chewbaccaneedsamedal

i'm getting firefox redirects

17 posts in this topic

I think my computer is infected. I keep getting redirects when I use Firefox and it takes forever to load now. I have run the Malwarebytes scan numereous times and it keeps finding infected objects every time. I am desperate to get my computer back to normal. I am pasting the dds reports. Thank you in advance.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_20

Run by Randy Green at 16:39:59 on 2012-05-07

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.223 [GMT -7:00]

.

.

============== Running Processes ===============

.

C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Program Files\Common Files\Motive\McciServiceHost.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\tcpsvcs.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\ATT-SST\McciTrayApp.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

\\.\globalroot\SystemRoot\system32\svchost.exe -k netsvcs

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\WINDOWS\SYSTEM32\IGFXPERS.EXE

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\EHOME\EHTRAY.EXE

C:\WINDOWS\eHome\ehmsas.exe

C:\PROGRAM FILES\DIGITAL LINE DETECT\DLG.EXE

C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\DISTILLR\ACROTRAY.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\WINDOWS\SYSTEM32\taskmgr.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/?fr=fp-yie8

uSearch Page = hxxp://www.google.com

uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uWindow Title = Windows Internet Explorer provided by Yahoo!

mDefault_Page_URL = hxxp://www.yahoo.com

mStart Page = hxxp://www.yahoo.com

uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us

uInternet Settings,ProxyOverride = <local>;*.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

uURLSearchHooks: YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

mURLSearchHooks: H - No File

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File

BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll

BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll

BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll

uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"

uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart

mRun: [igfxtray] c:\windows\system32\igfxtray.exe

mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe

mRun: [sigmatelSysTrayApp] stsystra.exe

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [DVDLauncher] "c:\program files\cyberlink\powerdvd\DVDLauncher.exe"

mRun: [dla] c:\windows\system32\dla\tfswctrl.exe

mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start

mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"

mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"

mRun: [ATT-SST_McciTrayApp] "c:\program files\att-sst\McciTrayApp.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA"&"inst=NwA3AC0ANAAyADQANAA5ADcANwA1ADAALQBYAEwAKwAxAC0AVAA0AC0ARgBQADkAKwA2AC0AQgBBAFIAOQBHACsAMQAtAFQAQgA5ACsAMgAtAEYATAArADkALQBYAE8AMwA2ACsAMQAtAEYAOQBNADcAQwArADUALQBGADkATQAxADAAQgArADEALQBYAE8AOQArADEALQBGADkATQAyACsAMQAtAEQARABUACsANQAyADcAMgAwAC0ARABEADkAMABGACsAMQAtAFMAVAA5ADAARgBBAFAAUAArADEALQBGADkAMABNADEAMgBBAE4AKwAxAC0ARgA5ADAATQAxADIAQQArADEALQBGADkAMABNADEAMgBBAEIAKwAxAC0AVQA5ADUAKwAxAC0ARgA5ADAATQAxADIAQQBUAEIAKwAxAC0ARgA5ADAATQAxADIAQgArADEA"&"prod=90"&"ver=9.0.894

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "c:\documents and settings\all users\application data\malwarebytes\malwarebytes' anti-malware\cleanup.dll",ProcessCleanupScript

StartupFolder: c:\docume~1\randyg~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\randy green\application data\dropbox\bin\Dropbox.exe

uPolicies-explorer: NoInstrumentation = 1 (0x1)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office10\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\progra~1\mi3aa1~1\INetRepl.dll

IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll

LSP: mswsock.dll

Trusted Zone: $talisma_url$

Trusted Zone: microsoft.com\office

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab

DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx

DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.4.2/jinstall-1_4_2_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{4DA633FF-39E9-441F-B26F-36BFB2971788} : DhcpNameServer = 192.168.1.254

Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL

Notify: igfxcui - igfxdev.dll

AppInit_DLLs: c:\progra~1\google\google~1\GOEC62~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\randy green\application data\mozilla\firefox\profiles\picgvapf.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?hl=en#t_0

FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p=

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: c:\program files\avg\avg9\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll

FF - plugin: c:\program files\common files\motive\npMotive.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll

FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll

.

============= SERVICES / DRIVERS ===============

.

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ASCService.exe [2012-4-5 913752]

R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2005-8-16 14336]

R2 McciServiceHost;McciServiceHost;c:\program files\common files\motive\McciServiceHost.exe [2011-9-26 315392]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R3 lknuhst;Linksys Network USB Host Controller;c:\windows\system32\drivers\lknuhst.sys [2008-6-11 11136]

R3 LKNUHUB;Linksys Network USB Root Hub;c:\windows\system32\drivers\lknuhub.sys [2008-6-11 37248]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]

S2 Ias;Windows Team Tools;c:\windows\system32\svchost.exe -k netsvcs [2005-8-16 14336]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-3-28 257696]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-5-26 136176]

S3 LKNUCMP;Linksys Network USB Composite Device;c:\windows\system32\drivers\lknucmp.sys [2008-6-11 11648]

.

=============== Created Last 30 ================

.

2012-05-07 21:13:59 388096 ----a-r- c:\documents and settings\randy green\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe

2012-05-07 21:13:55 -------- d-----w- c:\program files\Trend Micro

2012-05-07 21:08:21 54016 ----a-w- c:\windows\system32\drivers\iavbfqt.sys

2012-05-07 16:23:53 0 --sha-w- c:\windows\system32\papycpu2.dll

2012-04-30 18:02:57 0 --sha-w- c:\windows\system32\dds_trash_log.cmd

2012-04-25 21:47:55 -------- d-----w- c:\program files\iPod

2012-04-25 21:42:27 -------- d-----w- c:\program files\Bonjour

2012-04-19 04:22:11 21336 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe

2012-04-19 02:59:04 -------- d-----w- c:\documents and settings\randy green\application data\Intelli-studio

2012-04-19 02:58:59 -------- d-----w- c:\program files\Samsung

2012-04-14 05:31:29 -------- d-----w- c:\documents and settings\randy green\application data\MrSmooth.1F1C2CE6230412E7752D206B573506D8446D8E6A.1

2012-04-14 05:30:46 -------- d-----w- c:\program files\MrSmooth

2012-04-14 05:29:16 -------- d-----w- c:\program files\Mr Smooth

2012-04-14 01:25:09 4140192 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

.

==================== Find3M ====================

.

2012-05-06 15:25:40 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-05-06 15:25:39 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-04-04 22:56:40 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-15 18:01:50 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll

2012-02-15 18:01:50 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys

.

============= FINISH: 16:41:20.73 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 6/5/2006 8:33:52 PM

System Uptime: 5/7/2012 10:41:13 AM (6 hours ago)

.

Motherboard: Dell Inc. | | 0KD882

Processor: Genuine Intel® CPU T2300 @ 1.66GHz | Microprocessor | 1662/166mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 37 GiB total, 2.031 GiB free.

D: is FIXED (NTFS) - 13 GiB total, 5.589 GiB free.

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Microsoft Tun Miniport Adapter

Device ID: ROOT\*TUNMP\0001

Manufacturer: Microsoft

Name: Microsoft Tun Miniport Adapter #2

PNP Device ID: ROOT\*TUNMP\0001

Service: tunmp

.

==== System Restore Points ===================

.

RP1420: 2/6/2012 1:08:04 PM - System Checkpoint

RP1421: 2/7/2012 1:44:05 PM - System Checkpoint

RP1422: 2/8/2012 7:30:51 PM - System Checkpoint

RP1423: 2/10/2012 10:43:46 AM - System Checkpoint

RP1424: 2/13/2012 8:12:37 AM - System Checkpoint

RP1425: 2/14/2012 11:59:36 AM - System Checkpoint

RP1426: 2/15/2012 7:17:05 AM - Software Distribution Service 3.0

RP1427: 2/17/2012 8:58:57 AM - System Checkpoint

RP1428: 2/21/2012 10:37:53 AM - System Checkpoint

RP1429: 2/22/2012 5:54:12 PM - System Checkpoint

RP1430: 2/24/2012 9:17:58 PM - System Checkpoint

RP1431: 2/28/2012 3:59:26 PM - System Checkpoint

RP1432: 3/7/2012 5:08:27 PM - Installed Windows Internet Explorer 8.

RP1433: 3/7/2012 5:11:24 PM - Software Distribution Service 3.0

RP1434: 3/11/2012 9:03:41 PM - Software Distribution Service 3.0

RP1435: 3/13/2012 9:37:25 AM - System Checkpoint

RP1436: 3/14/2012 3:31:59 PM - Software Distribution Service 3.0

RP1437: 3/16/2012 7:56:38 PM - System Checkpoint

RP1438: 3/23/2012 12:20:59 PM - System Checkpoint

RP1439: 3/25/2012 11:10:53 AM - System Checkpoint

RP1440: 3/27/2012 9:06:44 PM - System Checkpoint

RP1441: 4/2/2012 1:54:58 PM - System Checkpoint

RP1442: 4/3/2012 4:51:57 PM - System Checkpoint

RP1443: 4/11/2012 3:38:29 PM - System Checkpoint

RP1444: 4/12/2012 9:45:55 AM - Software Distribution Service 3.0

RP1445: 4/13/2012 3:37:11 PM - System Checkpoint

RP1446: 4/15/2012 11:43:38 AM - System Checkpoint

RP1447: 4/16/2012 11:52:46 AM - System Checkpoint

RP1448: 4/18/2012 9:03:55 PM - System Checkpoint

RP1449: 4/20/2012 5:08:22 AM - System Checkpoint

RP1450: 4/21/2012 5:17:20 AM - System Checkpoint

RP1451: 4/23/2012 11:43:31 AM - System Checkpoint

RP1452: 4/25/2012 2:31:28 PM - Installed Apple Software Update

RP1453: 4/25/2012 5:31:00 PM - Software Distribution Service 3.0

RP1454: 5/1/2012 10:04:32 AM - System Checkpoint

RP1455: 5/2/2012 12:13:20 PM - System Checkpoint

RP1456: 5/7/2012 2:13:51 PM - Installed HiJackThis

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

Adobe Acrobat 5.0

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader 8.3.1

Advanced SystemCare 5

AiO_Scan

Apple Application Support

Apple Mobile Device Support

Apple Software Update

AT&T Troubleshoot & Resolve Tool

Belkin F8E825-USB MiniWireless Optical Mouse

Bluetooth Stack for Windows by Toshiba

Bonjour

BPD_Scan

Broadcom Management Programs

Canon Camera Access Library

Canon Camera Support Core Library

Canon Camera Window DC_DV 5 for ZoomBrowser EX

Canon Camera Window DC_DV 6 for ZoomBrowser EX

Canon Camera Window MC 6 for ZoomBrowser EX

Canon G.726 WMP-Decoder

Canon MovieEdit Task for ZoomBrowser EX

Canon RAW Image Task for ZoomBrowser EX

Canon RemoteCapture Task for ZoomBrowser EX

Canon Utilities EOS Utility

Canon Utilities ZoomBrowser EX

Compatibility Pack for the 2007 Office system

Conexant HDA D110 MDC V.92 Modem

Critical Update for Windows Media Player 11 (KB959772)

Dell Digital Jukebox Driver

Dell System Restore

Digital Content Portal

Digital Line Detect

DivX Web Player

Documentation & Support Launcher

Dropbox

FLV Player 2.0, build 24

Games, Music, & Photos Launcher

Google Desktop

Google Earth Plug-in

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

High Definition Audio Driver Package - KB835221

HiJackThis

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Internet Explorer 7 (KB947864)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Image Zone 4.2

HP Officejet All-In-One Series

HP PSC & OfficeJet 4.2

HP Software Update

HPODiscovery

Intel® Graphics Media Accelerator Driver

Intel® PROSet/Wireless Software

IrfanView (remove only)

iTunes

Java 2 Runtime Environment, SE v1.4.2_03

Java 6 Update 20

Lexmark X1100 Series

Malwarebytes Anti-Malware version 1.61.0.1400

mCore

MCU

mDriver

mDrWiFi

mGina

mHlpDell

Microsoft .NET Framework 1.0 Hotfix (KB2572066)

Microsoft .NET Framework 1.0 Hotfix (KB2656378)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft ActiveSync

Microsoft Automated Troubleshooting Services Shim

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft IntelliPoint 6.1

Microsoft IntelliType Pro 6.1

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft National Language Support Downlevel APIs

Microsoft Office Converter Pack

Microsoft Office XP Professional with FrontPage

Microsoft Plus! Digital Media Edition Installer

Microsoft Plus! Photo Story 2 LE

Microsoft Silverlight

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

mIWA

mLogView

mMHouse

Mobile Broadband Drivers

MobileMe Control Panel

Modem Helper

Mozilla Firefox 5.0 (x86 en-US)

mPfMgr

mPfWiz

mProSafe

Mr Smooth v1.0

MrSmooth

mSSO

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB954459)

mToolkit

Musicmatch for Windows Media Player

mWlsSafe

mWMI

mXML

mZConfig

Netflix Movie Viewer

overland

PowerDVD 5.7

QFolder

QuickSet

QuickTime

RealPlayer Basic

Scan

Search Assist

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2360131)

Security Update for Windows Internet Explorer 7 (KB2416400)

Security Update for Windows Internet Explorer 7 (KB2482017)

Security Update for Windows Internet Explorer 7 (KB2497640)

Security Update for Windows Internet Explorer 7 (KB2544521)

Security Update for Windows Internet Explorer 7 (KB2618444)

Security Update for Windows Internet Explorer 7 (KB2647516)

Security Update for Windows Internet Explorer 7 (KB938127)

Security Update for Windows Internet Explorer 7 (KB942615)

Security Update for Windows Internet Explorer 7 (KB944533)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB917734)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951376)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Sonic DLA

Sonic Encoders

Sonic MyDVD LE

Sonic RecordNow Audio

Sonic RecordNow Copy

Sonic RecordNow Data

Sonic Update Manager

Synaptics Pointing Device Driver

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows Media Player 10 (KB910393)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

URL Assistant

Viewpoint Media Player

WebCyberCoach 3.2 Dell

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 7

Windows Live Messenger

Windows Media Format 11 runtime

Windows Media Player 10

Windows Media Player 10 Hotfix [see EmeraldQFE2 for more information]

Windows Media Player 11

Windows Media Player Firefox Plugin

Windows PowerShell 1.0

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB2628259

Windows XP Media Center Edition 2005 KB908246

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

WordPerfect Office 12

Yahoo! Software Update

Yahoo! Toolbar

.

==== Event Viewer Messages From Past Week ========

.

5/7/2012 8:51:58 AM, error: Service Control Manager [7023] - The Tmesrv3 service terminated with the following error: %1 is not a valid Win32 application.

5/7/2012 10:16:23 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

5/4/2012 9:49:34 AM, error: Service Control Manager [7023] - The Fallback service terminated with the following error: The specified module could not be found.

5/4/2012 9:49:34 AM, error: Service Control Manager [7023] - The Awservice service terminated with the following error: The specified module could not be found.

5/4/2012 9:49:34 AM, error: Service Control Manager [7023] - The Alcxwdm service terminated with the following error: The specified module could not be found.

5/3/2012 12:29:09 PM, error: Service Control Manager [7023] - The Zdeviceservice service terminated with the following error: The specified module could not be found.

5/2/2012 7:17:49 PM, error: Service Control Manager [7023] - The Zntport service terminated with the following error: The specified module could not be found.

5/2/2012 7:17:49 PM, error: Service Control Manager [7023] - The Sr_watchdog service terminated with the following error: The specified module could not be found.

5/2/2012 7:17:49 PM, error: Service Control Manager [7023] - The Sagefserver service terminated with the following error: The specified module could not be found.

5/2/2012 7:17:49 PM, error: Service Control Manager [7023] - The PTproct service terminated with the following error: The specified module could not be found.

5/2/2012 7:17:49 PM, error: Service Control Manager [7023] - The Mpfservice service terminated with the following error: The specified module could not be found.

5/2/2012 3:39:13 PM, error: Service Control Manager [7023] - The Naiavfilter1 service terminated with the following error: The specified module could not be found.

5/2/2012 3:39:13 PM, error: Service Control Manager [7023] - The Elosystemservice service terminated with the following error: The specified module could not be found.

5/2/2012 2:35:20 PM, error: Service Control Manager [7023] - The WinDriver6 service terminated with the following error: The specified module could not be found.

5/2/2012 2:35:20 PM, error: Service Control Manager [7023] - The Windows Team Tools service terminated with the following error: The specified module could not be found.

5/2/2012 12:37:01 PM, error: Service Control Manager [7023] - The Mcvsrte service terminated with the following error: The specified module could not be found.

5/1/2012 9:48:01 AM, error: Service Control Manager [7023] - The USB Device Service service terminated with the following error: The specified module could not be found.

5/1/2012 9:48:01 AM, error: Service Control Manager [7023] - The NtMtlFax service terminated with the following error: The specified module could not be found.

5/1/2012 9:48:01 AM, error: Service Control Manager [7023] - The {e2b953a6-195a-44f9-9ba3-3d5f4e32bb55} service terminated with the following error: The specified module could not be found.

5/1/2012 9:26:20 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000043' while processing the file 'i8042prt.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

5/1/2012 8:09:51 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'i8042prt.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

5/1/2012 11:21:40 AM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.

4/30/2012 4:12:44 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

4/30/2012 3:49:57 PM, error: Service Control Manager [7034] - The System Restore Service service terminated unexpectedly. It has done this 1 time(s).

4/30/2012 3:49:57 PM, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s).

4/30/2012 3:49:57 PM, error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/30/2012 3:49:57 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPDRV Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip Tcpip6 Tosrfcom WS2IFSL

4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The Simple TCP/IP Services service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The IPv6 Helper Service service depends on the Microsoft IPv6 Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The Fax service depends on the Print Spooler service which failed to start because of the following error: The dependency service or group failed to start.

4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/30/2012 3:49:57 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

4/30/2012 3:49:15 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

.

==== End Of File ===========================

Share this post


Link to post
Share on other sites

Hello chew.................... and welcome.

Start with the following, and make no changes or adds to your system without checking with me first. i.e., kindly only follow my guidance

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Close all open browsers at this point.
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall
Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com
and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.
Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button
Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.
The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.
Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.
Step 6
  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Click on Scan.
  • Click on Report and copy/paste the content of the notepad into your next reply.

Step 7

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.

Use separate replies as needed if logs do not fit into one reply box.

Share this post


Link to post
Share on other sites

Ok. Here goes. I lost the info.text file from RSIT and when I re ran it only the log.txt file comes up. Here are the other logs.

Logfile of random's system information tool 1.09 (written by random/random)

Run by Randy Green at 2012-05-07 17:50:14

Microsoft Windows XP Professional Service Pack 3

System drive C: has 2 GB (5%) free of 38 GB

Total RAM: 1014 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 5:50:24 PM, on 5/7/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.17108)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Program Files\Common Files\Motive\McciServiceHost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\tcpsvcs.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Canon\CAL\CALMAIN.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\stsystra.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Microsoft IntelliType Pro\itype.exe

C:\Program Files\Microsoft IntelliPoint\ipoint.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\ATT-SST\McciTrayApp.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft ActiveSync\wcescomm.exe

C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\WINDOWS\SYSTEM32\IGFXPERS.EXE

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\EHOME\EHTRAY.EXE

C:\WINDOWS\eHome\ehmsas.exe

C:\PROGRAM FILES\DIGITAL LINE DETECT\DLG.EXE

C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\DISTILLR\ACROTRAY.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

\.\globalroot\C:\WINDOWS\system32\svchost.exe

C:\Documents and Settings\Randy Green\Desktop\RSIT.exe

C:\Program Files\trend micro\Randy Green.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8'>http://www.yahoo.com/?fr=fp-yie8

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie8'>http://www.yahoo.com/?fr=fp-yie8

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\Program Files\BAE\BAE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"

O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

O4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

O4 - HKLM\..\Run: [ATT-SST_McciTrayApp] "C:\Program Files\ATT-SST\McciTrayApp.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA"&"inst=NwA3AC0ANAAyADQANAA5ADcANwA1ADAALQBYAEwAKwAxAC0AVAA0AC0ARgBQADkAKwA2AC0AQgBBAFIAOQBHACsAMQAtAFQAQgA5ACsAMgAtAEYATAArADkALQBYAE8AMwA2ACsAMQAtAEYAOQBNADcAQwArADUALQBGADkATQAxADAAQgArADEALQBYAE8AOQArADEALQBGADkATQAyACsAMQAtAEQARABUACsANQAyADcAMgAwAC0ARABEADkAMABGACsAMQAtAFMAVAA5ADAARgBBAFAAUAArADEALQBGADkAMABNADEAMgBBAE4AKwAxAC0ARgA5ADAATQAxADIAQQArADEALQBGADkAMABNADEAMgBBAEIAKwAxAC0AVQA5ADUAKwAxAC0ARgA5ADAATQAxADIAQQBUAEIAKwAxAC0ARgA5ADAATQAxADIAQgArADEA"&"prod=90"&"ver=9.0.894

O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"

O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart

O4 - HKUS\S-1-5-19\..\Run: [Corel Photo Album] rundll32.exe "C:\Documents and Settings\Randy Green\Local Settings\Application Data\Help\Corel Photo Album\ihkpbqo.dll",DllRegisterServer (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [Corel Photo Album] rundll32.exe "C:\Documents and Settings\Randy Green\Local Settings\Application Data\Help\Corel Photo Album\ihkpbqo.dll",DllRegisterServer (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab

O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\SYSTEM32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\SYSTEM32\browseui.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

O23 - Service: McciCMService - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciCMService.exe

O23 - Service: McciServiceHost - Alcatel-Lucent - C:\Program Files\Common Files\Motive\McciServiceHost.exe

O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Dkeysync (s116nd5) - Unknown owner - \\.\globalrootC:\WINDOWS\system32\svchost.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 13342 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\Google Software Updater.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Randy Green\Application Data\Mozilla\Firefox\Profiles\picgvapf.default

prefs.js - "browser.search.suggest.enabled" - false

prefs.js - "browser.startup.homepage" - "http://www.google.com/ig?hl=en#t_0"

prefs.js - "extensions.enabledItems" - "{3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872, avg@igeared:6.103.018.001, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, {95893C46-6679-4483-811A-B294C6556DE3}:1.9.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

prefs.js - "keyword.URL" - "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=685749&p="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff

"{95893C46-6679-4483-811A-B294C6556DE3}"=C:\Documents and Settings\Randy Green\Local Settings\Application Data\{95893C46-6679-4483-811A-B294C6556DE3}

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.2.202.235 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]

"Description"=DivX Web Player

"Path"=C:\Program Files\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]

"Description"=

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Motive.com/NpMotive,version=1.0]

"Description"=Motive Plugin

"Path"=C:\Program Files\Common Files\Motive\npMotive.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]

"Description"=Google Updater

"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP]

"Description"=Viewpoint Media Player for Mozilla

"Path"=C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

C:\Program Files\Mozilla Firefox\extensions\

{635abd67-4fe9-1b23-4f01-e679fa7484c1}

{972ce4c6-7e08-4474-a285-3208198ce6fd}

{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\

np-mswmp.dll

npdeployJava1.dll

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

QuickTimePlugin.class

WMP Firefox Plugin License.rtf

WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\

amazondotcom.xml

answers.xml

avg_igeared.xml

bing.xml

creativecommons.xml

eBay.xml

google.xml

twitter.xml

wikipedia.xml

yahoo.xml

C:\Documents and Settings\Randy Green\Application Data\Mozilla\Firefox\Profiles\picgvapf.default\extensions\

info@djzig.com

{20a82645-c095-46ed-80e3-08825760534b}

{635abd67-4fe9-1b23-4f01-e679fa7484c1}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2012-01-11 1517368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]

DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-05 118842]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2006-10-12 2108480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-09-17 842296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]

CBrowserHelperObject Object - c:\Program Files\BAE\BAE.dll [2006-02-22 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-21 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-21 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]

SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2009-09-19 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2006-10-12 2108480]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll [2012-01-11 1517368]

{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-12-13 98304]

"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-12-13 77824]

"SigmatelSysTrayApp"=C:\WINDOWS\stsystra.exe [2005-11-16 397312]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2005-11-29 761947]

"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2005-12-09 49152]

"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-12-05 127035]

"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-06-10 81920]

"itype"=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2006-11-21 813912]

"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2007-02-05 849280]

"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [2010-06-15 47408]

"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2006-10-18 696320]

"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2006-10-18 802816]

"ATT-SST_McciTrayApp"=C:\Program Files\ATT-SST\McciTrayApp.exe [2010-07-27 1573888]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2011-08-30 40368]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]

"ISUSPM Startup"=C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-06-10 249856]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2011-10-24 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-03-27 421736]

"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"=cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYAMABLAE0AQwAtAEUAOQBWAFUAVwAtAEUAVwAwAFYAQQAtAFUAVQAzAFgATAAtAEYARQBXADkANwA&inst=NwA3AC0ANAAyADQANAA5ADcANwA1ADAALQBYAEwAKwAxAC0AVAA0AC0ARgBQADkAKwA2AC0AQgBBAFIAOQBHACsAMQAtAFQAQgA5ACsAMgAtAEYATAArADkALQBYAE8AMwA2ACsAMQAtAEYAOQBNADcAQwArADUALQBGADkATQAxADAAQgArADEALQBYAE8AOQArADEALQBGADkATQAyACsAMQAtAEQARABUACsANQAyADcAMgAwAC0ARABEADkAMABGACsAMQAtAFMAVAA5ADAARgBBAFAAUAArADEALQBGADkAMABNADEAMgBBAE4AKwAxAC0ARgA5ADAATQAxADIAQQArADEALQBGADkAMABNADEAMgBBAEIAKwAxAC0AVQA5ADUAKwAxAC0ARgA5ADAATQAxADIAQQBUAEIAKwAxAC0ARgA5ADAATQAxADIAQgArADEA∏=90&ver=9.0.894 []

"Malwarebytes Anti-Malware (cleanup)"=C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll [2012-04-04 1082440]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

"Advanced SystemCare 5"=C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [2012-03-06 574296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]

c:\windows\ehome\ehtray.exe [2005-09-29 67584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

c:\program files\google\google desktop search\googledesktop.exe [2006-05-29 169472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

c:\program files\hp\hp software update\hpwuschd2.exe [2005-02-16 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]

c:\windows\system32\spool\drivers\w32x86\3\hpztsb10.exe [2004-06-22 172032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]

c:\windows\system32\igfxpers.exe [2005-12-13 118784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

c:\program files\common files\installshield\updateservice\isuspm.exe [2005-06-10 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X1100 Series]

c:\program files\lexmark x1100 series\lxbkbmgr.exe [2003-08-19 57344]

C:\Documents and Settings\Randy Green\Start Menu\Programs\Startup

Dropbox.lnk - C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\WINDOWS\SYSTEM32\igfxdev.dll [2005-12-13 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\SYSTEM32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"NoInstrumentation"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:*:Enabled:ActiveSync RAPI Manager"

"C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe"="C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\WINDOWS\system32\svchost.exe"="C:\WINDOWS\system32\svchost.exe:*:Enabled:svchost.exe"

"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"

"C:\Program Files\Internet Explorer\iexplore.exe"="C:\Program Files\Internet Explorer\iexplore.exe:*:Enabled:Internet Explorer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

======List of files/folders created in the last 1 month======

2012-05-07 17:25:46 ----D---- C:\Documents and Settings\Randy Green\Application Data\QuickScan

2012-05-07 17:16:58 ----D---- C:\rsit

2012-05-07 17:15:13 ----D---- C:\WINDOWS\ERDNT

2012-05-07 17:10:55 ----D---- C:\Program Files\ERUNT

2012-05-07 14:13:55 ----D---- C:\Program Files\Trend Micro

2012-05-07 14:08:21 ----A---- C:\WINDOWS\system32\drivers\iavbfqt.sys

2012-05-07 09:23:53 ----ASH---- C:\WINDOWS\system32\papycpu2.dll

2012-05-03 08:58:02 ----A---- C:\WINDOWS\ntbtlog.txt

2012-04-30 11:02:57 ----ASH---- C:\WINDOWS\system32\dds_trash_log.cmd

2012-04-25 14:47:55 ----D---- C:\Program Files\iPod

2012-04-25 14:42:27 ----D---- C:\Program Files\Bonjour

2012-04-18 21:22:11 ----A---- C:\WINDOWS\system32\RegistryDefragBootTime.exe

2012-04-18 19:59:04 ----D---- C:\Documents and Settings\Randy Green\Application Data\Intelli-studio

2012-04-18 19:58:59 ----D---- C:\Program Files\Samsung

2012-04-13 22:31:29 ----D---- C:\Documents and Settings\Randy Green\Application Data\MrSmooth.1F1C2CE6230412E7752D206B573506D8446D8E6A.1

2012-04-13 22:30:46 ----D---- C:\Program Files\MrSmooth

2012-04-13 22:29:51 ----D---- C:\Program Files\Common Files\Adobe AIR

2012-04-13 22:29:16 ----D---- C:\Program Files\Mr Smooth

2012-04-13 18:25:09 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

2012-04-12 10:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2656378$

2012-04-12 09:49:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$

======List of files/folders modified in the last 1 month======

2012-05-07 17:41:36 ----D---- C:\WINDOWS\system32\drivers

2012-05-07 17:37:23 ----D---- C:\WINDOWS\system32

2012-05-07 17:25:46 ----SD---- C:\WINDOWS\Downloaded Program Files

2012-05-07 17:25:45 ----D---- C:\WINDOWS\system32\CatRoot2

2012-05-07 17:24:39 ----D---- C:\WINDOWS\Temp

2012-05-07 17:15:13 ----D---- C:\WINDOWS

2012-05-07 17:10:55 ----D---- C:\Program Files

2012-05-07 14:14:15 ----SHD---- C:\WINDOWS\Installer

2012-05-07 14:13:59 ----HD---- C:\Config.Msi

2012-05-07 14:08:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$

2012-05-07 12:36:35 ----D---- C:\Documents and Settings\Randy Green\Application Data\Dropbox

2012-05-07 11:48:40 ----A---- C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt

2012-05-07 10:43:01 ----D---- C:\WINDOWS\Registration

2012-05-07 10:42:26 ----A---- C:\WINDOWS\SchedLgU.Txt

2012-05-07 10:41:18 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

2012-05-07 09:01:41 ----RSHD---- C:\WINDOWS\system32\dllcache

2012-05-07 09:01:41 ----D---- C:\WINDOWS\system32\en-US

2012-05-07 09:01:40 ----HD---- C:\WINDOWS\inf

2012-05-07 09:01:40 ----D---- C:\WINDOWS\Media

2012-05-07 09:01:40 ----D---- C:\WINDOWS\Help

2012-05-07 09:01:39 ----D---- C:\Program Files\Internet Explorer

2012-05-07 09:00:30 ----D---- C:\WINDOWS\ie8updates

2012-05-07 08:51:18 ----SHD---- C:\WINDOWS\CSC

2012-05-06 10:18:09 ----D---- C:\WINDOWS\Prefetch

2012-05-06 10:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB938829$

2012-05-06 10:15:15 ----HDC---- C:\WINDOWS\$NtUninstallKB909394$

2012-05-06 08:25:40 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2012-05-04 19:20:06 ----D---- C:\Program Files\Mozilla Firefox

2012-05-03 19:48:43 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$

2012-05-03 19:48:41 ----RSD---- C:\WINDOWS\Fonts

2012-05-03 19:18:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_1$

2012-05-03 19:18:34 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$

2012-05-03 18:25:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$

2012-05-03 12:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$

2012-05-02 19:17:00 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_2$

2012-05-02 17:14:11 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$

2012-05-02 16:58:24 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_2$

2012-05-02 16:38:23 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$

2012-05-02 16:09:01 ----HDC---- C:\WINDOWS\$NtUninstallKB902400$

2012-05-02 15:45:54 ----D---- C:\WINDOWS\Minidump

2012-05-02 15:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$

2012-05-02 14:34:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$

2012-05-02 12:36:12 ----SD---- C:\WINDOWS\occache

2012-05-01 15:58:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2012-05-01 15:58:55 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$

2012-05-01 15:58:54 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$

2012-04-30 16:13:32 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2012-04-26 08:39:34 ----D---- C:\WINDOWS\ServicePackFiles

2012-04-25 20:23:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2012-04-25 18:23:15 ----D---- C:\Program Files\Microsoft Silverlight

2012-04-25 15:13:29 ----D---- C:\Documents and Settings\Randy Green\Application Data\Apple Computer

2012-04-25 15:04:14 ----D---- C:\Program Files\Apple Software Update

2012-04-25 14:49:19 ----D---- C:\Program Files\iTunes

2012-04-25 14:47:52 ----D---- C:\Program Files\Common Files\Apple

2012-04-25 14:43:14 ----DC---- C:\WINDOWS\system32\DRVSTORE

2012-04-25 14:39:24 ----D---- C:\Program Files\QuickTime

2012-04-25 14:35:25 ----D---- C:\WINDOWS\WinSxS

2012-04-25 14:31:47 ----SD---- C:\WINDOWS\Tasks

2012-04-19 04:20:03 ----D---- C:\WINDOWS\system32\config

2012-04-14 09:03:47 ----D---- C:\Program Files\Adobe

2012-04-13 22:30:00 ----D---- C:\Documents and Settings\Randy Green\Application Data\Adobe

2012-04-13 22:30:00 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2012-04-13 22:29:51 ----D---- C:\Program Files\Common Files

2012-04-12 10:25:52 ----RSD---- C:\WINDOWS\assembly

2012-04-12 10:21:33 ----D---- C:\WINDOWS\Microsoft.NET

2012-04-12 10:21:11 ----HD---- C:\WINDOWS\$hf_mig$

2012-04-12 10:14:06 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI

2012-04-12 09:53:28 ----D---- C:\WINDOWS\Debug

2012-04-12 09:52:04 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 drvmcdb;drvmcdb; C:\WINDOWS\system32\drivers\drvmcdb.sys [2004-12-01 87488]

R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2007-03-07 43528]

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]

R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]

R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]

R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2010-02-11 226880]

R1 Tosrfcom;Bluetooth RFCOMM from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-07-31 64896]

R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]

R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-10 12032]

R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.6.0.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2011-11-11 21425]

R2 ASCTRM;ASCTRM; C:\WINDOWS\system32\drivers\ASCTRM.sys [2006-05-29 8552]

R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480]

R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-16 13059]

R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2006-10-19 12544]

R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-12-05 25883]

R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-12-05 34843]

R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-12-05 4123]

R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-12-05 2239]

R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-12-05 86586]

R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-12-05 15227]

R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-12-05 6363]

R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-12-05 98714]

R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-12-05 100603]

R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2005-08-05 45312]

R3 GearAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-07-21 1035008]

R3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2005-07-21 201600]

R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-12-13 1364574]

R3 lknuhst;Linksys Network USB Host Controller; C:\WINDOWS\system32\DRIVERS\lknuhst.sys [2006-10-18 11136]

R3 LKNUHUB;Linksys Network USB Root Hub; C:\WINDOWS\system32\DRIVERS\lknuhub.sys [2006-10-18 37248]

R3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []

R3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []

R3 NETw3x32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw3x32.sys [2006-10-17 1711104]

R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 NWADI;NWADI Bus Enumerator; C:\WINDOWS\system32\DRIVERS\NWADIenum.sys [2007-04-19 194048]

R3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2005-10-14 28544]

R3 rimsptsk;rimsptsk; C:\WINDOWS\system32\DRIVERS\rimsptsk.sys [2005-10-14 51328]

R3 rismxdp;Ricoh xD-Picture Card Driver; C:\WINDOWS\system32\DRIVERS\rixdptsk.sys [2005-10-14 307968]

R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]

R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2005-11-16 1047816]

R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2005-11-29 191936]

R3 tosporte;Bluetooth Port Driver from Toshiba; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2005-11-21 47104]

R3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\System32\Drivers\tosrfusb.sys [2006-02-09 39936]

R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-07-21 717952]

S0 emcj;emcj; C:\WINDOWS\System32\drivers\iavbfqt.sys [2012-05-07 54016]

S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]

S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\drivers\BVRPMPR5.SYS []

S3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]

S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-07-10 49920]

S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-07-10 16496]

S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-07-10 21568]

S3 LKNUCMP;Linksys Network USB Composite Device; C:\WINDOWS\system32\DRIVERS\lknucmp.sys [2006-10-18 11648]

S3 mbr;mbr; \??\C:\DOCUME~1\RANDYG~1\LOCALS~1\Temp\mbr.sys []

S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]

S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]

S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []

S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []

S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]

S3 NWUSBModem;Novatel Wireless USB Modem Driver; C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys [2007-04-19 99200]

S3 NWUSBPort;Novatel Wireless USB Status Port Driver; C:\WINDOWS\system32\DRIVERS\nwusbser.sys [2007-04-19 99200]

S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\drivers\PCASp50.sys []

S3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-11-08 21760]

S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]

S3 toshidpt;TOSHIBA Bluetooth HID port driver; C:\WINDOWS\system32\drivers\Toshidpt.sys [2005-07-11 3712]

S3 Tosrfbd;Bluetooth RFBUS from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbd.sys [2006-01-20 108928]

S3 Tosrfbnp;Bluetooth RFBNEP from TOSHIBA; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2005-09-15 36480]

S3 Tosrfhid;Bluetooth RFHID from TOSHIBA; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-01-11 62848]

S3 tosrfnds;Bluetooth Personal Area Network from TOSHIBA; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-05 18612]

S3 TosRfSnd;Bluetooth Audio Device (WDM) from TOSHIBA; C:\WINDOWS\system32\drivers\TosRfSnd.sys [2005-04-05 50048]

S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-13 12800]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-02-15 43520]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 w39n51;Intel® PRO/Wireless 3945ABG Adapter Driver; C:\WINDOWS\system32\DRIVERS\w39n51.sys [2005-12-04 1428096]

S3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys []

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]

S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]

S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]

S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]

S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]

S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]

S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2012-03-14 913752]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-27 55144]

R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 CCALib8;Canon Camera Access Library 8; C:\Program Files\Canon\CAL\CALMAIN.exe [2006-03-30 96341]

R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]

R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2006-10-18 434176]

R2 Iprip;RIP Listener; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-21 153376]

R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-18 303104]

R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2011-09-09 319488]

R2 McciServiceHost;McciServiceHost; C:\Program Files\Common Files\Motive\McciServiceHost.exe [2011-09-09 315392]

R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]

R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [2006-04-06 380928]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2006-10-18 327680]

R2 S24EventMonitor;Intel® PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2006-10-18 946176]

R2 SimpTcp;Simple TCP/IP Services; C:\WINDOWS\system32\tcpsvcs.exe [2004-08-10 19456]

R2 viagfx;HSX_DP; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

R2 WLANKEEPER;Intel® PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2006-10-18 290816]

R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]

R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-27 821608]

S2 autocomplete;WinDriver6; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 ccs;Tmesrv3; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776]

S2 FirePM;Zpsc; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 freepops;Mcvsrte; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-26 136176]

S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-10-13 194104]

S2 hcwPP2;Mpfservice; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 Ias;Windows Team Tools; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

S2 incdrec;Sagefserver; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 mozyFilter;Sr_watchdog; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 msdv;Zntport; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 n558;Fallback; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 NtMtlFax;PTproct; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 pacsptisvr;Atierecord; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 rupsmon;NtMtlFax; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 s116nd5;Dkeysync; \\.\globalroot\SystemRoot\system32\svchost.exe [2008-04-13 14336]

S2 SQLWriter;Digitizer; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 SunkFilt39;Alcxwdm; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 SWUMX20;Zdeviceservice; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 thkeys;{e2b953a6-195a-44f9-9ba3-3d5f4e32bb55}; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 USB_NDIS_51;Awservice; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 vmusb;USB Device Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

S2 w800bus;Elosystemservice; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S2 wmccds;Naiavfilter1; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2006-06-13 69632]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-06 257696]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-26 136176]

S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-13 69632]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]

S3 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

S3 p2pgasvc;Peer Networking Group Authentication; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S3 p2pimsvc;Peer Networking Identity Manager; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S3 p2psvc;Peer Networking; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S3 PNRPSvc;Peer Name Resolution Protocol; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\wmpnetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

S4 Bluetooth Hid Switch Service;Bluetooth Hid Switch Service; C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe [2005-08-30 188416]

-----------------EOF-----------------

Share this post


Link to post
Share on other sites

Here are the other two logs:

QuickScan 32-bit v0.9.9.114

---------------------------

Scan date: Mon May 07 17:25:55 2012

Machine ID: 4C21591B

Process ping.exe (7420) - hidden process!

Process ping.exe (7796) - hidden process!

Process ping.exe (7884) - hidden process!

No infection found.

-------------------

Processes

---------

AcroTray - Adobe Acrobat Distiller help 852 C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

Advanced SystemCare 1388 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

Advanced SystemCare 5 Tray 1384 C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

Bonjour 1032 C:\Program Files\Bonjour\mDNSResponder.exe

BVRP Software TestLine 3552 C:\Program Files\Digital Line Detect\DLG.exe

C-Major Audio 2932 C:\WINDOWS\stsystra.exe

Canon Camera Access Library 8 2804 C:\Program Files\Canon\CAL\CALMAIN.exe

Cyberlink PowerCinema 3.0 2964 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

Drive Letter Access Component 2972 C:\WINDOWS\system32\dla\tfswctrl.exe

InstallShield Update Service 2980 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

Intel PROSet/Wireless 2516 C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

Intel® Common User Interface 2920 C:\WINDOWS\system32\hkcmd.exe

Intel® Common User Interface 2076 C:\WINDOWS\system32\igfxpers.exe

Intel® Common User Interface 2500 C:\WINDOWS\system32\igfxsrvc.exe

Intel® PROSet/Wireless 3036 C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe

Intel® PROSet/Wireless Event Log 1640 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

Intel® PROSet/Wireless Registry Servi 2056 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

Intel® PROSet/Wireless Service 1764 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

iTunes 1948 C:\Program Files\iPod\bin\iPodService.exe

iTunes 3136 C:\Program Files\iTunes\iTunesHelper.exe

MarkVision for Windows (32 bit) 424 C:\WINDOWS\system32\LEXBCES.EXE

MarkVision for Windows (32 bit) 496 C:\WINDOWS\system32\LEXPPS.EXE

mcci+McciCMService 728 C:\Program Files\Common Files\Motive\McciCMService.exe

mcci+McciServiceHost 820 C:\Program Files\Common Files\Motive\McciServiceHost.exe

mcci+McciTrayApp 3064 C:\Program Files\ATT-SST\McciTrayApp.exe

Microsoft ActiveSync 3168 C:\Program Files\Microsoft ActiveSync\wcescomm.exe

Microsoft ActiveSync 292 C:\PROGRA~1\MI3AA1~1\rapimgr.exe

Microsoft IntelliPoint 3020 C:\Program Files\Microsoft IntelliPoint\ipoint.exe

Microsoft IntelliType Pro 3012 C:\Program Files\Microsoft IntelliType Pro\itype.exe

Microsoft® Windows® Operating System 1060 C:\WINDOWS\ehome\ehmsas.exe

Microsoft® Windows® Operating System 1064 C:\WINDOWS\ehome\ehrecvr.exe

Microsoft® Windows® Operating System 876 C:\WINDOWS\ehome\ehSched.exe

Microsoft® Windows® Operating System 752 C:\WINDOWS\ehome\ehtray.exe

Microsoft® Windows® Operating System 2612 C:\WINDOWS\ehome\mcrdsvc.exe

Microsoft® Windows® Operating System 9064 C:\WINDOWS\system32\notepad.exe

Microsoft® Windows® Operating System 8376 C:\WINDOWS\system32\notepad.exe

Microsoft® Windows® Operating System 7420 C:\WINDOWS\system32\ping.exe

Microsoft® Windows® Operating System 7796 C:\WINDOWS\system32\ping.exe

Microsoft® Windows® Operating System 7884 C:\WINDOWS\system32\ping.exe

Microsoft® Windows® Operating System 500 C:\WINDOWS\system32\spoolsv.exe

Microsoft® Windows® Operating System 2104 C:\WINDOWS\system32\tcpsvcs.exe

MobileDeviceService 656 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

NicConfigSvc 1936 C:\Program Files\Dell\QuickSet\NicConfigSvc.exe

SSO Service 1788 C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe

Synaptics Pointing Device Driver 2940 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

Windows® Internet Explorer 8300 C:\Program Files\Internet Explorer\iexplore.exe

ZeroCfgSvc Application 3044 C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe

(verified) Java Platform SE 6 U20 1492 C:\Program Files\Java\jre6\bin\jqs.exe

(verified) Microsoft® Windows® Operating System 2480 C:\WINDOWS\explorer.exe

(verified) Microsoft® Windows® Operating System 3656 C:\WINDOWS\system32\alg.exe

(verified) Microsoft® Windows® Operating System 1132 C:\WINDOWS\system32\csrss.exe

(verified) Microsoft® Windows® Operating System 3520 C:\WINDOWS\system32\dllhost.exe

(verified) Microsoft® Windows® Operating System 1224 C:\WINDOWS\system32\lsass.exe

(verified) Microsoft® Windows® Operating System 1212 C:\WINDOWS\system32\services.exe

(verified) Microsoft® Windows® Operating System 1076 C:\WINDOWS\system32\smss.exe

(verified) Microsoft® Windows® Operating System 3344 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 360 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1528 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 2128 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1464 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 2144 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 2028 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1896 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1884 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1564 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 3824 C:\WINDOWS\system32\wbem\wmiprvse.exe

(verified) Microsoft® Windows® Operating System 1156 C:\WINDOWS\system32\winlogon.exe

(verified) Yahoo! AutoUpdater 2284 C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

Network activity

----------------

Process ping.exe (7420) connected on port 80 (HTTP) --> 74.125.224.92

Process ping.exe (7796) connected on port 80 (HTTP) --> 184.31.29.229

Process ping.exe (7796) connected on port 80 (HTTP) --> 69.22.137.178

Process ping.exe (7796) connected on port 443 (HTTP over SSL) --> 69.22.137.176

Process ping.exe (7796) connected on port 80 (HTTP) --> 184.73.153.191

Process ping.exe (7796) connected on port 80 (HTTP) --> 198.87.51.35

Process ping.exe (7796) connected on port 1935 --> 208.111.174.26

Process ping.exe (7796) connected on port 80 (HTTP) --> 74.125.127.191

Process ping.exe (7796) connected on port 80 (HTTP) --> 77.67.126.50

Process ping.exe (7796) connected on port 80 (HTTP) --> 74.125.224.97

Process ping.exe (7884) connected on port 80 (HTTP) --> 66.35.51.37

Process ping.exe (7884) connected on port 80 (HTTP) --> 184.72.241.213

Process ping.exe (7884) connected on port 80 (HTTP) --> 184.72.241.213

Process ping.exe (7884) connected on port 80 (HTTP) --> 74.217.78.146

Process ping.exe (7884) connected on port 80 (HTTP) --> 74.217.78.146

Process ping.exe (7884) connected on port 80 (HTTP) --> 107.22.197.203

Process iexplore.exe (8300) connected on port 80 (HTTP) --> 184.87.159.139

Process iexplore.exe (8300) connected on port 80 (HTTP) --> 77.67.126.50

Process iexplore.exe (8300) connected on port 80 (HTTP) --> 74.125.224.67

Process iexplore.exe (8300) connected on port 80 (HTTP) --> 66.235.142.3

Process rapimgr.exe (292) listens on ports: 990 (FTP over SSL)

Process svchost.exe (1564) listens on ports: 34354

Process tcpsvcs.exe (2104) listens on ports: 7 (Echo), 9 (Discard), 13 (Daytime), 17 (Quotd), 19 (Chargen)

Process iexplore.exe (8300) listens on ports: 1301, 1516, 1537, 1733, 1786, 1802

Autoruns and critical files

---------------------------

Adobe Acrobat C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Adobe® Flash® Player Update Service C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Advanced SystemCare 5 Tray C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

Apple Push C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

Apple Software Update C:\Program Files\Apple Software Update\SoftwareUpdate.exe

C-Major Audio C:\WINDOWS\stsystra.exe

Cyberlink PowerCinema 3.0 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

Drive Letter Access Component C:\WINDOWS\system32\dla\tfswctrl.exe

Dropbox C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe

Google Updater C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

GoogleDesktopNetwork3.dll C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll

InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

InstallShield Update Service C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe

Intel® Common User Interface C:\WINDOWS\system32\hkcmd.exe

Intel® Common User Interface C:\WINDOWS\system32\igfxdev.dll

Intel® Common User Interface C:\WINDOWS\system32\igfxtray.exe

Intel® PROSet/Wireless C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe

iTunes C:\Program Files\iTunes\iTunesHelper.exe

mcci+McciTrayApp C:\Program Files\ATT-SST\McciTrayApp.exe

Microsoft ActiveSync C:\Program Files\Microsoft ActiveSync\wcescomm.exe

Microsoft IntelliPoint C:\Program Files\Microsoft IntelliPoint\ipoint.exe

Microsoft IntelliType Pro C:\Program Files\Microsoft IntelliType Pro\itype.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\cscdll.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\dumprep.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll

Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

Microsoft® Windows® Operating System C:\WINDOWS\SYSTEM32\WlNotify.dll

MobileMe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

QuickTime C:\Program Files\QuickTime\qttask.exe

Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

Windows Genuine Advantage C:\WINDOWS\SYSTEM32\WgaLogon.dll

Windows® Internet Explorer C:\WINDOWS\system32\webcheck.dll

ZeroCfgSvc Application C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe

(verified) Google Update C:\Program Files\Google\Update\GoogleUpdate.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\SYSTEM32\logonui.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\SYSTEM32\sclgntfy.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\stobject.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\WPDShServiceObj.dll

Browser plugins

---------------

Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll

Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll

Bonjour C:\Program Files\Bonjour\mdnsNSP.dll

Browser Address Error Redirector c:\Program Files\BAE\BAE.dll

DivX Web Player C:\Program Files\DivX\DivX Web Player\npdivx32.dll

Drive Letter Access Component C:\WINDOWS\system32\dla\tfswshx.dll

get_ActiveX C:\WINDOWS\Downloaded Program Files\HPGetDownloadManager.ocx

Google Earth Plugin C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

Google Toolbar for IE c:\program files\google\googletoolbar1.dll

Google Update C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

Google Updater C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

GoogleToolbarNotifier C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll

IEAWSDC.DLL C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL

InstallShield Update Service C:\WINDOWS\Downloaded Program Files\isusweb.dll

InterTrust Redemption Wizard C:\Program Files\Internet Explorer\plugins\NPDocBox.dll

Messenger C:\Program Files\Messenger\msmsgs.exe

MetaStream 3 Plugin C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

Microsoft Support Diagnostic Tool C:\WINDOWS\Downloaded Program Files\MSDCode.DLL

Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\pnrpnsp.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll

Motive Plugin C:\Program Files\Common Files\Motive\npMotive.dll

mswsock.dll C:\WINDOWS\system32\mswsock.dll

npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

NPSWF32_11_2_202_235.dll C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

Silverlight Plug-In C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

TODO: <Product name> C:\Documents and Settings\Randy Green\Application Data\Mozilla\Firefox\Profiles\picgvapf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll

Windows Presentation Foundation C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

Windows® Internet Explorer C:\WINDOWS\system32\ieframe.dll

Yahoo! Single Instance for Mail c:\program files\yahoo!\companion\installs\cpn0\ytsingleinstance.dll

Yahoo! Toolbar c:\program files\yahoo!\companion\installs\cpn1\yt.dll

(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll

(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe

(verified) Java Deployment Toolkit 6.0.200.2 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

(verified) Java Platform SE 6 U20 c:\program files\java\jre6\bin\jp2ssv.dll

(verified) Java Platform SE 6 U20 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

Missing files

-------------

File not found: c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll

--> HKLM\Software\Classes\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\InprocServer32\"(default)"

Scan

----

MD5: 832e4dd8964ab7acc880b2837cb1ed20 \\.\globalroot\systemroot\system32\mswsock.dll

MD5: 16403217ab6fc5c30c14c6b12098ad4b \\.\globalroot\SystemRoot\system32\xpsp2res.dll

MD5: 832e4dd8964ab7acc880b2837cb1ed20 \\?\globalroot\systemroot\system32\mswsock.dll

MD5: 9ed3cfe54cd2e797dc9a04397c001e89 C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\Dropbox.exe

MD5: 6d74290856347cf8682277a54b433d4b C:\Documents and Settings\Randy Green\Application Data\Dropbox\bin\DropboxExt.14.dll

MD5: 625ea13387d3f2c003a6677d6ade6942 C:\Documents and Settings\Randy Green\Application Data\Mozilla\Firefox\Profiles\picgvapf.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll

MD5: 21189b8f2d747b6981a54d5c5d554c8e C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

MD5: cf000d9a2df8568dc86b35e12b3531e0 C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll

MD5: 8eeef4c038a3ff7e56d47d9c0b912eac C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

MD5: 7b43567b4c32ad7aded537cd3b1342b9 C:\Program Files\Apple Software Update\SoftwareUpdate.exe

MD5: 1a800c9cf2970e2e31ff2c7dbc6de1c8 C:\Program Files\ATT-SST\McciTrayApp.exe

MD5: 7100c083d0c180109376c373f862bf6c c:\Program Files\BAE\BAE.dll

MD5: b26e18adaa16e507166e3b61e79a1e25 C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe

MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll

MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe

MD5: 20f89e232173985a455bc9a5f70d1166 C:\Program Files\Canon\CAL\CALMAIN.exe

MD5: a4ffc35a661d42dd424f22905c333979 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

MD5: 334f0f877ef0d725b80af35ef8c5fb10 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll

MD5: 47c1de0a890613ffcff1d67648eedf90 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

MD5: 35ac4b63cbb9fb6b4472913e9948b517 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

MD5: ba02f01be7ed88e8974c798acb3075f5 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

MD5: 57e8c7791ab2596afb8ee1273c2df1f8 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll

MD5: 67b539d844f804ebac7a1e3828fde709 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll

MD5: 43a0a24cd12b110dc93462d6b035c961 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll

MD5: 3bde52411df2fe4252c9289f51cb0f7e C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll

MD5: 9abb7cdac0914579c86990048771b1b4 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll

MD5: d47913f993a0e3a0c9f1e88fd02e98c6 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll

MD5: c3c8d359d1fcb72941f75f8a302bfbde C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

MD5: 32d78dcabfb942275e01363d5232c77d C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

MD5: 8a1cbae63fc06edaedcce1b23e9c9267 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll

MD5: 2dedc3afe3c49b5dae717d0a9bebf298 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll

MD5: 58b61578d5704e9fc8b8a9861a85069d C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

MD5: 7ef47644b74ebe721cc32211d3c35e76 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

MD5: f8ecb748b53a010464f7a63154d75f56 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

MD5: 0a6ab2478db456c0f7c8a055f43bd7b5 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

MD5: 09ead9cb2346b671f8f079d3472134d8 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

MD5: 2c478e667ce27b2b7142f756cf569a9a C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll

MD5: 583b7d111304be63d7d9cb65482d2187 C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

MD5: 9e109b03018763fdcb075ce74547be22 C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe

MD5: e6cb119ef2e148eaa1a247343550756e C:\Program Files\Common Files\Motive\McciCMService.exe

MD5: af43e8fc9f1a6e0c2c4610b67f53cdad C:\Program Files\Common Files\Motive\McciContextDetectorEmail_DSR.dll

MD5: fe00f28d26f36b1a3d734638f6cac59f C:\Program Files\Common Files\Motive\McciContextDetectorWin32_DSR.dll

MD5: 20069bf845edf301071624100bcc8745 C:\Program Files\Common Files\Motive\McciContextHook_DSR.dll

MD5: 128d344c3f029d4905182d16d53c1bf8 C:\Program Files\Common Files\Motive\McciContextX.dll

MD5: eee1ea23c4777adb268a36196a631200 C:\Program Files\Common Files\Motive\McciServiceHost.exe

MD5: a44c53ff489f73fbdd13d0060f0fc475 C:\Program Files\Common Files\Motive\McciSMX.dll

MD5: 2a85cdda3289da228f5d86e73d76bfca C:\Program Files\Common Files\Motive\McciWirelessClientAppX.dll

MD5: eeb03cb698e801d44359323bda4f361e C:\Program Files\Common Files\Motive\MECDiscoveryServiceX.dll

MD5: ac09ad6d041781c50b430b5a3c365119 C:\Program Files\Common Files\Motive\MECHNDataServiceX.dll

MD5: 1682778803a9f60f3bdaa449c3edf51a C:\Program Files\Common Files\Motive\MREW32N55_550-1804-1_DSR.dll

MD5: b73b5999d47cd9727264f557626bce3a C:\Program Files\Common Files\Motive\npMotive.dll

MD5: 26687d8e9feed2ebab77670c72007b48 C:\Program Files\Common Files\System\ado\msado15.dll

MD5: 142cedecae89e372ee347681c3fbb257 C:\Program Files\Common Files\System\msadc\msadce.dll

MD5: 81e9041dac0983aace5c8920af73d64e C:\Program Files\Common Files\System\msadc\msadcer.dll

MD5: 1ed4c96ec76c3ddfcabd7644da23f4b6 C:\Program Files\Common Files\System\Ole DB\msdasql.dll

MD5: 8985fcece06a74017e23ddd093e34d4e C:\Program Files\Common Files\System\Ole DB\MSDASQLR.DLL

MD5: 73baffa0b02320690cdc606241078ce4 C:\Program Files\Common Files\System\Ole DB\MSDATL3.dll

MD5: fdd5d54d4eacce42b260225863f9a0f0 C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe

MD5: 11d8a00c7eff1aaec8e8464769c84a3d C:\Program Files\Dell\QuickSet\NicConfigSvc.exe

MD5: a476968c08667b1e09f2a95234e8ceef C:\PROGRAM FILES\DIGITAL LINE DETECT\BVRPDIAG.dll

MD5: b66e56733e2cd6a10fda5919625fbf46 C:\Program Files\Digital Line Detect\DLG.exe

MD5: 56e18c09654020009012a53fd332d397 C:\Program Files\DivX\DivX Web Player\npdivx32.dll

MD5: 408ddd80eede47175f6844817b90213e C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

MD5: f1b2ddaeb5550c6d85f161f768fb3946 C:\Program Files\Google\Google Desktop Search\GoogleDesktopIE.dll

MD5: 86b0ec64611aa113e26d0598cc594bbb C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll

MD5: 4973d910062d9d72b00adde4503e2cf6 C:\Program Files\Google\Google Desktop Search\GoogleDesktopResources_en.dll

MD5: 2437be68d5a37a75fad51c5f0e9a03ed C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

MD5: 358878e398ab0fb8b1ee176c2e3edf48 C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

MD5: 4cb9cc5e19f70337bfe200a4dad58025 c:\program files\google\googletoolbar1.dll

MD5: 085940dbb5db03b0c60774d193a3b48d C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll

MD5: 1e6b52abdf4082374de9d43cbd2f7e08 C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll

MD5: 390920e11d7729a7b98799ebe20e38fb C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

MD5: ff47057227b48ae17439e5fe56b5cfc2 C:\Program Files\Intel\Wireless\Bin\acAuth.dll

MD5: 6815d7b5698e8af3656ab1191a0bc3aa C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll

MD5: 0d1326d3258587c6b3de8f7498a2b37a C:\Program Files\Intel\Wireless\Bin\DbEngine.dll

MD5: 7f78688d56c1a1e5b8fef897ae1f83fd C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

MD5: 788c72b145c75a7ee5f5d6a32542d912 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

MD5: b3085c213cf9b3f57dbe7b0d3b9064c7 C:\Program Files\Intel\Wireless\Bin\FrameworkPlugins\ConnMgr.dll

MD5: 4e984df322dbeefbd92a54c03da43c37 C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe

MD5: 15d5aad77cfe5490bcc4f63ae68a44b9 C:\Program Files\Intel\Wireless\Bin\IntStngs.dll

MD5: d77304e48082e9577fc30944cb5c5a17 C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL

MD5: 11add8816d61a6025844eb5123ec92d3 C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll

MD5: 84c76404d9512110113eb44cb4a79247 C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll

MD5: a145927eb8638e89f8777a765be93088 C:\Program Files\Intel\Wireless\Bin\MurocApi.dll

MD5: 39e29387bfc413ccec156a2061d02ff9 C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll

MD5: ae97950b5a5fae518c7d78eb0cff4969 C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll

MD5: d8894acefe1a607de7d0e628285bfff4 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

MD5: c17c3a529ce14012f9731a6e264c1911 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

MD5: 6451784b32bee1eb8924748435e02dd1 C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll

MD5: dcfcfab0693c8340488a7cda2d338f93 C:\Program Files\Intel\Wireless\Bin\SsoGnENU.dll

MD5: 3a76a9d3075a1a3aaa31631d4ef0b9a9 C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL

MD5: 22516ed8e0d89323d4e0d9ccc2848819 C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe

MD5: 8edb7e5feb26ea4e2be78053831f32dc C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe

MD5: fd0cba527032d2d3d00e17c0f24a99d3 C:\Program Files\Internet Explorer\IEPROXY.DLL

MD5: 1c206b8feec6882b7f7f479e95d2bdd9 C:\Program Files\Internet Explorer\iexplore.exe

MD5: 9d63f257e9cc6367692b92da4cb4ddac C:\Program Files\Internet Explorer\plugins\NPDocBox.dll

MD5: 4687b6f8cf5f62ddcf21916114142ff7 C:\Program Files\Internet Explorer\plugins\nppdf32.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

MD5: b11c71b29fa69e4586f9b65560e6604d C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

MD5: 1bd96c48598c0d8534e6dfb1baf4dc13 C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

MD5: 56ad8e1ed1a47721f45959b4d6151153 C:\Program Files\IObit\Advanced SystemCare 5\datastate.dll

MD5: 4c2eaedd8e7e57838db48c4c88b476db C:\Program Files\IObit\Advanced SystemCare 5\madBasic_.bpl

MD5: d5d103a7c4f9dab3de6062160a9d03a6 C:\Program Files\IObit\Advanced SystemCare 5\madDisAsm_.bpl

MD5: 9e60c31564457f12584f7ac755e968b4 C:\Program Files\IObit\Advanced SystemCare 5\madExcept_.bpl

MD5: 4b2f13ff26579b8d4f851ae157705445 C:\Program Files\IObit\Advanced SystemCare 5\OFCommon.dll

MD5: 2ba8242cd13b239565628220fbd0535b C:\Program Files\IObit\Advanced SystemCare 5\rtl120.bpl

MD5: e716be751fca66e97e49757305f44b3c C:\Program Files\IObit\Advanced SystemCare 5\vcl120.bpl

MD5: 57edb35ea2feca88f8b17c0c095c9a56 C:\Program Files\iPod\bin\iPodService.exe

MD5: e2ae392170bdd664739bb09552d833dc C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL

MD5: 693c7694d451c51beae530f75a18e0df C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL

MD5: b64f80b64ee7de4fb68a0feda192ee52 C:\Program Files\iTunes\iTunesHelper.dll

MD5: d9d79f547ae2a70c650dfcfc27aec0f7 C:\Program Files\iTunes\iTunesHelper.exe

MD5: f047ac8029004b2fb94e2429f54617a9 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL

MD5: a0f110ab73271da15e6bc314a8c1512a C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL

MD5: 8d43de6f1385057b8ad2857547b7b828 C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe

MD5: 532f1d7f6f40019e1dc56a2470ec6ee2 C:\Program Files\Microsoft ActiveSync\dtptdns.dll

MD5: 7d4a768dea3dc643cbb65222d5b1377b C:\Program Files\Microsoft ActiveSync\rapimgr.exe

MD5: 6c1f256696fdb4ccbb46048c206eceb7 C:\Program Files\Microsoft ActiveSync\rapiproxystub.dll

MD5: db0aa3706292af63b46c7084beccb8c7 C:\Program Files\Microsoft ActiveSync\TCP2UDP.dll

MD5: 5515eb5e3a8b073f66cfc697eb0d4b55 C:\Program Files\Microsoft ActiveSync\wcescomm.exe

MD5: f202f638b47a036f7fc028ddcb98efb0 C:\Program Files\Microsoft IntelliPoint\Components\Commands\dpghnt\dpghnt.dll

MD5: aaea0cc711dc358eca96ac6c635539dc C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll

MD5: 161add7f4201b55536954c0a1fee2828 C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll

MD5: f4e7979d8adebeedead33019a5bd52bf C:\Program Files\Microsoft IntelliPoint\ipoint.exe

MD5: 2e75afd880546928c2da7f4d7318bb41 C:\Program Files\Microsoft IntelliPoint\ipres.dll

MD5: e4407196305a5820837cd7384e321754 C:\Program Files\Microsoft IntelliPoint\srres.dll

MD5: c37a652f9f16e0154e1bc197abe30761 C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll

MD5: d764192b30b9c4600d8483ab2643712d C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll

MD5: f2e2aad0ee3e886161a907f473a10b20 C:\Program Files\Microsoft IntelliType Pro\itype.exe

MD5: f21c80514a213a66c4c1600347112403 C:\Program Files\Microsoft IntelliType Pro\srres.dll

MD5: 72a0df237f9118f18ad136e99266e816 C:\Program Files\Microsoft Office\Office10\msohev.dll

MD5: ed327201724ea05d509b7939abe49e98 C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

MD5: 99f97c9fe748c37528c338a423577fcb C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll

MD5: 49da696e73bc2cb49c0e374c7885f7ad C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll

MD5: 1dd87bb7e8265da55197c5fdec89f3e6 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll

MD5: c5b70a6aa947667ce0e5fc84a05ec8b6 C:\Program Files\MSN Messenger\usnsvc.exe

MD5: af43c4f7f3c8bc95dad95024f96cdc4a C:\Program Files\QuickTime\qttask.exe

MD5: 493e16b21ce724241728aa652e9e18c6 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

MD5: bcdff548f7d31a2bcf1cf98da7eb5445 C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll

MD5: f26031e09b5c820d02622702e16c5c75 c:\program files\yahoo!\companion\installs\cpn1\yt.dll

MD5: 9bd4dcb5412921864a7aacdedfbd1923 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS

MD5: 07c02c892e8e1a72d6bf35004f0e9c5e C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS

MD5: 7d4a768dea3dc643cbb65222d5b1377b C:\PROGRA~1\MI3AA1~1\rapimgr.exe

MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL

MD5: 200e3189656f9a29fb5bc7f71ab3f283 C:\WINDOWS\Downloaded Program Files\HPGetDownloadManager.ocx

MD5: bcd0a5c3c1715c363cb3f321abe31514 C:\WINDOWS\Downloaded Program Files\IEAWSDC.DLL

MD5: d8fb851a9fbd62352fd74283f9c14c77 C:\WINDOWS\Downloaded Program Files\isusweb.dll

MD5: 2a8c7ca8b40ca320bf88d0ff92da7cf8 C:\WINDOWS\Downloaded Program Files\qsax.dll

MD5: 03a905fba1d62317087db5c21c0f8f62 C:\WINDOWS\ehome\ehmsas.exe

MD5: 0f0f5b564c5a3c9b38a6220230252567 C:\WINDOWS\eHome\ehProxy.dll

MD5: 5d1347aa5ae6e2f77d7f4f8372d95ac9 C:\WINDOWS\ehome\ehrecvr.exe

MD5: a53243709439ac2a4c216b817f8d7411 C:\WINDOWS\ehome\ehSched.exe

MD5: 6d280bc969218ae4a72180f907c32913 C:\WINDOWS\eHome\ehTrace.dll

MD5: 7e48b4958c131e9643ddcd2e7ca3fe9f C:\WINDOWS\ehome\ehtray.exe

MD5: df0a511f38f16016bf658fca0090cb87 C:\WINDOWS\ehome\mcrdsvc.exe

MD5: 9a2d686c89acc36e3aa7cde3d1c45c1a C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll

MD5: ab87eeffd18f2baafc274e7075ea6c67 C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

MD5: 931e5e560d5f7bd2a22c8d32c24fe8f3 C:\WINDOWS\stsystra.exe

MD5: c07d5197410aab28d0d93f943f59656d c:\windows\system32\6to4svc.dll

MD5: 0b05ce905a752177cc332b22633abd5a C:\WINDOWS\system32\ADVPACK.DLL

MD5: 43ccb246b3d0c385e54f14b04df96e9f C:\WINDOWS\system32\CEUTIL.dll

MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll

MD5: ed0c0df222209e43ad9afbf3fe87dde0 C:\WINDOWS\system32\comsvcs.dll

MD5: f5430b03e141e098c78d5db46b00f8fc C:\WINDOWS\system32\confmsp.dll

MD5: a95bdc983b81e052530eab816c581e31 C:\WINDOWS\system32\corpol.dll

MD5: a90e118f12d355f9946dfb30a8f94609 C:\WINDOWS\system32\CRYPT32.dll

MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll

MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\system32\cscdll.dll

MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll

MD5: 0607cbc6fa20114cb491efe4b2f9efad C:\WINDOWS\System32\d3d9.dll

MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll

MD5: 30698355067d07da5f9eb81132c9fdd6 C:\WINDOWS\system32\dla\tfsnboio.sys

MD5: fb9d825bb4a2abdf24600f7505050e2b C:\WINDOWS\system32\dla\tfsncofs.sys

MD5: cafd8cca11aa1e8b6d2ea1ba8f70ec33 C:\WINDOWS\system32\dla\tfsndrct.sys

MD5: 8db1e78fbf7c426d8ec3d8f1a33d6485 C:\WINDOWS\system32\dla\tfsndres.sys

MD5: b92f67a71cc8176f331b8aa8d9f555ad C:\WINDOWS\system32\dla\tfsnifs.sys

MD5: 85985faa9a71e2358fcc2edefc2a3c5c C:\WINDOWS\system32\dla\tfsnopio.sys

MD5: bba22094f0f7c210567efdaf11f64495 C:\WINDOWS\system32\dla\tfsnpool.sys

MD5: 81340bef80b9811e98ce64611e67e3ff C:\WINDOWS\system32\dla\tfsnudf.sys

MD5: c035fd116224ccc8325f384776b6a8bb C:\WINDOWS\system32\dla\tfsnudfa.sys

MD5: 32182cbbdc1dc700096ec3253e31cb3c C:\WINDOWS\system32\dla\tfswcres.dll

MD5: 2ca827ba68d0cdb5437c40c6f53d7f20 C:\WINDOWS\system32\dla\tfswctrl.exe

MD5: 37943b990d318145d1efcbeef8f9566a C:\WINDOWS\system32\dla\tfswshx.dll

MD5: 389496118b3b03c2328024af320132ac c:\windows\system32\DNSAPI.dll

MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll

MD5: 062373995eae5f0eac9eaa9192136bfb C:\WINDOWS\system32\dnssd.dll

MD5: 375eb0b97e3950adef3633c27a82438b C:\WINDOWS\system32\DRIVERS\AegisP.sys

MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys

MD5: ec94e05b76d033b74394e7b2175103cf C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS

MD5: c768c8a463d32c219ce291645a0621a4 C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

MD5: 248dfa5762dde38dfddbbd44149e9d7a C:\WINDOWS\system32\drivers\BVRPMPR5.SYS

MD5: e814854e6b246ccf498874839ab64d77 C:\WINDOWS\system32\drivers\drvmcdb.sys

MD5: ee83a4ebae70bc93cf14879d062f548b C:\WINDOWS\system32\drivers\drvnddm.sys

MD5: d03d10f7ded688fecf50f8fbf1ea9b8a C:\WINDOWS\system32\DRIVERS\HPZid412.sys

MD5: 89f41658929393487b6b7d13c8528ce3 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

MD5: 74cf3f2e4e40c4a2e18d39d6300a5c24 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

MD5: 698204d9c2832e53633e53a30a53fc3d C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

MD5: 1c8caa80e91fb71864e9426f9eed048d C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

MD5: cc449157474d5e43daea7e20f52c635a C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

MD5: e6d35f3aa51a65eb35c1f2340154a25e C:\WINDOWS\System32\drivers\iavbfqt.sys

MD5: e19b79a7c6217b40253fa1e8e01d8ad9 C:\WINDOWS\system32\DRIVERS\lknucmp.sys

MD5: 16aa31702b14f0176df86409cc133b64 C:\WINDOWS\system32\DRIVERS\lknuhst.sys

MD5: 9b1eee47969a977da0d26c98c93cbe0b C:\WINDOWS\system32\DRIVERS\lknuhub.sys

MD5: 3c318b9cd391371bed62126581ee9961 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

MD5: 7f2f1d2815a6449d346fcccbc569fbd6 C:\WINDOWS\system32\DRIVERS\mhndrv.sys

MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys

MD5: 71371ed9086a3d65f43967c89634e9a9 C:\WINDOWS\system32\DRIVERS\NETw3x32.sys

MD5: 67fb86eeb94059177642050718d57460 C:\WINDOWS\system32\DRIVERS\NWADIenum.sys

MD5: 4e651808b35656ac88a4dcdaf6cc1169 C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys

MD5: 4e651808b35656ac88a4dcdaf6cc1169 C:\WINDOWS\system32\DRIVERS\nwusbser.sys

MD5: dcdf0421a1c14f2923e298a30fd7636d C:\WINDOWS\system32\DRIVERS\point32.sys

MD5: 24ed7af20651f9fa1f249482e7c1f165 C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

MD5: 1bdba2d2d402415a78a4ba766dfe0f7b C:\WINDOWS\system32\DRIVERS\rimsptsk.sys

MD5: f774ecd11a064f0debb2d4395418153c C:\WINDOWS\system32\DRIVERS\rixdptsk.sys

MD5: daef68fc328342d219de928c8ee610b2 C:\WINDOWS\system32\DRIVERS\s24trans.sys

MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys

MD5: d7968049be0adbb6a57cee3960320911 C:\WINDOWS\system32\drivers\sscdbhk5.sys

MD5: c3ffd65abfb6441e7606cf74f1155273 C:\WINDOWS\system32\drivers\ssrtln.sys

MD5: 2a2dc39623adef8ab3703ab9fac4b440 C:\WINDOWS\system32\drivers\sthda.sys

MD5: 35d5b3632e0bcebe27b391157de05996 C:\WINDOWS\system32\DRIVERS\SynTP.sys

MD5: e362d54fd394999c4178936396664e57 C:\WINDOWS\system32\drivers\Toshidpt.sys

MD5: 0470bf2d5f49ff98464ac2c838e6a080 C:\WINDOWS\system32\DRIVERS\tosporte.sys

MD5: 077869082a635e8ff2c205dc95c78775 C:\WINDOWS\System32\Drivers\tosrfbd.sys

MD5: 613e09572f4c5b92ca6be8bdc4cc5b7d C:\WINDOWS\System32\Drivers\tosrfbnp.sys

MD5: 5ba1ca3b3cddb1ddc67df473f05d1ec2 C:\WINDOWS\System32\Drivers\tosrfcom.sys

MD5: f4e4795528d17ff8d1d6d98ebbb92655 C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys

MD5: c52fd27b9adf3a1f22cb90e6bcf9b0cb C:\WINDOWS\system32\DRIVERS\tosrfnds.sys

MD5: b5518adb2b0029ff95d22e8e7336f49f C:\WINDOWS\system32\drivers\TosRfSnd.sys

MD5: ac2123e788230c712d0919ed0fec9ddd C:\WINDOWS\System32\Drivers\tosrfusb.sys

MD5: 8f861eda21c05857eb8197300a92501c C:\WINDOWS\system32\DRIVERS\tunmp.sys

MD5: b6cc50279d6cd28e090a5d33244adc9a C:\WINDOWS\system32\DRIVERS\usb8023x.sys

MD5: eafe1e00739afe6c51487a050e772e17 C:\WINDOWS\System32\Drivers\usbaapl.sys

MD5: b1f126e7e28877106d60e6ff3998d033 C:\WINDOWS\system32\DRIVERS\w39n51.sys

MD5: 8e16bf5600797e678ea97051cf93e6bf C:\WINDOWS\system32\dumprep.exe

MD5: 702cea7b19bc9a70d861a4f310d40dca C:\WINDOWS\system32\Dxtmsft.dll

MD5: d0230d3d19081372e09b1333e986b053 C:\WINDOWS\system32\Dxtrans.dll

MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll

MD5: ce8c3bc1377b83dbcd7304ab2d0a4735 C:\WINDOWS\system32\h323msp.dll

MD5: 91c797fddaeeaaebe705b5283b6e50a4 C:\WINDOWS\system32\hccutils.DLL

MD5: 19d63cf10330b51fd42abb1d4d39d0c4 C:\WINDOWS\system32\hkcmd.exe

MD5: 195a250167fba93b3aeac87227af61ef C:\WINDOWS\system32\hpz3l4x6.dll

MD5: be3cd116130174657ead2731ab3daa5d C:\WINDOWS\system32\hpz3l5ha.dll

MD5: 51c6d8bfbd4ea5b62a1ba7f4469250d3 c:\windows\system32\hpzinw12.dll

MD5: 79834aa2fbf9fe81eebb229024f6f7fc c:\windows\system32\hpzipm12.dll

MD5: 900e7e6601b14c8d8640d02a70d37e59 C:\WINDOWS\system32\hpzsnt10.dll

MD5: 795f91af512a7cc2c7c1c459805e4eb7 C:\WINDOWS\system32\ieframe.dll

MD5: 1209e384e07c838b111b35483484a4bc C:\WINDOWS\SYSTEM32\iepeers.dll

MD5: 6bb98325c50d9b47cf68b2358a8dee47 C:\WINDOWS\system32\iertutil.dll

MD5: 4e89bf45219bb2cf4f931201e2f5755e C:\WINDOWS\system32\IEUI.dll

MD5: efc3639ae8a452dc8dddf7d526092d3e C:\WINDOWS\system32\igfxdev.dll

MD5: 697963452107c59be69a67bee54e3eac C:\WINDOWS\system32\igfxpers.exe

MD5: b52ae3cfa8eb665004500484b3a9fc62 C:\WINDOWS\system32\igfxres.dll

MD5: 11e2b4ded4a051dc9067461996f5e02a C:\WINDOWS\system32\igfxsrvc.dll

MD5: 93084839f7517112829f2a26f486e8cf C:\WINDOWS\system32\igfxsrvc.exe

MD5: 45985c1b266666cb7bbac01428ac2fad C:\WINDOWS\system32\igfxtray.exe

MD5: ffc01a72d1c25ccb39f61b202ce60819 C:\WINDOWS\system32\imagehlp.dll

MD5: f08d74ec300b8ba60ca953c58a24d19e c:\windows\system32\iprip.dll

MD5: 8d25a2c200dadce82205e45ddee9725a C:\WINDOWS\SYSTEM32\IWPDGINA.DLL

MD5: f7b098a08efcf4ab4247264c0ac225d2 C:\WINDOWS\SYSTEM32\jscript.dll

MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll

MD5: b3548df8db695e8cf02ec379b2307883 C:\WINDOWS\system32\lex2kusb.dll

MD5: 00e2ae113dd2ed2f20a715710a255d3e C:\WINDOWS\system32\LEXBCE.DLL

MD5: 027d03d9d8ab95194a115a999e960ac0 C:\WINDOWS\system32\LEXBCES.EXE

MD5: d4a932612c4e4a42a5227005d106c92c C:\WINDOWS\system32\LEXLMPM.DLL

MD5: 1c3a51a4847df611d5c3ad16bbf8f6cb C:\WINDOWS\system32\lexp2p32.dll

MD5: 8d836e60877ed79c409712b9be2dfc3b C:\WINDOWS\system32\LEXPPS.EXE

MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll

MD5: 780682ee1ab47fa8a46a776800484527 C:\WINDOWS\system32\LXBKpwr.dll

MD5: fe8797f9dc9a6bbf18d6db12142ed7e2 C:\WINDOWS\system32\Macromed\Flash\Flash32_11_2_202_235.ocx

MD5: 76d5a3d2a50402a0b9b6ed13c4371e79 C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

MD5: de5a4d89c47b9a1cc97dfab11a795abb C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll

MD5: da63e3cbd330411244ff50b56dae7fb6 C:\WINDOWS\system32\MdmXSdk.dll

MD5: 76848cb1aa5818db47d5f5986e0a7485 C:\WINDOWS\system32\MFC42.DLL

MD5: b7521f69c0a9b29d356157229376fb21 C:\WINDOWS\System32\mhn.dll

MD5: a8cecd5ea322b9858eb576f508ad73a5 C:\WINDOWS\system32\mshtml.dll

MD5: 465f19783a50bfae0f70c3a87905877b C:\WINDOWS\SYSTEM32\mshtmled.dll

MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll

MD5: 9e70016c950b1f8fdeaa6f067e2e25a8 C:\WINDOWS\system32\msjet40.dll

MD5: 7e2b58ce8c4013287371667880b1080d C:\WINDOWS\system32\MSJINT40.DLL

MD5: e325bcdbb6ded6c89f679b8ae89e975c C:\WINDOWS\system32\msvidctl.dll

MD5: 832e4dd8964ab7acc880b2837cb1ed20 C:\WINDOWS\system32\mswsock.dll

MD5: afdc647d16b285b9ae6140335b3b3255 C:\WINDOWS\system32\mswstr10.dll

MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 c:\windows\system32\netshell.dll

MD5: 5e28284f9b5f9097640d58a73d38ad4c C:\WINDOWS\system32\notepad.exe

MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll

MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\SYSTEM32\ODBC32.dll

MD5: 2c288aa87e4723ac9ff4d76a192ec3f8 C:\WINDOWS\system32\odbccp32.dll

MD5: 5ce275cdc5ffb77b1ec29dbdfe4b6689 C:\WINDOWS\system32\odbcji32.dll

MD5: 1b05dcc75fbb903a17e3e0ddaea8d508 C:\WINDOWS\system32\odbcjt32.dll

MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll

MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\oleacc.dll

MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll

MD5: 937a02981f11b2ce96b1d493c95aed2b C:\WINDOWS\system32\p2pgasvc.dll

MD5: 4a1035cb8f0d57be41873b5183d96cf4 C:\WINDOWS\system32\p2psvc.dll

MD5: de88d1c34c355470b032e372525f3dac C:\WINDOWS\system32\pdfports.dll

MD5: 66cdf02d86c9f0b4300ee981a614d296 C:\WINDOWS\system32\ping.exe

MD5: cb1b40f9742496d384645a33d0f85c77 C:\WINDOWS\system32\pngfilt.dll

MD5: af1449ac1d79d37c7026c1d8912dda8e C:\WINDOWS\system32\pnrpnsp.dll

MD5: 34ffb6aba2da398bb33422e1e9275ba9 C:\WINDOWS\system32\quartz.dll

MD5: b12c853961947ed89b9437966c7507b4 C:\WINDOWS\system32\RAPI.dll

MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll

MD5: 926afc4848ff3297bb264333bf51e21f C:\WINDOWS\system32\sbe.dll

MD5: a645a78fcdabad67067324d7e6cd9f79 C:\WINDOWS\system32\schannel.dll

MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll

MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll

MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\SYSTEM32\SHSVCS.dll

MD5: 9c454cd857b4c0ccf7a614b047616503 C:\WINDOWS\system32\simptcp.dll

MD5: c7d2c931a1a2cbd3a2d335fe86303174 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp4x6.dll

MD5: 75bf87e542c1368dbd6768ae6e6ed507 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5ha.dll

MD5: c213c40d8e9f2d1affbd1262cd23e026 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LXBKPP5C.dll

MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe

MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll

MD5: 230eedee132305e3acce6bbbb10d6ab6 C:\WINDOWS\system32\stacapi.dll

MD5: 3caeae7608f1bd7ba873a3b02895b106 C:\WINDOWS\system32\sti.dll

MD5: c47a9c9364e1a242a8c8174b2e60f725 C:\WINDOWS\system32\SynCOM.dll

MD5: 1eb004455e7cce792cc26480d7021b9d C:\WINDOWS\system32\SynTPAPI.dll

MD5: 3f8411328e808a8794a41da9acb22dd9 C:\WINDOWS\system32\tapi3.dll

MD5: 4872275a99bd55a92c43bae8c51fb3c8 C:\WINDOWS\system32\tbtmon.dll

MD5: a27378d30d5208f1f0b6706b9fed22c2 C:\WINDOWS\system32\tbtmon98Language.dll

MD5: 32933b07fc16d9f778bee12545fa1b1a C:\WINDOWS\system32\tcpsvcs.exe

MD5: 8edd9dcd5196b6c54a622e9549f667b8 C:\WINDOWS\system32\termmgr.dll

MD5: b5c05ce075f48cc44c154f0ce25c4cfe C:\WINDOWS\system32\tfswapi.dll

MD5: 934a64c5fb0a68a4d487978bffec4e04 C:\WINDOWS\system32\TosBdAPI.dll

MD5: dc6bd517fb6daa7849e23800f13bb864 C:\WINDOWS\system32\TosBtAPI.dll

MD5: 353de1defd41b1e4a1b668320135200b C:\WINDOWS\system32\TosBtHcrpAPI.dll

MD5: 17e0cf9c8cbb717d05948656bcd86efa C:\WINDOWS\system32\txflog.dll

MD5: 798cf252e6fdb984c07430eb0b387dfd C:\WINDOWS\system32\urlmon.dll

MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe

MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\System32\USP10.dll

MD5: 142e08e570d8fcd87e845f1463c1aece C:\WINDOWS\system32\vbscript.dll

MD5: 0dfa4d5e8205614eda53394e637812e4 C:\WINDOWS\system32\VDMDBG.DLL

MD5: 6404807abc7af52fa3792697ae638b50 C:\WINDOWS\system32\wbem\wbemcons.dll

MD5: 880f7ed2df24db14af96c6d797958796 C:\WINDOWS\system32\wbem\wbemdisp.dll

MD5: 960f6d3cd9a1ba6435d7aadd102b297f C:\WINDOWS\system32\wbem\wmiprov.dll

MD5: 767c6c11407a89f849e296cd3bb520b9 C:\WINDOWS\system32\webcheck.dll

MD5: 627b55fad15c6b03b44198afbeebab1a C:\WINDOWS\SYSTEM32\WgaLogon.dll

MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll

MD5: 3c28461660bab5449f267d5e9c4e13cf C:\WINDOWS\system32\WININET.dll

MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\System32\WINMM.dll

MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll

MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll

MD5: 95f5c420e9bdd4c3569602911420a774 C:\WINDOWS\system32\WINTRUST.dll

MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\SYSTEM32\WlNotify.dll

MD5: 60b8c0db5a8e4d7b4712df66d6ff2788 C:\WINDOWS\System32\wship6.dll

MD5: 18473f44d6de85c8cb4e70f503c5ea64 C:\WINDOWS\System32\xactsrv.dll

MD5: 7facb452456ef5c053af3ee4b228fe0d C:\WINDOWS\System32\XPOB2RES.DLL

MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll

MD5: 1b3b381e1aab46f7b321a46150d890cb C:\WINDOWS\system32\xpsp3res.dll

MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCP80.dll

MD5: c9564cf4976e7e96b4052737aa2492b4 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MD5: 33d9b7bb7ba323bafe489df033dac824 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll

No file uploaded.

Scan finished - communication took 6 sec

Total traffic - 0.01 MB sent, 1.53 KB recvd

Scanned 838 files and modules - 207 seconds

==============================================================================

Share this post


Link to post
Share on other sites

RogueKiller V7.4.3 [05/04/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: Randy Green [Admin rights]

Mode: Scan -- Date: 05/07/2012 17:38:47

¤¤¤ Bad processes: 1 ¤¤¤

[HJ NAME] svchost.exe -- \\.\globalroot\SystemRoot\system32\svchost.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 4 ¤¤¤

[bLACKLIST DLL] HKUS\S-1-5-19[...]\Run : Corel Photo Album (rundll32.exe "C:\Documents and Settings\Randy Green\Local Settings\Application Data\Help\Corel Photo Album\ihkpbqo.dll",DllRegisterServer) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-20[...]\Run : Corel Photo Album (rundll32.exe "C:\Documents and Settings\Randy Green\Local Settings\Application Data\Help\Corel Photo Album\ihkpbqo.dll",DllRegisterServer) -> FOUND

[bLACKLIST DLL] HKLM\[...]\RunOnce : Malwarebytes Anti-Malware (cleanup) (rundll32.exe "C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

[FAKED] nwlnknb.sys : c:\windows\system32\drivers\nwlnknb.sys --> CANNOT FIX

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

[ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: FUJITSU MHV2060BH +++++

--- User ---

[MBR] db6140e1a106772a433230fd4788e446

[bSP] 6a16940a05e78a8357108e829835cd80 : MBR Code unknown

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 80325 | Size: 38138 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 78204420 | Size: 12848 Mo

3 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 104518890 | Size: 4753 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

Share this post


Link to post
Share on other sites

Please download the following program to your Desktop >> Unhide <<

Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives.

Step 2

Turn off your antivirus so that it does not interfere.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

change the a-v scan to None.

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Step 3

Please read carefully and follow these steps.

  • Delete the prior copies of TDSSKILLER.zip & TDSSKILLER.exe that you may have.
  • Download TDSSKiller and save it to your Desktop.
  • If on Windows 7 or Vista, RIGHT-Click on TDSSKiller.exe and select Run As Administrator to run the application.
    If on Windows XP, double-click to start.
  • Click on "Change parameters" and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK
  • Then press Start Scan

When the scan is done, it will display a summary screen.

  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 4

Recheck: Turn off your antivirus so that it does not interfere.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Save and close any work documents, close any apps that you started.

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Quick Scan.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Step 5

Re-enable your antivirus program.

There will be more to do.

Reply (Copy & Paste) contents of aswMBR log

TDSSKILLER log

MBAM scan log

Share this post


Link to post
Share on other sites

I got as far as Step 3. When my laptop rebooted after running TDSKILLER I lost the use of my keyboard and touchpad. I am writing this from a different computer trying to figure it out. Any suggestions?

Share this post


Link to post
Share on other sites

15:54:13.0203 2708 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18

15:54:13.0890 2708 ============================================================

15:54:13.0890 2708 Current date / time: 2012/05/09 15:54:13.0890

15:54:13.0890 2708 SystemInfo:

15:54:13.0890 2708

15:54:13.0890 2708 OS Version: 5.1.2600 ServicePack: 3.0

15:54:13.0890 2708 Product type: Workstation

15:54:13.0890 2708 ComputerName: D36FC2B1

15:54:13.0890 2708 UserName: Randy Green

15:54:13.0890 2708 Windows directory: C:\WINDOWS

15:54:13.0890 2708 System windows directory: C:\WINDOWS

15:54:13.0890 2708 Processor architecture: Intel x86

15:54:13.0890 2708 Number of processors: 2

15:54:13.0890 2708 Page size: 0x1000

15:54:13.0890 2708 Boot type: Normal boot

15:54:13.0890 2708 ============================================================

15:54:15.0890 2708 Drive \Device\Harddisk0\DR0 - Size: 0xD9F411200 (54.49 Gb), SectorSize: 0x200, Cylinders: 0x1BC9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

15:54:15.0890 2708 ============================================================

15:54:15.0890 2708 \Device\Harddisk0\DR0:

15:54:15.0890 2708 MBR partitions:

15:54:15.0890 2708 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x4A7D57E

15:54:15.0890 2708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x4A94E04, BlocksNum 0x19186E6

15:54:15.0890 2708 ============================================================

15:54:16.0218 2708 C: <-> \Device\Harddisk0\DR0\Partition0

15:54:16.0281 2708 D: <-> \Device\Harddisk0\DR0\Partition1

15:54:16.0312 2708 ============================================================

15:54:16.0312 2708 Initialize success

15:54:16.0312 2708 ============================================================

15:54:24.0187 2276 ============================================================

15:54:24.0187 2276 Scan started

15:54:24.0187 2276 Mode: Manual; SigCheck; TDLFS;

15:54:24.0187 2276 ============================================================

15:54:25.0578 2276 64229514 - ok

15:54:25.0640 2276 6to4 (c07d5197410aab28d0d93f943f59656d) C:\WINDOWS\System32\6to4svc.dll

15:54:26.0859 2276 6to4 - ok

15:54:26.0859 2276 Abiosdsk - ok

15:54:26.0906 2276 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

15:54:30.0343 2276 abp480n5 - ok

15:54:30.0390 2276 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

15:54:30.0703 2276 ACPI - ok

15:54:30.0750 2276 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

15:54:30.0921 2276 ACPIEC - ok

15:54:31.0000 2276 Adobe LM Service (a4ffc35a661d42dd424f22905c333979) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

15:54:31.0031 2276 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning

15:54:31.0031 2276 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)

15:54:31.0171 2276 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

15:54:31.0187 2276 AdobeFlashPlayerUpdateSvc - ok

15:54:31.0234 2276 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

15:54:31.0375 2276 adpu160m - ok

15:54:31.0531 2276 AdvancedSystemCareService5 (b11c71b29fa69e4586f9b65560e6604d) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

15:54:31.0593 2276 AdvancedSystemCareService5 - ok

15:54:31.0656 2276 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

15:54:31.0812 2276 aec - ok

15:54:31.0890 2276 AegisP (375eb0b97e3950adef3633c27a82438b) C:\WINDOWS\system32\DRIVERS\AegisP.sys

15:54:31.0906 2276 AegisP ( UnsignedFile.Multi.Generic ) - warning

15:54:31.0906 2276 AegisP - detected UnsignedFile.Multi.Generic (1)

15:54:31.0937 2276 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

15:54:32.0000 2276 AFD - ok

15:54:32.0015 2276 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

15:54:32.0187 2276 agp440 - ok

15:54:32.0218 2276 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

15:54:32.0359 2276 agpCPQ - ok

15:54:32.0390 2276 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

15:54:32.0484 2276 Aha154x - ok

15:54:32.0515 2276 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

15:54:32.0671 2276 aic78u2 - ok

15:54:32.0703 2276 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

15:54:32.0843 2276 aic78xx - ok

15:54:32.0906 2276 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

15:54:33.0062 2276 Alerter - ok

15:54:33.0062 2276 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

15:54:33.0218 2276 ALG - ok

15:54:33.0234 2276 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

15:54:33.0390 2276 AliIde - ok

15:54:33.0421 2276 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

15:54:33.0562 2276 alim1541 - ok

15:54:33.0609 2276 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

15:54:33.0765 2276 amdagp - ok

15:54:33.0796 2276 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

15:54:33.0890 2276 amsint - ok

15:54:33.0937 2276 APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS

15:54:33.0937 2276 APPDRV ( UnsignedFile.Multi.Generic ) - warning

15:54:33.0937 2276 APPDRV - detected UnsignedFile.Multi.Generic (1)

15:54:34.0093 2276 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

15:54:34.0093 2276 Apple Mobile Device - ok

15:54:34.0156 2276 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

15:54:34.0312 2276 AppMgmt - ok

15:54:34.0343 2276 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

15:54:34.0500 2276 Arp1394 - ok

15:54:34.0546 2276 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

15:54:34.0687 2276 asc - ok

15:54:34.0703 2276 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

15:54:34.0781 2276 asc3350p - ok

15:54:34.0828 2276 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

15:54:34.0968 2276 asc3550 - ok

15:54:35.0015 2276 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys

15:54:35.0031 2276 ASCTRM ( UnsignedFile.Multi.Generic ) - warning

15:54:35.0031 2276 ASCTRM - detected UnsignedFile.Multi.Generic (1)

15:54:35.0171 2276 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

15:54:35.0203 2276 aspnet_state - ok

15:54:35.0218 2276 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

15:54:35.0375 2276 AsyncMac - ok

15:54:35.0421 2276 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

15:54:35.0593 2276 atapi - ok

15:54:35.0593 2276 Atdisk - ok

15:54:35.0640 2276 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

15:54:35.0890 2276 Atmarpc - ok

15:54:35.0953 2276 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

15:54:36.0125 2276 AudioSrv - ok

15:54:36.0171 2276 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

15:54:36.0343 2276 audstub - ok

15:54:36.0343 2276 autocomplete - ok

15:54:36.0359 2276 bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

15:54:36.0437 2276 bcm4sbxp - ok

15:54:36.0468 2276 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

15:54:36.0640 2276 Beep - ok

15:54:36.0687 2276 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

15:54:37.0015 2276 BITS - ok

15:54:37.0125 2276 Bluetooth Hid Switch Service (b26e18adaa16e507166e3b61e79a1e25) C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe

15:54:37.0140 2276 Bluetooth Hid Switch Service ( UnsignedFile.Multi.Generic ) - warning

15:54:37.0156 2276 Bluetooth Hid Switch Service - detected UnsignedFile.Multi.Generic (1)

15:54:37.0218 2276 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

15:54:37.0265 2276 Bonjour Service - ok

15:54:37.0312 2276 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

15:54:37.0546 2276 Browser - ok

15:54:37.0593 2276 BVRPMPR5 (248dfa5762dde38dfddbbd44149e9d7a) C:\WINDOWS\system32\drivers\BVRPMPR5.SYS

15:54:37.0609 2276 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - warning

15:54:37.0609 2276 BVRPMPR5 - detected UnsignedFile.Multi.Generic (1)

15:54:37.0640 2276 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

15:54:37.0812 2276 cbidf - ok

15:54:37.0812 2276 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

15:54:37.0953 2276 cbidf2k - ok

15:54:38.0015 2276 CCALib8 (20f89e232173985a455bc9a5f70d1166) C:\Program Files\Canon\CAL\CALMAIN.exe

15:54:38.0046 2276 CCALib8 ( UnsignedFile.Multi.Generic ) - warning

15:54:38.0046 2276 CCALib8 - detected UnsignedFile.Multi.Generic (1)

15:54:38.0046 2276 ccs - ok

15:54:38.0078 2276 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

15:54:38.0171 2276 cd20xrnt - ok

15:54:38.0234 2276 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

15:54:38.0390 2276 Cdaudio - ok

15:54:38.0437 2276 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

15:54:38.0593 2276 Cdfs - ok

15:54:38.0609 2276 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

15:54:38.0781 2276 Cdrom - ok

15:54:38.0781 2276 Changer - ok

15:54:38.0843 2276 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

15:54:39.0000 2276 CiSvc - ok

15:54:39.0031 2276 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

15:54:39.0171 2276 ClipSrv - ok

15:54:39.0296 2276 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:54:39.0421 2276 clr_optimization_v2.0.50727_32 - ok

15:54:39.0437 2276 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

15:54:39.0593 2276 CmBatt - ok

15:54:39.0640 2276 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys

15:54:39.0859 2276 CmdIde - ok

15:54:39.0875 2276 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

15:54:40.0015 2276 Compbatt - ok

15:54:40.0031 2276 COMSysApp - ok

15:54:40.0046 2276 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

15:54:40.0203 2276 Cpqarray - ok

15:54:40.0250 2276 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

15:54:40.0406 2276 CryptSvc - ok

15:54:40.0437 2276 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

15:54:40.0593 2276 dac2w2k - ok

15:54:40.0609 2276 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

15:54:40.0750 2276 dac960nt - ok

15:54:40.0843 2276 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

15:54:40.0953 2276 DcomLaunch - ok

15:54:41.0015 2276 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

15:54:41.0171 2276 Dhcp - ok

15:54:41.0171 2276 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

15:54:41.0328 2276 Disk - ok

15:54:41.0328 2276 dmadmin - ok

15:54:41.0406 2276 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

15:54:41.0687 2276 dmboot - ok

15:54:41.0734 2276 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

15:54:41.0953 2276 dmio - ok

15:54:41.0984 2276 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

15:54:42.0187 2276 dmload - ok

15:54:42.0250 2276 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

15:54:42.0406 2276 dmserver - ok

15:54:42.0421 2276 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

15:54:42.0578 2276 DMusic - ok

15:54:42.0609 2276 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

15:54:42.0640 2276 Dnscache - ok

15:54:42.0703 2276 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

15:54:42.0875 2276 Dot3svc - ok

15:54:42.0906 2276 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

15:54:43.0062 2276 dpti2o - ok

15:54:43.0109 2276 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

15:54:43.0296 2276 drmkaud - ok

15:54:43.0359 2276 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys

15:54:43.0375 2276 drvmcdb ( UnsignedFile.Multi.Generic ) - warning

15:54:43.0375 2276 drvmcdb - detected UnsignedFile.Multi.Generic (1)

15:54:43.0406 2276 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys

15:54:43.0421 2276 drvnddm ( UnsignedFile.Multi.Generic ) - warning

15:54:43.0421 2276 drvnddm - detected UnsignedFile.Multi.Generic (1)

15:54:43.0453 2276 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys

15:54:43.0625 2276 E100B - ok

15:54:43.0671 2276 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

15:54:43.0859 2276 EapHost - ok

15:54:44.0562 2276 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe

15:54:44.0921 2276 ehRecvr - ok

15:54:44.0937 2276 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe

15:54:45.0031 2276 ehSched - ok

15:54:45.0078 2276 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

15:54:45.0296 2276 ERSvc - ok

15:54:45.0343 2276 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

15:54:45.0390 2276 Eventlog - ok

15:54:45.0437 2276 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

15:54:45.0500 2276 EventSystem - ok

15:54:45.0671 2276 EvtEng (788c72b145c75a7ee5f5d6a32542d912) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

15:54:45.0765 2276 EvtEng ( UnsignedFile.Multi.Generic ) - warning

15:54:45.0765 2276 EvtEng - detected UnsignedFile.Multi.Generic (1)

15:54:45.0875 2276 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

15:54:46.0078 2276 Fastfat - ok

15:54:46.0125 2276 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

15:54:46.0187 2276 FastUserSwitchingCompatibility - ok

15:54:46.0250 2276 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe

15:54:46.0406 2276 Fax - ok

15:54:46.0453 2276 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys

15:54:46.0593 2276 Fdc - ok

15:54:46.0656 2276 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

15:54:46.0812 2276 Fips - ok

15:54:46.0812 2276 FirePM - ok

15:54:46.0875 2276 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys

15:54:47.0031 2276 Flpydisk - ok

15:54:47.0062 2276 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

15:54:47.0218 2276 FltMgr - ok

15:54:47.0359 2276 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

15:54:47.0375 2276 FontCache3.0.0.0 - ok

15:54:47.0375 2276 freepops - ok

15:54:47.0437 2276 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

15:54:47.0593 2276 Fs_Rec - ok

15:54:47.0625 2276 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

15:54:47.0796 2276 Ftdisk - ok

15:54:47.0843 2276 GearAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

15:54:47.0859 2276 GearAspiWDM - ok

15:54:47.0906 2276 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

15:54:48.0125 2276 Gpc - ok

15:54:48.0312 2276 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

15:54:48.0328 2276 gupdate - ok

15:54:48.0328 2276 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

15:54:48.0343 2276 gupdatem - ok

15:54:48.0406 2276 gusvc (408ddd80eede47175f6844817b90213e) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

15:54:48.0421 2276 gusvc - ok

15:54:48.0421 2276 hcwPP2 - ok

15:54:48.0484 2276 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

15:54:48.0640 2276 HDAudBus - ok

15:54:48.0734 2276 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

15:54:48.0968 2276 helpsvc - ok

15:54:49.0031 2276 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

15:54:49.0187 2276 HidServ - ok

15:54:49.0203 2276 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

15:54:49.0343 2276 HidUsb - ok

15:54:49.0390 2276 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

15:54:49.0546 2276 hkmsvc - ok

15:54:49.0609 2276 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

15:54:49.0750 2276 hpn - ok

15:54:49.0906 2276 hpqcxs08 (390920e11d7729a7b98799ebe20e38fb) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

15:54:49.0937 2276 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

15:54:49.0937 2276 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

15:54:49.0984 2276 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

15:54:50.0328 2276 HPZid412 - ok

15:54:50.0343 2276 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

15:54:50.0390 2276 HPZipr12 - ok

15:54:50.0406 2276 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

15:54:50.0453 2276 HPZius12 - ok

15:54:50.0515 2276 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

15:54:50.0578 2276 HSFHWAZL - ok

15:54:50.0656 2276 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

15:54:50.0765 2276 HSF_DPV - ok

15:54:50.0828 2276 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

15:54:50.0906 2276 HTTP - ok

15:54:50.0953 2276 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

15:54:51.0203 2276 HTTPFilter - ok

15:54:51.0250 2276 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

15:54:51.0406 2276 i2omgmt - ok

15:54:51.0437 2276 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

15:54:51.0593 2276 i2omp - ok

15:54:51.0593 2276 i8042prt - ok

15:54:51.0718 2276 ialm (cc449157474d5e43daea7e20f52c635a) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

15:54:51.0875 2276 ialm - ok

15:54:51.0984 2276 Ias - ok

15:54:52.0140 2276 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

15:54:52.0171 2276 IDriverT ( UnsignedFile.Multi.Generic ) - warning

15:54:52.0171 2276 IDriverT - detected UnsignedFile.Multi.Generic (1)

15:54:52.0500 2276 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

15:54:52.0656 2276 idsvc - ok

15:54:52.0765 2276 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

15:54:52.0984 2276 Imapi - ok

15:54:53.0031 2276 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

15:54:53.0187 2276 ImapiService - ok

15:54:53.0187 2276 incdrec - ok

15:54:53.0250 2276 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

15:54:53.0406 2276 ini910u - ok

15:54:53.0421 2276 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

15:54:53.0578 2276 IntelIde - ok

15:54:53.0625 2276 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

15:54:53.0781 2276 intelppm - ok

15:54:53.0796 2276 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

15:54:53.0968 2276 Ip6Fw - ok

15:54:54.0015 2276 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

15:54:54.0171 2276 IpFilterDriver - ok

15:54:54.0203 2276 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

15:54:54.0343 2276 IpInIp - ok

15:54:54.0375 2276 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

15:54:54.0531 2276 IpNat - ok

15:54:54.0671 2276 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe

15:54:54.0765 2276 iPod Service - ok

15:54:54.0828 2276 Iprip (f08d74ec300b8ba60ca953c58a24d19e) C:\WINDOWS\System32\iprip.dll

15:54:54.0984 2276 Iprip - ok

15:54:55.0000 2276 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

15:54:55.0171 2276 IPSec - ok

15:54:55.0218 2276 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

15:54:55.0390 2276 IRENUM - ok

15:54:55.0421 2276 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

15:54:55.0578 2276 isapnp - ok

15:54:55.0703 2276 JavaQuickStarterService (1834c96fb1f9280bcf6ddfa6de8338bf) C:\Program Files\Java\jre6\bin\jqs.exe

15:54:55.0718 2276 JavaQuickStarterService - ok

15:54:55.0734 2276 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

15:54:55.0890 2276 Kbdclass - ok

15:54:55.0921 2276 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

15:54:56.0062 2276 kbdhid - ok

15:54:56.0093 2276 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

15:54:56.0281 2276 kmixer - ok

15:54:56.0328 2276 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

15:54:56.0406 2276 KSecDD - ok

15:54:56.0453 2276 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

15:54:56.0500 2276 lanmanserver - ok

15:54:56.0562 2276 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

15:54:56.0625 2276 lanmanworkstation - ok

15:54:56.0625 2276 lbrtfdc - ok

15:54:56.0687 2276 LexBceS (027d03d9d8ab95194a115a999e960ac0) C:\WINDOWS\system32\LEXBCES.EXE

15:54:56.0796 2276 LexBceS - ok

15:54:56.0843 2276 LKNUCMP (e19b79a7c6217b40253fa1e8e01d8ad9) C:\WINDOWS\system32\DRIVERS\lknucmp.sys

15:54:56.0859 2276 LKNUCMP ( UnsignedFile.Multi.Generic ) - warning

15:54:56.0859 2276 LKNUCMP - detected UnsignedFile.Multi.Generic (1)

15:54:56.0921 2276 lknuhst (16aa31702b14f0176df86409cc133b64) C:\WINDOWS\system32\DRIVERS\lknuhst.sys

15:54:56.0937 2276 lknuhst ( UnsignedFile.Multi.Generic ) - warning

15:54:56.0937 2276 lknuhst - detected UnsignedFile.Multi.Generic (1)

15:54:57.0000 2276 LKNUHUB (9b1eee47969a977da0d26c98c93cbe0b) C:\WINDOWS\system32\DRIVERS\lknuhub.sys

15:54:57.0000 2276 LKNUHUB ( UnsignedFile.Multi.Generic ) - warning

15:54:57.0000 2276 LKNUHUB - detected UnsignedFile.Multi.Generic (1)

15:54:57.0046 2276 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

15:54:57.0203 2276 LmHosts - ok

15:54:57.0296 2276 McciCMService (e6cb119ef2e148eaa1a247343550756e) C:\Program Files\Common Files\Motive\McciCMService.exe

15:54:57.0359 2276 McciCMService ( UnsignedFile.Multi.Generic ) - warning

15:54:57.0359 2276 McciCMService - detected UnsignedFile.Multi.Generic (1)

15:54:57.0406 2276 McciServiceHost (eee1ea23c4777adb268a36196a631200) C:\Program Files\Common Files\Motive\McciServiceHost.exe

15:54:57.0484 2276 McciServiceHost ( UnsignedFile.Multi.Generic ) - warning

15:54:57.0484 2276 McciServiceHost - detected UnsignedFile.Multi.Generic (1)

15:54:57.0609 2276 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe

15:54:57.0687 2276 McrdSvc - ok

15:54:57.0734 2276 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

15:54:57.0765 2276 mdmxsdk - ok

15:54:57.0781 2276 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

15:54:58.0015 2276 Messenger - ok

15:54:58.0046 2276 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll

15:54:58.0078 2276 MHN ( UnsignedFile.Multi.Generic ) - warning

15:54:58.0078 2276 MHN - detected UnsignedFile.Multi.Generic (1)

15:54:58.0125 2276 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

15:54:58.0156 2276 MHNDRV ( UnsignedFile.Multi.Generic ) - warning

15:54:58.0156 2276 MHNDRV - detected UnsignedFile.Multi.Generic (1)

15:54:58.0203 2276 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

15:54:58.0359 2276 mnmdd - ok

15:54:58.0484 2276 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

15:54:58.0968 2276 mnmsrvc - ok

15:54:59.0000 2276 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

15:54:59.0156 2276 Modem - ok

15:54:59.0171 2276 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

15:54:59.0328 2276 Mouclass - ok

15:54:59.0375 2276 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

15:54:59.0546 2276 mouhid - ok

15:54:59.0578 2276 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

15:54:59.0765 2276 MountMgr - ok

15:54:59.0765 2276 mozyFilter - ok

15:54:59.0796 2276 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

15:54:59.0968 2276 mraid35x - ok

15:55:00.0031 2276 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS

15:55:00.0046 2276 MREMP50 ( UnsignedFile.Multi.Generic ) - warning

15:55:00.0046 2276 MREMP50 - detected UnsignedFile.Multi.Generic (1)

15:55:00.0046 2276 MREMPR5 - ok

15:55:00.0046 2276 MRENDIS5 - ok

15:55:00.0078 2276 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS

15:55:00.0109 2276 MRESP50 ( UnsignedFile.Multi.Generic ) - warning

15:55:00.0109 2276 MRESP50 - detected UnsignedFile.Multi.Generic (1)

15:55:00.0140 2276 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

15:55:00.0359 2276 MRxDAV - ok

15:55:00.0453 2276 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

15:55:00.0578 2276 MRxSmb - ok

15:55:00.0625 2276 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

15:55:00.0781 2276 MSDTC - ok

15:55:00.0781 2276 msdv - ok

15:55:00.0828 2276 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

15:55:01.0031 2276 Msfs - ok

15:55:01.0046 2276 MSIServer - ok

15:55:01.0078 2276 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

15:55:01.0218 2276 MSKSSRV - ok

15:55:01.0218 2276 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

15:55:01.0375 2276 MSPCLOCK - ok

15:55:01.0390 2276 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

15:55:01.0562 2276 MSPQM - ok

15:55:01.0593 2276 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

15:55:01.0734 2276 mssmbios - ok

15:55:01.0796 2276 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

15:55:01.0843 2276 Mup - ok

15:55:01.0843 2276 n558 - ok

15:55:01.0937 2276 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

15:55:02.0140 2276 napagent - ok

15:55:02.0156 2276 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

15:55:02.0328 2276 NDIS - ok

15:55:02.0359 2276 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

15:55:02.0390 2276 NdisTapi - ok

15:55:02.0406 2276 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

15:55:02.0546 2276 Ndisuio - ok

15:55:02.0562 2276 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

15:55:02.0718 2276 NdisWan - ok

15:55:02.0781 2276 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

15:55:02.0828 2276 NDProxy - ok

15:55:02.0875 2276 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\WINDOWS\system32\HPZinw12.dll

15:55:02.0890 2276 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

15:55:02.0890 2276 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

15:55:02.0937 2276 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

15:55:03.0125 2276 NetBIOS - ok

15:55:03.0156 2276 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

15:55:03.0328 2276 NetBT - ok

15:55:03.0375 2276 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

15:55:03.0531 2276 NetDDE - ok

15:55:03.0546 2276 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

15:55:03.0703 2276 NetDDEdsdm - ok

15:55:03.0734 2276 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:55:03.0890 2276 Netlogon - ok

15:55:03.0953 2276 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

15:55:04.0125 2276 Netman - ok

15:55:04.0281 2276 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

15:55:04.0296 2276 NetTcpPortSharing - ok

15:55:04.0453 2276 NETw3x32 (71371ed9086a3d65f43967c89634e9a9) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys

15:55:04.0640 2276 NETw3x32 - ok

15:55:04.0859 2276 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

15:55:05.0015 2276 NIC1394 - ok

15:55:05.0156 2276 NICCONFIGSVC (11d8a00c7eff1aaec8e8464769c84a3d) C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe

15:55:05.0187 2276 NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - warning

15:55:05.0187 2276 NICCONFIGSVC - detected UnsignedFile.Multi.Generic (1)

15:55:05.0265 2276 Nla (832e4dd8964ab7acc880b2837cb1ed20) C:\WINDOWS\System32\mswsock.dll

15:55:05.0312 2276 Nla - ok

15:55:05.0359 2276 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

15:55:05.0515 2276 Npfs - ok

15:55:05.0578 2276 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

15:55:05.0828 2276 Ntfs - ok

15:55:05.0875 2276 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:55:06.0031 2276 NtLmSsp - ok

15:55:06.0093 2276 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

15:55:06.0250 2276 NtmsSvc - ok

15:55:06.0265 2276 NtMtlFax - ok

15:55:06.0312 2276 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

15:55:06.0468 2276 Null - ok

15:55:06.0640 2276 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

15:55:06.0875 2276 nv - ok

15:55:07.0046 2276 NWADI (67fb86eeb94059177642050718d57460) C:\WINDOWS\system32\DRIVERS\NWADIenum.sys

15:55:07.0093 2276 NWADI - ok

15:55:07.0156 2276 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

15:55:07.0328 2276 NwlnkFlt - ok

15:55:07.0343 2276 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

15:55:07.0500 2276 NwlnkFwd - ok

15:55:07.0828 2276 NWUSBModem (4e651808b35656ac88a4dcdaf6cc1169) C:\WINDOWS\system32\DRIVERS\nwusbmdm.sys

15:55:08.0000 2276 NWUSBModem - ok

15:55:08.0031 2276 NWUSBPort (4e651808b35656ac88a4dcdaf6cc1169) C:\WINDOWS\system32\DRIVERS\nwusbser.sys

15:55:08.0046 2276 NWUSBPort - ok

15:55:08.0093 2276 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

15:55:08.0265 2276 ohci1394 - ok

15:55:08.0312 2276 omci (b17228142cec9b3c222239fd935a37ca) C:\WINDOWS\system32\DRIVERS\omci.sys

15:55:08.0328 2276 omci ( UnsignedFile.Multi.Generic ) - warning

15:55:08.0328 2276 omci - detected UnsignedFile.Multi.Generic (1)

15:55:08.0375 2276 p2pgasvc (937a02981f11b2ce96b1d493c95aed2b) C:\WINDOWS\system32\p2pgasvc.dll

15:55:08.0531 2276 p2pgasvc - ok

15:55:08.0593 2276 p2pimsvc (4a1035cb8f0d57be41873b5183d96cf4) C:\WINDOWS\system32\p2psvc.dll

15:55:08.0812 2276 p2pimsvc - ok

15:55:08.0828 2276 p2psvc (4a1035cb8f0d57be41873b5183d96cf4) C:\WINDOWS\system32\p2psvc.dll

15:55:09.0031 2276 p2psvc - ok

15:55:09.0031 2276 pacsptisvr - ok

15:55:09.0062 2276 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

15:55:09.0234 2276 Parport - ok

15:55:09.0250 2276 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

15:55:09.0421 2276 PartMgr - ok

15:55:09.0484 2276 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

15:55:09.0640 2276 ParVdm - ok

15:55:09.0640 2276 PCASp50 - ok

15:55:09.0656 2276 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

15:55:09.0812 2276 PCI - ok

15:55:09.0828 2276 PCIDump - ok

15:55:09.0859 2276 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

15:55:09.0984 2276 PCIIde - ok

15:55:10.0015 2276 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

15:55:10.0171 2276 Pcmcia - ok

15:55:10.0187 2276 PDCOMP - ok

15:55:10.0187 2276 PDFRAME - ok

15:55:10.0187 2276 PDRELI - ok

15:55:10.0203 2276 PDRFRAME - ok

15:55:10.0218 2276 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

15:55:10.0375 2276 perc2 - ok

15:55:10.0406 2276 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

15:55:10.0531 2276 perc2hib - ok

15:55:10.0593 2276 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

15:55:10.0625 2276 PlugPlay - ok

15:55:10.0671 2276 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll

15:55:10.0703 2276 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

15:55:10.0703 2276 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

15:55:10.0718 2276 PNRPSvc (4a1035cb8f0d57be41873b5183d96cf4) C:\WINDOWS\system32\p2psvc.dll

15:55:10.0859 2276 PNRPSvc - ok

15:55:10.0921 2276 Point32 (dcdf0421a1c14f2923e298a30fd7636d) C:\WINDOWS\system32\DRIVERS\point32.sys

15:55:11.0000 2276 Point32 - ok

15:55:11.0031 2276 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:55:11.0203 2276 PolicyAgent - ok

15:55:11.0234 2276 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

15:55:11.0390 2276 PptpMiniport - ok

15:55:11.0390 2276 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:55:11.0531 2276 ProtectedStorage - ok

15:55:11.0562 2276 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

15:55:11.0718 2276 PSched - ok

15:55:11.0765 2276 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

15:55:11.0921 2276 Ptilink - ok

15:55:11.0968 2276 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys

15:55:12.0171 2276 PxHelp20 - ok

15:55:12.0203 2276 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

15:55:12.0359 2276 ql1080 - ok

15:55:12.0390 2276 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

15:55:12.0593 2276 Ql10wnt - ok

15:55:12.0593 2276 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

15:55:12.0750 2276 ql12160 - ok

15:55:12.0812 2276 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

15:55:12.0953 2276 ql1240 - ok

15:55:12.0968 2276 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

15:55:13.0109 2276 ql1280 - ok

15:55:13.0171 2276 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

15:55:13.0296 2276 RasAcd - ok

15:55:13.0343 2276 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

15:55:13.0500 2276 RasAuto - ok

15:55:13.0515 2276 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

15:55:13.0687 2276 Rasl2tp - ok

15:55:13.0734 2276 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

15:55:13.0906 2276 RasMan - ok

15:55:13.0921 2276 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

15:55:14.0062 2276 RasPppoe - ok

15:55:14.0078 2276 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

15:55:14.0218 2276 Raspti - ok

15:55:14.0281 2276 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

15:55:14.0421 2276 Rdbss - ok

15:55:14.0437 2276 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

15:55:14.0578 2276 RDPCDD - ok

15:55:14.0609 2276 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

15:55:14.0765 2276 rdpdr - ok

15:55:14.0828 2276 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

15:55:14.0937 2276 RDPWD - ok

15:55:15.0000 2276 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

15:55:15.0156 2276 RDSessMgr - ok

15:55:15.0171 2276 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

15:55:15.0328 2276 redbook - ok

15:55:15.0468 2276 RegSrvc (d8894acefe1a607de7d0e628285bfff4) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

15:55:15.0515 2276 RegSrvc ( UnsignedFile.Multi.Generic ) - warning

15:55:15.0515 2276 RegSrvc - detected UnsignedFile.Multi.Generic (1)

15:55:15.0562 2276 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

15:55:15.0750 2276 RemoteAccess - ok

15:55:15.0828 2276 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

15:55:16.0062 2276 RemoteRegistry - ok

15:55:16.0109 2276 rimmptsk (24ed7af20651f9fa1f249482e7c1f165) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

15:55:16.0156 2276 rimmptsk - ok

15:55:16.0218 2276 rimsptsk (1bdba2d2d402415a78a4ba766dfe0f7b) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys

15:55:16.0265 2276 rimsptsk - ok

15:55:16.0296 2276 rismxdp (f774ecd11a064f0debb2d4395418153c) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys

15:55:16.0359 2276 rismxdp - ok

15:55:16.0390 2276 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys

15:55:16.0531 2276 ROOTMODEM - ok

15:55:16.0578 2276 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

15:55:16.0781 2276 RpcLocator - ok

15:55:16.0859 2276 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

15:55:16.0906 2276 RpcSs - ok

15:55:16.0953 2276 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

15:55:17.0078 2276 RSVP - ok

15:55:17.0093 2276 rupsmon - ok

15:55:17.0281 2276 S24EventMonitor (c17c3a529ce14012f9731a6e264c1911) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

15:55:17.0390 2276 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning

15:55:17.0390 2276 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)

15:55:17.0484 2276 s24trans (daef68fc328342d219de928c8ee610b2) C:\WINDOWS\system32\DRIVERS\s24trans.sys

15:55:17.0500 2276 s24trans ( UnsignedFile.Multi.Generic ) - warning

15:55:17.0500 2276 s24trans - detected UnsignedFile.Multi.Generic (1)

15:55:17.0562 2276 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:55:17.0718 2276 SamSs - ok

15:55:17.0781 2276 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

15:55:17.0937 2276 SCardSvr - ok

15:55:18.0000 2276 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

15:55:18.0156 2276 Schedule - ok

15:55:18.0187 2276 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

15:55:18.0343 2276 sdbus - ok

15:55:18.0375 2276 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

15:55:18.0531 2276 Secdrv - ok

15:55:18.0546 2276 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

15:55:18.0703 2276 seclogon - ok

15:55:18.0734 2276 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

15:55:18.0890 2276 SENS - ok

15:55:18.0921 2276 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

15:55:19.0062 2276 serenum - ok

15:55:19.0109 2276 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

15:55:19.0250 2276 Serial - ok

15:55:19.0296 2276 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

15:55:19.0437 2276 Sfloppy - ok

15:55:19.0500 2276 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

15:55:19.0687 2276 SharedAccess - ok

15:55:19.0734 2276 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

15:55:19.0765 2276 ShellHWDetection - ok

15:55:19.0765 2276 Simbad - ok

15:55:19.0812 2276 SimpTcp (32933b07fc16d9f778bee12545fa1b1a) C:\WINDOWS\system32\tcpsvcs.exe

15:55:19.0953 2276 SimpTcp - ok

15:55:19.0984 2276 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

15:55:20.0171 2276 sisagp - ok

15:55:20.0234 2276 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

15:55:20.0328 2276 Sparrow - ok

15:55:20.0375 2276 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

15:55:20.0562 2276 splitter - ok

15:55:20.0625 2276 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

15:55:20.0671 2276 Spooler - ok

15:55:20.0687 2276 SQLWriter - ok

15:55:20.0703 2276 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

15:55:20.0890 2276 sr - ok

15:55:20.0937 2276 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

15:55:21.0156 2276 srservice - ok

15:55:21.0218 2276 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

15:55:21.0312 2276 Srv - ok

15:55:21.0390 2276 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys

15:55:21.0390 2276 sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning

15:55:21.0390 2276 sscdbhk5 - detected UnsignedFile.Multi.Generic (1)

15:55:21.0421 2276 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

15:55:21.0640 2276 SSDPSRV - ok

15:55:21.0656 2276 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys

15:55:21.0671 2276 ssrtln ( UnsignedFile.Multi.Generic ) - warning

15:55:21.0671 2276 ssrtln - detected UnsignedFile.Multi.Generic (1)

15:55:21.0796 2276 STHDA (2a2dc39623adef8ab3703ab9fac4b440) C:\WINDOWS\system32\drivers\sthda.sys

15:55:21.0906 2276 STHDA - ok

15:55:21.0968 2276 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

15:55:22.0171 2276 stisvc - ok

15:55:22.0187 2276 SunkFilt39 - ok

15:55:22.0296 2276 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

15:55:22.0515 2276 swenum - ok

15:55:22.0531 2276 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

15:55:22.0687 2276 swmidi - ok

15:55:22.0687 2276 SwPrv - ok

15:55:22.0687 2276 SWUMX20 - ok

15:55:22.0734 2276 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

15:55:22.0875 2276 symc810 - ok

15:55:22.0890 2276 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

15:55:23.0046 2276 symc8xx - ok

15:55:23.0078 2276 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

15:55:23.0234 2276 sym_hi - ok

15:55:23.0250 2276 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

15:55:23.0390 2276 sym_u3 - ok

15:55:23.0437 2276 SynTP (35d5b3632e0bcebe27b391157de05996) C:\WINDOWS\system32\DRIVERS\SynTP.sys

15:55:23.0500 2276 SynTP - ok

15:55:23.0515 2276 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

15:55:23.0671 2276 sysaudio - ok

15:55:23.0734 2276 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

15:55:23.0906 2276 SysmonLog - ok

15:55:23.0953 2276 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

15:55:24.0515 2276 TapiSrv - ok

15:55:24.0578 2276 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

15:55:24.0625 2276 Tcpip - ok

15:55:24.0687 2276 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys

15:55:24.0734 2276 Tcpip6 - ok

15:55:24.0796 2276 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

15:55:25.0046 2276 TDPIPE - ok

15:55:25.0062 2276 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

15:55:25.0234 2276 TDTCP - ok

15:55:25.0265 2276 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

15:55:25.0421 2276 TermDD - ok

15:55:25.0484 2276 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

15:55:25.0656 2276 TermService - ok

15:55:25.0703 2276 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys

15:55:25.0718 2276 tfsnboio ( UnsignedFile.Multi.Generic ) - warning

15:55:25.0718 2276 tfsnboio - detected UnsignedFile.Multi.Generic (1)

15:55:25.0750 2276 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys

15:55:25.0781 2276 tfsncofs ( UnsignedFile.Multi.Generic ) - warning

15:55:25.0781 2276 tfsncofs - detected UnsignedFile.Multi.Generic (1)

15:55:25.0796 2276 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys

15:55:25.0812 2276 tfsndrct ( UnsignedFile.Multi.Generic ) - warning

15:55:25.0812 2276 tfsndrct - detected UnsignedFile.Multi.Generic (1)

15:55:25.0843 2276 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys

15:55:25.0859 2276 tfsndres ( UnsignedFile.Multi.Generic ) - warning

15:55:25.0859 2276 tfsndres - detected UnsignedFile.Multi.Generic (1)

15:55:25.0875 2276 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys

15:55:25.0890 2276 tfsnifs ( UnsignedFile.Multi.Generic ) - warning

15:55:25.0890 2276 tfsnifs - detected UnsignedFile.Multi.Generic (1)

15:55:25.0921 2276 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys

15:55:25.0937 2276 tfsnopio ( UnsignedFile.Multi.Generic ) - warning

15:55:25.0937 2276 tfsnopio - detected UnsignedFile.Multi.Generic (1)

15:55:25.0937 2276 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys

15:55:25.0984 2276 tfsnpool ( UnsignedFile.Multi.Generic ) - warning

15:55:25.0984 2276 tfsnpool - detected UnsignedFile.Multi.Generic (1)

15:55:26.0031 2276 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys

15:55:26.0046 2276 tfsnudf ( UnsignedFile.Multi.Generic ) - warning

15:55:26.0046 2276 tfsnudf - detected UnsignedFile.Multi.Generic (1)

15:55:26.0062 2276 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys

15:55:26.0062 2276 tfsnudfa ( UnsignedFile.Multi.Generic ) - warning

15:55:26.0062 2276 tfsnudfa - detected UnsignedFile.Multi.Generic (1)

15:55:26.0125 2276 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

15:55:26.0140 2276 Themes - ok

15:55:26.0140 2276 thkeys - ok

15:55:26.0203 2276 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

15:55:26.0406 2276 TlntSvr - ok

15:55:26.0468 2276 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys

15:55:26.0484 2276 toshidpt ( UnsignedFile.Multi.Generic ) - warning

15:55:26.0484 2276 toshidpt - detected UnsignedFile.Multi.Generic (1)

15:55:26.0531 2276 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys

15:55:26.0671 2276 TosIde - ok

15:55:26.0703 2276 tosporte (0470bf2d5f49ff98464ac2c838e6a080) C:\WINDOWS\system32\DRIVERS\tosporte.sys

15:55:26.0718 2276 tosporte ( UnsignedFile.Multi.Generic ) - warning

15:55:26.0718 2276 tosporte - detected UnsignedFile.Multi.Generic (1)

15:55:26.0734 2276 Tosrfbd (077869082a635e8ff2c205dc95c78775) C:\WINDOWS\system32\Drivers\tosrfbd.sys

15:55:26.0765 2276 Tosrfbd ( UnsignedFile.Multi.Generic ) - warning

15:55:26.0765 2276 Tosrfbd - detected UnsignedFile.Multi.Generic (1)

15:55:26.0796 2276 Tosrfbnp (613e09572f4c5b92ca6be8bdc4cc5b7d) C:\WINDOWS\system32\Drivers\tosrfbnp.sys

15:55:26.0796 2276 Tosrfbnp ( UnsignedFile.Multi.Generic ) - warning

15:55:26.0796 2276 Tosrfbnp - detected UnsignedFile.Multi.Generic (1)

15:55:26.0828 2276 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys

15:55:26.0859 2276 Tosrfcom ( UnsignedFile.Multi.Generic ) - warning

15:55:26.0859 2276 Tosrfcom - detected UnsignedFile.Multi.Generic (1)

15:55:26.0875 2276 Tosrfhid (f4e4795528d17ff8d1d6d98ebbb92655) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys

15:55:26.0906 2276 Tosrfhid ( UnsignedFile.Multi.Generic ) - warning

15:55:26.0906 2276 Tosrfhid - detected UnsignedFile.Multi.Generic (1)

15:55:26.0906 2276 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys

15:55:26.0906 2276 tosrfnds ( UnsignedFile.Multi.Generic ) - warning

15:55:26.0906 2276 tosrfnds - detected UnsignedFile.Multi.Generic (1)

15:55:26.0937 2276 TosRfSnd (b5518adb2b0029ff95d22e8e7336f49f) C:\WINDOWS\system32\drivers\TosRfSnd.sys

15:55:26.0953 2276 TosRfSnd ( UnsignedFile.Multi.Generic ) - warning

15:55:26.0953 2276 TosRfSnd - detected UnsignedFile.Multi.Generic (1)

15:55:26.0984 2276 Tosrfusb (ac2123e788230c712d0919ed0fec9ddd) C:\WINDOWS\system32\Drivers\tosrfusb.sys

15:55:27.0000 2276 Tosrfusb ( UnsignedFile.Multi.Generic ) - warning

15:55:27.0000 2276 Tosrfusb - detected UnsignedFile.Multi.Generic (1)

15:55:27.0062 2276 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

15:55:27.0296 2276 TrkWks - ok

15:55:27.0343 2276 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys

15:55:27.0500 2276 tunmp - ok

15:55:27.0546 2276 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

15:55:27.0718 2276 Udfs - ok

15:55:27.0765 2276 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

15:55:27.0859 2276 ultra - ok

15:55:27.0921 2276 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

15:55:28.0125 2276 Update - ok

15:55:28.0187 2276 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

15:55:28.0406 2276 upnphost - ok

15:55:28.0437 2276 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

15:55:28.0578 2276 UPS - ok

15:55:28.0625 2276 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys

15:55:28.0656 2276 USBAAPL - ok

15:55:28.0718 2276 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

15:55:28.0890 2276 usbccgp - ok

15:55:28.0921 2276 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

15:55:29.0078 2276 usbehci - ok

15:55:29.0078 2276 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

15:55:29.0250 2276 usbhub - ok

15:55:29.0281 2276 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

15:55:29.0421 2276 usbprint - ok

15:55:29.0468 2276 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

15:55:29.0625 2276 usbscan - ok

15:55:29.0671 2276 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

15:55:29.0828 2276 USBSTOR - ok

15:55:29.0828 2276 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

15:55:29.0984 2276 usbuhci - ok

15:55:29.0984 2276 USB_NDIS_51 - ok

15:55:30.0015 2276 usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys

15:55:30.0171 2276 usb_rndisx - ok

15:55:30.0281 2276 usnjsvc (c5b70a6aa947667ce0e5fc84a05ec8b6) C:\Program Files\MSN Messenger\usnsvc.exe

15:55:30.0296 2276 usnjsvc - ok

15:55:30.0312 2276 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

15:55:30.0468 2276 VgaSave - ok

15:55:30.0500 2276 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

15:55:30.0640 2276 viaagp - ok

15:55:30.0640 2276 viagfx - ok

15:55:30.0671 2276 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

15:55:30.0843 2276 ViaIde - ok

15:55:30.0843 2276 vmusb - ok

15:55:30.0890 2276 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

15:55:31.0046 2276 VolSnap - ok

15:55:31.0109 2276 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

15:55:31.0281 2276 VSS - ok

15:55:31.0296 2276 w32time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

15:55:31.0453 2276 w32time - ok

15:55:31.0578 2276 w39n51 (b1f126e7e28877106d60e6ff3998d033) C:\WINDOWS\system32\DRIVERS\w39n51.sys

15:55:31.0750 2276 w39n51 - ok

15:55:31.0843 2276 w800bus - ok

15:55:31.0906 2276 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

15:55:32.0093 2276 Wanarp - ok

15:55:32.0109 2276 wanatw - ok

15:55:32.0109 2276 WDICA - ok

15:55:32.0140 2276 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

15:55:32.0390 2276 wdmaud - ok

15:55:32.0437 2276 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

15:55:32.0609 2276 WebClient - ok

15:55:32.0687 2276 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

15:55:32.0796 2276 winachsf - ok

15:55:32.0906 2276 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

15:55:33.0140 2276 winmgmt - ok

15:55:33.0328 2276 WLANKEEPER (22516ed8e0d89323d4e0d9ccc2848819) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

15:55:33.0359 2276 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning

15:55:33.0359 2276 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)

15:55:33.0359 2276 wmccds - ok

15:55:33.0421 2276 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

15:55:33.0484 2276 WmdmPmSN - ok

15:55:33.0578 2276 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

15:55:33.0687 2276 Wmi - ok

15:55:33.0781 2276 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

15:55:34.0015 2276 WmiAcpi - ok

15:55:34.0125 2276 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

15:55:34.0281 2276 WmiApSrv - ok

15:55:34.0437 2276 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\wmpnetwk.exe

15:55:34.0515 2276 WMPNetworkSvc - ok

15:55:34.0546 2276 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys

15:55:34.0734 2276 WS2IFSL - ok

15:55:34.0781 2276 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

15:55:34.0953 2276 wuauserv - ok

15:55:34.0984 2276 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

15:55:35.0031 2276 WudfPf - ok

15:55:35.0046 2276 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

15:55:35.0078 2276 WudfRd - ok

15:55:35.0109 2276 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

15:55:35.0156 2276 WudfSvc - ok

15:55:35.0218 2276 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

15:55:35.0406 2276 WZCSVC - ok

15:55:35.0453 2276 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

15:55:35.0656 2276 xmlprov - ok

15:55:35.0828 2276 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

15:55:35.0875 2276 YahooAUService - ok

15:55:35.0921 2276 MBR (0x1B8) (dea9e81f0228b68c9adaf84c9b0cf931) \Device\Harddisk0\DR0

15:55:36.0046 2276 \Device\Harddisk0\DR0 - ok

15:55:36.0078 2276 Boot (0x1200) (c6376e81db97bee0b1ff4463254a5b2e) \Device\Harddisk0\DR0\Partition0

15:55:36.0078 2276 \Device\Harddisk0\DR0\Partition0 - ok

15:55:36.0109 2276 Boot (0x1200) (7e0382f8527f83dcfee8fcef81d48ed6) \Device\Harddisk0\DR0\Partition1

15:55:36.0109 2276 \Device\Harddisk0\DR0\Partition1 - ok

15:55:36.0109 2276 ============================================================

15:55:36.0109 2276 Scan finished

15:55:36.0109 2276 ============================================================

15:55:36.0234 3412 Detected object count: 49

15:55:36.0234 3412 Actual detected object count: 49

15:56:04.0812 3412 C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe - copied to quarantine

15:56:04.0812 3412 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:04.0921 3412 C:\WINDOWS\system32\DRIVERS\AegisP.sys - copied to quarantine

15:56:04.0921 3412 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:05.0000 3412 C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS - copied to quarantine

15:56:05.0000 3412 APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:05.0062 3412 C:\WINDOWS\system32\drivers\ASCTRM.sys - copied to quarantine

15:56:05.0062 3412 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:05.0171 3412 C:\Program Files\BlueTooth\HidSwitchService\HidSw.exe - copied to quarantine

15:56:05.0171 3412 Bluetooth Hid Switch Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:05.0250 3412 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS - copied to quarantine

15:56:05.0250 3412 BVRPMPR5 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:05.0343 3412 C:\Program Files\Canon\CAL\CALMAIN.exe - copied to quarantine

15:56:05.0343 3412 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:05.0421 3412 C:\WINDOWS\system32\drivers\drvmcdb.sys - copied to quarantine

15:56:05.0421 3412 drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:05.0484 3412 C:\WINDOWS\system32\drivers\drvnddm.sys - copied to quarantine

15:56:05.0484 3412 drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:05.0593 3412 C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - copied to quarantine

15:56:05.0593 3412 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:05.0843 3412 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - copied to quarantine

15:56:05.0843 3412 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:05.0968 3412 C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe - copied to quarantine

15:56:05.0968 3412 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:06.0109 3412 C:\WINDOWS\system32\DRIVERS\lknucmp.sys - copied to quarantine

15:56:06.0109 3412 LKNUCMP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:06.0171 3412 C:\WINDOWS\system32\DRIVERS\lknuhst.sys - copied to quarantine

15:56:06.0171 3412 lknuhst ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:06.0265 3412 C:\WINDOWS\system32\DRIVERS\lknuhub.sys - copied to quarantine

15:56:06.0265 3412 LKNUHUB ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:06.0359 3412 C:\Program Files\Common Files\Motive\McciCMService.exe - copied to quarantine

15:56:06.0359 3412 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:06.0468 3412 C:\Program Files\Common Files\Motive\McciServiceHost.exe - copied to quarantine

15:56:06.0468 3412 McciServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:06.0531 3412 C:\WINDOWS\System32\mhn.dll - copied to quarantine

15:56:06.0531 3412 MHN ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:06.0593 3412 C:\WINDOWS\system32\DRIVERS\mhndrv.sys - copied to quarantine

15:56:06.0593 3412 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:06.0656 3412 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS - copied to quarantine

15:56:06.0656 3412 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:06.0718 3412 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS - copied to quarantine

15:56:06.0718 3412 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:06.0906 3412 C:\WINDOWS\system32\HPZinw12.dll - copied to quarantine

15:56:06.0906 3412 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:07.0031 3412 C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe - copied to quarantine

15:56:07.0031 3412 NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:07.0171 3412 C:\WINDOWS\system32\DRIVERS\omci.sys - copied to quarantine

15:56:07.0171 3412 omci ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:07.0203 3412 C:\WINDOWS\system32\HPZipm12.dll - copied to quarantine

15:56:07.0203 3412 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:07.0375 3412 C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe - copied to quarantine

15:56:07.0375 3412 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:07.0468 3412 C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe - copied to quarantine

15:56:07.0468 3412 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:07.0750 3412 C:\WINDOWS\system32\DRIVERS\s24trans.sys - copied to quarantine

15:56:07.0750 3412 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:07.0796 3412 C:\WINDOWS\system32\drivers\sscdbhk5.sys - copied to quarantine

15:56:07.0796 3412 sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:07.0968 3412 C:\WINDOWS\system32\drivers\ssrtln.sys - copied to quarantine

15:56:07.0968 3412 ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0015 3412 C:\WINDOWS\system32\dla\tfsnboio.sys - copied to quarantine

15:56:08.0015 3412 tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0093 3412 C:\WINDOWS\system32\dla\tfsncofs.sys - copied to quarantine

15:56:08.0093 3412 tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0125 3412 C:\WINDOWS\system32\dla\tfsndrct.sys - copied to quarantine

15:56:08.0125 3412 tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0203 3412 C:\WINDOWS\system32\dla\tfsndres.sys - copied to quarantine

15:56:08.0203 3412 tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0234 3412 C:\WINDOWS\system32\dla\tfsnifs.sys - copied to quarantine

15:56:08.0234 3412 tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0312 3412 C:\WINDOWS\system32\dla\tfsnopio.sys - copied to quarantine

15:56:08.0312 3412 tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0328 3412 C:\WINDOWS\system32\dla\tfsnpool.sys - copied to quarantine

15:56:08.0328 3412 tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0453 3412 C:\WINDOWS\system32\dla\tfsnudf.sys - copied to quarantine

15:56:08.0453 3412 tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0515 3412 C:\WINDOWS\system32\dla\tfsnudfa.sys - copied to quarantine

15:56:08.0515 3412 tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0625 3412 C:\WINDOWS\system32\drivers\Toshidpt.sys - copied to quarantine

15:56:08.0625 3412 toshidpt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0671 3412 C:\WINDOWS\system32\DRIVERS\tosporte.sys - copied to quarantine

15:56:08.0671 3412 tosporte ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0750 3412 C:\WINDOWS\system32\Drivers\tosrfbd.sys - copied to quarantine

15:56:08.0750 3412 Tosrfbd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:08.0796 3412 C:\WINDOWS\system32\Drivers\tosrfbnp.sys - copied to quarantine

15:56:08.0796 3412 Tosrfbnp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:09.0078 3412 C:\WINDOWS\system32\Drivers\tosrfcom.sys - copied to quarantine

15:56:09.0078 3412 Tosrfcom ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:09.0093 3412 C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys - copied to quarantine

15:56:09.0093 3412 Tosrfhid ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:09.0156 3412 C:\WINDOWS\system32\DRIVERS\tosrfnds.sys - copied to quarantine

15:56:09.0156 3412 tosrfnds ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:09.0218 3412 C:\WINDOWS\system32\drivers\TosRfSnd.sys - copied to quarantine

15:56:09.0218 3412 TosRfSnd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:09.0312 3412 C:\WINDOWS\system32\Drivers\tosrfusb.sys - copied to quarantine

15:56:09.0312 3412 Tosrfusb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

15:56:09.0531 3412 C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe - copied to quarantine

15:56:09.0531 3412 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

Share this post


Link to post
Share on other sites

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.05.09.06

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 7.0.5730.13

Randy Green :: D36FC2B1 [administrator]

5/9/2012 4:07:11 PM

mbam-log-2012-05-09 (16-07-11).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 230888

Time elapsed: 14 minute(s), 52 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Share this post


Link to post
Share on other sites

still dont have the use of touchpad or keyboard on my laptop. i am using a usb mouse and keyboard temporarily.

Share this post


Link to post
Share on other sites

This is a Toshiba notebook (laptop) ??

Disable CD-ROM Emulation Software:

Please download the following tool DeFogger to your desktop.

◦Double click DeFogger to run the tool.

◦The application window will appear

◦Click the Disable button to disable your CD Emulation drivers.

◦Click Yes to continue

◦A 'Finished!' message will appear

◦Click OK

◦DeFogger will now ask to reboot the machine - click OK

◦IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

◦Do not re-enable these drivers until otherwise instructed.

Next:

Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

Please close any of your open windows/programs and exit; saving any open work you have.

Go slow and careful. This is a Custom scan. Have infinite patience while it runs.

Temporarily turn OFF your antivirus program so that it does not interfere. Leave the firewall on

For a how-to-reference, see this How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

I'd like to have you do a special run of OTL to generate some searches & a new log-report.

  • Please double-click OTL.exe otlDesktopIcon.png to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  • Copy all the lines in between the **** stars lines **** below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
    *****************************************************************
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %ALLUSERSPROFILE%\Application Data\*.dll /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %APPDATA%\*.dll /s
    %SYSTEMDRIVE%\*.exe
    c:|Fun4IM;true;true;true; /FP
    c:|Bandoo;true;true;true; /FP
    c:|Searchn;true;true;true; /FP
    c:|Searchq;true;true;true; /FP
    c:|datamngr;true;true;true; /FP
    c:|iLivid;true;true;true; /FP
    c:|whitesmoke;true;true;true; /FP
    %USERPROFILE%\..|smtmp;true;true;true /FP
    %systemroot%\*. /mp /s
    CLEARALLRESTOREPOINTS
    *****************************************************************
  • Return to OTL. Right click in the "Custom Scans/Fixes" window (under the aqua-blue bar) and choose Paste.
  • :excl: Close any browser(s) windows that may be open.
  • Using your mouse, click on Run Scan.
  • The scan won't take long. Have inifinite patience. OTL may appear to stall but it will finish.
    When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    These are saved in the same location as OTL.
  • Please Copy and Paste the OTL log(s) . Do not enclose in Code or Quote.

Share this post


Link to post
Share on other sites

It's a dell laptop. I did the defogger it finished but didn't ask to reboot. I did a restart anyway. I did the OTL custom scan and win the status gets to the "Scanning HKEY_LOCAL_MACHINE Winsock 2 settings" an error message pops up the say ')' is not a valid integer. It never gets out of that status and I waited for about 4 hours. I closed it and I am running it again.

Share this post


Link to post
Share on other sites

Make sure you have copied all the lines between the **stars** and Pasted into the custom scan box --- as I outlined.

Should not take more than 15-20 minutes (faster depending on your system).

You may have to temporarily disable antivirus program if still get a failure or "freeze".

Share this post


Link to post
Share on other sites

I pasted exactly this:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%ALLUSERSPROFILE%\Application Data\*.dll /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%APPDATA%\*.dll /s

%SYSTEMDRIVE%\*.exe

c:|Fun4IM;true;true;true; /FP

c:|Bandoo;true;true;true; /FP

c:|Searchn;true;true;true; /FP

c:|Searchq;true;true;true; /FP

c:|datamngr;true;true;true; /FP

c:|iLivid;true;true;true; /FP

c:|whitesmoke;true;true;true; /FP

%USERPROFILE%\..|smtmp;true;true;true /FP

%systemroot%\*. /mp /s

CLEARALLRESTOREPOINTS

I have no anti virus running and I have tried running OTL multiple times. It always freezes in the scanning HKEY_LOCAL_MACHINE......Winsock2 settings after I get the warning ')' is not a valid integer value.

Share this post


Link to post
Share on other sites

Let's not try running OTL for the time being. By the way, do not run stuff more than one time. IF you run into a hitch, STOP and post & ask for guidance or clarification.

These steps are for chewbacca only. If you are a casual viewer, do NOT try this on your system!

If you are not chewbacca and have a similar problem, do NOT post here; start your own topic

The fixes in this Topic are for this system only! Do not apply the fix-instructions from this topic to any other system!

You will want to print out or copy these instructions to Notepad for Safe offline reference!

Let's have you do this next, in preparation for running Combofix:

Step 1

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.


Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

Step 2

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

If you have a prior copy of Combofix, delete it now !

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)

Download Combofix from any of the links below. You must rename it before saving it. Save it to your Desktop.

Link 1

Link 2

CF_download_FF.gif

CF_download_rename.gif

* IMPORTANT !!! SAVE AS Combo-Fix.exe to your Desktop

If your I.E. browser shows a warning message at the top, do a Right-Click on the bar and select Download, saving it to the Desktop.

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on Combo-Fix.exe cf-icon.jpg & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RcAuto1.gif

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

whatnext.png

Click on Yes, to continue scanning for malware.

Please watch Combofix as it runs, as you may see messages which require your response, or the pressing of OK button.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

-------------------------------------------------------

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

Step 3

RE-Enable your AntiVirus and AntiSpyware applications.

I had asked you early on to get & run Security Check and to post the Checkup.txt log

Download it if you have not already. If you did download it, I need you to run it now & post the log !

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

eusa_hand.gifIf one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.

Reply with copy of contents of C:\Combofix.txt

and Checkup.txt

and

tell me what antivirus program is active on this system !

and if this pc came with a pre-installed antivirus, such as McAfee or Norton Symantec

Share this post


Link to post
Share on other sites

Hello chewbacca,

Are you still around ? Kindly provide status update & did you see my last reply?

Share this post


Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.