 WdiSystemHost3232323232323232;Diagnostic System Host ;c:\programdata\deskperf32.exe --> c:\programdata\deskperf32.exe [?] S2 WdiSystemHost32323232323232323232323232323232;Diagnostic System Host ;c:\programdata\kbdfc32.exe --> c:\programdata\KBDFC32.exe [?] S2 WebClient32;WebClient ;c:\programdata\wls0wndh32.exe --> c:\programdata\WlS0WndH32.exe [?] S2 WebClient3232;WebClient ;c:\programdata\vidreszr32.exe --> c:\programdata\VIDRESZR32.exe [?] S2 WebClient32323232;WebClient ;c:\programdata\tapisrv32.exe --> c:\programdata\tapisrv32.exe [?] S2 WebClient3232323232;WebClient ;c:\programdata\els32.exe --> c:\programdata\els32.exe [?] S2 WebClient323232323232;WebClient ;c:\programdata\hccoin32.exe --> c:\programdata\hccoin32.exe [?] S2 WebClient32323232323232;WebClient ;c:\programdata\nicco632.exe --> c:\programdata\NicCo632.exe [?] S2 WebClient3232323232323232;WebClient ;c:\programdata\odbctrac32.exe --> c:\programdata\odbctrac32.exe [?] S2 Wecsvc3232;Windows Event Collector ;c:\programdata\rasctrs32.exe --> c:\programdata\rasctrs32.exe [?] S2 Wecsvc323232;Windows Event Collector ;c:\programdata\win87em32.exe --> c:\programdata\win87em32.exe [?] S2 Wecsvc32323232;Windows Event Collector ;c:\programdata\wsnmp3232.exe --> c:\programdata\wsnmp3232.exe [?] S2 Wecsvc3232323232;Windows Event Collector ;c:\programdata\wiavideo32.exe --> c:\programdata\wiavideo32.exe [?] S2 Wecsvc323232323232323232;Windows Event Collector ;c:\programdata\netcfgx32.exe --> c:\programdata\netcfgx32.exe [?] S2 Wecsvc3232323232323232323232;Windows Event Collector ;c:\programdata\msvidc3232.exe --> c:\programdata\msvidc3232.exe [?] S2 wercplsupport32;Problem Reports and Solutions Control Panel Support ;c:\programdata\aqckgen32.exe --> c:\programdata\AQCKGen32.exe [?] S2 wercplsupport323232323232;Problem Reports and Solutions Control Panel Support ;c:\programdata\msrle3232.exe --> c:\programdata\msrle3232.exe [?] S2 WerSvc323232;Windows Error Reporting Service ;c:\programdata\cpc_dmird32.exe --> c:\programdata\cPC_DMIRD32.exe [?] S2 WerSvc32323232;Windows Error Reporting Service ;c:\programdata\alttab32.exe --> c:\programdata\AltTab32.exe [?] S2 WerSvc323232323232;Windows Error Reporting Service ;c:\programdata\sens32.exe --> c:\programdata\Sens32.exe [?] S2 WinDefend32323232;Windows Defender ;c:\programdata\msctfui32.exe --> c:\programdata\msctfui32.exe [?] S2 WinDefend3232323232;Windows Defender ;c:\programdata\mmdevapi32.exe --> c:\programdata\MMDevAPI32.exe [?] S2 WinDefend323232323232;Windows Defender ;c:\programdata\taskcomp32.exe --> c:\programdata\taskcomp32.exe [?] S2 WinHttpAutoProxySvc3232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\msaudite32.exe --> c:\programdata\msaudite32.exe [?] S2 WinHttpAutoProxySvc323232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\commdlg32.exe --> c:\programdata\COMMDLG32.exe [?] S2 WinHttpAutoProxySvc32323232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\qdvd32.exe --> c:\programdata\qdvd32.exe [?] S2 WinHttpAutoProxySvc3232323232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\kbdrost32.exe --> c:\programdata\KBDROST32.exe [?] S2 WinHttpAutoProxySvc323232323232;WinHTTP Web Proxy Auto-Discovery Service ;c:\programdata\rtkcoinst32.exe --> c:\programdata\RtkCoInst32.exe [?] S2 Winmgmt323232;Windows Management Instrumentation ;c:\programdata\slwga32.exe --> c:\programdata\slwga32.exe [?] S2 wmiApSrv32;WMI Performance Adapter ;c:\programdata\igfxtmm32.exe --> c:\programdata\igfxTMM32.exe [?] S2 wmiApSrv3232;WMI Performance Adapter ;c:\programdata\msvideo32.exe --> c:\programdata\msvideo32.exe [?] S2 wmiApSrv323232;WMI Performance Adapter ;c:\programdata\msafd32.exe --> c:\programdata\msafd32.exe [?] S2 wmiApSrv32323232;WMI Performance Adapter ;c:\programdata\imagesp132.exe --> c:\programdata\imagesp132.exe [?] S2 WMPNetworkSvc3232;Windows Media Player Network Sharing Service ;c:\programdata\kbdusl32.exe --> c:\programdata\KBDUSL32.exe [?] S2 WPCSvc32;Parental Controls ;c:\programdata\wsecedit32.exe --> c:\programdata\wsecedit32.exe [?] S2 WPDBusEnum32;Portable Device Enumerator Service ;c:\programdata\prnntfy32.exe --> c:\programdata\prnntfy32.exe [?] S2 WPDBusEnum32323232;Portable Device Enumerator Service ;c:\programdata\nlslexicons004632.exe --> c:\programdata\NlsLexicons004632.exe [?] S2 WPDBusEnum3232323232;Portable Device Enumerator Service ;c:\programdata\iassvcs32.exe --> c:\programdata\iassvcs32.exe [?] S2 WPDBusEnum323232323232;Portable Device Enumerator Service ;c:\programdata\dhcpcmonitor32.exe --> c:\programdata\dhcpcmonitor32.exe [?] S2 WPDBusEnum32323232323232;Portable Device Enumerator Service ;c:\programdata\sdohlp32.exe --> c:\programdata\sdohlp32.exe [?] S2 WPFFontCache_v04003232;Windows Presentation Foundation Font Cache 4.0.0.0 ;c:\programdata\c_iscii32.exe --> c:\programdata\C_ISCII32.exe [?] S2 WPFFontCache_v0400323232323232;Windows Presentation Foundation Font Cache 4.0.0.0 ;c:\programdata\sqlunirl32.exe --> c:\programdata\sqlunirl32.exe [?] S2 WPFFontCache_v040032323232323232;Windows Presentation Foundation Font Cache 4.0.0.0 ;c:\programdata\osbaseln32.exe --> c:\programdata\osbaseln32.exe [?] S2 WPFFontCache_v04003232323232323232;Windows Presentation Foundation Font Cache 4.0.0.0 ;c:\programdata\pcadm32.exe --> c:\programdata\pcadm32.exe [?] S2 WPFFontCache_v0400323232323232323232;Windows Presentation Foundation Font Cache 4.0.0.0 ;c:\programdata\portabledevicewmdrm32.exe --> c:\programdata\PortableDeviceWMDRM32.exe [?] S2 wscsvc32;Security Center ;c:\programdata\radardt32.exe --> c:\programdata\radardt32.exe [?] S2 wscsvc323232;Security Center ;c:\programdata\kbdbu32.exe --> c:\programdata\KBDBU32.exe [?] S2 wscsvc32323232;Security Center ;c:\programdata\faultrep32.exe --> c:\programdata\Faultrep32.exe [?] S2 wscsvc3232323232;Security Center ;c:\programdata\dxtmsft32.exe --> c:\programdata\dxtmsft32.exe [?] S2 wscsvc323232323232;Security Center ;c:\programdata\nlslexicons004c32.exe --> c:\programdata\NlsLexicons004c32.exe [?] S2 WSearch32;Windows Search ;c:\programdata\dxtrans32.exe --> c:\programdata\dxtrans32.exe [?] S2 WSearch323232;Windows Search ;c:\programdata\dnsrslvr32.exe --> c:\programdata\dnsrslvr32.exe [?] S2 WSearch32323232;Windows Search ;c:\programdata\kbdsw32.exe --> c:\programdata\KBDSW32.exe [?] S2 WSearch3232323232;Windows Search ;c:\programdata\ifsutil32.exe --> c:\programdata\ifsutil32.exe [?] S2 wuauserv3232;Windows Update ;c:\programdata\sysfxui32.exe --> c:\programdata\SysFxUI32.exe [?] S2 wuauserv323232;Windows Update ;c:\programdata\d3dxof32.exe --> c:\programdata\d3dxof32.exe [?] S2 wuauserv32323232;Windows Update ;c:\programdata\kbdit14232.exe --> c:\programdata\KBDIT14232.exe [?] S2 wuauserv323232323232;Windows Update ;c:\programdata\d3d8thk32.exe --> c:\programdata\d3d8thk32.exe [?] S2 wuauserv32323232323232;Windows Update ;c:\programdata\uxtheme32.exe --> c:\programdata\uxtheme32.exe [?] S2 wuauserv3232323232323232;Windows Update ;c:\programdata\wtsapi3232.exe --> c:\programdata\wtsapi3232.exe [?] S2 wuauserv323232323232323232;Windows Update ;c:\programdata\odbccr3232.exe --> c:\programdata\odbccr3232.exe [?] S2 wudfsvc32;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\kbdusx32.exe --> c:\programdata\KBDUSX32.exe [?] S2 XAudioService3232;XAudioService ;c:\programdata\msfeedsbs32.exe --> c:\programdata\msfeedsbs32.exe [?] S3 A5AGU;D-Link Wireless LAN 802.11 USB device driver;c:\windows\system32\drivers\AGUx86.sys [2008-1-17 892416] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232] S3 MCLServiceATL;Intel® Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-9-11 167936] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-2-4 84488] S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2009-3-29 599040] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2011-06-21 12:30:04 -------- d-----w- c:\users\kris\appdata\roaming\Malwarebytes 2011-06-21 12:29:23 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-06-21 12:29:22 -------- d-----w- c:\programdata\Malwarebytes 2011-06-21 12:29:17 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-21 12:29:17 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-06-19 00:19:04 184320 ----a-w- c:\programdata\asycfilt32.dll 2011-06-16 22:46:58 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat 2011-06-11 12:34:31 11776 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll 2011-06-11 12:33:05 -------- d-----w- c:\program files\common files\xing shared 2011-06-11 12:31:17 150712 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll 2011-06-11 12:29:51 105472 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll . ==================== Find3M ==================== . 2011-06-11 12:28:58 499712 ----a-w- c:\windows\system32\msvcp71.dll 2011-06-11 12:28:58 348160 ----a-w- c:\windows\system32\msvcr71.dll 2011-05-25 23:25:32 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-04 09:52:22 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-02 15:58:28 738816 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 12:49:57 146432 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-29 12:49:55 102400 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-29 12:49:51 213504 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-29 12:49:44 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-29 12:49:35 105984 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-21 15:00:34 833024 ----a-w- c:\windows\system32\wininet.dll 2011-04-21 14:57:48 78336 ----a-w- c:\windows\system32\ieencode.dll 2011-04-21 13:28:42 389632 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:16:42 273408 ----a-w- c:\windows\system32\drivers\afd.sys 2011-04-21 13:08:37 1383424 ----a-w- c:\windows\system32\mshtml.tlb 2011-04-14 19:01:38 95824 ----a-w- c:\windows\system32\drivers\mfeapfk.sys 2011-04-14 19:01:38 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys 2011-04-14 19:01:38 84488 ----a-w- c:\windows\system32\drivers\mferkdet.sys 2011-04-14 19:01:38 64584 ----a-w- c:\windows\system32\drivers\mfenlfk.sys 2011-04-14 19:01:38 56064 ----a-w- c:\windows\system32\drivers\cfwids.sys 2011-04-14 19:01:38 52320 ----a-w- c:\windows\system32\drivers\mfebopk.sys 2011-04-14 19:01:38 387480 ----a-w- c:\windows\system32\drivers\mfehidk.sys 2011-04-14 19:01:38 314088 ----a-w- c:\windows\system32\drivers\mfefirek.sys 2011-04-14 19:01:38 165032 ----a-w- c:\windows\system32\drivers\mfewfpk.sys 2011-04-14 19:01:38 153280 ----a-w- c:\windows\system32\drivers\mfeavfk.sys 2011-04-14 19:01:38 141792 ----a-w- c:\windows\system32\mfevtps.exe 2011-04-14 14:24:14 75264 ----a-w- c:\windows\system32\drivers\dfsc.sys . ============= FINISH: 14:44:02.56 =============== PLEASE advise, KJamal99 DDS.txt

I am having a problem where when I use Google to perform a web search, I get redirected to a page that has nothing to do with what I searched or what I clicked. At this point, the problem seems sporadic and began this week. For example, I earlier searched the name of a friend who moved back to her country after college. Clicking on any of the search results, redirected me to the same AD page - and I'm talking about results that should have opened LinkedIn, Pipl, MySpace, etc. Now, after a few BLUE SCREEN forced restarts resulting from two attempts to run GMER, I CAN click the links in the search results and end up on the correct pages. This happened yesterday as well. So I could not create the requested "ark.txt" file, since GMER will not run. But everything else is below/attached * MBAM log * DDS.txt * Attach.zip (contains Attach.txt, the other file resulting from the DDS tool) * no ark.txt - GMER will not run. Created a separate thread for that issue here ---> http://forums.malwarebytes.org/index.php?showtopic=87932 **************************************************************************** Here the Malewarebytes log from today. Doesn't look like it found anything. **************************************************************************** Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Database version: 6919 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 6/22/2011 11:36:01 AM mbam-log-2011-06-22 (11-36-01).txt Scan type: Quick scan Objects scanned: 198863 Time elapsed: 12 minute(s), 50 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ***********************END*********************************** ************************************************************* Here is the content of my DDS.txt - I apologize, it is VERY long... ************************************************************* DDS (Ver_2011-06-12.02) - NTFSx86 Internet Explorer: 7.0.6001.18000 BrowserJavaVersion: 1.6.0_26 Run by Kris at 14:42:12 on 2011-06-22 Microsoft

I was trying to run GMER, as per the instructions listed here ---> http://forums.malwarebytes.org//index.php?showtopic=9573 However, shortly after it begins running (after many items have been scanned), my computer BLUE SCREENS and restarts. When start-up is finished, I am provided with a message like "Windows have recovered from...". Here is what I get when I click to see more detail about the crash: **************** Problem signature: Problem Event Name: BlueScreen OS Version: 6.0.6001.2.1.0.768.3 Locale ID: 1033 Additional information about the problem: BCCode: 50 BCP1: CF740008 BCP2: 00000000 BCP3: B10A53CB BCP4: 00000000 OS Version: 6_0_6001 Service Pack: 1_0 Product: 768_1 Files that help describe the problem: C:\Windows\Minidump\Mini062211-02.dmp C:\Users\Kris\AppData\Local\Temp\WER-63788-0.sysdata.xml C:\Users\Kris\AppData\Local\Temp\WER7CC.tmp.version.txt **************** I am unable to view the contents of the first file. It just says Access is Denied, and I can only click OK. The other two files don't even exist where the above says they are. Can anyone help me to determine why GMER will not run?